CN114885011B - Method and device for calling remoteAPP service and electronic equipment - Google Patents

Method and device for calling remoteAPP service and electronic equipment Download PDF

Info

Publication number
CN114885011B
CN114885011B CN202210453643.6A CN202210453643A CN114885011B CN 114885011 B CN114885011 B CN 114885011B CN 202210453643 A CN202210453643 A CN 202210453643A CN 114885011 B CN114885011 B CN 114885011B
Authority
CN
China
Prior art keywords
target
fort
service
access
machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210453643.6A
Other languages
Chinese (zh)
Other versions
CN114885011A (en
Inventor
钟丹东
韦伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Baowangda Software Technology Co ltd
Original Assignee
Jiangsu Baowangda Software Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Baowangda Software Technology Co ltd filed Critical Jiangsu Baowangda Software Technology Co ltd
Priority to CN202210453643.6A priority Critical patent/CN114885011B/en
Publication of CN114885011A publication Critical patent/CN114885011A/en
Application granted granted Critical
Publication of CN114885011B publication Critical patent/CN114885011B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Abstract

The embodiment of the application discloses a method and a device for calling a remoteAPP service, electronic equipment and a storage medium. The method comprises the following steps: receiving a fort connection request sent by a user through a local target browser, wherein the fort connection request comprises access destination information, an access identifier of the target fort and an access key; identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type; solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information; and calling the RemoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information. For different types of target browsers, the access destination information can be packaged according to the RDP protocol, so that the remoteAPP service in the target fort machine is successfully invoked.

Description

Method and device for calling remoteAPP service and electronic equipment
Technical Field
The embodiment of the application relates to the technical field of bastion machine resource access, in particular to a method and a device for calling a remoteAPP service and electronic equipment.
Background
To manage resources more safely and efficiently, 4A products (such as fort machines) can be used to achieve this. The 4A product monitors the behavior of a user through an account management system, screen video recording and log recording, grasps the use condition of the resource at any time through the health degree of the resource, optimally distributes the resource through load balancing, improves the security level of part of the resource through a vault mode, and provides authentication modes with different intensities for the user through unified authentication.
Based on the 4A product, in order to realize single sign-on of a user, a server agent supporting single sign-on needs to be installed on the fort machine, and meanwhile, a client plug-in matched with the server agent needs to be installed in a browser, so that after the user logs in, the remoteAPP service of all fort machines can be called through the client plug-in, and the effect of single sign-on is achieved.
In general, the client plug-in is pre-installed in an IE browser in a Windows system, and since the client plug-in is specifically developed for the IE browser, for other browsers, the client plug-in cannot be compatible with other browsers due to different kernels and mechanisms, and a user cannot call a RemoteAPP service in a fort machine through other browsers.
Disclosure of Invention
The embodiment of the application provides a method, a device and electronic equipment for calling a remoteAPP service, so that different browsers can call the remoteAPP service.
In a first aspect, an embodiment of the present application provides a method for calling a RemoteAPP service, which is applied to a plug-in service running in a local background in advance, where the method includes:
receiving a fort machine connection request sent by a user through a local target browser, wherein the fort machine connection request comprises access destination information, an access identifier of the target fort machine and an access key;
identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type;
solving and separating out the access destination information from the fort connection request according to the target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information;
and calling a remoteAPP service in the target bastion machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser.
In a second aspect, an embodiment of the present application provides a method for calling a RemoteAPP service, applied to a local target browser, where the method includes:
under the condition that the call of the remoteAPP service is required to be carried out, determining a target fort machine to be accessed from all fort machines;
inquiring a target access identifier and a target access key corresponding to the target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after a user logs in the 4A service;
acquiring a destination operation required to be implemented by calling a remoteAPP service, and generating access destination information according to the destination operation;
according to the request encapsulation format of the currently used target browser, encapsulating the target access identifier, the target access key and the access destination information to obtain a fort connection request;
and sending the fort connection request to a plug-in service running in a local background in advance, so that the plug-in service executes a calling method of the RemoteAPP service according to any embodiment of the first aspect of the application based on the fort connection request.
In a third aspect, an embodiment of the present application further provides a device for calling a RemoteAPP service, where the device for calling a RemoteAPP service includes:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a fort machine connection request sent by a user through a local target browser, and the fort machine connection request comprises access destination information, an access identifier and an access key of the target fort machine;
the algorithm determining module is used for identifying a target type corresponding to the target browser and determining a target request analysis algorithm corresponding to the target type;
the data encapsulation module is used for solving and separating out the access destination information from the fort connection request according to the target request analysis algorithm, and encapsulating the access destination information according to an RDP protocol to obtain access destination encapsulation information;
and the calling module is used for calling the remoteAPP service in the target fort machine by utilizing the access identifier, the access secret key and the access destination encapsulation information so as to enable the remoteAPP service to provide the application program service corresponding to the access destination encapsulation information for the target browser.
In a fourth aspect, an embodiment of the present application further provides a device for calling a RemoteAPP service, where the device for calling a RemoteAPP service includes:
The target fort machine determining module is used for determining target fort machines to be accessed from all fort machines under the condition that the remoteAPP service is required to be called;
the query module is used for querying a target access identifier and a target access key corresponding to the target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after the user logs in the 4A service;
the access destination determining module is used for acquiring destination operation required to be implemented by calling the remoteAPP service and generating access destination information according to the destination operation;
the request encapsulation module is used for encapsulating the target access identifier, the target access key and the access destination information according to the request encapsulation format of the currently used target browser to obtain a fort connection request;
the sending module is used for sending the fort connection request to a plug-in service running in a local background in advance, so that the plug-in service executes a calling method of the remoteAPP service according to any embodiment of the first aspect of the application based on the fort connection request.
In a fifth aspect, embodiments of the present application further provide an electronic device, including:
one or more processors;
storage means for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement a method for invoking RemoteAPP services as provided by any of the embodiments of the present application.
In the technical scheme of the embodiment of the application, a fort machine connection request sent by a user through a local target browser is received, wherein the fort machine connection request comprises access destination information, an access identifier of the target fort machine and an access secret key; identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type; solving and separating out the access destination information from the fort connection request according to the target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information; and calling a remoteAPP service in the target bastion machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser. Based on the method, corresponding access destination information can be analyzed for different types of target browsers, and then the access destination information is packaged according to the RDP protocol, so that the target fort can identify the access destination information, and the remoteAPP service in the target fort can be successfully invoked.
Drawings
Fig. 1 is a flow chart of a method for calling a RemoteAPP service according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of a target request parsing algorithm for determining a target browser type according to an embodiment of the present application;
fig. 3 is a flow chart of a method for calling a RemoteAPP service provided in the second embodiment of the present application;
FIG. 4 is a flowchart of determining a target fort machine according to a second embodiment of the present application;
fig. 5 is a schematic structural diagram of a RemoteAPP service calling device provided in the third embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present application.
Detailed Description
The present application is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the application and not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the structures related to the present application are shown in the drawings.
Example 1
Fig. 1 is a flow chart of a method for calling a RemoteAPP service according to an embodiment of the present application, where the embodiment is applicable to a scenario for calling a RemoteAPP service. The method can be executed by a calling device of a remoteAPP service, the device can be realized in a hardware and/or software mode, and can be generally integrated in electronic equipment such as a computer with data operation capability, and the like, and the method specifically comprises the following steps:
Step 101, receiving a fort connection request sent by a user through a local target browser, wherein the fort connection request comprises access destination information, an access identifier of the target fort and an access key.
It should be noted that, the target browser in this embodiment may be any browser other than the IE browser, and in this embodiment, the 4A product is used by the target browser, and in the process, a RemoteApp service call of the fort machine may be involved, where the RemoteApp service may be used to start an application program installed in the fort machine, so that an interface of the application program is returned to the target browser, so as to achieve the purpose that the user uses the 4A product by using the local target browser.
In addition, in this step, the connection request of the bastion device may include the access destination information, the access identifier of the target bastion device, and the access key. The access destination information refers to information corresponding to an operation required to be executed by the fort machine, and the information can direct a RemoteApp service in the fort machine to start a corresponding application program, so that the operation required to be executed is completed.
In addition, the access identifier of the target fort machine can refer to the IP address and the access port of the target fort machine, so that the subsequent accurate access to the target fort machine is facilitated; the access key is the account name and the password of the target fort machine, and the target fort machine can perform subsequent operation according to the access destination information only when the access key passes verification.
Step 102, identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type.
Because the present embodiment can process the fort connection requests of different browsers, and the fort connection request data formats of different browsers are different, and the corresponding parsing modes are also different, the type of the target browser needs to be identified in this step.
Specifically, referring to fig. 2, fig. 2 is a schematic flow chart of determining a target browser type and a target request parsing algorithm according to an embodiment of the present application.
As shown in fig. 2, the process of determining the target browser type and the target request parsing algorithm provided in this embodiment may include:
step 201, determining a target type corresponding to the target browser identifier according to a preset mapping relationship between the browser identifier and the type, wherein the assembling format of each type of browser to the fort connection request is the same.
It should be noted that, the fort connection request may further include a target browser identifier of the target browser, and the plug-in service may invoke a mapping relationship between a pre-stored browser identifier and a type, where the mapping relationship between the browser identifier and the type may be as shown in table 1.
TABLE 1
Browser identification Type(s)
Sign 1, sign 4 Type 1
Sign 2 Type 2
Sign 3 Type 3
...... ......
In addition, different browsers are preset with unique identifiers, but some browsers may use the same data format to package the request, so that the same request analysis algorithm can be used, and in order to improve the efficiency of the step, the browsers using the same data format to package the request are regarded as the same type.
In a specific example, if the browser identifier corresponding to the target browser is identifier 2, it can be known from table 1 that the type corresponding to the target browser is type 2.
Step 202, determining a target request analysis algorithm corresponding to the target type according to a mapping relation between the preset type and the request analysis algorithm.
In this step, the mapping relationship between the preset type and the request parsing algorithm may be stored locally in advance, and may be specifically shown in table 2.
TABLE 2
Type(s) Analytical algorithm
Type 1 Algorithm 1
Type 2 Algorithm 2
Type 3 Algorithm 3
...... ......
Taking the foregoing type 2 as an example, after determining that the target browser is type 2 in the foregoing step, it can be known that the target request parsing algorithm corresponding to the type 2 is algorithm 2 according to table 2 in the present step.
And 103, solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information.
In the foregoing step, the target request analysis algorithm has been determined, and in this step, the connection request of the bastion engine can be analyzed according to the target request analysis algorithm. Specifically, the target request analysis algorithm mainly extracts corresponding information from the fixed field position of the fort connection request.
In a specific example, there may be 5 fields in the fort connection request, with the information for access purposes carried in the field in the first field location, the fields in the second and third field locations carrying the access identifier, and the fields in the fourth and fifth field locations carrying the access key.
Correspondingly, the mapping relation between the field position and the information is set in the target request analysis algorithm, so that the corresponding information can be accurately extracted from the fort connection request. For example, the target request parsing algorithm may extract access destination information from the first field.
And 104, calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information, so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser.
It should be noted that, the access identifier includes the IP address and the access port of the target bastion machine, and the access key includes the login user name and the login password of the target bastion machine.
Specifically, the step may first determine the target fort machine to be accessed according to the IP address, and send the login user name, the login password and the access destination encapsulation information to the target fort machine through the access port; then, the target fort machine analyzes the access target packaging information under the condition that the login user name and the login password pass verification; and finally, the target fort machine calls a remoteAPP service in the target fort machine to provide the application program service corresponding to the access target packaging information for the target browser according to the analysis result.
In the technical scheme of the embodiment of the application, a fort machine connection request sent by a user through a local target browser is received, wherein the fort machine connection request comprises access destination information, an access identifier of the target fort machine and an access key; identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type; solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information; and calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser. Based on the method, corresponding access destination information can be analyzed for different types of target browsers, and then the access destination information is packaged according to the RDP protocol, so that the target fort can identify the access destination information, and the remoteAPP service in the target fort can be successfully invoked.
Example two
Fig. 3 is a flow chart of a method for calling a RemoteAPP service provided in the second embodiment of the present application, where the present embodiment is applicable to a scenario for calling a RemoteAPP service. The method can be executed by a calling device of a remoteAPP service, the device can be realized in a hardware and/or software mode, and can be generally integrated in electronic equipment such as a computer with data operation capability, and the like, and the method specifically comprises the following steps:
step 301, determining a target fort machine to be accessed from all fort machines under the condition that a call of a RemoteAPP service is required.
In this step, when determining the target fort, it may first determine the idle state corresponding to each fort, and determine the fort whose idle state satisfies the preset condition as the target fort to be accessed. Referring to fig. 4, fig. 4 is a schematic flow chart of determining a target fort machine according to the second embodiment of the present application.
As shown in fig. 4, the process for determining the target fort machine provided in this embodiment may include:
step 401, obtaining the number of users currently carried by each bastion machine and the preset maximum carrying user number of each bastion machine.
In this step, when the user accesses the bastion machine, the bastion machine usually records the access time and the access end time of the user, so that the bastion machine usually records only the access time of the user and does not record the corresponding end time of the user.
The end time may refer to a time when the user of the bastion machine ends to remotely control a certain application program in the bastion machine. For example, the user remotely closes the application, or the user remotely closes the web page (browser page) where the application is located, meaning that the remote control of the application is ended.
Specifically, the number of records with access time but no end time in each bastion machine can be obtained in this step, and the number is used as the number of users currently loaded in this step, and then the corresponding maximum number of users loaded in each bastion machine is obtained.
In a specific example, if there are 5 fort machines, the obtained number of currently loaded users and the corresponding maximum number of loaded users may be as shown in table 3 below.
TABLE 3 Table 3
Bastion machine Number of currently carried users Maximum number of bearer users
Bastion machine a 5 15
Bastion machine b 3 18
Fort machine c 6 24
Fort machine d 9 36
Bastion machine e 1 3
Step 402, for any fort machine, determining a difference between the number of users and the maximum number of carrying users, and determining a ratio of the difference to the maximum number of carrying users as an idle state of the fort machine.
The difference value obtained in the step refers to the number of users that the fort machine can currently bear, and the ratio of the difference value to the maximum number of users can indicate the idle degree of the fort machine, namely the idle state in the step.
Still taking the foregoing table 3 as an example, the respective difference values of each fort machine are 10, 15, 18, 27, 2 in order (top-to-bottom order in table 3), and the corresponding ratio values are 0.67, 0.83, 0.75, 0.67 in order (top-to-bottom order in table 3).
Accordingly, the idle state of fort a is 0.67, the idle state of fort b is 0.83, the idle state of fort c is 0.75, the idle state of fort d is 0.75, and the idle state of fort e is 0.67.
Step 403, sorting the fort machines according to the order from the large idle state to the small idle state, and determining the fort machine sorted as the first fort machine as the target fort machine meeting the preset condition.
In this step, the larger the value of the idle state is, the more idle the corresponding fort machine is, and the more the fort machine can bear the user's ability, so the fort machine corresponding to the largest idle state can be determined as the target fort machine meeting the preset condition, and the preset condition is that the idle state is the largest.
Specifically, the bastion machines can be ordered from large to small according to the idle state, and the bastion machine which is the highest in idle state is arranged at the first position. It should be noted that the same idle state may be encountered in the ordering process, and at this time, the fort machines in the same idle state may be ordered according to the order in table 3.
Still taking the above table 3 as an example, the fort machines are ordered as fort machine b, fort machine c, fort machine d, fort machine a, fort machine e from big to small according to the idle state. The first bastion machine b is the target bastion machine in the step.
Note that, when the idle states of the fort machine c and the fort machine d are the same, and the idle states of the fort machine a and the fort machine e are the same, the storage order in table 3 may be referred to when the fort machine c is ordered, and the fort machine c may be ordered before the fort machine d this time, and similarly, the fort machine a may be ordered before the fort machine e.
Alternatively, the idle state may be represented by other parameters, such as the remaining operating memory duty cycle of the fort machine. It should be noted that the remaining running memory duty ratio refers to a ratio of the remaining running memory (i.e., the unoccupied running memory) to the total running memory.
Step 302, query a target access identifier and a target access key corresponding to a target bastion machine from the received access identifier and access key corresponding to each bastion machine, and after the received access identifier and access key corresponding to each bastion machine log in the 4A service for the user, feedback information is carried out by the 4A service.
It should be noted that, the access identifier and the access key corresponding to each bastion machine in this step may be information that the user feeds back to the local by the 4A service after logging in the 4A service. It should be noted that, before the RemoteAPP service in the fort machine is invoked by the user, the user needs to log in the fort machine, and at this time, the login user name and the corresponding login password of the fort machine need to be changed to complete the login of the fort machine, which results in the second login of the user.
In order to realize single sign-on of the user, in this embodiment, after the user logs in the 4A service, the 4A service may feed back access identifiers and access keys of all fort machines related to the 4A service, and when the user needs to call a RemoteAPP service in a fort machine, the user may perform automatic login on a system level based on the corresponding access identifier and access key, and may access the fort machine without performing operations such as input by the user.
Specifically, the method of this embodiment further includes performing user login on the 4A service before the call of the RemoteAPP service is required. The specific process of the user login can comprise:
acquiring a user name and a password input by a user, and sending the user name and the password to a 4A service background for verification, so that the 4A service verifies the user name and the password; and then receiving the access identifier and the access key corresponding to each bastion machine fed back by the 4A service under the condition that the user name and the password pass verification.
Based on the above method, in this embodiment, as long as the user logs in the 4A service, the user does not need to perform subsequent fort machine login operation again, so as to realize fort machine login non-sensitivity and realize single sign-on of the user to a certain extent.
In this embodiment, the determination of the target fort machine may refer to the related description of the foregoing steps, which is not repeated here.
Step 303, obtaining a destination operation required to be implemented by calling the RemoteAPP service, and generating access destination information according to the destination operation.
In this step, the destination operation may be starting a certain application program or storing certain data, and it should be noted that the application programs corresponding to implementing different operations may be the same or different, and the following RemoteAPP service may refer to the related description of the RemoteAPP service according to how to call the resource according to the access destination information, which is not repeated herein.
And step 304, according to the request encapsulation format of the currently used target browser, encapsulating the target access identifier, the target access key and the access destination information to obtain a fort connection request.
It should be noted that, because the protocols supported by the fort are fixed and are all RDP protocols, and the request encapsulation formats supported by different browsers may be different, and because the plug-in service of the present application can convert the requests in different request encapsulation formats into RDP protocols, the present embodiment only needs to encapsulate the target access identifier, the target access key and the access destination information according to the request encapsulation format of the currently used target browser.
Step 305, the fort connection request is sent to a plug-in service running in the local background in advance, so that the plug-in service executes a calling method of the RemoteAPP service based on the fort connection request.
In this step, the calling method of executing the RemoteAPP service based on the fort connection request in the plug-in service refers to the method in the first embodiment, and only the request needs to be sent to the plug-in service in this step.
Example III
Fig. 5 is a schematic structural diagram of a RemoteAPP service calling device provided in the third embodiment of the present application. The invoking device of the remoteAPP service provided by the embodiment of the application can execute the invoking method of the remoteAPP service provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the executing method. The device can be realized in a software and/or hardware mode, as shown in fig. 3, the calling device of the RemoteAPP service specifically comprises: a receiving module 501, an algorithm determining module 502, a data packaging module 503 and a calling module 504.
The system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a fort machine connection request sent by a user through a local target browser, and the fort machine connection request comprises access destination information, an access identifier and an access key of the target fort machine;
the algorithm determining module is used for identifying the target type corresponding to the target browser and determining a target request analysis algorithm corresponding to the target type;
the data encapsulation module is used for solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and encapsulating the access destination information according to an RDP protocol to obtain access destination encapsulation information;
and the calling module is used for calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information so as to enable the remoteAPP service to provide the application program service corresponding to the access destination encapsulation information for the target browser.
In the technical scheme of the embodiment of the application, a fort machine connection request sent by a user through a local target browser is received, wherein the fort machine connection request comprises access destination information, an access identifier of the target fort machine and an access key; identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type; solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information; and calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser. Based on the method, corresponding access destination information can be analyzed for different types of target browsers, and then the access destination information is packaged according to the RDP protocol, so that the target fort can identify the access destination information, and the remoteAPP service in the target fort can be successfully invoked.
Of course, the embodiment also provides a calling device of the target browser, which specifically may include:
the target fort machine determining module is used for determining target fort machines to be accessed from all fort machines under the condition that the remoteAPP service is required to be called;
the inquiring module is used for inquiring the target access identifier and the target access key corresponding to the target bastion machine from the received access identifier and the access key corresponding to each bastion machine, and after the received access identifier and the access key corresponding to each bastion machine are logged in the 4A service for the user, the 4A service carries out feedback information;
the access destination determining module is used for acquiring destination operation required to be implemented by calling the remoteAPP service and generating access destination information according to the destination operation;
the request encapsulation module is used for encapsulating the target access identifier, the target access key and the access destination information according to the request encapsulation format of the currently used target browser to obtain a fort connection request;
the sending module is configured to send a fort connection request to a plug-in service running in the local background in advance, so that the plug-in service executes a call method of a RemoteAPP service according to the first embodiment based on the fort connection request.
Example IV
Fig. 6 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present application, and as shown in fig. 6, the electronic device includes a processor 610, a memory 620, an input device 630, and an output device 640; the number of processors 610 in the electronic device may be one or more, one processor 610 being taken as an example in fig. 6; the processor 610, memory 620, input device 630, and output device 640 in the electronic device may be connected by a bus or other means, for example in fig. 6.
The memory 620 is used as a computer readable storage medium, and may be used to store a software program, a computer executable program, and a module, such as program instructions/modules corresponding to a calling method of a RemoteAPP service in an embodiment of the present invention (for example, the acquisition module 301, the decryption module 302, and the storage module 303 in a calling device of the RemoteAPP service). The processor 610 executes various functional applications of the electronic device and data processing by running software programs, instructions and modules stored in the memory 620, that is, implements the above-mentioned call method of RemoteAPP service:
receiving a fort connection request sent by a user through a local target browser, wherein the fort connection request comprises access destination information, an access identifier of the target fort and an access key;
Identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type;
solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information;
and calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser.
Or,
under the condition that the call of the remoteAPP service is required to be carried out, determining a target fort machine to be accessed from all fort machines;
inquiring a target access identifier and a target access key corresponding to a target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after the user logs in the 4A service;
acquiring a destination operation required to be implemented by calling a remoteAPP service, and generating access destination information according to the destination operation;
according to the request encapsulation format of the currently used target browser, encapsulating the target access identifier, the target access key and the access destination information to obtain a fort connection request;
And sending the fort connection request to a plug-in service running in the local background in advance, so that the plug-in service executes a calling method of the RemoteAPP service according to the first embodiment based on the fort connection request.
Memory 620 may include primarily a program storage area and a data storage area, wherein the program storage area may store an operating system, at least one application program required for functionality; the storage data area may store data created according to the use of the terminal, etc. In addition, memory 620 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, memory 620 may further include memory remotely located relative to processor 610, which may be connected to the electronic device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
Example five
A fifth embodiment of the present application further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a method for invoking a RemoteAPP service, the method comprising:
Receiving a fort connection request sent by a user through a local target browser, wherein the fort connection request comprises access destination information, an access identifier of the target fort and an access key;
identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type;
solving and separating out access destination information from the fort connection request according to a target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information;
and calling the remoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information so that the remoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser.
Or,
under the condition that the call of the remoteAPP service is required to be carried out, determining a target fort machine to be accessed from all fort machines;
inquiring a target access identifier and a target access key corresponding to a target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after the user logs in the 4A service;
Acquiring a destination operation required to be implemented by calling a remoteAPP service, and generating access destination information according to the destination operation;
according to the request encapsulation format of the currently used target browser, encapsulating the target access identifier, the target access key and the access destination information to obtain a fort connection request;
and sending the fort connection request to a plug-in service running in the local background in advance, so that the plug-in service executes a calling method of the RemoteAPP service according to the first embodiment based on the fort connection request.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present application is not limited to the above method operations, but may also perform related operations in the calling method of the RemoteAPP service provided in any embodiment of the present application.
From the above description of embodiments, it will be clear to a person skilled in the art that the present application may be implemented by means of software and necessary general purpose hardware, but of course also by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a FLASH Memory (FLASH), a hard disk, or an optical disk of a computer, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method of the embodiments of the present application.
It should be noted that, in the above-mentioned embodiments of the search apparatus, each unit and module included are only divided according to the functional logic, but not limited to the above-mentioned division, as long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present application.
Note that the above is only a preferred embodiment of the present application and the technical principle applied. Those skilled in the art will appreciate that the present application is not limited to the particular embodiments described herein, but is capable of numerous obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the present application. Therefore, while the present application has been described in connection with the above embodiments, the present application is not limited to the above embodiments, but may include many other equivalent embodiments without departing from the spirit of the present application, the scope of which is defined by the scope of the appended claims.

Claims (6)

1. A method for invoking RemoteAPP services, applied to a plug-in service running in a local background in advance, the method comprising:
Receiving a fort machine connection request sent by a user through a local target browser, wherein the fort machine connection request comprises access destination information, an access identifier of the target fort machine and an access key;
identifying a target type corresponding to the target browser, and determining a target request analysis algorithm corresponding to the target type;
solving and separating out the access destination information from the fort connection request according to the target request analysis algorithm, and packaging the access destination information according to an RDP protocol to obtain access destination packaging information; invoking a remoteAPP service in the target bastion machine by using the access identifier, the access key and the access destination encapsulation information, so that the remoteAPP service provides an application program service corresponding to the access destination encapsulation information for the target browser;
the fort connection request also comprises a target browser identifier;
the identifying the target type corresponding to the target browser and determining a target request analysis algorithm corresponding to the target type comprises the following steps:
determining a target type corresponding to the target browser identifier according to a preset mapping relation between the browser identifier and the type, wherein the assembling format of each type of browser to the connection request of the fort machine is the same;
Determining a target request analysis algorithm corresponding to the target type according to a mapping relation between the preset type and the request analysis algorithm;
the access identifier comprises an IP address and an access port of a target fort machine, and the access key comprises a login user name and a login password of the target fort machine;
the calling the RemoteAPP service in the target fort machine by using the access identifier, the access key and the access destination encapsulation information, so that the RemoteAPP service provides the application program service corresponding to the access destination encapsulation information for the target browser, including:
determining the target fort machine to be accessed according to the IP address, and sending the login user name, the login password and the access destination packaging information to the target fort machine through the access port;
the target fort analyzes the access destination packaging information under the condition that the login user name and the login password pass verification;
and the target fort machine calls a remoteAPP service in the target fort machine to provide the application program service corresponding to the access destination encapsulation information for the target browser according to the analysis result.
2. A method for invoking RemoteAPP services, applied to a local target browser, the method comprising:
under the condition that the call of the remoteAPP service is required to be carried out, determining a target fort machine to be accessed from all fort machines;
inquiring a target access identifier and a target access key corresponding to the target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after a user logs in the 4A service;
acquiring a destination operation required to be implemented by calling a remoteAPP service, and generating access destination information according to the destination operation;
according to the request encapsulation format of the currently used target browser, encapsulating the target access identifier, the target access key and the access destination information to obtain a fort connection request;
transmitting the fort connection request to a plug-in service running in a local background in advance, so that the plug-in service executes the calling method of the RemoteAPP service according to claim 1 based on the fort connection request;
the determining the target fort machine to be accessed from all fort machines comprises the following steps:
Determining an idle state corresponding to each bastion machine, and determining the bastion machines with the idle states meeting preset conditions as target bastion machines to be accessed;
the determining the idle state corresponding to each bastion machine, and determining the bastion machine with the idle state meeting the preset condition as the target bastion machine to be accessed includes:
acquiring the number of users currently born by each bastion machine and the preset maximum number of users born by each bastion machine;
for any fort machine, determining a difference value between the number of users and the maximum bearing user number, and determining a ratio of the difference value to the maximum bearing user number as an idle state of the fort machine;
and sequencing all the fort machines according to the order from the big idle state to the small idle state, and determining the fort machine sequenced to be the first fort machine as a target fort machine meeting the preset condition.
3. The method according to claim 2, wherein the method further comprises:
before needing to call the remoteAPP service, carrying out user login on the 4A service;
the user login for the 4A service comprises the following steps:
acquiring a user name and a password input by a user, and sending the user name and the password to a 4A service background for verification, so that the 4A service verifies the user name and the password;
And receiving the access identifier and the access key corresponding to each bastion machine fed back by the 4A service under the condition that the user name and the password pass verification.
4. A call device for RemoteAPP service, the device comprising:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a fort machine connection request sent by a user through a local target browser, and the fort machine connection request comprises access destination information, an access identifier and an access key of the target fort machine;
the algorithm determining module is used for identifying a target type corresponding to the target browser and determining a target request analysis algorithm corresponding to the target type;
the data encapsulation module is used for solving and separating out the access destination information from the fort connection request according to the target request analysis algorithm, and encapsulating the access destination information according to an RDP protocol to obtain access destination encapsulation information;
the calling module is used for calling a remoteAPP service in the target fort machine by utilizing the access identifier, the access secret key and the access destination encapsulation information so that the remoteAPP service provides an application program service corresponding to the access destination encapsulation information for the target browser;
The fort connection request also comprises a target browser identifier;
the algorithm determining module is specifically configured to:
determining a target type corresponding to the target browser identifier according to a preset mapping relation between the browser identifier and the type, wherein the assembling format of each type of browser to the connection request of the fort machine is the same;
determining a target request analysis algorithm corresponding to the target type according to a mapping relation between the preset type and the request analysis algorithm;
the access identifier comprises an IP address and an access port of a target fort machine, and the access key comprises a login user name and a login password of the target fort machine;
the calling module is specifically configured to:
determining the target fort machine to be accessed according to the IP address, and sending the login user name, the login password and the access destination packaging information to the target fort machine through the access port;
the target fort analyzes the access destination packaging information under the condition that the login user name and the login password pass verification;
and the target fort machine calls a remoteAPP service in the target fort machine to provide the application program service corresponding to the access destination encapsulation information for the target browser according to the analysis result.
5. A call device for RemoteAPP service, the device comprising:
the target fort machine determining module is used for determining target fort machines to be accessed from all fort machines under the condition that the remoteAPP service is required to be called;
the query module is used for querying a target access identifier and a target access key corresponding to the target bastion machine from the received access identifier and the access key corresponding to each bastion machine, wherein the received access identifier and the access key corresponding to each bastion machine are information fed back by the 4A service after the user logs in the 4A service;
the access destination determining module is used for acquiring destination operation required to be implemented by calling the remoteAPP service and generating access destination information according to the destination operation;
the request encapsulation module is used for encapsulating the target access identifier, the target access key and the access destination information according to the request encapsulation format of the currently used target browser to obtain a fort connection request;
a sending module, configured to send the fort connection request to a plug-in service running in a local background in advance, so that the plug-in service executes a call method of the RemoteAPP service according to claim 1 based on the fort connection request;
The target fort machine determining module is specifically configured to:
determining an idle state corresponding to each bastion machine, and determining the bastion machines with the idle states meeting preset conditions as target bastion machines to be accessed;
the target fort machine determining module is specifically configured to:
acquiring the number of users currently born by each bastion machine and the preset maximum number of users born by each bastion machine;
for any fort machine, determining a difference value between the number of users and the maximum bearing user number, and determining a ratio of the difference value to the maximum bearing user number as an idle state of the fort machine;
and sequencing all the fort machines according to the order from the big idle state to the small idle state, and determining the fort machine sequenced to be the first fort machine as a target fort machine meeting the preset condition.
6. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
when executed by the one or more processors, causes the one or more processors to implement the method of invoking the RemoteAPP service of any one of claims 1-3.
CN202210453643.6A 2022-04-24 2022-04-24 Method and device for calling remoteAPP service and electronic equipment Active CN114885011B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210453643.6A CN114885011B (en) 2022-04-24 2022-04-24 Method and device for calling remoteAPP service and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210453643.6A CN114885011B (en) 2022-04-24 2022-04-24 Method and device for calling remoteAPP service and electronic equipment

Publications (2)

Publication Number Publication Date
CN114885011A CN114885011A (en) 2022-08-09
CN114885011B true CN114885011B (en) 2024-01-30

Family

ID=82672708

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210453643.6A Active CN114885011B (en) 2022-04-24 2022-04-24 Method and device for calling remoteAPP service and electronic equipment

Country Status (1)

Country Link
CN (1) CN114885011B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112527379A (en) * 2020-12-01 2021-03-19 深圳市证通电子股份有限公司 Guacamole-based fort machine application operation and maintenance method, device, equipment and medium
CN113079164A (en) * 2021-04-02 2021-07-06 江苏保旺达软件技术有限公司 Remote control method and device for bastion machine resources, storage medium and terminal equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580074B (en) * 2013-10-14 2018-08-24 阿里巴巴集团控股有限公司 The login method of client application and its corresponding server

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112527379A (en) * 2020-12-01 2021-03-19 深圳市证通电子股份有限公司 Guacamole-based fort machine application operation and maintenance method, device, equipment and medium
CN113079164A (en) * 2021-04-02 2021-07-06 江苏保旺达软件技术有限公司 Remote control method and device for bastion machine resources, storage medium and terminal equipment

Also Published As

Publication number Publication date
CN114885011A (en) 2022-08-09

Similar Documents

Publication Publication Date Title
KR102161681B1 (en) Device identifier dependent operation processing of packet based data communication
US9794242B2 (en) Method, apparatus and application platform for realizing logon to an application service website
CN111600909A (en) Data processing method, device, protocol conversion equipment and storage medium
CN107920094B (en) Data acquisition method and device, server and network equipment
CN102752300B (en) Dynamic antitheft link system and dynamic antitheft link method
WO2002003219A1 (en) Method and system for monitoring online computer network behavior and creating online behavior profiles
US20110258315A1 (en) Network analysis system and method utilizing collected metadata
CN110769009B (en) User identity authentication method and system
CN113676563B (en) Scheduling method, device, equipment and storage medium of content distribution network service
CN114866965A (en) MaaP-based 5G message communication method, system, electronic equipment and storage medium
CN111541672A (en) Method and system for detecting security of HTTP (hyper text transport protocol) request
CN111770072B (en) Method and device for accessing function page through single sign-on
US9832198B2 (en) Service-based message access layer frame and implementation method thereof
CN111371811B (en) Resource calling method, resource calling device, client and service server
CN114885011B (en) Method and device for calling remoteAPP service and electronic equipment
Ham et al. Big Data Preprocessing Mechanism for Analytics of Mobile Web Log.
CN110597783A (en) Database management method, device, equipment and storage medium
CN113596105B (en) Content acquisition method, edge node and computer readable storage medium
CN113778709B (en) Interface calling method, device, server and storage medium
CN112416875B (en) Log management method, device, computer equipment and storage medium
CN114924783A (en) Interface calling method, device, equipment and storage medium of application program
CN110636114B (en) Customer service access method, access system, service system and cloud platform
US10623523B2 (en) Distributed communication and task handling to facilitate operations of application system
CN112860398A (en) Data processing method, device, equipment and medium based on rule engine
CN113535744B (en) Tenant data modification method, system, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant