CN114363091B - Method and system for realizing unified login of platform application based on APISIX - Google Patents
Method and system for realizing unified login of platform application based on APISIX Download PDFInfo
- Publication number
- CN114363091B CN114363091B CN202210197142.6A CN202210197142A CN114363091B CN 114363091 B CN114363091 B CN 114363091B CN 202210197142 A CN202210197142 A CN 202210197142A CN 114363091 B CN114363091 B CN 114363091B
- Authority
- CN
- China
- Prior art keywords
- application platform
- user
- platform
- application
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a method and a system for realizing unified login of platform application based on APISIX, wherein the method comprises the following steps: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module, wherein application platform information and user login information are acquired through the data acquisition module, all acquired data are stored and managed through the data management center, the application platform integrated with the single sign-on is subjected to authority management through the single sign-on management module, running data of the application platform are monitored through the application management module, the application platform is subjected to congestion conditions through the exception handling module, the access speed of the application platform is increased, meanwhile, the safety of logging in the application platform is improved, and the logging speed of cross-domain single sign-on is increased.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method and a system for realizing unified login of platform application based on APISIX.
Background
The APISIX refers to a cloud-native, high-performance and extensible micro-service API open-source gateway, a plurality of application platforms providing various services are independently operated on the Internet, each application platform has a respective identity authentication mechanism, so that a user needs to register once when logging in one application platform and can access after passing authentication, when the user accesses a plurality of application platforms in a certain time period, the access efficiency is reduced by multiple login, the development and maintenance cost is also increased, the unified login of the application platforms is realized by single login, the access efficiency can be effectively improved, and the cost is reduced;
however, the existing single sign-on method still has some problems: firstly, single sign-on means that in a plurality of application systems, a user can access all mutually trusted application systems only by logging on once, for most users, platforms which are not accessed by the user exist in mutually trusted application platforms, and the authority of each platform cannot be managed by using an API gateway so as to effectively reduce platforms logged in through Cookie, thereby improving the access safety; secondly, the application platforms have numerous functions, the application platforms which can achieve the purpose of access cannot be replaced in time when the platform accessed by the user has an abnormal phenomenon, access delay is caused, and finally, the platform login speed cannot be increased when cross-domain single-point login is achieved.
Therefore, a method and a system for implementing platform application unified login based on APISIX are needed to solve the above problems.
Disclosure of Invention
The invention aims to provide a method and a system for realizing unified login of platform application based on APISIX, so as to solve the problems in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: a system for realizing unified login of platform application based on APISIX is characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the running data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
Furthermore, the data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all acquired data to the data management center.
Furthermore, the single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user, and determining an authority platform called by the APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
Further, the application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, and when the situation that the running speed of the application platform is slowed down is monitored, the access amount of the current application platform is confirmed, and whether an access congestion condition exists is judged: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
Furthermore, the exception handling module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform corresponding to the congestion situation of the login access of the user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority of an application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging the login information of the user: and if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded.
Further, in steps S1-S2: the method comprises the steps of collecting a set of times of randomly accessing An application platform by a user, wherein n represents the number of the application platforms, and the set of time duration corresponding to randomly accessing the application platform by the user is T = { T1, T2,.., tm }, wherein m = Ai, and m represents the times of randomly accessing the application platform, and calculating a dependency coefficient Wi of randomly accessing the application platform by the user according to the following formula:
wherein Tj represents a time length of a user randomly accessing a corresponding application platform once, a set of dependency coefficients of the user accessing the application platform is obtained as W = { W1, W2,. And Wn }, a maximum dependency coefficient is obtained as Wmax, the application platform corresponding to Wmax is used as a sub-application platform, a domain range of the sub-application platform is determined as a circular region with (x, y) as a circle center and r as a radius, and if the application platform currently accessed by the user is not the sub-application platform, whether the application platform currently accessed is within the domain range of the sub-application platform is determined: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
The method comprises the steps of showing that a currently accessed application platform is not in the domain range of a sub-application platform, judging that the domain of the currently accessed application platform is different from the domain of the sub-application platform, calculating a dependence coefficient of a user on the application platform according to the times of the user accessing the application platform and the access duration, aiming at preferentially estimating the application platform to be accessed by the user, and improving the access efficiency.
Further, if the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, the Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
Further, in step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining a set of running speeds of the application platform as v = { v1, v 2., vk }, obtaining a set of access quantities of the application platform as M = { M1, M2., mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, mi represents the access amount obtained at the corresponding time, and M min And v min Denotes the minimum value in the sets M and v, respectively, M max And v max Respectively representing maximum values in the sets M and V, Q representing a correlation coefficient of the running speed and the access amount, obtaining that the running speed of the current application platform is V, the access amount is M ', and comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; if M' -V is less than Q, judging that the current application platform is in a congestion state, sending an early warning signal, analyzing the mapping relation between the operation speed of the application platform and the access quantity through historical data, and thus determining the corresponding relation between the access quantity and the operation speed of the platform, wherein the application platform is not congested.
Further, in steps S4-S5: after the early warning signal is received, acquiring the requirement data of a user login access corresponding to the application platform with the congestion condition, extracting the requirement key information, acquiring the function data of the platform with the trust relationship with the application platform with the congestion condition, extracting the function key information, and matching the requirement key information and the function key information by using a Sunday algorithm: if the functions in the platform are matched with the user requirements, the corresponding platform has the functions which meet the user requirements, the access platform is replaced for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the replaced platform is 0, the set access authority is removed, if the user is judged to be the application platform which is logged in for replacement for the first time, the user identity information is verified, the user login request is forwarded after the user login request passes verification, the Sunday algorithm is a character string matching algorithm, the character information is converted into a character form, the Sunday algorithm is used for matching the function information and the requirement information, compared with the traditional matching algorithm, the matching speed can be increased, the matching difficulty is reduced, the purpose is to find the application platform which can achieve the same target, the user access platform can be replaced in time, the delay situation of access and login is reduced, meanwhile, the authority is set for the application platform which is not accessed by the user through the APISIX gateway, and the access safety is improved.
Compared with the prior art, the invention has the following beneficial effects:
according to the method, the information of the application platform accessed by the user is analyzed through big data, the application platform accessed by the user is preferentially estimated, when the user accesses a non-estimated platform currently, whether cross-domain login is caused when the user accesses other platforms is confirmed through the position of the application platform, if the cross-domain login is caused, the verification process is completed in advance before the user accesses the corresponding platform, the user is ensured to be capable of directly logging in when accessing the estimated platform, and the access efficiency is improved; the mapping relation between the running speed of the application platform and the access amount is analyzed through historical data, whether the current access platform is in a congestion state or not is judged, so that the access target is replaced in time, the access purpose of a user is realized, and the time for the user to finish the access target is saved; the Sunday algorithm is used for matching the access target, so that the matching speed is increased, the matching difficulty is reduced, the user access platform can be replaced in time, and the delay of access and login is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a system structure diagram for implementing platform application unified login based on APISIX of the present invention;
fig. 2 is a method step diagram for implementing platform application unified login based on APISIX according to the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Referring to fig. 1-2, the present invention provides a technical solution: the utility model provides a system for realize unified login of platform application based on APISIX which characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the running data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
The data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all acquired data to the data management center.
The single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user and determining an authority platform called by an APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
The application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, confirming the access amount of the current application platform when monitoring that the running speed of the application platform is slowed down, and judging whether an access congestion condition exists: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
The abnormity processing module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform corresponding to the congestion condition of the login access of the user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority by a management application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging the login information of the user: and if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded.
In steps S1-S2: the method comprises the steps of collecting a set of times of randomly accessing An application platform by a user, wherein n represents the number of the application platforms, and the time duration set corresponding to randomly accessing the application platform by the user is T = { T1, T2.,. Tm }, wherein m = Ai, m represents the times of randomly accessing the application platform, and calculating a dependence coefficient Wi of randomly accessing the application platform by the user according to the following formula:
wherein Tj represents a time length of a user randomly accessing a corresponding application platform once, a set of dependency coefficients of the user accessing the application platform is obtained as W = { W1, W2,. And Wn }, a maximum dependency coefficient is obtained as Wmax, the application platform corresponding to Wmax is used as a sub-application platform, a domain range of the sub-application platform is determined as a circular region with (x, y) as a circle center and r as a radius, and if the application platform currently accessed by the user is not the sub-application platform, whether the application platform currently accessed is within the domain range of the sub-application platform is determined: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
The method has the advantages that the currently accessed application platform is not located in the domain range of the sub-application platform, the domain where the currently accessed application platform is located is judged to be different from the domain where the sub-application platform is located, and when cross-domain single sign-on is carried out, the identity is verified in advance before the estimated platform is accessed, so that the sign-on speed is increased, and the access efficiency is improved.
If the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, sending the Cookie under the domain name of the current application platform to the sub-application platform in advance, and after the sub-application platform receives the Cookie, verifying the login state of the user on the current application platform: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
In step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining an application platform running speed set of v = { v1, v 2.,. Vk }, obtaining an application platform access amount set of M = { M1, M2.,. Mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, mi represents the access amount obtained at the corresponding time, and M min And v min Denotes the minimum of the sets M and v, respectively, M max And v max Respectively representing maximum values in the sets M and V, Q representing a correlation coefficient of the running speed and the access amount, obtaining that the running speed of the current application platform is V, the access amount is M ', and comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; if M' -V is less than Q, the current application platform is judged to be in a congestion state, an early warning signal is sent, the access target is replaced in time, and the time for the user to finish accessing the target is saved while the purpose of accessing the user is achieved.
In steps S4-S5: after the early warning signal is received, acquiring the demand data of a user login access corresponding to the application platform with the congestion condition, extracting demand key information, acquiring the functional data of the platform with the trust relationship with the application platform with the congestion condition, extracting functional key information, and matching the demand key information and the functional key information by using a Sunday algorithm: if the functions in the platform are matched with the user requirements, the corresponding platform has the functions which meet the user requirements, the access platform is replaced for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the replaced platform is 0, the set access authority is removed, if the user is judged to be the application platform which is first logged in for replacement, the identity information of the user is verified, the user login request is forwarded after the user login request passes verification, the matching speed is increased, the matching difficulty is reduced, the proper user access platform is replaced in time, the access and login delay conditions are reduced while the user access requirements are met.
The first embodiment is as follows: the method comprises the steps of collecting a set of times of randomly accessing an application platform by a user, wherein A = { A1, A2, A3} = {3,5,4}, a set of time durations of accessing a first application platform by a corresponding user is T = {30, 60, 20}, a set of time durations of accessing a second application platform is {1, 20,3, 10,6}, and a set of time durations of accessing a third application platform is {50, 15,6,8}, and according to a formula
Obtaining a set of dependency coefficients of a user accessing an application platform, wherein the set of dependency coefficients is W = { W1, W2, W3} = {15.8,7.9, 17.8}, the maximum dependency coefficient is Wmax =17.8, taking the application platform corresponding to Wmax as a sub-application platform, confirming that the domain of the sub-application platform is in a circular area with (x, y) = (1, 1) as the center of a circle and r =30 as the radius, and if the application platform currently accessed by the user is not the sub-application platform, judging whether the application platform currently accessed is in the domain of the sub-application platform: obtaining the position coordinate of the currently accessed application platform as (X, Y) = (1, 40), and comparing
And r:
the method comprises the steps that the current accessed application platform is not in the domain range of the sub application platform, the domain where the current accessed application platform is located is judged to be different from the domain where the sub application platform is located, when a user accesses the current application platform, cookie under the domain name of the current application platform is sent to the sub application platform in advance, and after the sub application platform receives the Cookie, the user is verified to be on the current application platformThe login status of (2): and if the verification is passed, directly logging in the user when the user accesses the sub-application platform.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (8)
1. A method for realizing platform application unified login based on APISIX is characterized in that: the method comprises the following steps:
s1: collecting application platform information and user login information;
s2: analyzing user access data, and managing login authority by a management application platform;
s3: monitoring the running data of the application platform, and sending an early warning signal when the platform is congested;
s4: comparing the user requirements with the application platform function data, and replacing the access target after receiving the early warning signal;
s5: judging user login information: if the application platform is the application platform which is changed in the first login, the user identity information is verified, and if the application platform is not the application platform which is changed in the first login, the user login request is forwarded;
in steps S1-S2: the method comprises the steps of collecting a set of times of randomly accessing An application platform by a user, wherein n represents the number of the application platforms, and the time duration set corresponding to randomly accessing the application platform by the user is T = { T1, T2.,. Tm }, wherein m = Ai, m represents the times of randomly accessing the application platform, and calculating a dependence coefficient Wi of randomly accessing the application platform by the user according to the following formula:
wherein Tj represents a time length for a user to randomly access a corresponding application platform once, a set of dependency coefficients for the user to access the application platform is obtained as W = { W1, W2,. And Wn }, a maximum dependency coefficient is obtained as Wmax, the application platform corresponding to Wmax is used as a sub-application platform, a domain range in which the sub-application platform is located is determined as a circular region with (x, y) as a circle center and a radius of r, and if the application platform currently accessed by the user is not the sub-application platform, whether the application platform currently accessed is within the domain range in which the sub-application platform is located is determined: obtaining the position coordinates of the currently accessed application platform as (X, Y), and comparing
And r: if it is
The current accessed application platform is in the domain range of the sub-application platform, and the domain of the current accessed application platform is judged to be the same as the domain of the sub-application platform; if it is
The current accessed application platform is not in the domain range of the sub application platform, and the domain of the current accessed application platform is judged to be different from the domain of the sub application platform;
if the domain of the currently accessed application platform is different from the domain of the sub-application platform, when the user accesses the current application platform, the Cookie under the domain name of the current application platform is sent to the sub-application platform in advance, and after the sub-application platform receives the Cookie, the login state of the user on the current application platform is verified: if the verification is passed, directly logging in the user when the user accesses the sub application platform, analyzing the times of the user accessing the application platform, screening out the application platform with the times of 0, and removing the trust relationship between the application platform with the times of 0 and the application platform with the times of access not being 0: and setting the access authority of the application platform with the access frequency of 0, wherein the set access authority only aims at the corresponding user.
2. The method for realizing the unified login of the platform application based on the APISIX of claim 1, wherein: in step S3: the method comprises the steps of monitoring an application platform accessed by a user in real time, obtaining a set of running speeds of the application platform as v = { v1, v 2., vk }, obtaining a set of access quantities of the application platform as M = { M1, M2., mk }, wherein k represents the number of times of obtaining running speed data, and judging whether the current application platform is in a congestion state according to the following formula:
wherein vi represents the running speed of the application platform obtained at one time randomly, mi represents the access amount obtained at the corresponding time, and M min And v min Denotes the minimum of the sets M and v, respectively, M max And v max Respectively representing maximum values in the sets M and V, Q representing a correlation coefficient of the running speed and the access amount, obtaining that the running speed of the current application platform is V, the access amount is M ', and comparing | M' -V | and Q: if M' -V is more than or equal to Q, judging that the current application platform is not in a congestion state; and if the absolute value M' -V is less than Q, judging that the current application platform is in a congestion state, and sending an early warning signal.
3. The method for realizing the unified login of the platform application based on the APISIX of claim 1, wherein: in steps S4-S5: after the early warning signal is received, acquiring the requirement data of a user login access corresponding to the application platform with the congestion condition, extracting the requirement key information, acquiring the function data of the platform with the trust relationship with the application platform with the congestion condition, extracting the function key information, and matching the requirement key information and the function key information by using a Sunday algorithm: if the function in the platform is matched with the user requirement, the function of the corresponding platform meets the user requirement, the access platform is changed for the user after the user agreement is obtained, the user login request is forwarded to the corresponding application platform, if the number of times that the user accesses the changed platform is 0, the set access authority is removed, if the user is judged to be the application platform which is firstly logged in and changed, the user identity information is verified, and the user login request is forwarded after the verification is passed.
4. The system for realizing platform application unified login based on APISIX is applied to the method for realizing platform application unified login based on APISIX according to claim 1, and is characterized in that: the system comprises: the system comprises a data acquisition module, a data management center, a single sign-on management module, an application management module and an exception handling module;
the data acquisition module is used for acquiring application platform information and user login information;
the data management center is used for storing and managing all the acquired data;
the single sign-on management module is used for carrying out authority management on the application platform integrated with the single sign-on;
the application management module is used for monitoring the operating data of the application platform;
and the exception handling module is used for handling the congestion condition of the application platform.
5. The system of claim 4 for implementing platform application unified login based on APISIX, wherein: the data acquisition module comprises an application information acquisition unit and a user information acquisition unit, and the application information acquisition unit is used for acquiring accessed recorded data of different applications and functional data of the applications; the user information acquisition unit is used for acquiring login authority data which the user currently owns and historical login data of the user, and transmitting all acquired data to the data management center.
6. The system of claim 4 for implementing platform application unified login based on APISIX, wherein: the single sign-on management module comprises a sign-on request receiving unit and an authority management unit, wherein the sign-on request sending unit is used for receiving and analyzing an application sign-on request of a user and determining an authority platform called by an APISIX gateway according to an analysis result; and the authority management unit is used for analyzing the application platform which is not accessed by the user at present and setting the login authority.
7. The system according to claim 4, wherein the system for implementing platform application unified login based on APISIX is characterized in that: the application management module comprises an access target monitoring unit and an access congestion early warning unit, wherein the access target monitoring unit is used for monitoring an application platform accessed by a user in real time, confirming the access amount of the current application platform when monitoring that the running speed of the application platform is slowed down, and judging whether an access congestion condition exists: and if the access congestion condition exists, sending an early warning signal through the access congestion early warning unit.
8. The system of claim 4 for implementing platform application unified login based on APISIX, wherein: the abnormity processing module comprises an access target analysis unit, an application information analysis unit, a target replacement selection unit and a user information verification unit, wherein the access target analysis unit is used for analyzing the requirement data of the application platform with the congestion condition corresponding to the login access of the user after receiving the early warning signal; the application information analysis unit is used for analyzing the application platform function data of which the user has the login authority and matching the application platform function data with the requirement data of the user; the target replacement selection unit is used for replacing the access target for the user when the functions of the rest application platforms except the application platform with the congestion condition are matched and meet the requirements of the user; the user information verification unit is used for analyzing the user login information, verifying the user identity information if the user is judged to be the application platform which is logged in and replaced for the first time, and forwarding the user login request after the user identity information passes the verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210197142.6A CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210197142.6A CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114363091A CN114363091A (en) | 2022-04-15 |
| CN114363091B true CN114363091B (en) | 2022-11-15 |
Family
ID=81094912
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210197142.6A Active CN114363091B (en) | 2022-03-02 | 2022-03-02 | Method and system for realizing unified login of platform application based on APISIX |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114363091B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115277659B (en) * | 2022-07-04 | 2024-04-12 | 浪潮软件股份有限公司 | Method and system based on APISIX proxy Web service interface |
| CN115242745B (en) * | 2022-07-19 | 2023-08-15 | 南京鼎山信息科技有限公司 | Short message pushing system and method based on 5G communication network |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| CN110535902A (en) * | 2019-07-16 | 2019-12-03 | 平安普惠企业管理有限公司 | The processing method and electronic device of monitoring intelligent are realized based on micro services |
| CN112597472A (en) * | 2021-03-03 | 2021-04-02 | 北京视界云天科技有限公司 | Single sign-on method, device and storage medium |
| CN113783695A (en) * | 2021-08-03 | 2021-12-10 | 西北大学 | Client information authentication method and system of micro-service architecture |
| CN113793158A (en) * | 2021-09-10 | 2021-12-14 | 泸州拓旅纺织科技有限公司 | Textile inspection detection information query method and system |
| CN113900941A (en) * | 2021-09-30 | 2022-01-07 | 深圳市金蝶天燕云计算股份有限公司 | Micro-service processing method, micro-service system, electronic device and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109587251A (en) * | 2018-12-07 | 2019-04-05 | 用友网络科技股份有限公司 | Session access method and server |
| CN110086822B (en) * | 2019-05-07 | 2021-07-27 | 北京智芯微电子科技有限公司 | Method and system for implementing micro-service architecture-oriented unified identity authentication strategy |
| US11088914B2 (en) * | 2019-07-31 | 2021-08-10 | T-Mobile Usa, Inc. | Migrating a monolithic software application to a microservices architecture |
| CN112000448B (en) * | 2020-07-17 | 2023-08-25 | 北京计算机技术及应用研究所 | Application management method based on micro-service architecture |
-
2022
- 2022-03-02 CN CN202210197142.6A patent/CN114363091B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| CN110535902A (en) * | 2019-07-16 | 2019-12-03 | 平安普惠企业管理有限公司 | The processing method and electronic device of monitoring intelligent are realized based on micro services |
| CN112597472A (en) * | 2021-03-03 | 2021-04-02 | 北京视界云天科技有限公司 | Single sign-on method, device and storage medium |
| CN113783695A (en) * | 2021-08-03 | 2021-12-10 | 西北大学 | Client information authentication method and system of micro-service architecture |
| CN113793158A (en) * | 2021-09-10 | 2021-12-14 | 泸州拓旅纺织科技有限公司 | Textile inspection detection information query method and system |
| CN113900941A (en) * | 2021-09-30 | 2022-01-07 | 深圳市金蝶天燕云计算股份有限公司 | Micro-service processing method, micro-service system, electronic device and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 面向微服务系统的运行时部署优化;徐琛杰等;《计算机应用与软件》;20181012(第10期);第91-99页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114363091A (en) | 2022-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114363091B (en) | Method and system for realizing unified login of platform application based on APISIX | |
| US10904277B1 (en) | Threat intelligence system measuring network threat levels | |
| US10574681B2 (en) | Detection of known and unknown malicious domains | |
| US20200344246A1 (en) | Apparatus, system and method for identifying and mitigating malicious network threats | |
| US10972461B2 (en) | Device aware network communication management | |
| JP3448254B2 (en) | Access chain tracking system, network system, method, and recording medium | |
| US7982595B2 (en) | Network policy evaluation | |
| KR101010302B1 (en) | Security management system and method of irc and http botnet | |
| US8732472B2 (en) | System and method for verification of digital certificates | |
| JP4020912B2 (en) | Unauthorized access detection device, unauthorized access detection program, and unauthorized access detection method | |
| US8528047B2 (en) | Multilayer access control security system | |
| US20060198313A1 (en) | Method and device for detecting and blocking unauthorized access | |
| US11696110B2 (en) | Distributed, crowdsourced internet of things (IoT) discovery and identification using Block Chain | |
| US20050108377A1 (en) | Method for detecting abnormal traffic at network level using statistical analysis | |
| CN108337219B (en) | Method for preventing Internet of things from being invaded and storage medium | |
| CN113242230B (en) | Multi-level authentication and access control system and method based on intelligent contracts | |
| CN112469044B (en) | Edge access control method and controller for heterogeneous terminal | |
| CN112714093A (en) | Account abnormity detection method, device and system and storage medium | |
| JP6973227B2 (en) | Abnormal traffic analyzer, abnormal traffic analysis method and abnormal traffic analysis program | |
| CN1411209A (en) | Method of detecting and monitoring malicious user host machine attack | |
| JP2018073140A (en) | Network monitoring device, program and method | |
| US20210344723A1 (en) | Distributed network application security policy generation and enforcement for microsegmentation | |
| JP2002297543A (en) | Detection device of unauthorized login | |
| CN115826444A (en) | Security access control method, system, device and equipment based on DNS analysis | |
| KR100825257B1 (en) | Detail processing method of abnormal traffic data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |