CN115834212A - Access control method for integrating multi-scene application system - Google Patents
Access control method for integrating multi-scene application system Download PDFInfo
- Publication number
- CN115834212A CN115834212A CN202211485734.4A CN202211485734A CN115834212A CN 115834212 A CN115834212 A CN 115834212A CN 202211485734 A CN202211485734 A CN 202211485734A CN 115834212 A CN115834212 A CN 115834212A
- Authority
- CN
- China
- Prior art keywords
- gateway
- information
- main service
- sub
- application system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an access control method for integrating a multi-scene application system, and belongs to the technical field of network access. The invention creates the unique identification of each sub-application system corresponding to multiple scenes through the gateway system, manages the gateway configuration information of each sub-application system and the parameter conversion relation of the request access, and can conveniently and effectively solve the problem of non-uniform definition of the request parameters from different application systems by utilizing the design and configuration method, thereby providing convenient scene application integration and achieving the purposes of cost reduction and efficiency improvement.
Description
Technical Field
The invention belongs to the technical field of network access, and particularly relates to an access control method for integrating a multi-scenario application system.
Background
In the process of providing government affair service or enterprise business service, corresponding service is often provided by different sub-scenario application systems (sub-application systems for short) according to different application requirements. With the continuous expansion of service types, the corresponding sub-application systems are more and more. However, the connection between the sub-application systems is not tight, and in most cases, the sub-application systems provide the corresponding services individually, and if need to be integrated together, the code needs to be continuously modified. That is, unified management and configuration at the gateway level are not achieved among the existing sub-application systems, so that the access convenience cannot meet the requirements of users, and the maintenance cost is also higher.
Disclosure of Invention
The invention aims to provide an access control method for integrating multi-scenario application systems, which can quickly integrate each sub-application system in a main service system and reduce the access and maintenance cost. In order to achieve the purpose, the invention provides the following technical scheme:
an access control method for integrating a multi-scenario application system comprises the following steps:
1. adding gateway configuration information of a main service system and each sub-application system to be integrated into a gateway system;
2. establishing a function menu in the main service system, wherein each menu item of the function menu corresponds to the gateway configuration information of each sub-application system to form a mapping relation;
3. configuring a conversion relation between main service system login information and each sub-application system login information in the gateway system;
4. the client accesses the main service system through the gateway system and logs in the main service system through the main service system login information, and if the login verification is successful, the step 5 is carried out;
5. the client triggers a certain menu item through the main service system, and accesses the corresponding sub-application system through the gateway configuration information of the sub-application system corresponding to the menu item; meanwhile, the gateway system converts the main service system login information into corresponding sub-application system login information and sends the information to the corresponding sub-application system for login verification, and if the login verification is successful, the step 6 is carried out;
6. and the corresponding sub-application system sends the response information to the gateway system, and the gateway system returns the response information to the page of the main service system for displaying.
Specifically, a gateway configuration module is arranged in the gateway system, and gateway configuration information of the main service system and each sub-application system to be integrated is added in the gateway configuration module.
Specifically, the gateway configuration module provides a visualized gateway information configuration table.
Specifically, the gateway configuration information includes: system name, system access URL, system access mode information.
Specifically, the gateway system is provided with a data conversion module, a conversion relationship between main service system login information and each sub-application system login information is configured in the data conversion module, and the data conversion module is used for converting the main service system login information into corresponding sub-application system login information.
Specifically, the login information includes login interface information and login parameter information.
Specifically, the gateway system is provided with an access control module for executing an operation of accessing the main service system by the client and executing an operation of accessing the corresponding sub-application system by the client through the menu item of the main service system.
The invention creates the unique identification of each sub-application system corresponding to multiple scenes through the gateway system, manages the gateway configuration information of each sub-application system and the parameter conversion relation of the request access, and can conveniently and effectively solve the problem of non-uniform definition of the request parameters from different application systems by utilizing the design and configuration method, thereby providing convenient scene application integration and achieving the purposes of cost reduction and efficiency improvement.
Drawings
Fig. 1 is a flowchart of an access control method for an integrated multi-scenario application system according to an embodiment of the present invention.
Fig. 2 is a network architecture diagram of an access control method for an integrated multi-scenario application system according to an embodiment of the present invention.
Detailed Description
The technical scheme of the invention is clearly and completely described in the following with reference to the accompanying drawings. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The access control method for integrating the multi-scenario application system provided by the embodiment is used for technical application of a government and enterprise system development platform (namely, a main business system) for integrating various third-party platforms (namely, sub-application systems), and is mainly characterized in that gateway information is configured and an access conversion relation is established, so that the existing application system platform and the third-party applications related to business scenarios can be conveniently and quickly integrated together, and the relation among the application systems is tighter.
Referring to fig. 1 and fig. 2, the access control method for integrating multiple-scenario application systems provided in this embodiment includes six main steps, which are respectively described as follows:
1. and adding gateway configuration information of the main service system and each sub-application system needing to be integrated into the gateway system S1. The gateway system is provided with a gateway configuration module, the gateway configuration module provides a visual gateway information configuration table, and the configuration table is added with gateway configuration information of the main service system S2 and each sub-application system S3 which needs to be integrated. The gateway configuration information includes: system name, system access URL, system access mode information.
For example, a public security service integrated application main service system S2 is deployed in the past, and the client S4 can normally access the platform only by skipping through the gateway system S1 when accessing the platform daily. Now, a plurality of subsystems such as the case analysis sub-application system S31, the action deployment sub-application system S32, and the case archiving sub-application system S33 need to be accessed, and the actual operations that need to be performed in step 1 are: configuring the names of the sub-application systems to be accessed through a gateway configuration module, wherein the names are respectively as follows: case analysis sub-application system S31, action deployment sub-application system S32 and case archiving sub-application system S33; and the URL corresponding to the sub-application system, for example: s31.com, s32.com, s33.com, and the access modes are unified as follows: and accessing a service system.
It is understood that the gateway configuration information set here is an application relationship between a gateway address and a function address of each sub-application system for interfacing with a menu item of the main business system described below.
2. And establishing a function menu in the main service system, wherein each menu item of the function menu corresponds to the gateway configuration information of each sub-application system to form a mapping relation. When a menu item is respectively constructed for each sub-application system, the filled information needs to be uniquely corresponding to gateway configuration information of the gateway system S1, so that a mapping relation configured at two positions is realized, which is equivalent to configuring a trigger inlet of each sub-application system;
3. a data conversion module S5 is arranged in the gateway system, and the conversion relation between the main service system login information and each sub application system login information is configured in the data conversion module. The main service system login information is pre-stored in the login verification center of the main service system S2, and the sub-application system login information is pre-stored in the login verification center of the sub-application system S3.
In specific implementation, the technical configuration personnel firstly need to configure the configuration of the login interface and the login parameter configuration of the sub-application system, including an interface request mode and the like. Taking the case analysis sub-application system S31, the action deployment sub-application system S32, and the case archiving sub-application system S33 as examples, the login interface and the interface parameter information of each sub-application system are configured as follows: s31/login (diameter, upwd), S32/login (key, pwd), S33/login (username, password). If other specific parameters are also configured here.
The data conversion module S5 mainly implements a mapping relationship between the login parameters of the main service system S2 and the login interface parameters of each sub-application system S3, and when the main service system S2 accesses a certain sub-application system S3 through a menu function, the data conversion module S5 can convert the login information of the main service system into the login parameters corresponding to the corresponding sub-application system S3.
4. The gateway system is provided with an access control module used for executing the operation of accessing the main service system by the client and executing the operation of accessing the corresponding sub-application system by the client through the menu item of the main service system. The client S4 accesses the main service system S2 through the gateway system and logs in the main service system S2 through the login information of the main service system, the main service system is provided with a verification center of the main service system, if the login verification is successful, the step 5 is carried out, and otherwise, the login abnormal information is prompted.
5. The client triggers a certain menu item through the main service system, and accesses the corresponding sub-application system through the gateway configuration information of the sub-application system corresponding to the menu item; and meanwhile, the gateway system converts the login information of the main service system into login information of a corresponding sub-application system and sends the login information to the corresponding sub-application system for login verification, the sub-application system S3 is provided with a verification center of the sub-application system, if the login verification is successful, the step 6 is carried out, and otherwise, login abnormal information is prompted.
6. And the corresponding sub-application system sends the response information to the gateway system, and the gateway system returns the response information to the page of the main service system for displaying.
For example, when the client accesses the case analysis sub-application system S31 through the corresponding menu item of the main service system S2, the data conversion module S5 first converts the login information of the main service system S2 into the login information of the case analysis system S31, and then accesses the acquired and converted login information of the case analysis sub-application system S31 to the authentication center of the case analysis sub-application system S31 through the pre-configured login URL for authentication and authorization. If the authentication is successful, the returned authentication success information is converted into a uniform data format and stored in the gateway system S1 for token storage, and meanwhile, the data information is fed back to the functional subsystem page of the main service system S2 to realize the display of the front-end page of the sub-application system.
In addition, when accessing the case analysis sub-application system S31, if the functional interface needs other special parameters, the data conversion module S5 can also access the converted parameters by configuring the interface address and the parameter information in the data conversion module S5.
The above-mentioned embodiments, objects, technical solutions and advantages of the present invention are further described in detail, it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.
Claims (7)
1. An access control method for integrating a multi-scenario application system is characterized by comprising the following steps:
(1) Adding gateway configuration information of a main service system and each sub-application system to be integrated into a gateway system;
(2) Establishing a function menu in the main service system, wherein each menu item of the function menu corresponds to the gateway configuration information of each sub-application system to form a mapping relation;
(3) Configuring a conversion relation between main service system login information and each sub-application system login information in the gateway system;
(4) The client accesses the main service system through the gateway system and logs in the main service system through the main service system login information, and if the login verification is successful, the step (5) is carried out;
(5) The client triggers a certain menu item through the main service system, and accesses the corresponding sub-application system through the gateway configuration information of the sub-application system corresponding to the menu item; meanwhile, the gateway system converts the main service system login information into corresponding sub-application system login information and sends the information to the corresponding sub-application system for login verification, and if the login verification is successful, the step (6) is carried out;
(6) And the corresponding sub-application system sends the response information to the gateway system, and the gateway system returns the response information to the page of the main service system for displaying.
2. The access control method for integrating multi-scenario application systems according to claim 1, wherein a gateway configuration module is disposed in the gateway system, and gateway configuration information of a main service system and each sub-application system that needs to be integrated is added in the gateway configuration module.
3. The access control method of the integrated multi-scenario application system of claim 2, wherein the gateway configuration module provides a visualized gateway information configuration table.
4. The access control method of the integrated multi-scenario application system of claim 3, wherein the gateway configuration information comprises: system name, system access URL, system access mode information.
5. The access control method for integrating multi-scenario application systems of claim 1, wherein a data conversion module is disposed in the gateway system, a conversion relationship between main service system login information and each sub-application system login information is configured in the data conversion module, and the data conversion module is configured to convert the main service system login information into corresponding sub-application system login information.
6. The access control method of the integrated multi-scenario application system of claim 5, wherein the login information comprises login interface information and login parameter information.
7. The access control method for integrating multi-scenario application systems of claim 1, wherein the gateway system is provided with an access control module for performing an operation of accessing the main service system by a client and an operation of accessing the corresponding sub-application system by the client through the menu item of the main service system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211485734.4A CN115834212A (en) | 2022-11-24 | 2022-11-24 | Access control method for integrating multi-scene application system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211485734.4A CN115834212A (en) | 2022-11-24 | 2022-11-24 | Access control method for integrating multi-scene application system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115834212A true CN115834212A (en) | 2023-03-21 |
Family
ID=85531364
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211485734.4A Pending CN115834212A (en) | 2022-11-24 | 2022-11-24 | Access control method for integrating multi-scene application system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115834212A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117009103A (en) * | 2023-07-17 | 2023-11-07 | 蝉鸣科技(西安)有限公司 | Method for combining multiple service systems and integration system |
-
2022
- 2022-11-24 CN CN202211485734.4A patent/CN115834212A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117009103A (en) * | 2023-07-17 | 2023-11-07 | 蝉鸣科技(西安)有限公司 | Method for combining multiple service systems and integration system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109600306B (en) | Method, device and storage medium for creating session | |
| US8745223B2 (en) | System and method of distributed license management | |
| CN103023933B (en) | A kind of log-on message Integrated Processing System and method | |
| CN109587233B (en) | Multi-cloud container management method, device and computer-readable storage medium | |
| US20070016804A1 (en) | Password management system | |
| US8429712B2 (en) | Centralized user authentication system apparatus and method | |
| CN101217368A (en) | A network logging on system and the corresponding configuration method and methods for logging on the application system | |
| US8090853B2 (en) | Data access control | |
| CN113360862A (en) | Unified identity authentication system, method, electronic device and storage medium | |
| CN103475726A (en) | Virtual desktop management method, server and client side | |
| CN107438054B (en) | Method and system for realizing menu information control based on public platform | |
| US7647635B2 (en) | System and method to resolve an identity interactively | |
| CN111552568B (en) | Cloud service calling method and device | |
| CN110880146A (en) | Block chain chaining method, device, electronic equipment and storage medium | |
| CN104754009A (en) | Service acquisition and invocation method, device, client-side and server | |
| CN111935110A (en) | Method and device for controlling permission of tenant to access container instance | |
| CN102196027A (en) | System and method for implementing mobile cloud service | |
| CN115834212A (en) | Access control method for integrating multi-scene application system | |
| CN105490861A (en) | System and method of management of network management device | |
| CN112118234A (en) | Method for controlling multi-terminal authentication based on dynamic two-dimensional code | |
| CN102984260A (en) | Internet account number and password information management method and system | |
| CN113055185A (en) | Token-based authentication method and device, storage medium and electronic device | |
| CN114726632B (en) | Login method, login equipment and storage medium | |
| CN103023935A (en) | M2M (machine-to-machine) platform cloud system and method for processing M2M service | |
| CN101548263A (en) | Method and system for modeling options for opaque management data for a user and/or an owner |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |