CN114329299A - Vehicle internet service management website architecture - Google Patents
Vehicle internet service management website architecture Download PDFInfo
- Publication number
- CN114329299A CN114329299A CN202111682007.2A CN202111682007A CN114329299A CN 114329299 A CN114329299 A CN 114329299A CN 202111682007 A CN202111682007 A CN 202111682007A CN 114329299 A CN114329299 A CN 114329299A
- Authority
- CN
- China
- Prior art keywords
- account
- page
- service management
- internet service
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a vehicle internet service management website architecture, which comprises: the account login security verification module is used for generating a password through a salt adding encryption algorithm when the account logs in; the account number authority management module is used for carrying out authority management on a logged-in account number, matching a corresponding link address and authority identification for each function page, simultaneously creating an account number role and matching a corresponding page authority for the role; the website page display module is used for displaying on a webpage, creating an inline frame in a fixed page, and changing the value of an access address corresponding to the src attribute of the nested page by clicking a primary or secondary menu under the condition that the access address of a main page is not changed; and the function page adding module is used for configuring links and authority identification for the added page. The vehicle internet service management website framework ensures the safety, convenience and easy expandability of the vehicle enterprise internet service management website.
Description
Technical Field
The invention relates to the technical field of internet service management, in particular to a vehicle internet service management website architecture.
Background
With the gradual improvement of the entertainment requirements of users and the development of the automobile software and hardware technology, a plurality of internet automobiles carrying rich application ecosystems are continuously appeared in the Chinese market. In order to manage such an application ecosystem, each large and whole automobile factory successively builds an own internet service management platform, and performs internet service management on vehicles under flags in a management website mode, so that the safety and the convenience of an internet service management website framework become important problems which need to be considered and solved in the development of intelligent internet automobiles.
Therefore, a vehicle internet service management website architecture is needed.
Disclosure of Invention
The invention aims to provide a vehicle internet service management website architecture, which is used for solving the problems in the prior art and ensuring the safety, convenience and easy expandability of a vehicle enterprise internet service management website.
The invention provides a vehicle internet service management website architecture, which comprises the following steps:
the account login security verification module is used for performing security verification when an account logs in, and generating a password through an MD5 salt-adding encryption algorithm based on an Apache shiro technology;
the account authority management module is used for carrying out authority management on a logged account after the account login security verification is successful, storing the existing function pages of the platform in a form stored by a relational database table in a spring cloud architecture, matching corresponding link addresses and authority identifications for each function page, simultaneously creating account roles, and matching corresponding page authorities for roles when the account roles are created;
the website page display module is used for displaying on a webpage after the account is successfully logged in and the page authority is acquired, creating an inline frame in a fixed page in the form of an HTML (hypertext markup language) tag based on a SpringCloud technology, and changing the value of an access address corresponding to the src attribute of the nested page by clicking a primary or secondary menu under the condition that the access address of a main page is not changed;
and the function page adding module is used for configuring links and authority identifications for the added pages based on a SpringCloud architecture, wherein the configured links are addresses of < iframe > label default access when a user clicks a page menu, and the configured authority identifications are used for matching with the role authorities of the user.
The vehicle internet service management website architecture as described above, wherein preferably, the account login security verification module includes an encryption unit, and the encryption unit is specifically configured to:
obtaining a password plaintext input by a user;
acquiring a randomly generated salt value;
splicing the password plaintext and the salt value;
and encrypting the splicing result of the cipher plaintext and the salt value by adopting a hash function to obtain a final cipher text.
The vehicle internet service management website architecture as described above, preferably, the account login security verification module further includes a login condition confirmation unit, configured to intercept and judge whether the current user logs in through an Authc login interceptor when the login request is obtained, if the current user logs in, the current user passes through the path configured by the Authc.
The vehicle internet service management website architecture as described above, wherein preferably, the account login security verification module further includes a login execution authentication unit, configured to, when obtaining a login request, if a requested path is a path configured by an auth.
Preferably, the account permission management module is specifically configured to automatically acquire the account permission after the password verification of the account is completed by rewriting a method of dog access permission info in an Apache shiro framework.
The vehicle internet service management website architecture as described above, wherein preferably, the vehicle internet service management website architecture further includes a micro-service module, which is configured to provide a plurality of micro-services based on a SpringCloud architecture, and each micro-service is not interfered with each other and can independently provide services to the outside.
The vehicle internet service management website architecture as described above, wherein preferably, the vehicle internet service management website architecture further includes an account number adding module, which is configured to store an account number and a password generated by a MD5 salt encryption algorithm in a relational database, and directly add account number information and account number corresponding permissions through a front-end website when adding a new account number subsequently.
The invention provides a vehicle internet service management website architecture, which utilizes the technical characteristics of SpringCloud to realize the free expansion of a new internet function, provides convenience for the free expansion of a subsequent new internet function, facilitates the function iteration and daily management of an internet service platform, and ensures that a user can freely expand the new function without influencing the existing function; meanwhile, the safety and role management requirements of the Internet service management website are met through an Apache shiro framework, and the safety, convenience and easy expandability of the vehicle-enterprise Internet service management website are guaranteed; meanwhile, the webpage display of a website can be realized, a plurality of micro services which independently provide services to the outside can be provided, the opening and closing of various functions are managed at a webpage end, and the service states of various functions are monitored; by utilizing the technical characteristics of SpringCloud, the online function is monitored and managed in real time while a new networking function is expanded, and the authority management during account login is well performed.
Drawings
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described with reference to the accompanying drawings, in which:
FIG. 1 is a block diagram of a vehicle networking service management website according to an embodiment of the present invention;
FIG. 2 is a logic diagram of a salt encryption algorithm according to an embodiment of the vehicle networking service management website architecture provided in the present invention;
FIG. 3 is a schematic diagram illustrating a service website page management function according to an embodiment of the vehicle networking service management website architecture provided in the present invention;
fig. 4 is a schematic diagram of an account and a password in a relational database according to an embodiment of the vehicle internet service management website architecture provided in the present invention.
Detailed Description
Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. The description of the exemplary embodiments is merely illustrative and is in no way intended to limit the disclosure, its application, or uses. The present disclosure may be embodied in many different forms and is not limited to the embodiments described herein. These embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. It should be noted that: the relative arrangement of parts and steps, the composition of materials, numerical expressions and numerical values set forth in these embodiments are to be construed as merely illustrative, and not as limitative, unless specifically stated otherwise.
As used in this disclosure, "first", "second": and the like, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that the element preceding the word covers the element listed after the word, and does not exclude the possibility that other elements are also covered. "upper", "lower", and the like are used merely to indicate relative positional relationships, and when the absolute position of the object being described is changed, the relative positional relationships may also be changed accordingly.
In the present disclosure, when a specific component is described as being located between a first component and a second component, there may or may not be intervening components between the specific component and the first component or the second component. When it is described that a specific component is connected to other components, the specific component may be directly connected to the other components without having an intervening component, or may be directly connected to the other components without having an intervening component.
All terms (including technical or scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs unless specifically defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail, but are intended to be part of the specification where appropriate.
The service management website of the vehicle enterprise firstly needs to ensure the security of the verification of the website account login password, and the password is encrypted and then transmitted for verification without directly using the account password in the account login password verification process; meanwhile, for logging in by different accounts, a website needs to identify the role identity of the account, display different webpage contents for a logging user, and simultaneously carry out authority verification on user operation; the control of the user access system is realized, the user operation is limited according to the security rule or the security policy, and only the user is allowed to access authorized resources.
In the existing vehicle internet service management scheme, a Shiro frame is called to call a getSubject method provided by the frame, and the method needs a user to process a front-end request in a Controller file, so that the strategy is complicated; the subsequent newly added page authority management is not designed, and the subsequent change condition of the vehicle-enterprise internet service management website is frequent, so the authority access design of the newly added page is very important.
As shown in fig. 1, an embodiment of the present invention provides a vehicle internet service management website architecture, which includes:
the account login security verification module 1 is used for performing security verification when an account logs in, and generating a password through an MD5 salt-adding encryption algorithm based on an Apache shiro technology;
the account number authority management module 2 is used for carrying out authority management on a logged account number after the account number login security verification is successful, storing the existing function pages of the platform in a form stored by a relational database table in a SpringCloud framework, matching corresponding link addresses and authority identifications for each function page, simultaneously creating account number roles, and matching corresponding page authorities for roles when the account number roles are created;
the website page display module 3 is used for displaying on a webpage after the account is successfully logged in and the page authority is acquired, creating an inline frame in a fixed page in the form of an HTML (hypertext markup language) tag based on a SpringCloud technology, and changing the value of an access address corresponding to the src attribute of the nested page by clicking a primary or secondary menu under the condition that the access address of a main page is not changed;
and the function page adding module 4 is used for configuring links and authority identifications for the added pages based on a SpringCloud architecture, wherein the configured links are addresses of < iframe > label default access when a user clicks a page menu, and the configured authority identifications are used for matching with the role authorities of the user.
The SpringCloud is taken as the most popular micro-service architecture at present, emphasizes that a service system needs to be thoroughly componentized and serviced, one component is a product and can independently provide services to the outside, the content of the website development needing to be configured is much, and the workload of writing configuration files can be greatly reduced based on the SpringCloud. Apache Shiro is a security framework for Java and can implement authentication, authorization, encryption, session management, integration with the Web, caching, etc.
Further, the account login security verification module 1 includes an encryption unit, as shown in fig. 2, where the encryption unit is specifically configured to:
obtaining a password plaintext input by a user;
acquiring a randomly generated salt value;
splicing the password plaintext and the salt value;
and encrypting the splicing result of the cipher plaintext and the salt value by adopting a hash function to obtain a final cipher text.
When the account logs in, security verification is required to be carried out, the user password is verified,
the currently used encryption algorithm is md5 encryption, for example, the encryption password is "admin", the generated hash value is "21232 f297a57a5a743894a0e4a801fc 3", the password "admin" can be easily obtained by the hash value through some md5 decryption websites, i.e. if the password is directly hashed, the decryption is relatively easy. In the invention, salt encryption (namely salt encryption) is used for the password processing, and some interference data only known by the system, such as user name and ID (namely salt value), are added, so that the hashed object is 'password + user name + ID', and then the object is encrypted, thereby greatly increasing the difficulty of cracking.
Further, the account login security verification module 1 further includes a login condition confirmation unit, which is configured to intercept and judge whether the current user logs in through an auth login interceptor when the login request is obtained, if the current user logs in, the current user is released, and if the current user does not log in, the current user jumps to a path configured by an auth.
Further, the account login security verification module 1 further includes a login execution authentication unit, configured to, when a login request is obtained, if a requested path is a path configured by an auth.
The Authc login interceptor is used as a login verification tool of shiro, different page paths can be configured according to the login condition of a user, if the user successfully logs in, the user jumps to a page with successful login, and if the user fails to log in, the user jumps to a page with failure.
Further, the account permission management module 2 is specifically configured to automatically acquire the account permission after the password verification of the account is completed by rewriting the method of dog attaririzationinfo in the Apache shiro framework. Through the account number authority management module 2, when a website account number is created, the authority which the account number should have can be matched, for example, the account number a can see vehicle data and equipment data, and the account number B can only see the vehicle data.
The function pages stored by the account authority management module 2 may include, for example, a home page, a data center, business handling, owner management, vehicle T service, vehicle control, message pushing, platform jumping, business logging, data management, device data management, vehicle management, creation service management, vehicle type service configuration, ECU module management, vehicle type fault code management, detection app account management, service age configuration, and the like.
As shown in fig. 3, a web page display module 3 can divide a region on a page, embed another page in the region, and the page can be dynamically changed, while the other region is not changed, only the region is changed, and a secondary interface is added under the primary interface.
Further, the vehicle internet service management website architecture further comprises a micro-service module 5, which is used for providing a plurality of micro-services based on the SpringCloud architecture, wherein the micro-services are not interfered with each other and can independently provide services to the outside. The micro-services provided by the micro-service module 5 may be, for example, service gateways, task scheduling, big data operations, and the like.
Further, the vehicle internet service management website architecture further includes an account newly-added module 6, which is configured to store an account and a password (as shown in fig. 4) generated by a MD5 salt encryption algorithm in a relational database, and directly add account information and account corresponding permissions through a front-end website when an account is subsequently newly added. The front-end website is, for example, a web page that runs on a browser such as a PC end or a mobile end and is displayed to a user. According to the vehicle internet service management website framework, when the function page and the user account are added, the function change can be conveniently completed through the function page adding module 4 and the account adding module 6, meanwhile, the real-time monitoring and management can be realized by adopting the spring cloud, and the coupling of the internet service platform code is greatly reduced.
According to the vehicle internet service management website architecture provided by the embodiment of the invention, the technical characteristics of SpringCloud are utilized, the free expansion of a new internet function is realized, convenience is provided for the free expansion of the subsequent new internet function, the function iteration and the daily management of an internet service platform are facilitated, and the new function is freely expanded under the condition that the existing function is not influenced by a user; meanwhile, the safety and role management requirements of the Internet service management website are met through an Apache shiro framework, and the safety, convenience and easy expandability of the vehicle-enterprise Internet service management website are guaranteed; meanwhile, the method can realize the webpage display of the website, can also provide a plurality of independent micro services for providing services to the outside, manage the opening and closing of various functions at the webpage end, and monitor the service states of various functions; by utilizing the technical characteristics of SpringCloud, the online function is monitored and managed in real time while a new networking function is expanded, and the authority management during account login is well performed.
Thus, various embodiments of the present disclosure have been described in detail. Some details that are well known in the art have not been described in order to avoid obscuring the concepts of the present disclosure. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
Although some specific embodiments of the present disclosure have been described in detail by way of example, it should be understood by those skilled in the art that the foregoing examples are for purposes of illustration only and are not intended to limit the scope of the present disclosure. It will be understood by those skilled in the art that various changes may be made in the above embodiments or equivalents may be substituted for elements thereof without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.
Claims (7)
1. A vehicle networking service management website architecture, comprising:
the account login security verification module is used for performing security verification when an account logs in, and generating a password through an MD5 salt-adding encryption algorithm based on an Apache shiro technology;
the account authority management module is used for carrying out authority management on a logged account after the account login security verification is successful, storing the existing function pages of the platform in a form stored by a relational database table in a spring cloud architecture, matching corresponding link addresses and authority identifications for each function page, simultaneously creating account roles, and matching corresponding page authorities for roles when the account roles are created;
the website page display module is used for displaying on a webpage after the account is successfully logged in and the page authority is acquired, creating an inline frame in a fixed page in the form of an HTML (hypertext markup language) tag based on a SpringCloud technology, and changing the value of an access address corresponding to the src attribute of the nested page by clicking a primary or secondary menu under the condition that the access address of a main page is not changed;
and the function page adding module is used for configuring links and authority identifications for the added pages based on a SpringCloud architecture, wherein the configured links are addresses of < iframe > label default access when a user clicks a page menu, and the configured authority identifications are used for matching with the role authorities of the user.
2. The vehicle internet service management website architecture according to claim 1, wherein the account login security verification module includes an encryption unit, and the encryption unit is specifically configured to:
obtaining a password plaintext input by a user;
acquiring a randomly generated salt value;
splicing the password plaintext and the salt value;
and encrypting the splicing result of the cipher plaintext and the salt value by adopting a hash function to obtain a final cipher text.
3. The vehicle internet service management website architecture according to claim 2, wherein the account login security verification module further includes a login condition confirmation unit, which is configured to intercept and judge whether the current user logs in through an Authc login interceptor when the login request is obtained, if the current user logs in, the current user is released, and if the current user does not log in, the current user jumps to a path configured by an Authc.
4. The vehicle internet service management website architecture according to claim 3, wherein the account login security verification module further includes a login execution authentication unit, configured to, when obtaining the login request, attempt to obtain an account and a password value in the login request through an auth login interceptor if the requested path is a path configured by an auth.
5. The vehicle internet service management website architecture of claim 1, wherein the account permission management module is specifically configured to automatically acquire the account permission after the password verification of the account is completed by rewriting a dow access terro method in an Apache shiro framework.
6. The vehicle networking service management website architecture of claim 1, wherein the vehicle networking service management website architecture further comprises a micro-service module, configured to provide a plurality of micro-services based on a SpringCloud architecture, and each micro-service is not interfered with each other and can independently provide services to the outside.
7. The vehicle internet service management website architecture of claim 6, wherein the vehicle internet service management website architecture further comprises an account number adding module, configured to store an account number and a password generated by a MD5 salt encryption algorithm in a relational database, and directly add account number information and account number corresponding permissions through a front-end website when an account number is subsequently added.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111682007.2A CN114329299A (en) | 2021-12-31 | 2021-12-31 | Vehicle internet service management website architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111682007.2A CN114329299A (en) | 2021-12-31 | 2021-12-31 | Vehicle internet service management website architecture |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114329299A true CN114329299A (en) | 2022-04-12 |
Family
ID=81022401
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111682007.2A Pending CN114329299A (en) | 2021-12-31 | 2021-12-31 | Vehicle internet service management website architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114329299A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117061582A (en) * | 2023-10-12 | 2023-11-14 | 北京北汽鹏龙汽车服务贸易股份有限公司 | Vehicle management system interaction method based on data center and computer equipment |
-
2021
- 2021-12-31 CN CN202111682007.2A patent/CN114329299A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117061582A (en) * | 2023-10-12 | 2023-11-14 | 北京北汽鹏龙汽车服务贸易股份有限公司 | Vehicle management system interaction method based on data center and computer equipment |
| CN117061582B (en) * | 2023-10-12 | 2023-12-22 | 北京北汽鹏龙汽车服务贸易股份有限公司 | Vehicle management system interaction method based on data center and computer equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10489561B2 (en) | Web application protection | |
| EP3854047B1 (en) | Supervised learning system for identity compromise risk computation | |
| Stuttard et al. | The web application hacker's handbook: Finding and exploiting security flaws | |
| CN107172054B (en) | Authority authentication method, device and system based on CAS | |
| US11017088B2 (en) | Crowdsourced, self-learning security system through smart feedback loops | |
| Mainka et al. | Penetration testing tool for web services security | |
| US10122830B2 (en) | Validation associated with a form | |
| US20230328071A1 (en) | Method and device for securely accessing intranet application | |
| CN108322461A (en) | Method, system, device, equipment and the medium of application program automated log on | |
| CN108810003B (en) | Safety verification scheme for multi-service party message access | |
| CN111770072B (en) | Method and device for accessing function page through single sign-on | |
| CN114329299A (en) | Vehicle internet service management website architecture | |
| CN112202813B (en) | Network access method and device | |
| JP5474091B2 (en) | How to secure gadget access to your library | |
| US20040148372A1 (en) | Web-browser based heterogeneous systems management tool | |
| Bakhtina et al. | Information Security Analysis in the Passenger-Autonomous Vehicle Interaction | |
| US10102384B2 (en) | Digital content execution control mechanism | |
| CN107294920B (en) | Reverse trust login method and device | |
| CN103548021A (en) | Content publication control system | |
| Kim et al. | AUTOSAR embedded security in vehicles | |
| CN111464594A (en) | Http interface connection method, apparatus and storage medium | |
| Lehtola et al. | Security, privacy, and legislation adherence assessment of a whistleblowing web application | |
| Nielson | World Wide Web Security | |
| Prasher | Security Assurance of REST API based applications | |
| Čović | Threats and Vulnerabilities in Web Applications and How to Avoid Them |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |