CN114117360A - Access method and access authorization method and device of external network source and computer equipment - Google Patents

Access method and access authorization method and device of external network source and computer equipment Download PDF

Info

Publication number
CN114117360A
CN114117360A CN202111459228.3A CN202111459228A CN114117360A CN 114117360 A CN114117360 A CN 114117360A CN 202111459228 A CN202111459228 A CN 202111459228A CN 114117360 A CN114117360 A CN 114117360A
Authority
CN
China
Prior art keywords
access
source
access certificate
authorization
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111459228.3A
Other languages
Chinese (zh)
Inventor
彭玉龙
石勇
孙利杰
杨涛
刘文清
陈松政
颜跃进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Qilin Xin'an Technology Co ltd
Original Assignee
Hunan Qilin Xin'an Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Qilin Xin'an Technology Co ltd filed Critical Hunan Qilin Xin'an Technology Co ltd
Priority to CN202111459228.3A priority Critical patent/CN114117360A/en
Publication of CN114117360A publication Critical patent/CN114117360A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Abstract

The embodiment of the invention discloses an access method, an access authorization device and computer equipment of an external network source. The access method is applied to the client device and comprises the following steps: acquiring system information, wherein the system information comprises system authorization information and a machine code; determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state; if the authorization state is the authorized state or the trial state, sending the system information to a server; receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate; and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package. The method for accessing the external network source provided by the embodiment of the application can improve the safety of self-research software, customized software packages and the like.

Description

Access method and access authorization method and device of external network source and computer equipment
Technical Field
The invention relates to the technical field of computer security, in particular to an access method, an access authorization method and an access authorization device of an extranet source and computer equipment.
Background
Linux is an Operating System based on Portable Operating System Interface (POSIX) and Unix with multiple users, multiple tasks, multiple threads, and multiple Central Processing Units (CPUs). Currently, the Linux operating system mainly manages a source repository by using a package management (YUM) or an Advanced Packaging Tool (APT), wherein the source repository is an application installation library containing many applications. Most source warehouses are free to use, malicious spreading or abuse risks exist in self-researched software, customized software packages and the like, and safety is poor. Therefore, how to improve the security of self-research software, customized software packages, and the like is a technical problem which needs to be solved at present.
Disclosure of Invention
One of the objectives of the present application is to provide an access method, an access authorization device, and a computer device for an extranet source, so as to solve the problem of how to improve the security of self-study software, a customized software package, and the like.
In a first aspect, an embodiment of the present application provides an access method for an extranet source, which is applied to a client device, and includes:
acquiring system information, wherein the system information comprises system authorization information and a machine code;
determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state;
if the authorization state is the authorized state or the trial state, sending the system information to a server;
receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate;
and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package.
In an optional implementation, the client device prestores a second source profile, and the generating a first source profile includes:
and generating a first source configuration file according to the name of the first access certificate and the second source configuration file.
In an optional implementation manner, after the client device prestores validity information of the first access certificate, and accesses an extranet source according to the first source profile, the method further includes:
judging whether the first access certificate is expired or not according to the valid period information;
if yes, sending a request for obtaining the access certificate to the server;
and receiving a second access certificate sent by the server, replacing the first access certificate with the second access certificate, and replacing the configuration of the corresponding first source configuration file.
In an optional implementation, the system information further includes system version information and system architecture information.
In a second aspect, an embodiment of the present application provides an access authorization method, which is applied to a server, and includes:
receiving system information sent by client equipment, wherein the system information comprises a machine code;
acquiring a first access certificate according to the machine code;
sending the first access credential to the client device.
In an optional implementation manner, the system information further includes system version information and system architecture information, the server prestores a restriction date of the first access certificate, and the obtaining the first access certificate according to the machine code includes:
judging whether a first access certificate corresponding to the machine code exists or not according to the machine code;
if the first access certificate does not exist, generating a second access certificate according to a first preset rule;
if yes, judging whether the first access certificate is expired or not according to the limit date;
if the access certificate is expired, generating a second access certificate according to a second preset rule;
determining that the first access credential is the second access credential.
In an optional embodiment, the generating the second access certificate according to the first preset rule includes:
generating a corresponding first user name according to the machine code;
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the first username and the software source warehouse.
In an optional implementation manner, the generating the second access certificate according to the second preset rule includes:
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the second username of the first access certificate and the software source warehouse, and deleting the expired first access certificate.
In an optional embodiment, the method further comprises:
receiving an access certificate request sent by the client equipment;
generating the second access certificate according to a second preset rule;
sending the second access credential to the client device.
In a third aspect, an embodiment of the present application provides an access apparatus for an extranet source, which is applied to a client device, and includes:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring system information, and the system information comprises a system authorization information value and a machine code;
the determining module is used for determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state;
a sending module, configured to send the system information to a server if the authorization status is the authorized status or the trial status;
a generating module, configured to receive a first access certificate sent by the server, and generate a first source configuration file, where the first source configuration file is used to verify the first access certificate;
and the access module is used for responding to an external network source access request of a user and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package.
In a fourth aspect, an embodiment of the present application provides an access authorization apparatus, which is applied to a server, and includes:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving system information sent by client equipment, and the system information comprises a machine code;
the acquisition module is used for acquiring a first access certificate according to the machine code;
a sending module, configured to send the first access credential to the client device.
In a fifth aspect, a computer device is provided, the computer device comprising a memory and a processor, the memory storing a computer program, the computer program, when executed by the processor, implementing the method for accessing an extranet source according to the first aspect or the method for authorizing access according to the second aspect.
In a fourth aspect, a computer-readable storage medium is provided, on which a computer program is stored, which, when executed by a processor, implements the method for accessing an extranet source according to the first aspect or the method for authorizing access according to the second aspect.
The embodiment of the application provides an access method, an access authorization device and computer equipment of an external network source. The access method is applied to the client device and comprises the following steps: acquiring system information, wherein the system information comprises system authorization information and a machine code; determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state; if the authorization state is the authorized state or the trial state, sending the system information to a server; receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate; and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package. When a user sends an external network source access request based on client equipment, the first access certificate is verified according to the first source configuration file, the external network source can be accessed only after verification is passed, and the safety of self-developed software, a customized software package and the like can be improved.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings required to be used in the embodiments will be briefly described below, and it should be understood that the following drawings only illustrate some embodiments of the present invention, and therefore should not be considered as limiting the scope of the present invention. Like components are numbered similarly in the various figures.
Fig. 1 is a schematic block diagram illustrating a flow of steps of an access method for an extranet source according to an embodiment of the present application;
FIG. 2 is a schematic block diagram illustrating a flow of steps of a method for access authorization provided by an embodiment of the present application;
fig. 3 is a schematic block diagram illustrating a structure of an access device of an extranet source according to an embodiment of the present application;
fig. 4 shows a schematic block diagram of a structure of an access authorization apparatus provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Hereinafter, the terms "including", "having", and their derivatives, which may be used in various embodiments of the present invention, are only intended to indicate specific features, numbers, steps, operations, elements, components, or combinations of the foregoing, and should not be construed as first excluding the existence of, or adding to, one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the present invention belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in various embodiments of the present invention.
Example 1
Referring to fig. 1, fig. 1 is a schematic block diagram illustrating a flow of steps of an access method for an extranet source according to an embodiment of the present application.
As shown in fig. 1, the access method for an extranet source provided in the embodiment of the present application may be applied to a client device, and includes S110 to S150.
S110: acquiring system information, wherein the system information comprises system authorization information and a machine code.
In this embodiment, the extranet source is a software source for providing a software download source address designed and customized by the company for the user equipment that can use the internet. The client device obtains system information through a version authorization tool in the client device. The inside of the client device is communicated through a data Bus (D-BUS), so that the safety and the efficiency of data transmission are ensured. The system information includes system authorization information, machine code, system version information, and system architecture information. The system authorization information is several macros defined by system authorization software and used as a basis for detecting the authorization state of the system. The machine code is a serial number formed by carrying out a series of encryption and hashing on a hardware serial number and is used as a basis for judging whether the first access certificate exists or not. For example, the system version information is KY3. X-X; the system architecture information is x86-64, arm, mips, i386 and i 586.
S120: and determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state.
In this embodiment, if the system authorization information is a first preset value, it is determined that the authorization state of the system is an unauthorized state; if the system authorization information is a second preset value, determining that the authorization state of the system is a trial state; and if the system authorization information is a third preset value, determining that the authorization state of the system is an authorized state. It is understood that the unauthorized state represents that the client device is unable to obtain the payment service provided by the company and has no authority to access the extranet source; the trial status represents that the client device has permission to access the extranet source within a trial period; the authorized state represents access to the extranet source for a period determined by the nature of the service purchased by the customer, upon expiration of the service, the authorized state of the client device may transmit a change. The first preset value, the second preset value and the third preset value may be set according to actual requirements, and are not limited herein.
As an example, if the system authorization information is 0, determining that the authorization state of the system is an unauthorized state; if the system authorization information is 1, determining that the authorization state of the system is a trial state; and if the system authorization information is 2, determining that the authorization state of the system is an authorized state.
S130: and if the authorization state is the authorized state or the trial state, sending the system information to a server.
In this embodiment, if the authorization status is the authorized status or the trial status, which indicates that the user has the right to access the external network source, the client device sends system information to the server. It can be understood that the authorized state is the unauthorized state, which indicates that the user does not have the right to access the external network source, ends the process of accessing the external network source, and prompts the user to access the external network source without the right in the form of voice or text, etc.
It can be understood that, the client device and the server communicate with each other by using https (Hypertext Transfer Protocol over Secure Socket Layer), which is safer and more secret than http (Hypertext Transfer Protocol) and difficult to break.
S140: receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate.
In this embodiment, the first source configuration file is a dnf (companion yum) source configuration file, the dnf source configuration file starts the verification of the first access certificate, and the first access certificate can access the corresponding system version and the infrastructure extranet source after the verification passes. Wherein dnf is the new generation rpm (Red-Hat Package Manager).
In an optional implementation manner, the client device prestores a second source profile, and the generating a target source profile includes:
and generating a first source configuration file according to the name of the first access certificate and the second source configuration file.
Specifically, the client device generates dnf a source profile according to the name of the first access certificate and the default configuration content of the second source profile.
S150: and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package.
In this embodiment, the user performs an extranet source access operation on the client device, the client device responds to an extranet source access request of the user, verifies the first access certificate according to the dnf source configuration file, and can access the extranet source only after the verification is passed, and updates the local cache or downloads the software package, thereby improving the security of self-developed software, customized software packages, and the like.
In an optional implementation manner, to implement the update of the first access credential, the client device prestores validity information of the first access credential, and after accessing the external network source according to the first source profile, the method further includes:
judging whether the first access certificate is expired or not according to the valid period information;
if yes, sending a request for obtaining the access certificate to the server;
and receiving a second access certificate sent by the server, replacing the first access certificate with the second access certificate, and replacing the configuration of the corresponding first source configuration file.
In this embodiment, if the first access certificate expires, a request for obtaining an access certificate is sent to the server. And receiving a second access certificate sent by the server, replacing the first access certificate with the second access certificate, and replacing the corresponding configuration of the dnf configuration file, thereby realizing the updating of the first access certificate and the dnf configuration file. It is to be understood that no action is performed if the first access credential has not expired.
In an optional implementation manner, if the user selects not to use the external network source for access, the access to the external network source can be closed by selecting a close external network source access option on the client device. And the client equipment responds to the operation of closing the external network source access and accesses a default source warehouse by using a third source configuration file carried by the client equipment system. That is, by setting the option of closing the access of the external network source, the access to the source warehouse corresponding to the external network source is closed, so that the use of the normal source warehouse is not influenced.
The method for accessing the extranet source, provided by the embodiment of the application, is applied to the client device and comprises the following steps: acquiring system information, wherein the system information comprises system authorization information and a machine code; determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state; if the authorization state is the authorized state or the trial state, sending the system information to a server; receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate; and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package. When a user sends an external network source access request based on client equipment, the first access certificate is verified according to the first source configuration file, the external network source can be accessed only after verification is passed, and the safety of self-developed software, a customized software package and the like can be improved.
Example 2
Referring to fig. 2, fig. 2 is a schematic block diagram illustrating a flow of steps of an access authorization method according to an embodiment of the present application.
As shown in fig. 2, an access authorization method provided in the embodiment of the present application may be applied to a server, and includes S310 to S330.
S310: receiving system information sent by a client device, wherein the system information comprises a machine code.
In this embodiment, the server receives the system information sent by the client device, and provides a basis for subsequently acquiring the first access certificate.
S320: and acquiring a first access certificate according to the machine code.
In this embodiment, the system information in step 310 further includes system version information and system architecture information. The server prestores the limiting date of the access certificate.
In an optional embodiment, the obtaining, according to the machine code, a first access certificate includes:
judging whether a first access certificate corresponding to the machine code exists or not according to the machine code;
if the first access certificate does not exist, generating a second access certificate according to a first preset rule;
if yes, judging whether the first access certificate is expired or not according to the limit date;
if the access certificate is expired, generating a second access certificate according to a second preset rule;
determining that the first access credential is the second access credential.
Specifically, the server prestores a correspondence between the machine code and the first access certificate. If the corresponding first access certificate can be found according to the machine code, the first access certificate exists; and if the corresponding first access certificate which cannot be searched according to the machine code exists, the first access certificate does not exist. If the validity period corresponding to the first access certificate is within the limit date, the first access certificate is not expired; and if the validity period corresponding to the first access certificate is not within the limit date, the first access certificate is expired.
In an optional embodiment, the generating the second access certificate according to the first preset rule includes:
generating a corresponding first user name according to the machine code;
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the first username and the software source warehouse.
In an optional implementation manner, the generating the second access certificate according to the second preset rule includes:
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the second username of the first access certificate and the software source warehouse, and deleting the expired first access certificate.
It can be understood that, if the first access certificate corresponding to the machine code does not exist, the corresponding first username needs to be generated according to the machine code. If the first access certificate corresponding to the machine code exists but is expired, the second username of the first access certificate is directly used, and the user name does not need to be regenerated.
S330: sending the first access credential to the client device.
In this embodiment, the server sends the first access certificate to the client device, so that the client device generates a first source profile according to the first access certificate.
In an optional embodiment, the method further comprises:
receiving an access certificate request sent by the client equipment;
executing the step of generating the second access certificate according to a second preset rule;
sending the second access credential to the client device.
In this embodiment, when the server receives the access credential request sent by the client device, it indicates that the first access credential has expired. The server determines a software source warehouse to be accessed according to the system version and the system architecture information. And then, generating the second access certificate according to the second username of the first access certificate and the software source warehouse, and deleting the expired first access certificate. And finally, sending the second access certificate to the client device, so that the client device replaces the first access certificate with the second access certificate and replaces the configuration of the corresponding first source configuration file.
The access authorization method provided by the embodiment of the application is applied to a server and comprises the following steps: receiving system information sent by client equipment, wherein the system information comprises a machine code; acquiring a first access certificate according to the machine code; sending the first access credential to the client device. And acquiring and sending the first access certificate to the client equipment according to the system information sent by the client equipment, and providing a basis for the client equipment to generate a first source configuration file.
Example 3
Referring to fig. 3, fig. 3 is a block diagram schematically illustrating a structure of an access device of an extranet source according to an embodiment of the present application. The access device 500 of the extranet source can be applied to a client device, and includes an obtaining module 510, a determining module 520, a sending module 530, a generating module 540, and an accessing module 550.
The obtaining module 510 is configured to obtain system information, where the system information includes a system authorization information value and a machine code;
the determining module 520 is configured to determine an authorization status of the system according to the system authorization information, where the authorization status includes an unauthorized status, a trial status, and an authorized status;
the sending module 530 is configured to send the system information to a server if the authorization status is the authorized status or the trial status;
the generating module 540 is configured to receive a first access certificate sent by the server, and generate a first source configuration file, where the first source configuration file is used to verify the first access certificate;
the accessing module 550 is configured to respond to an external network source access request of a user, and access an external network source according to the first source configuration file to update a local cache or download a software package.
The above device is used for executing the method provided in embodiment 1, and the implementation principle and technical effect are similar, which are not described herein again.
Example 4
Referring to fig. 4, fig. 4 is a block diagram illustrating a structure of an access authorization apparatus according to an embodiment of the present application. The access authorization apparatus 700 can be applied to a server, and includes a receiving module 710, an obtaining module 720, and a sending module 730.
The receiving module 710 is configured to receive system information sent by a client device, where the system information includes a machine code;
the obtaining module 720 is configured to obtain a first access certificate according to the machine code;
the sending module 730 is configured to send the first access credential to the client device.
The above device is used for executing the method provided in embodiment 2, and the implementation principle and technical effect are similar, and are not described herein again.
The embodiment of the present application further discloses a computer device, which includes a memory and a processor, where the memory stores a computer program, and when the processor executes the computer program, the computer program implements the access method of the extranet source according to embodiment 1 or the access authorization method according to embodiment 2.
An embodiment of the present application further discloses a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method for accessing an extranet source according to embodiment 1 or the method for authorizing access according to embodiment 2 is implemented.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part of the technical solution that contributes to the prior art in essence can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a smart phone, a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention.

Claims (12)

1. An access method of an extranet source is applied to a client device and comprises the following steps:
acquiring system information, wherein the system information comprises system authorization information and a machine code;
determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state;
if the authorization state is the authorized state or the trial state, sending the system information to a server;
receiving a first access certificate sent by the server, and generating a first source configuration file, wherein the first source configuration file is used for verifying the first access certificate;
and responding to an external network source access request of a user, and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package.
2. The method of claim 1, wherein the client device pre-stores validity information of the first access credential, and further comprising, after accessing an extranet source according to the first source profile:
judging whether the first access certificate is expired or not according to the valid period information;
if yes, sending a request for obtaining the access certificate to the server;
and receiving a second access certificate sent by the server, replacing the first access certificate with the second access certificate, and replacing the configuration of the corresponding first source configuration file.
3. The method of claim 1, wherein the system information further comprises system version information and system architecture information.
4. An access authorization method applied to a server includes:
receiving system information sent by client equipment, wherein the system information comprises a machine code;
acquiring a first access certificate according to the machine code;
sending the first access credential to the client device.
5. The method of claim 4, wherein the system information further includes system version information and system architecture information, wherein the server has a restriction date of the first access certificate stored in advance, and wherein obtaining the first access certificate according to the machine code includes:
judging whether a first access certificate corresponding to the machine code exists or not according to the machine code;
if the first access certificate does not exist, generating a second access certificate according to a first preset rule;
if yes, judging whether the first access certificate is expired or not according to the limit date;
if the access certificate is expired, generating a second access certificate according to a second preset rule;
determining that the first access credential is the second access credential.
6. The method according to claim 5, wherein the generating the second access certificate according to the first preset rule comprises:
generating a corresponding first user name according to the machine code;
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the first username and the software source warehouse.
7. The method according to claim 5, wherein the generating the second access certificate according to the second preset rule comprises:
determining a software source warehouse to be accessed according to the system version and the system architecture information;
and generating the second access certificate according to the second username of the first access certificate and the software source warehouse, and deleting the expired first access certificate.
8. The method of claim 5, further comprising:
receiving an access certificate request sent by the client equipment;
executing the step of generating the second access certificate according to a second preset rule;
sending the second access credential to the client device.
9. An access device of an extranet source, applied to a client device, comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring system information, and the system information comprises a system authorization information value and a machine code;
the determining module is used for determining the authorization state of the system according to the system authorization information, wherein the authorization state comprises an unauthorized state, a trial state and an authorized state;
a sending module, configured to send the system information to a server if the authorization status is the authorized status or the trial status;
a generating module, configured to receive a first access certificate sent by the server, and generate a first source configuration file, where the first source configuration file is used to verify the first access certificate;
and the access module is used for responding to an external network source access request of a user and accessing an external network source according to the first source configuration file so as to update a local cache or download a software package.
10. An access authorization apparatus, applied to a server, includes:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving system information sent by client equipment, and the system information comprises a machine code;
the acquisition module is used for acquiring a first access certificate according to the machine code;
a sending module, configured to send the first access credential to the client device.
11. A computer arrangement, characterized in that the computer arrangement comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, implements the method of accessing an extranet source according to any of claims 1 to 3 or the method of authorizing access according to any of claims 4 to 8.
12. A computer-readable storage medium, characterized in that a computer program is stored thereon, which computer program, when being executed by a processor, carries out the method of accessing an extranet source according to any one of claims 1 to 3 or the method of authorizing access according to any one of claims 4 to 8.
CN202111459228.3A 2021-12-02 2021-12-02 Access method and access authorization method and device of external network source and computer equipment Pending CN114117360A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111459228.3A CN114117360A (en) 2021-12-02 2021-12-02 Access method and access authorization method and device of external network source and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111459228.3A CN114117360A (en) 2021-12-02 2021-12-02 Access method and access authorization method and device of external network source and computer equipment

Publications (1)

Publication Number Publication Date
CN114117360A true CN114117360A (en) 2022-03-01

Family

ID=80365337

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111459228.3A Pending CN114117360A (en) 2021-12-02 2021-12-02 Access method and access authorization method and device of external network source and computer equipment

Country Status (1)

Country Link
CN (1) CN114117360A (en)

Similar Documents

Publication Publication Date Title
CN108322461B (en) Method, system, device, equipment and medium for automatically logging in application program
CN107135073B (en) Interface calling method and device
CN107404382B (en) Controlling licensable features of software using access tokens
US10587697B2 (en) Application-specific session authentication
US20120254768A1 (en) Customizing mobile applications
US8250630B2 (en) Detecting unauthorized computer access
CN112257086B (en) User privacy data protection method and electronic equipment
CN111917773A (en) Service data processing method and device and server
CN106549957B (en) terminal application copyright authentication method and system
CN110555293A (en) Method, apparatus, electronic device and computer readable medium for protecting data
CN111460410A (en) Server login method, device and system and computer readable storage medium
CN111953634B (en) Access control method and device for terminal equipment, computer equipment and storage medium
CN111585954A (en) Authentication method, authentication device, computer equipment and storage medium
US9177123B1 (en) Detecting illegitimate code generators
CN111224826B (en) Configuration updating method, device, system and medium based on distributed system
CN107133499B (en) Software copyright protection method, client, server and system
CN110034922B (en) Request processing method, processing device, request verification method and verification device
KR101745919B1 (en) User authentication method and system using software-based HSM without password exposure
US20080022004A1 (en) Method And System For Providing Resources By Using Virtual Path
US9122878B1 (en) Software license management with drifting component
CN114117360A (en) Access method and access authorization method and device of external network source and computer equipment
CN109359450A (en) Safety access method, device, equipment and the storage medium of linux system
KR20160109241A (en) Method and apparatus for secure accecss to resources
EP3036674B1 (en) Proof of possession for web browser cookie based security tokens
CN113360868A (en) Application program login method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination