CN112751811B - Website authentication method and device, storage medium and electronic equipment - Google Patents
Website authentication method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN112751811B CN112751811B CN201911053027.6A CN201911053027A CN112751811B CN 112751811 B CN112751811 B CN 112751811B CN 201911053027 A CN201911053027 A CN 201911053027A CN 112751811 B CN112751811 B CN 112751811B
- Authority
- CN
- China
- Prior art keywords
- target
- authentication
- website
- plug
- route
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an authentication method and device for a website, a storage medium and electronic equipment. The method can comprise the following steps: acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. The invention achieves the technical effect of improving the authentication efficiency of the website.
Description
Technical Field
The invention relates to the field of internet, in particular to an authentication method and device for a website, a storage medium and electronic equipment.
Background
At present, basically all websites need to be authenticated, but a plurality of websites in a set of product line often have different functions and different parameters during authentication, but the authentication modes are consistent.
Although the method can realize the authentication of the websites, each website only relies on the authentication system to authenticate the website, and the authentication system needs to be docked once, so that the workload is increased, the labor cost is wasted, and if the authentication system is changed, all websites need to be docked again, so that the technical problem of low website authentication efficiency exists.
Aiming at the problem of low authentication efficiency of websites in the prior art, no effective solution is provided at present.
Disclosure of Invention
The invention mainly aims to provide a website authentication method, a website authentication device, a storage medium and electronic equipment, and at least solves the technical problem of low website authentication efficiency.
In order to achieve the above object, according to one aspect of the present invention, there is provided an authentication method of a website. Acquiring a target plug-in, wherein the target plug-in comprises authentication information for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in.
Optionally, the method further comprises: under the condition that the target website is connected with the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified into a second authentication logic from the first authentication logic, the authentication information included by the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
Optionally, the authentication information is preconfigured in the target plugin and is used to authenticate a plurality of routes, including the target route.
Optionally, obtaining the target plug-in comprises: and acquiring a target plug-in configured by a gateway of the target website.
Optionally, the obtaining of the target plug-in configured by the gateway of the target website includes: acquiring first configuration information for configuring a target route by a gateway of a target website; and at least determining the first configuration information as authentication information to obtain the target plug-in.
Optionally, the method further comprises: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
Optionally, after authenticating the configured target route according to the authentication information included in the target plugin, the method further includes: and forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
In order to achieve the above object, according to another aspect of the present invention, there is also provided an authentication apparatus for a website. The device includes: the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target plug-in, and the target plug-in comprises authentication information used for authenticating a target route of a target website; a configuration unit, configured to configure a target plug-in to a target route; and the authentication unit is used for authenticating the configured target route according to the authentication information included by the target plug-in.
According to the invention, the target plug-in is obtained, wherein the target plug-in comprises authentication information for authenticating the target route of the target website; configuring a target plug-in unit to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, that is, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, thereby avoiding the problem that the website only depends on the authentication system to authenticate the website, and the authentication system needs to be docked once, which results in the increase of workload and the waste of labor cost, thereby solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification. In the drawings:
fig. 1 is a flowchart of an authentication method of a website according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a system for enabling authentication of a web site according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an authentication apparatus of a website according to an embodiment of the present invention; and
fig. 4 is a schematic diagram of an electronic device according to an embodiment of the invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
In order to make the technical solutions of the present application better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be used. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
The embodiment of the invention provides an authentication method for a website.
Fig. 1 is a flowchart of an authentication method of a website according to an embodiment of the present invention. As shown in fig. 1, the method may include the steps of:
step S102, a target plug-in is obtained, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website.
In the technical solution provided in the above step S102 of the present invention, the target plug-in is a program that follows a certain specification and is written according to an application program interface, and may be an authentication plug-in that is externally hung on a target route of the target website, and is used for indicating an authentication scheme for authenticating the target route of the target website, where the authentication scheme includes authentication information for authenticating the target route of the target website. The target route is a route of a target website that needs to be authenticated, the target website may be a product that interfaces with an authentication system, for example, any product of a plurality of products in a set of product lines, each product may have a plurality of routes, all the routes of the products that need to interface with the authentication system may be externally hung with the target plug-in, the authentication information of the target plug-in for different products may be different, the authentication information may be used to indicate an authentication logic, the authentication logic may be a logic that determines whether a cache (Cookie) contains a certain value, a logic that queries whether information of a current user exists in a database, and the like, and no limitation is made here. The authentication system is another set of system for authenticating the route independent from the target plug-in, and may be a unified account system of a company, for example, when the route is authenticated, the user account is determined to be legal in the case that the user account exists, and the user account is determined to be invalid in the case that the user account does not exist, and the authentication logic corresponding to the authentication information in the target plug-in may be to check the ID of the user, and if the ID of the user exists, the user account is determined to be legal, and if the ID of the user does not exist, the user account is determined to be invalid.
And step S104, configuring the target plug-in to the target route.
In the technical solution provided in the above step S104 of the present invention, after the target plug-in is obtained, the target plug-in is configured to the target route, and a program corresponding to the target plug-in may be written into the target route, that is, the target plug-in is added to the target route, and the target plug-in is supported to be pluggable, that is, if the target route needs to be authenticated, the target plug-in is configured, and if the target route does not need to be authenticated, the target plug-in does not need to be configured, for example, the route a needs to be processed in the target plug-in, the route a is determined to be the target route, and the target plug-in is configured to the route a, and for example, the route B does not need to be processed in the target plug-in, and the target plug-in is not configured to the route B.
And step S106, authenticating the configured target route according to the authentication information included by the target plug-in.
In the technical solution provided by the above step S106 of the present invention, after configuring the target plugin to the target route, the configured target route is authenticated according to the authentication information included in the target plugin, optionally, before forwarding Application Programming Interface (API) information of the target route through a gateway of the target website, in this embodiment, the configured target route needs to be authenticated according to the authentication information included in the target plugin, and a processing manner indicated by the authentication information in the target plugin may be performed on the target route, for example, a processing manner of adding information in the target plugin before forwarding the Interface information, and a Token (Token) may be allocated to a login user, and then an Interface is called to determine whether the Token is valid or not, and whether the Token is expired or not, and the like, which is not limited here.
Alternatively, if the target route is not configured with any plug-in, the target route only needs to forward simple interface information.
As an alternative example, the target plug-in of this embodiment may be multiple and each target plug-in may include different authentication information for authenticating the target route of the target website. Optionally, when the target route is authenticated by a plurality of target plug-ins, the priority order of the plurality of target plug-ins may be set, so that the target route is authenticated by each target plug-in turn according to the priority order. The priority order can be flexibly set according to the importance degree, requirements and the like of the target plug-in unit for authenticating the target route.
Through the steps S202 to S206 of the present application, a target plug-in is obtained, where the target plug-in includes authentication information for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the target plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, that is, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, thereby avoiding the problem that the workload is increased and the labor cost is wasted because the website is authenticated only by the authentication system and the authentication system needs to be docked once, further solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
The steps of the above-described method of this embodiment are further described below.
As an optional implementation manner, in the case that the target website is connected to the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified from the first authentication logic to the second authentication logic, the authentication information included in the target plugin is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
In this embodiment, the target website may only interface with the authentication system once, and the authentication of the target route by the authentication system may be performed by the target plug-in. Optionally, it is detected whether the first authentication logic for authenticating the target route by the authentication system is modified. If it is detected that the first authentication logic of the authentication system needs to be modified into the second authentication logic, the authentication information included by the target plug-in can be modified only according to the second authentication logic, that is, if the authentication logic of the authentication system is modified, only the target plug-in needs to be modified, for example, the original authentication logic of the authentication system is the logic which determines the successful authentication if the Cookie contains a certain value, and the logic is required to be modified into the logic which inquires whether the information of the current user exists in the database, only the logic of the target plug-in needs to be modified according to the modified logic, and the target website does not need to be modified, so that the problems of high maintenance cost and low working efficiency caused by the fact that the website is authenticated only depending on the authentication system and needs to be docked once are solved, and if the authentication system is modified, all websites docked with the authentication system also need to be modified and the authentication system is re-docked again, thereby greatly reducing the maintenance cost and improving the working efficiency.
As another alternative, different authentication parameters are configured to the preset template to generate the authentication information, so that when the authentication information included in the target plugin is modified according to the second authentication logic, the parameters of the template may be modified according to the second authentication logic, so as to obtain the modified authentication information.
As another optional example, the target website may interface with multiple authentication systems at a time, each authentication system authenticates the target route in the target website through a corresponding target plugin, so that multiple target plugins corresponding to multiple authentication systems are required to authenticate the target route, and the priority order of the multiple target plugins may be set, so that the target route is authenticated sequentially through each target plugin according to the priority order. The priority order can be flexibly set according to the importance degree, requirements and the like of the target plug-in unit for authenticating the target route.
As an optional implementation, the authentication information is pre-configured in the target plug-in and is used to authenticate a plurality of routes, including the target route.
In this embodiment, the target plug-in includes authentication information, which is configured in advance in the target plug-in, and is developed and maintained in a unified manner, and the authentication information may be used to authenticate multiple routes in the target website, that is, may authenticate any route in the target website that needs to be authenticated, and may be configured to the target plug-in only once in advance through a gateway of the target website, thereby greatly reducing labor waste, and further achieving a technical effect of improving website authentication efficiency.
As another optional example, if the authentication information in the target plugin needs to be modified, that is, the corresponding authentication logic needs to be modified, the modified whole authentication information or part of the authentication information that needs to be modified may be issued in a unified manner through the gateway of the target website, each route that has been configured with the target plugin may automatically replace the original authentication information of the target plugin with the modified authentication information in a unified manner according to the modified whole authentication information, or modify the original corresponding part of the authentication information of the target plugin according to the part of the authentication information that needs to be modified, to obtain the modified authentication information, that is, once the authentication information in the target plugin needs to be modified, a plurality of routes that have been configured with the target plugin may also update the original authentication information to the modified authentication information in a linkage manner, so as to achieve the purpose of uniform modification of the authentication information of the target plugin, thereby avoiding the problem that the website authentication system needs to be docked once only by relying on the authentication system, and the maintenance cost is high, thereby greatly reducing the maintenance cost and the maintenance cost.
As an optional implementation manner, in step S102, acquiring the target plug-in includes: and acquiring a target plug-in configured by a gateway of the target website.
In this embodiment, the gateway of the target website involved in the above method may be configured to forward the request of the target website to the target address, so as to implement network interconnection on the transport layer, and as a most complex network interconnection device, may be configured to interconnect two different networks of a higher-layer protocol. The gateway of the embodiment can be used for customizing the target plug-in, releasing the target plug-in to the route needing to be configured with the target plug-in, and adding pluggable configuration to the route of the target website needing to be configured with the target plug-in, so that the plug-in is realized.
As an alternative embodiment, obtaining the target plug-in configured by the gateway of the target website includes: acquiring first configuration information for configuring a target route by a gateway of a target website; and determining at least the first configuration information as authentication information to obtain the target plug-in.
In this embodiment, the gateway of the destination website may also support the configuration of any route to uniformly process different routes before forwarding the interface information. The embodiment may obtain first configuration information that the gateway configures the target route, and may be request information, for example, an API request, a static Resource request, a front-end Uniform Resource Locator (URL) request, and the like, which is not limited herein. After obtaining the first configuration information configuring the target route by the gateway of the target website, the first configuration information may be determined as the authentication information of the target plugin.
As an optional implementation, the method further comprises: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
The embodiment may further respond to a target operation instruction input by the user to obtain second configuration information of the target website, where the second configuration information is a configuration parameter meeting the requirement of the target plugin and is used to characterize a difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites, so that the second configuration information of each website may represent a difference between websites during authentication, for example, a website a and a website B may respectively define the second configuration parameter input by the user for the website a and the website B, and the second configuration parameter may represent a difference between websites a and B during authentication. The authentication information corresponding to the target website is the route which comprises at least one target plug-in unit needing to be configured in the target website, and the authentication information for authenticating the corresponding route is pre-configured in the target plug-in unit; the authentication information corresponding to other websites is a route which comprises at least one plugin needing to be configured in other websites, and the plugin is pre-configured with the authentication information for authenticating the corresponding route.
As an optional implementation manner, in step S106, after authenticating the configured target route according to the authentication information included in the target plugin, the method further includes: and forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
In this embodiment, forwarding of interface information of the route may be implemented by means of a gateway. The embodiment may configure a forwarding rule on the gateway, where the forwarding rule is used to indicate a manner of forwarding interface information of the target route, and may include route configuration information of the target route, a forwarding path, and the like, and with the forwarding rule, the gateway may forward the interface information of the target route beginning with the route configuration information from the target website to a website of a corresponding target website according to the forwarding path, where the route configuration information may be "/api/google/. And the forwarding path may be" http:// www.test.com ", that is, the gateway forwards the interface information beginning with"/api/google/"from the target website to an address of the target website of" http:// www.test.com ".
In this embodiment, if the target router is configured with the target plugin successfully, the processing in the target plugin may be performed on the target router first before forwarding the interface information of the authenticated target router according to the target forwarding rule, so as to implement authentication on the target router, and then the interface information of the authenticated target router is forwarded according to the target forwarding rule, for example, before forwarding the interface information of the authenticated target router according to the target forwarding rule, the authentication information required in authentication is added in the target plugin to authenticate the target router.
For example, a user may input a website address of a website to be accessed on a client, or directly call out the website address of the website to be accessed from a favorite folder of the client, and display an access page corresponding to the website address on the client, at this time, the user may fill an account and a password on the access page, request at least one authentication system docked with the website to authenticate a route corresponding to the account and the password of the user in the website, if the route is configured with plug-ins corresponding to each authentication system (the plug-ins include authentication information configured by a gateway of the website), the route may be processed according to the authentication information in the plug-ins before the gateway forwards interface information of the route, and then the gateway forwards the interface information of the authenticated route to another website according to a set forwarding rule, where the authentication information in the plug-ins may be an ID for checking the account of the user, and if the ID of the user exists, the account of the user is determined to be legal, and if the ID of the account of the user does not exist, the account of the user is determined to be invalid. Optionally, if the route is not configured with a plug-in, the gateway only needs to forward simple interface information of the route.
In the embodiment, each authentication system is connected with a website once, the route in the website is authenticated through a corresponding plug-in, if the connected authentication system is modified later, only the plug-in needs to be modified, for example, if the original authentication information of the authentication system is that a Cookie contains a certain value, the authentication system succeeds, the authentication system is modified to be required to inquire whether a current user exists in a database, and the like, if the authentication system is modified, only the authentication information in the plug-in needs to be modified, then the plug-in with the modified authentication information is released by a gateway, the route updates the originally configured plug-in according to the released plug-in with the modified authentication information, and thus, the website does not need to be modified, the problem that the website is authenticated only by the authentication system and needs to be connected with the authentication system once, and when the authentication system is modified, all websites connected with the authentication system need to be modified is solved.
Optionally, there may be a plurality of plug-ins configured to the route in this embodiment, and each plug-in may include different authentication information for authenticating the route. Alternatively, when the route is authenticated by a plurality of plugins, the priority order of the plurality of plugins can be set, so that the route is authenticated by each plugin in turn according to the priority order. The priority order may be flexibly set according to the importance degree, requirement, and the like of the target plugin for authenticating the target route, for example, when one plugin succeeds in authenticating the route, another plugin is executed, or when one plugin fails in authenticating the route, another plugin is executed, which is not limited herein.
In the embodiment, the target route of the target website is authenticated in a plug-in mode, the authentication scheme is uniformly developed and maintained by the target plug-in, and then the gateway is used, so that the purpose that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, and any modification related to the authentication logic only needs to be done once, so that the target plug-in can be applied to each website, namely, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, the problem that the website is authenticated only by relying on the authentication system, and the authentication system needs to be connected once is avoided, so that the workload is increased, the labor cost is wasted, the technical problem of the website authentication efficiency is solved, and the technical effect of improving the website authentication efficiency is achieved.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than presented herein.
Example 2
The authentication method according to the embodiment of the present invention is illustrated below with reference to preferred embodiments.
In the related art, basically all websites require authentication, but a plurality of websites (products) in a set of product lines often have different functions and different parameters during authentication, but the authentication modes are completely consistent. For example, token is first assigned to the login user, and then the interface is called to determine whether Token is valid and expired. However, the current practice is to dock the authentication system once for one website, which increases the workload and wastes labor costs, and if the authentication system is changed, all websites must dock the authentication system again.
In order to solve the above problem, the following describes an authentication method of the website according to this embodiment.
Fig. 2 is a schematic diagram of a system for implementing authentication of a website according to an embodiment of the present invention. As shown in fig. 2, the system includes an authentication system 20, a set of product lines 21, a router 22, a gateway 23, and a web site 24 for a destination address. The product line 21 includes a website 211 (product), a website 212 (product), and the like, and the route 22 provided in the website 221 includes a route 221, a route 222, and the like.
In this embodiment, the gateway 23 implements forwarding of interface information of the route by means of the gateway 23, where the gateway 23 implements network interconnection on a transport layer, which is the most complex network interconnection device, and is only used for two network interconnections with different higher-layer protocols, and a forwarding rule may be configured on the gateway 23, for example, the route 221 is configured as "/API/google/. And a destination address of a forwarding path is configured as" http:// www.test.com ", that is, information of an API starting with"/API/google/"is forwarded to the website 24 with the destination address" http:// www.test.com ". The gateway 23 of this embodiment may support configuration of any route, in order to perform uniform processing on different routes before forwarding interface information, for example, an API request, a static resource request, a front-end URL request, and the like may be configured.
The embodiment also writes the authentication scheme as plug-in, wherein if no plug-in is configured for the route, only simple forwarding of interface information needs to be implemented, for example, no plug-in is configured for the route 222; if the plug-in is configured, before forwarding the interface information, processing in the plug-in is performed first, and then forwarding is performed, for example, the router 221 configures the plug-in 2211, and before forwarding the interface information, information that needs to be authenticated may be added to the plug-in 2211. The plug-in 2211 in this embodiment is a plug-in customized for the gateway 23, and the plug-in 2211 may be arbitrarily added to a route that needs to be used, for example, if the route 221 needs to perform processing in the plug-in 2211, and the route 222 does not need to perform processing, the route 221 only needs to configure the plug-in 2211, and the route 222 does not need to configure the plug-in 2211. All products needing to connect the authentication system 20 can be externally hung with a plug-in for authentication.
The authentication system 20 connects the website 211 once, authenticates the route 221 through the plug-in 2211, optionally, if the connected authentication system 20 is modified later, only the plug-in 2211 needs to be modified, for example, if the authentication process of the original authentication system 20 is successful if the Cookie contains a certain value, the authentication process is modified to the state that whether the current user exists in the database or not is inquired, and if the modification occurs, only the authentication logic in the plug-in 2211 needs to be modified, and the website 211 connected with the authentication system does not need to be modified.
It should be noted that the website 211 of this embodiment may interface with multiple authentication systems 20 at a time, each authentication system 20 may authenticate the route 221 in the website 211 through the corresponding plug-in 2211, so that multiple plug-ins 2211 corresponding to multiple authentication systems 20 are required to authenticate the route 221, and the priority order of the multiple plug-ins 2211 may be set, so that the route 221 is authenticated sequentially through each plug-in 2211 according to the priority order. The priority order may be flexibly set according to the importance, requirement, and the like of the plug-in 2211 for authenticating the route 221.
The plug-in 2211 of this embodiment may be externally hung on any route that needs to be authenticated, and the gateway 23 may set configuration parameters meeting the requirements of the plug-in 2211, where the configuration parameters represent differences in authentication of each product (website) in a set of product lines 21, for example, if the plug-in 2211 may have different authentication logics for the website 211 and the website 212, the gateway 23 may define some configuration parameters into the plug-in to represent differences in authentication of the website 211 and the website 212.
It should be noted that the system for implementing authentication of a website shown in fig. 2 in this embodiment is only an example of the embodiment of the present invention, and does not represent that the system for implementing authentication of a website in the embodiment of the present invention is only the above, any system may authenticate a target route of a target website by means of plug-in, and the authentication scheme is uniformly developed and maintained by the target plug-in, and with the use of the gateway, any modification related to the authentication logic needs to be done only once, and the method applicable to each website is within the scope of the embodiment, for example, each route may be configured with multiple plugins, the multiple plugins have priority when implementing the authentication of the route, each website may also be connected to multiple authentication systems, and the like, which is not described in detail herein.
According to the authentication method of the website, the authentication scheme can be uniformly developed and maintained in a unified way by means of plug-in and the use of the gateway, and all work is only done once, namely, the purpose that products with the same authentication scheme only need to be developed once is achieved, so that labor waste is greatly reduced. The authentication scheme of the embodiment is uniformly maintained, and any modification related to authentication is only needed to be done once, so that the method can be applied to each website, the maintenance cost is greatly reduced, the working efficiency is improved, the technical problem of low website authentication efficiency is solved, and the technical effect of improving the website authentication efficiency is achieved.
Example 3
The embodiment of the invention also provides an authentication device of the website. It should be noted that the authentication device of the website of this embodiment can be used to execute the authentication method of the website of this embodiment of the present invention.
Fig. 3 is a schematic diagram of an authentication apparatus of a website according to an embodiment of the invention. As shown in fig. 3, the authentication device 30 of the website may include: an acquisition unit 31, a configuration unit 32 and an authentication unit 33.
The obtaining unit 31 is configured to obtain a target plug-in, where the target plug-in includes authentication information for authenticating a target route of a target website.
A configuration unit 32, configured to configure the target plug-in to the target route.
And an authentication unit 33, configured to authenticate the configured target route according to the authentication information included in the target plugin.
Optionally, the apparatus further comprises: the modification unit is used for modifying the authentication information included by the target plug-in according to the second authentication logic if the authentication logic for authenticating the target route by the authentication system needs to be modified from the first authentication logic to the second authentication logic under the condition that the target website is connected with the authentication system; and the first authentication unit is used for authenticating the target route according to the modified authentication information included by the target plug-in.
Optionally, the authentication information is preset in the target plugin and is used to authenticate a plurality of routes, where the plurality of routes includes the target route.
Alternatively, the acquisition unit 31 includes: and the acquisition module is used for acquiring the target plug-in configured by the gateway of the target website.
Optionally, the obtaining module includes: the acquisition submodule is used for acquiring first configuration information for configuring a target route by a gateway of a target website; and the determining submodule is used for determining at least the first configuration information as authentication information to obtain the target plug-in.
Optionally, the device is further configured to respond to a target operation instruction input by a user to obtain second configuration information of the target website, where the second configuration information is used to represent a difference between authentication information corresponding to the target website and authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
Optionally, the apparatus further comprises: and the forwarding unit is used for forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule after the configured target route is authenticated according to the authentication information included by the target plug-in, wherein the target forwarding rule is configured by the gateway of the target website.
In this embodiment, the obtaining unit 31 obtains the target plug-in, where the target plug-in includes authentication information for authenticating a target route of the target website; configuring the target plug-in to the target route through a configuration unit 32; and authenticating the configured target route through the authentication unit 33 according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, thereby avoiding the problems that the work load is increased and the labor cost is wasted because the website is authenticated only by the authentication system and the authentication system needs to be docked once, further solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
Example 4
In this embodiment, the authentication device of the website includes a processor and a memory, the acquiring unit 31, the configuring unit 32 and the authentication unit 33 are all stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. One or more kernels can be set, and the technical effect of improving the authentication efficiency of the website is achieved by adjusting kernel parameters.
Example 5
An embodiment of the present invention provides a storage medium having a program stored thereon, where the program, when executed by a processor, implements an authentication method for a website.
Example 6
Fig. 4 is a schematic diagram of an electronic device according to an embodiment of the invention. As shown in fig. 4, the electronic device 40 includes at least one processor 401, and at least one memory 402 connected to the processor 401, a bus 403; the processor 401 and the memory 402 complete communication with each other through the bus 403; the processor 401 is used for calling the program instructions in the memory 402 to execute the above-mentioned authentication method of the website. The electronic device 40 herein may be a server, a PC, a PAD, a cell phone, etc.
Example 7
The present application also provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website; configuring a target plug-in unit to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: under the condition that the target website is connected with the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified into a second authentication logic from a first authentication logic, the authentication information included in the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: the authentication information is preset in the target plug-in and is used for authenticating a plurality of routes, and the plurality of routes comprise the target route.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: and acquiring a target plug-in configured by a gateway of the target website.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: acquiring first configuration information for configuring a target route by a gateway of a target website; and determining at least the first configuration information as authentication information to obtain the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in unit comprises: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: and after the target route is authenticated according to the target plug-in, forwarding the interface information of the authenticated target route through a gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and they may alternatively be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, or fabricated separately as individual integrated circuit modules, or fabricated as a single integrated circuit module from multiple modules or steps. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (8)
1. An authentication method for a website, comprising:
acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website;
configuring the target plug-in to the target route;
authenticating the configured target route according to the authentication information included by the target plug-in;
wherein the method further comprises: under the condition that the target website is connected with an authentication system, if the authentication logic of the authentication system for authenticating the target route needs to be modified into second authentication logic from a first authentication logic, and the second authentication logic is issued uniformly through a gateway of the target website, the authentication information included by the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in, wherein the authentication information is pre-configured in the target plug-in and is used for authenticating a plurality of routes, and the plurality of routes include the target route.
2. The method of claim 1, wherein obtaining the target plug-in comprises:
and acquiring the target plug-in configured by the gateway of the target website.
3. The method of claim 2, wherein obtaining the target plug-in configured by the gateway of the target website comprises:
acquiring first configuration information for configuring the target route by a gateway of the target website;
and at least determining the first configuration information as the authentication information to obtain the target plug-in.
4. The method of claim 3,
the method further comprises the following steps: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites;
determining at least the first configuration information as the authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as the authentication information to obtain the target plug-in.
5. The method of any of claims 1 to 4, wherein after authenticating the target route with the target plugin, the method further comprises:
and forwarding the authenticated interface information of the target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
6. An authentication apparatus for a website, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target plug-in, and the target plug-in comprises authentication information for authenticating a target route of a target website;
a configuration unit, configured to configure the target plug-in to the target route;
the authentication unit is used for authenticating the configured target route according to the authentication information included by the target plug-in;
under the condition that the target website is connected with an authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified into second authentication logic from a first authentication logic, and the second authentication logic is issued in a unified way through a gateway of the target website, the authentication information included by the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included in the target plug-in, wherein the device is further configured to perform the following steps: the authentication information is preconfigured in the target plugin and is used for authenticating a plurality of routes, wherein the plurality of routes comprise the target route.
7. A storage medium, comprising a stored program, wherein the program when executed controls an apparatus in which the storage medium is located to perform the method of any one of claims 1 to 5.
8. An electronic device comprising to a processor, and at least one memory, bus connected to the processor;
the processor and the memory complete mutual communication through the bus;
the processor is configured to invoke program instructions in the memory to perform the method of any of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911053027.6A CN112751811B (en) | 2019-10-31 | 2019-10-31 | Website authentication method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911053027.6A CN112751811B (en) | 2019-10-31 | 2019-10-31 | Website authentication method and device, storage medium and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112751811A CN112751811A (en) | 2021-05-04 |
CN112751811B true CN112751811B (en) | 2023-04-18 |
Family
ID=75644626
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911053027.6A Active CN112751811B (en) | 2019-10-31 | 2019-10-31 | Website authentication method and device, storage medium and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112751811B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9294479B1 (en) * | 2010-12-01 | 2016-03-22 | Google Inc. | Client-side authentication |
CN107172057A (en) * | 2017-06-01 | 2017-09-15 | 浙江数链科技有限公司 | Authentication implementing method and device |
CN110213290A (en) * | 2019-06-14 | 2019-09-06 | 无锡华云数据技术服务有限公司 | Data capture method, API gateway and storage medium |
CN110225039A (en) * | 2019-06-14 | 2019-09-10 | 无锡华云数据技术服务有限公司 | Authority models acquisition, method for authenticating, gateway, server and storage medium |
-
2019
- 2019-10-31 CN CN201911053027.6A patent/CN112751811B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9294479B1 (en) * | 2010-12-01 | 2016-03-22 | Google Inc. | Client-side authentication |
CN107172057A (en) * | 2017-06-01 | 2017-09-15 | 浙江数链科技有限公司 | Authentication implementing method and device |
CN110213290A (en) * | 2019-06-14 | 2019-09-06 | 无锡华云数据技术服务有限公司 | Data capture method, API gateway and storage medium |
CN110225039A (en) * | 2019-06-14 | 2019-09-10 | 无锡华云数据技术服务有限公司 | Authority models acquisition, method for authenticating, gateway, server and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN112751811A (en) | 2021-05-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109510846B (en) | API calling system, method and device, electronic equipment and storage medium | |
US12069039B2 (en) | Dynamically unifying disparate user interface applications in a cloud native environment | |
CN109218368B (en) | Method, device, electronic equipment and readable medium for realizing Http reverse proxy | |
WO2018014657A1 (en) | Unified portal method, apparatus and system | |
CN108718347B (en) | Domain name resolution method, system, device and storage medium | |
CN103916378B (en) | System and method for automatically deploying application system in cloud resource pool | |
CN105979009A (en) | Method for automatically balancing increased load of cloud application container | |
US20220116458A1 (en) | Systems and methods for remote management of appliances | |
CN109150904A (en) | Interface service call method and terminal device | |
CN104506510A (en) | Method and device for equipment authentication and authentication service system | |
CN110958237A (en) | Authority verification method and device | |
CN109660504A (en) | System and method for controlling the access to enterprise network | |
CN109688280A (en) | Request processing method, request processing equipment, browser and storage medium | |
CN114189525B (en) | Service request method and device and electronic equipment | |
CN104580211A (en) | SOA architecture-based intrusive system | |
CN109194742B (en) | Virtual machine console connection method and device and storage medium | |
CN112751811B (en) | Website authentication method and device, storage medium and electronic equipment | |
CN111461718A (en) | Access method, device and system of block chain node | |
US20170195426A1 (en) | Maintaining session across plural providing devices | |
CN113992446B (en) | Cross-domain browser user authentication method, system and computer storage medium | |
CN106209992A (en) | A kind of router supports method and the router of RSS subscription task download | |
CN106936643B (en) | Equipment linkage method and terminal equipment | |
CN115396221A (en) | Authorization processing method, device and system, electronic equipment and storage medium | |
JP2024013980A (en) | Communication system, control device, communication method, and program | |
CN111506846B (en) | Web page generation method and device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |