CN114363091A - Method and system for realizing unified login of platform application based on APISIX - Google Patents
Method and system for realizing unified login of platform application based on APISIX Download PDFInfo
- Publication number
- CN114363091A CN114363091A CN202210197142.6A CN202210197142A CN114363091A CN 114363091 A CN114363091 A CN 114363091A CN 202210197142 A CN202210197142 A CN 202210197142A CN 114363091 A CN114363091 A CN 114363091A
- Authority
- CN
- China
- Prior art keywords
- application platform
- user
- platform
- application
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a method and a system for realizing unified login of platform application based on APISIX, wherein the method comprises the following steps: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module, wherein the data acquisition module is used for acquiring application platform information and user sign-on information, the data management center is used for storing and managing all acquired data, the single sign-on management module is used for managing the authority of the application platform integrating the single sign-on, the application management module is used for monitoring the running data of the application platform, the exception handling module is used for handling the congestion condition of the application platform, the access speed of the application platform is increased, the safety of the application platform is improved, and the sign-on speed of cross-domain single sign-on is increased.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method and a system for realizing unified login of platform application based on APISIX.
Background
The APISIX refers to a cloud-native, high-performance and extensible micro-service API open-source gateway, a plurality of application platforms providing various services are independently operated on the Internet, each application platform has a respective identity authentication mechanism, so that a user needs to register once when logging in one application platform and can access after passing authentication, when the user accesses a plurality of application platforms in a certain time period, the access efficiency is reduced by multiple login, the development and maintenance cost is also increased, the unified login of the application platforms is realized by single login, the access efficiency can be effectively improved, and the cost is reduced;
however, the existing single sign-on method still has some problems: firstly, single sign-on means that in a plurality of application systems, a user can access all mutually trusted application systems only by logging on once, for most users, platforms which are not accessed by the user exist in mutually trusted application platforms, and the authority of each platform cannot be managed by using an API gateway so as to effectively reduce platforms logged in through Cookie, thereby improving the access safety; secondly, the application platforms have numerous functions, the application platform capable of achieving the purpose of access cannot be replaced in time when the platform accessed by the user is abnormal, access delay is caused, and finally, the platform login speed cannot be increased when cross-domain single-point login is achieved.
Therefore, a method and a system for implementing unified platform application login based on APISIX are needed to solve the above problems.
Disclosure of Invention
The invention aims to provide a method and a system for realizing unified login of platform application based on APISIX, so as to solve the problems in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: the utility model provides a system for realize unified login of platform application based on APISIX which characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the running data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
Furthermore, the data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all acquired data to the data management center.
Furthermore, the single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user, and determining an authority platform called by the APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
Further, the application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, and when the situation that the running speed of the application platform is slowed down is monitored, the access amount of the current application platform is confirmed, and whether an access congestion condition exists is judged: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
Furthermore, the exception handling module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform corresponding to the congestion situation of the login access of the user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority of an application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging the login information of the user: and if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded.
Further, in steps S1-S2: the method includes the steps that a set of times of a random user accessing An application platform is collected to be a { a1, a 2., An }, wherein n represents the number of the application platforms, a time set corresponding to the random user accessing the application platform is T { T1, T2., Tm }, wherein m is Ai, m represents the times of accessing the random application platform, and a dependence coefficient Wi of the random application platform accessed by the user is calculated according to the following formula:
wherein, Tj represents the time length of one random access of the user to the corresponding application platform, and the access of the user is obtainedAsking the application platform for a dependency coefficient set of W ═ W1, W2,. Wn }, obtaining the maximum dependency coefficient as Wmax, taking the application platform corresponding to Wmax as a sub-application platform, confirming that the domain of the sub-application platform is in a circular area with (x, y) as the center of a circle and r as the radius, if the application platform currently accessed by the user is not the sub-application platform, judging whether the application platform currently accessed is in the domain of the sub-application platform: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
The method comprises the steps of showing that a currently accessed application platform is not in the domain range of a sub-application platform, judging that the domain of the currently accessed application platform is different from the domain of the sub-application platform, calculating a dependence coefficient of a user on the application platform according to the times of the user accessing the application platform and the access duration, aiming at preferentially estimating the application platform to be accessed by the user, and improving the access efficiency.
Further, if the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, the Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
Further, in step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining an application platform running speed set of v ═ v1, v 2.. and vk }, obtaining an application platform access amount set of M ═ M1, M2.. and Mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, Mi represents the access amount obtained at the corresponding time, and MminAnd vminDenotes the minimum of the sets M and v, respectively, MmaxAnd vmaxRespectively representing maximum values in the sets M and V, Q representing a correlation coefficient of the running speed and the access amount, obtaining that the running speed of the current application platform is V, the access amount is M ', and comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; if M' -V is less than Q, judging that the current application platform is in a congestion state, sending an early warning signal, analyzing the mapping relation between the operation speed of the application platform and the access quantity through historical data, and thus determining the corresponding relation between the access quantity and the operation speed of the platform, wherein the application platform is not congested.
Further, in steps S4-S5: after the early warning signal is received, acquiring the requirement data of a user login access corresponding to the application platform with the congestion condition, extracting the requirement key information, acquiring the function data of the platform with the trust relationship with the application platform with the congestion condition, extracting the function key information, and matching the requirement key information and the function key information by using a Sunday algorithm: if the functions in the platform are matched with the user requirements, the corresponding platform has the functions which meet the user requirements, the access platform is replaced for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the replaced platform is 0, the set access authority is removed, if the user is judged to be the application platform which is logged in and replaced for the first time, the user identity information is verified, the user login request is forwarded after the verification is passed, the Sunday algorithm is a character string matching algorithm, the character information is converted into a character form, the Sunday algorithm is used for matching the function information and the requirement information, the matching speed can be increased and the matching difficulty can be reduced compared with the traditional matching algorithm, the purpose is to find the application platform which can realize the same target, the user access platform can be replaced in time, and the delay situations of access and login can be reduced, meanwhile, the APISIX gateway sets the authority for the application platform which is not accessed by the user, so that the access safety is improved.
Compared with the prior art, the invention has the following beneficial effects:
according to the method, the information of the application platform accessed by the user is analyzed through big data, the application platform accessed by the user is preferentially estimated, when the user accesses a non-estimated platform currently, whether cross-domain login is caused when the user accesses other platforms is confirmed through the position of the application platform, if the cross-domain login is caused, the verification process is completed in advance before the user accesses the corresponding platform, the user is ensured to be capable of directly logging in when accessing the estimated platform, and the access efficiency is improved; the mapping relation between the running speed of the application platform and the access amount is analyzed through historical data, whether the current access platform is in a congestion state or not is judged, so that the access target is replaced in time, the access purpose of a user is realized, and the time for the user to finish the access target is saved; the Sunday algorithm is used for matching the access target, so that the matching speed is increased, the matching difficulty is reduced, the user access platform can be replaced in time, and the delay conditions of access and login are reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a system structure diagram for implementing platform application unified login based on APISIX of the present invention;
fig. 2 is a method step diagram for implementing platform application unified login based on APISIX according to the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Referring to fig. 1-2, the present invention provides a technical solution: the utility model provides a system for realize unified login of platform application based on APISIX which characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the running data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
The data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all the acquired data to the data management center.
The single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user and determining an authority platform called by an APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
The application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, confirming the access amount of the current application platform when monitoring that the running speed of the application platform is slowed down, and judging whether an access congestion condition exists: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
The abnormity processing module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform which is corresponding to the congestion situation and accessed by a user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority of an application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging the login information of the user: and if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded.
In steps S1-S2: the method includes the steps that a set of times of a random user accessing An application platform is collected to be a { a1, a 2., An }, wherein n represents the number of the application platforms, a time set corresponding to the random user accessing the application platform is T { T1, T2., Tm }, wherein m is Ai, m represents the times of accessing the random application platform, and a dependence coefficient Wi of the random application platform accessed by the user is calculated according to the following formula:
wherein Tj represents a time length for a user to randomly access a corresponding application platform once, a set of dependency coefficients for the user to access the application platform is obtained as W ═ { W1, W2.., Wn }, a maximum dependency coefficient is obtained as Wmax, the application platform corresponding to Wmax is used as a sub-application platform, a domain range in which the sub-application platform is located is determined as a circular region with (x, y) as a circle center and a radius of r, and if the application platform currently accessed by the user is not a sub-application platform, whether the application platform currently accessed is located in the domain range in which the sub-application platform is located is determined: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
Explain the present visitThe inquired application platform is not in the domain range of the sub-application platform, the domain of the currently accessed application platform is judged to be different from the domain of the sub-application platform, and the identity is verified in advance before the estimated platform is accessed during cross-domain single sign-on, so that the login speed is increased, and the access efficiency is improved.
If the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, the Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
In step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining an application platform running speed set of v ═ v1, v 2.. and vk }, obtaining an application platform access amount set of M ═ M1, M2.. and Mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, Mi represents the access amount obtained at the corresponding time, and MminAnd vminDenotes the minimum of the sets M and v, respectively, MmaxAnd vmaxRespectively representing maximum values in the sets M and V, Q representing a correlation coefficient of the running speed and the access amount, obtaining that the running speed of the current application platform is V, the access amount is M ', and comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; if M' -V is less than Q, judging that the current application platform is in a congestion state, sending an early warning signal, and timely replacing and accessingThe target is realized, and the time for the user to finish accessing the target is saved at the same time of realizing the purpose of accessing the user.
In steps S4-S5: after the early warning signal is received, acquiring the requirement data of a user login access corresponding to the application platform with the congestion condition, extracting the requirement key information, acquiring the function data of the platform with the trust relationship with the application platform with the congestion condition, extracting the function key information, and matching the requirement key information and the function key information by using a Sunday algorithm: if the functions in the platform are matched with the user requirements, the corresponding platform has the functions which meet the user requirements, the access platform is replaced for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the replaced platform is 0, the set access authority is removed, if the user is judged to be the application platform which is logged in and replaced for the first time, the user identity information is verified, the user login request is forwarded after the user login request passes the verification, the matching speed is accelerated, the matching difficulty is reduced, the proper user access platform is replaced in time, and the delay conditions of access and login are reduced while the user access requirements are met.
The first embodiment is as follows: the method comprises the steps of collecting a set of times of randomly accessing an application platform by a user, wherein the set of times of accessing the application platform by the user is A (A1, A2, A3) (3, 5, 4), a time length set of corresponding users to access a first application platform is T (30, 60, 20), a time length set of accessing a second application platform is {1, 20, 3, 10, 6}, and a time length set of accessing a third application platform is {50, 15, 6, 8}, and according to a formula, obtaining a time length set of a random user to access the application platform, wherein the time length set of the random user to access the application platform is A (A1, A2, A3) (3, 5, 4), the time length set of corresponding users to access the first application platform is T (30, 60, 20), the time length set of accessing the second application platform is {1, 20, 3, 10, 6}, and the time length set of accessing the third application platform is a time length set of accessing the third application platform (50, 15, 6, 8)
Obtaining a set of dependency coefficients of user access application platforms as W ═ W1, W2, W3 ═ 15.8, 7.9, 17.8, obtaining a maximum dependency coefficient as Wmax ═ 17.8, taking the application platform corresponding to Wmax as a sub-application platform, confirming that the domain of the sub-application platform is in a circular area with (x, y) ═ 1, 1 as the center of circle and r ═ 30 as the radius, if the application platform currently accessed by the user is not a sub-application platform, judging whether the application platform currently accessed is in the domain of the sub-application platform: obtaining the position coordinate of the currently accessed application platform as (X)Y) ═ 1, 40, comparison
And r:
the currently accessed application platform is not in the domain range of the sub-application platform, the domain of the currently accessed application platform is judged to be different from the domain of the sub-application platform, when the user accesses the current application platform, Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: and if the verification is passed, directly logging in the user when the user accesses the sub-application platform.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. The utility model provides a system for realize unified login of platform application based on APISIX which characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the running data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
2. The system according to claim 1, wherein the system for implementing platform application unified login based on APISIX is characterized in that: the data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all acquired data to the data management center.
3. The system according to claim 1, wherein the system for implementing platform application unified login based on APISIX is characterized in that: the single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user and determining an authority platform called by an APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
4. The system according to claim 1, wherein the system for implementing platform application unified login based on APISIX is characterized in that: the application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, confirming the access amount of the current application platform when monitoring that the running speed of the application platform is slowed down, and judging whether an access congestion condition exists: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
5. The system according to claim 1, wherein the system for implementing platform application unified login based on APISIX is characterized in that: the abnormity processing module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform which is corresponding to the congestion situation and accessed by a user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
6. A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority of an application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging the login information of the user: and if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded.
7. The method of claim 6 for implementing platform application unified login based on APISIX, wherein: in steps S1-S2: the method includes the steps that a set of times of a random user accessing An application platform is collected to be a { a1, a 2., An }, wherein n represents the number of the application platforms, a time set corresponding to the random user accessing the application platform is T { T1, T2., Tm }, wherein m is Ai, m represents the times of accessing the random application platform, and a dependence coefficient Wi of the random application platform accessed by the user is calculated according to the following formula:
wherein Tj represents a time length for a user to randomly access a corresponding application platform once, a set of dependency coefficients for the user to access the application platform is obtained as W ═ { W1, W2.., Wn }, a maximum dependency coefficient is obtained as Wmax, the application platform corresponding to Wmax is used as a sub-application platform, a domain range in which the sub-application platform is located is determined as a circular region with (x, y) as a circle center and a radius of r, and if the application platform currently accessed by the user is not a sub-application platform, whether the application platform currently accessed is located in the domain range in which the sub-application platform is located is determined: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
And judging that the domain of the currently accessed application platform is different from the domain of the sub-application platform.
8. The method of claim 7 for implementing platform application unified login based on APISIX, wherein: if the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, the Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
9. The method of claim 6 for implementing platform application unified login based on APISIX, wherein: in step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining an application platform running speed set of v ═ v1, v 2.. and vk }, obtaining an application platform access amount set of M ═ M1, M2.. and Mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, Mi represents the access amount obtained at the corresponding time, and MminAnd vminDenotes the minimum of the sets M and v, respectively, MmaxAnd vmaxRespectively representing the maximum values in the sets M and V, Q representing the correlation coefficient of the running speed and the access amount, and obtaining that the running speed of the current application platform is V and the access amount is M’Comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; and if the absolute value M' -V is less than Q, judging that the current application platform is in a congestion state, and sending an early warning signal.
10. The method of claim 6 for implementing platform application unified login based on APISIX, wherein: in steps S4-S5: after the early warning signal is received, acquiring the requirement data of a user login access corresponding to the application platform with the congestion condition, extracting the requirement key information, acquiring the function data of the platform with the trust relationship with the application platform with the congestion condition, extracting the function key information, and matching the requirement key information and the function key information by using a Sunday algorithm: if the function in the platform is matched with the user requirement, the function of the corresponding platform meets the user requirement, the access platform is changed for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the changed platform is 0, the set access authority is removed, if the user is judged to be the application platform which is firstly logged in and changed, the user identity information is verified, and the user login request is forwarded after the verification is passed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210197142.6A CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210197142.6A CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114363091A true CN114363091A (en) | 2022-04-15 |
| CN114363091B CN114363091B (en) | 2022-11-15 |
Family
ID=81094912
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210197142.6A Active CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114363091B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115242745A (en) * | 2022-07-19 | 2022-10-25 | 南京鼎山信息科技有限公司 | Short message pushing system and method based on 5G communication network |
| CN115277659A (en) * | 2022-07-04 | 2022-11-01 | 浪潮软件股份有限公司 | Method and system for acting Web service interface based on APISIX |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN109587251A (en) * | 2018-12-07 | 2019-04-05 | 用友网络科技股份有限公司 | Session access method and server |
| CN110086822A (en) * | 2019-05-07 | 2019-08-02 | 北京智芯微电子科技有限公司 | The realization method and system of unified identity authentication strategy towards micro services framework |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| CN110535902A (en) * | 2019-07-16 | 2019-12-03 | 平安普惠企业管理有限公司 | The processing method and electronic device of monitoring intelligent are realized based on micro services |
| CN112000448A (en) * | 2020-07-17 | 2020-11-27 | 北京计算机技术及应用研究所 | Micro-service architecture-based application management method |
| US20210036925A1 (en) * | 2019-07-31 | 2021-02-04 | T-Mobile Usa, Inc. | Migrating a monolithic software application to a microservices architecture |
| CN112597472A (en) * | 2021-03-03 | 2021-04-02 | 北京视界云天科技有限公司 | Single sign-on method, device and storage medium |
| CN113783695A (en) * | 2021-08-03 | 2021-12-10 | 西北大学 | Client information authentication method and system of micro-service architecture |
| CN113793158A (en) * | 2021-09-10 | 2021-12-14 | 泸州拓旅纺织科技有限公司 | Textile inspection detection information query method and system |
| CN113900941A (en) * | 2021-09-30 | 2022-01-07 | 深圳市金蝶天燕云计算股份有限公司 | Micro-service processing method, micro-service system, electronic device and storage medium |
-
2022
- 2022-03-02 CN CN202210197142.6A patent/CN114363091B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN109587251A (en) * | 2018-12-07 | 2019-04-05 | 用友网络科技股份有限公司 | Session access method and server |
| CN110086822A (en) * | 2019-05-07 | 2019-08-02 | 北京智芯微电子科技有限公司 | The realization method and system of unified identity authentication strategy towards micro services framework |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| CN110535902A (en) * | 2019-07-16 | 2019-12-03 | 平安普惠企业管理有限公司 | The processing method and electronic device of monitoring intelligent are realized based on micro services |
| US20210036925A1 (en) * | 2019-07-31 | 2021-02-04 | T-Mobile Usa, Inc. | Migrating a monolithic software application to a microservices architecture |
| CN112000448A (en) * | 2020-07-17 | 2020-11-27 | 北京计算机技术及应用研究所 | Micro-service architecture-based application management method |
| CN112597472A (en) * | 2021-03-03 | 2021-04-02 | 北京视界云天科技有限公司 | Single sign-on method, device and storage medium |
| CN113783695A (en) * | 2021-08-03 | 2021-12-10 | 西北大学 | Client information authentication method and system of micro-service architecture |
| CN113793158A (en) * | 2021-09-10 | 2021-12-14 | 泸州拓旅纺织科技有限公司 | Textile inspection detection information query method and system |
| CN113900941A (en) * | 2021-09-30 | 2022-01-07 | 深圳市金蝶天燕云计算股份有限公司 | Micro-service processing method, micro-service system, electronic device and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 徐琛杰等: "面向微服务系统的运行时部署优化", 《计算机应用与软件》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115277659A (en) * | 2022-07-04 | 2022-11-01 | 浪潮软件股份有限公司 | Method and system for acting Web service interface based on APISIX |
| CN115277659B (en) * | 2022-07-04 | 2024-04-12 | 浪潮软件股份有限公司 | Method and system based on APISIX proxy Web service interface |
| CN115242745A (en) * | 2022-07-19 | 2022-10-25 | 南京鼎山信息科技有限公司 | Short message pushing system and method based on 5G communication network |
| CN115242745B (en) * | 2022-07-19 | 2023-08-15 | 南京鼎山信息科技有限公司 | Short message pushing system and method based on 5G communication network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114363091B (en) | 2022-11-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10904277B1 (en) | Threat intelligence system measuring network threat levels | |
| US10574681B2 (en) | Detection of known and unknown malicious domains | |
| CN114363091B (en) | Method and system for realizing unified login of platform application based on APISIX | |
| JP3448254B2 (en) | Access chain tracking system, network system, method, and recording medium | |
| US7982595B2 (en) | Network policy evaluation | |
| JP4020912B2 (en) | Unauthorized access detection device, unauthorized access detection program, and unauthorized access detection method | |
| US10972461B2 (en) | Device aware network communication management | |
| KR101010302B1 (en) | Security management system and method of irc and http botnet | |
| US8516586B1 (en) | Classification of unknown computer network traffic | |
| US20050108377A1 (en) | Method for detecting abnormal traffic at network level using statistical analysis | |
| US20060198313A1 (en) | Method and device for detecting and blocking unauthorized access | |
| US20120159623A1 (en) | Method and apparatus for monitoring and processing dns query traffic | |
| US20100064366A1 (en) | Request processing in a distributed environment | |
| US11696110B2 (en) | Distributed, crowdsourced internet of things (IoT) discovery and identification using Block Chain | |
| CN112714093A (en) | Account abnormity detection method, device and system and storage medium | |
| CN112469044B (en) | Edge access control method and controller for heterogeneous terminal | |
| CN1411209A (en) | Method of detecting and monitoring malicious user host machine attack | |
| JP2018073140A (en) | Network monitoring device, program and method | |
| JP2002297543A (en) | Detection device of unauthorized login | |
| US9917858B2 (en) | Honey user | |
| WO2016195421A1 (en) | Method, system and non-transitory computer-readable recording medium for providing data profiling based on statistical analysis | |
| KR100825257B1 (en) | Detail processing method of abnormal traffic data | |
| CN113678419A (en) | Port scan detection | |
| CN113938312B (en) | Method and device for detecting violent cracking flow | |
| CN112287252B (en) | Method, device, equipment and storage medium for detecting website domain name hijacking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |