CN116743463A - Message transmission method, device, system and storage medium - Google Patents
Message transmission method, device, system and storage medium Download PDFInfo
- Publication number
- CN116743463A CN116743463A CN202310716408.8A CN202310716408A CN116743463A CN 116743463 A CN116743463 A CN 116743463A CN 202310716408 A CN202310716408 A CN 202310716408A CN 116743463 A CN116743463 A CN 116743463A
- Authority
- CN
- China
- Prior art keywords
- client
- communication request
- message
- identity information
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000005540 biological transmission Effects 0.000 title claims abstract description 47
- 238000004891 communication Methods 0.000 claims abstract description 260
- 238000012795 verification Methods 0.000 claims abstract description 48
- 230000006870 function Effects 0.000 claims description 33
- 230000004044 response Effects 0.000 claims description 13
- 238000013507 mapping Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 description 8
- 238000001514 detection method Methods 0.000 description 6
- 210000002569 neuron Anatomy 0.000 description 5
- 230000003993 interaction Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000013515 script Methods 0.000 description 4
- 238000012360 testing method Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Landscapes
- Computer And Data Communications (AREA)
Abstract
The application discloses a message transmission method, a device, a system and a storage medium, and the difficulty of establishing message communication between a client and a server. The application comprises the following steps: receiving a communication request sent by a first client; invoking an authentication connection list, and identifying whether the first client is positioned in the authentication connection list according to the first identity information; if the communication request is located, directly responding to the communication request, establishing a communication channel with the first client and carrying out communication; if the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request; judging whether the identity of the first client needs to be verified according to the task level of the communication request; if so, acquiring a verification message in the communication request; judging whether the communication request is legal or not according to the verification message; if the first identity information is legal, a first function is called to rename the first client, and new first identity information is generated; and responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
Description
Technical Field
The present application relates to the field of data processing, and in particular, to a method, an apparatus, a system, and a storage medium for transmitting a message.
Background
In the existing message transmission technology, when a sender (client) and a receiver (server) transmit a message, the sender carries own ID information in the message sent to the receiver, but the ID information is determined by the sender and can be any character, so that the situation that the illegal sender falsifies the identity to send the message may occur.
The method has the advantages that no matter who is used as the sender, the receiver needs to verify the sender according to the communication request sent by the sender, and then the communication request is processed, so that the communication efficiency is greatly reduced, and the difficulty of establishing message communication between the client and the server is increased.
Disclosure of Invention
The application discloses a message transmission method, a device, a system and a storage medium, which are used for reducing the difficulty of establishing message communication between a client and a server.
The first aspect of the present application provides a message transmission method, including:
receiving a communication request sent by a first client, wherein the first client has first identity information;
invoking an authentication connection list, and identifying whether the first client is positioned in the authentication connection list according to the first identity information;
if the communication request is located, directly responding to the communication request, establishing a communication channel with the first client and carrying out communication;
If the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request;
judging whether the identity of the first client needs to be verified according to the task level of the communication request;
if so, acquiring a verification message in the communication request, wherein the verification message is identification verification data sent by the first client;
judging whether the communication request is legal or not according to the verification message;
if the first identity information is legal, a first function is called to rename the first client, and new first identity information is generated;
and responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
Optionally, calling the first function to rename the first client to generate new first identity information includes:
calling a first function to rename a first client to generate a new client identity;
and storing the new client identity in the first identity information to generate new first identity information, and storing the new first identity information in the authentication connection list.
Optionally, in response to the communication request, establishing a communication channel with the first client based on the new first identity information, and performing communication, including:
Responding to the communication request, and establishing a communication channel for the first client;
the new first identity information is mapped onto the communication channel.
Optionally, the authentication connection list is invoked to identify whether the first client is located in the authentication connection list according to the first identity information, including
Judging whether the second client is matched with the communication request according to the client identity in the authentication connection list;
if the first client is not matched with the second client, determining that the first client is an unauthenticated client;
if so, the first client is determined to be an authenticated client.
Optionally, after mapping the new first identity information onto the communication channel, the message transmission method further comprises:
receiving a target message sent by a first client through a communication channel, wherein the target message comprises NPL information and sender identity information;
unpacking the target message to recover the NPL message, wherein the NPL message comprises the file name of the target file, and the target file is a file required to be called by the first client;
inserting the NPL message into an input message queue of a first thread, wherein the first thread is a thread on a server, and the input message queue is used for managing the NPL message;
and executing the NPL message to enable the target file corresponding to the file name to be executed.
Optionally, the communication request further includes socket information;
responding to the communication request, establishing a communication channel for the first client, including:
inquiring socket information in the communication request, and traversing the endpoint through the iterator according to error codes received by the socket information;
detecting the matching degree of the endpoint set traversed by socket information, and generating a matching result;
when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client;
when the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client.
Optionally, after determining whether the identity verification needs to be performed on the first client according to the task level of the communication request, the message transmission method further includes:
and if not, executing the communication request for the first client by using the first temporary identity.
A second aspect of the present application provides a message transmission apparatus comprising:
the first receiving unit is used for receiving a communication request sent by a first client, and the first client is provided with first identity information;
the first judging unit is used for calling the authentication connection list and identifying whether the first client is positioned in the authentication connection list according to the first identity information;
The first establishing unit is used for directly responding to the communication request and establishing a communication channel with the first client and carrying out communication when the first judging unit determines that the first client is positioned in the authentication connection list;
the second establishing unit is used for establishing a first temporary identity for the first client according to the communication request when the first judging unit determines that the first client is not located in the authentication connection list;
the second judging unit is used for judging whether the identity verification of the first client is required according to the task level of the communication request;
the second judging unit is used for judging whether the first client needs to be authenticated or not according to the authentication information;
a third judging unit for judging whether the communication request is legal or not according to the verification message;
the generation unit is used for calling a first function to rename the first client when the third judgment unit determines that the communication request is legal, and generating new first identity information;
and the third establishing unit is used for responding to the communication request, establishing a communication channel with the first client based on the new first identity information and carrying out communication.
Optionally, the generating unit includes:
calling a first function to rename a first client to generate a new client identity;
and storing the new client identity in the first identity information to generate new first identity information, and storing the new first identity information in the authentication connection list.
Optionally, the third establishing unit includes:
the response module is used for responding to the communication request and establishing a communication channel for the first client;
and the mapping module is used for mapping the new first identity information onto the communication channel.
Optionally, the first judging unit includes
Judging whether the second client is matched with the communication request according to the client identity in the authentication connection list;
if the first client is not matched with the second client, determining that the first client is an unauthenticated client;
if so, the first client is determined to be an authenticated client.
Optionally, after the third establishing unit, the message transmission device further includes:
the second receiving unit is used for receiving a target message sent by the first client through a communication channel, wherein the target message comprises NPL information and sender identity information;
the unpacking unit is used for unpacking the target message and recovering the NPL message, wherein the NPL message comprises the file name of the target file, and the target file is a file which needs to be called by the first client;
The inserting unit is used for inserting the NPL message into an input message queue of a first thread, wherein the first thread is a thread on a server, and the input message queue is used for managing the NPL message;
and the first execution unit is used for executing the NPL message so that the target file corresponding to the file name is executed.
Optionally, the communication request further includes socket information;
a response module, comprising:
inquiring socket information in the communication request, and traversing the endpoint through the iterator according to error codes received by the socket information;
detecting the matching degree of the endpoint set traversed by socket information, and generating a matching result;
when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client;
when the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client.
Optionally, after the second judging unit, the message transmission device further includes:
and the second execution unit is used for executing the communication request for the first client by using the first temporary identity when the second judgment unit determines that the identity authentication of the first client is not needed.
A third aspect of the present application provides a message transmission system, the apparatus comprising:
a processor, a memory, an input-output unit, and a bus;
the processor is connected with the memory, the input/output unit and the bus;
the memory holds a program that the processor invokes to perform the first aspect and any of the optional message transmission methods of the first aspect.
A fourth aspect of the present application provides a computer readable storage medium having a program stored thereon, which when executed on a computer performs the method of message transmission of any of the first aspect and the optional method of message transmission of the first aspect.
From the above technical scheme, the application has the following advantages:
in the application, a communication request sent by a first client is received first, wherein the first client has first identity information. By invoking the authentication connection list, and identifying whether the first client is located in the authentication connection list based on the first identity information in the communication request. If the communication request is located, the communication request is directly responded, a communication channel with the first client is established, and communication is carried out. If the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request. And judging whether the identity authentication of the first client is required according to the task level of the communication request. If so, acquiring a verification message in the communication request, wherein the verification message is the identity verification data sent by the first client. And judging whether the communication request is legal or not according to the verification message. And if the first identity information is legal, calling a first function to rename the first client, and generating the new first identity information. And responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
When the communication information of the first client is received, the method and the device firstly confirm whether the first client is authenticated, and when the first client is not authenticated, a first temporary identity is established for the first client according to the communication request, so that the client can execute the communication request by using the temporary identity under the condition that the client is not authenticated. When the communication request needs identity authentication and authentication is provided, the server renames the first client, establishes a communication channel with the first client based on the new first identity information, and can communicate with the first client through the new first identity information. The method can reduce the difficulty of establishing message communication between the client and the server while reducing authentication tasks.
Drawings
In order to more clearly illustrate the technical solutions of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of an embodiment of a message transmission method according to the present application;
FIGS. 2-a, 2-b, 2-c and 2-d are flowcharts illustrating another embodiment of a message transmission method according to the present application;
fig. 3 is a schematic structural diagram of an embodiment of a message transmission device provided by the present application;
fig. 4 is a schematic structural diagram of another embodiment of a message transmission device provided by the present application;
fig. 5 is a schematic structural diagram of another embodiment of a message transmission system according to the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in the present description and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Furthermore, the terms "first," "second," "third," and the like in the description of the present specification and in the appended claims, are used for distinguishing between descriptions and not necessarily for indicating or implying a relative importance.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
In the existing information transmission technology, no matter who is the sender, the receiver needs to verify the sender according to the communication request sent by the sender, and then processes the communication request, so that the communication efficiency is greatly reduced, and the difficulty of establishing message communication between the client and the server is increased.
Based on the above, the application discloses a message transmission method, a device, a system and a storage medium, which are used for generating a temporary identity for a sender (client) in the message transmission process, determining whether the identity needs to be verified according to the level of a processed communication request, if not, directly using the temporary identity to carry out NPL service for an NPL sender, if so, renaming the sender to generate sender identity information after verification is passed, and carrying out program information transmission with the new sender identity information and the sender, thereby greatly improving the communication efficiency and reducing the difficulty of establishing message communication between the client and a server.
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The method of the present application may be applied to a server, a device, a terminal, or other devices having logic processing capabilities, and the present application is not limited thereto. For convenience of description, the following description will take an execution subject as a server as an example.
Referring to fig. 1, the present application provides an embodiment of a message transmission method, including:
101. receiving a communication request sent by a first client, wherein the first client has first identity information;
the communication request is data received by the server through a webpage or a link mode. The first client may send a corresponding task request to the server from a web page or a link, etc. In the following, the communication request mainly occurs in different code functions or statements, which may be abbreviated as msg.
In this embodiment, in the NPL running environment, a task of executing a specified file on a remote NPL running environment may be implemented. Two NPL operating environments are involved in one remote scheduling, the first client in the present application is the scheduler, and the server in the present application is the schedulers. The implementation of this thread scheduling function across NPL execution environments relies on the npl.activate function, using the syntax of which is as follows:
NPL.activate(url,msg)
In the above grammar, the parameter url refers to the url address of an NPL file, the parameter msg refers to data (communication request) sent to the url address, and a user (client) can call a specified target thread by calling the npl.activate function, and execute the specified target file through the target thread.
The parameter url represents the url address of an NPL file, and the complete format of the parameter url is:
(sRuntimeStateName|gl)msg.nid:sRelativePath@DNSServerName
where sruntimetateate is the name of the selected thread, if the option is to write not sruntimetateate but only gl, then the local current thread is indicated.
msg.nid represents the identifier of the NPL operating environment, in the present application msg.nid is the identifier of the remote NPL operating environment (server).
sRelativePath is a relative path of files, typically referenced to main folder directory.
The @ stnservername represents the name of the DNS server.
It should be noted that, the NPL running environment corresponds to a cnplrun class, and the cnplrun class mainly has the following attributes: a thread vector for storing all threads in the current NPL operating environment; a CNPLNetServer class, if calling the start () function in the class, starts the server (i.e. listens to a port number), then the NPL running environment becomes the server, otherwise the client. The precondition for implementing remote scheduling is that the NPL operating environment as the scheduled end needs to open the corresponding server end so as to be accessible to the client. The starting server side can use the following functions:
Npl.startnetserver (ip, port) function, parameter ip is ip address, and parameter port is port number. The NPL engine is provided with a server end in design and corresponds to the CNPLNetServer class in the source code, and is started when the function of the server needs to be provided.
After the user invokes the npl.activate function, the first client receives the thread start instruction, and starts a first thread on the client according to the thread start instruction, where the first thread is used to remotely schedule the server to execute the target file on the server, and the first thread is specified by the npl.activate function.
102. Invoking an authentication connection list, and identifying whether the first client is positioned in the authentication connection list according to the first identity information;
the server calls an authentication connection list, user identity information with the diameter for communication connection authentication is recorded in the authentication connection list, and whether the first client is located in the authentication connection list is identified according to the first identity information.
103. If the communication request is located, directly responding to the communication request, establishing a communication channel with the first client and carrying out communication;
104. if the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request;
When the server determines that the first client is an unauthenticated user, the server can establish a temporary identity for the first client according to the communication request. For example, when the communication request is a create link request (communication request), the server temporarily generates a tid (temporary identity), and its naming rule is: the number of links added, such as the first temporary link generated by the server, its tid= "-1". In this embodiment, the temporary identity may be denoted as msg.
105. Judging whether the identity of the first client needs to be verified according to the task level of the communication request;
the server needs to analyze according to the specific task sent to the communication request by the first client, and processes the specific task according to the task level, if the communication request does not need to relate to the extraction of the secret content, does not need to pay, and the like, the identity information of the client does not need to be verified, and only the information interaction is performed through the temporary identity.
106. If so, acquiring a verification message in the communication request, wherein the verification message is identification verification data sent by the first client;
when it is detected that the communication request involves a task requiring authentication, and the first client is the first occurrence of the communication request, then the server needs to first determine an authentication message in the communication request, and confirm whether the authentication message is accurate.
In this embodiment, the verification message may be various, may be a simple account number password, may be a two-dimensional code specific to the client user, and the like, and is not limited herein.
In this embodiment, the authentication message may be in a communication request or sent to the server by the user Huang Xu, which is not limited herein.
107. Judging whether the communication request is legal or not according to the verification message;
the server determines, through the verification message, whether the communication request sent by the current first client meets the processing rule, and if so, performs step 108.
If the server determines that the client does not exist in the authentication connection list of the server, the server may first establish a virtual connection for the client, and the virtual connection is not used to transmit real data, and instead, the server detects whether the connection between the server and the client is reliable through the virtual connection, specifically, whether the connection is reliable may be determined through some threshold values of network quality parameters, for example, detection is performed through one or more indexes of information such as packet loss rate, time delay, bandwidth, qoS, retransmission mechanism, heartbeat detection mechanism, and the like of the connection. When the packet loss rate is low, or the time delay is low, or the bandwidth is high, or the QoS index is high, or the retransmission mechanism is provided, or the heartbeat detection mechanism is provided, the connection is considered to be reliable (legal), and conversely, the connection is not reliable (illegal).
When the server determines that the virtual connection with the client is reliable, then the virtual connection is converted to an actual connection and this connection is added to a list of authenticated connections maintained by the server.
It should be noted that, the authentication connection list may also be manually configured by a manager, for example, in a company lan, the manager may manually add connection information of the client to the list, thereby ensuring that the client that does not add to the list cannot connect to the server, and thus ensuring security. Likewise, specified records may also be deleted from the authenticated connection list, thereby rejecting connections for some clients.
108. If the first identity information is legal, a first function is called to rename the first client, and new first identity information is generated;
if the server determines that the communication request sent by the client needs to be authenticated, and the authentication message is legal, the server calls the npl.
109. And responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
When the authentication is passed, the server establishes a dedicated communication channel for the first client by using the new first identity information. And sends a notification of success in establishing communication and performs a communication request by a new name of the first client.
In this embodiment, a communication request sent by a first client is received first, where the first client has first identity information. By invoking the authentication connection list, and identifying whether the first client is located in the authentication connection list based on the first identity information in the communication request. If the communication request is located, the communication request is directly responded, a communication channel with the first client is established, and communication is carried out. If the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request. And judging whether the identity authentication of the first client is required according to the task level of the communication request. If so, acquiring a verification message in the communication request, wherein the verification message is the identity verification data sent by the first client. And judging whether the communication request is legal or not according to the verification message. And if the first identity information is legal, calling a first function to rename the first client, and generating the new first identity information. And responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
When the communication information of the first client is received, whether the first client is authenticated or not is firstly confirmed, and after the first client is not authenticated, a first temporary identity is established for the first client according to the communication request, so that the client can execute the communication request by using the temporary identity under the condition that the client is not authenticated. When the communication request needs identity authentication and authentication is provided, the server renames the first client, establishes a communication channel with the first client based on the new first identity information, and can communicate with the first client through the new first identity information. The method can reduce the difficulty of establishing message communication between the client and the server while reducing authentication tasks.
Referring to fig. 2, the present application provides an embodiment of a message transmission method, including:
201. receiving a communication request sent by a first client, wherein the first client has first identity information;
in this embodiment, step 201 is similar to step 101 of the previous embodiment, and will not be repeated here.
202. Judging whether the second client is matched with the communication request according to the client identity in the authentication connection list;
203. if the first client is not matched with the second client, determining that the first client is an unauthenticated client;
204. if so, determining the first client as an authenticated client;
the server determines whether the first client is an authenticated user based on whether there is renamed sender identity information in the communication request or whether the sender identity information is present in the authenticated connection list or a new client identity.
205. If the communication request is located, directly responding to the communication request, establishing a communication channel with the first client and carrying out communication;
206. if the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request;
207. judging whether the identity of the first client needs to be verified according to the task level of the communication request;
In this embodiment, steps 205 to 207 are similar to steps 103 to 105 of the previous embodiment, and are not repeated here.
208. If not, the first temporary identity is used for executing a communication request for the first client;
in this embodiment, if the communication request itself does not need to invoke and pay for the secret data, the communication request sent from the first client to the server may be completed only according to the existing first temporary identity without further verification.
209. If so, acquiring a verification message in the communication request, wherein the verification message is identification verification data sent by the first client;
210. judging whether the communication request is legal or not according to the verification message;
211. if the user identity is legal, a first function is called to rename the first client, and a new client identity is generated;
212. storing the new client identity in the first identity information to generate new first identity information, and storing the new first identity information in an authentication connection list;
in this embodiment, when the server considers the communication request as legal, an npl.accept (msg.tid, msg.nid) instruction is executed, and the client is innovatively named. The name is written into msg.nid, and new name is mapped onto TCP connection (communication channel) subsequently, at this time, the temporary identity msg.tid is deleted correspondingly, and the memory is increased. The first sender identity information generated by the renaming procedure is stored in the authenticated connection list.
213. Inquiring socket information in the communication request, and traversing the endpoint through the iterator according to error codes received by the socket information;
214. detecting the matching degree of the endpoint set traversed by socket information, and generating a matching result;
215. when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client;
216. when the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client;
in this embodiment, the connection needs to be established by first performing analysis, then connecting, then performing the links of writing and reading, and then stopping ending. The parsing part queries the socket information first, and receives an error code, and if the error code is 0, the iterator traverses each endpoint to attempt to establish a connection. An endpoint is an address to which a port is connected, and different types of sockets have their own socket class.
An error code is then also received at the time of connection, if the error code is 0, the connection is started, otherwise other endpoints will be detected, if no endpoint is connectable, warning is directly prompted, and then the connection is stopped. The matching result in this embodiment is a result of determining whether or not each endpoint can make a connection.
The subsequent reading and writing are functions of reading and writing the server message after connection, respectively, and may be performed in parallel. The final stop is a function of closing the socket after the connection is broken.
When the client-side and the server-side interaction is to be performed, after the connection is established, the interaction is started, then the compression is set, and the active connection is added into the event scheduler.
In this embodiment, using a Dispatcher event Dispatcher, operations such as creating a connection, acquiring NPLConnection through NID, adding NPLConnection, and asynchronous dispatching are performed during event dispatching. Of which the most important is the scheduling of messages by the event scheduler.
The message scheduling part judges three message types firstly, wherein the first message is a message from the bottom layer, the second message is an NPL network message, and the other message is an HTTP message. msg contains the message accepted from the sender plus the source id of the sender. For non-authenticated senders, source ids will be present in msg.tid, which is an automatically generated digital string such as "1". The recipient can always use this temporary id: msg.tid returns a message. If the message is the first message, the event scheduler again judges whether the NPL run time port where the access file is located is exposed, if so, nid or tid is added to establish connection with the thread; if not, reporting error.
217. Mapping the new first identity information onto the communication channel;
in this embodiment, the server uses the sender identity information of the first client in the authentication connection list to map the sender identity information onto the TCP connection, so that the subsequent first client can use the sender identity information to perform verification in information interaction.
In this embodiment, when the server considers the communication request to be legal, and after finding a connectable endpoint, an npl.accept (msg.tid, msg nid) instruction is executed, and the client is innovatively named. The name is written into the msg.nid, and a new name is mapped onto the TCP connection, and the temporary identity msg.tid is deleted correspondingly, so that the memory is increased.
In this embodiment, one role of npl.accept is to distinguish between authenticated and non-authenticated senders, and at the same time, we can reject non-authenticated messages by calling npl.reject (msg.tid) as early as possible to save CPU cycles, i.e. when authentication is not passed or connection cannot be completed, then this function can be used to reject to establish message channels.
218. Receiving a target message sent by a first client through a communication channel, wherein the target message comprises NPL information and sender identity information;
219. Unpacking the target message to recover the NPL message, wherein the NPL message comprises the file name of the target file, and the target file is a file required to be called by the first client;
220. inserting the NPL message into an input message queue of a first thread, wherein the first thread is a thread on a server, and the input message queue is used for managing the NPL message;
221. and executing the NPL message to enable the target file corresponding to the file name to be executed.
In this embodiment, the target file in the present application refers to a file on a remote NPL running environment (server) because of remote scheduling. In order for a file on a server to be accessible to other NPL operating environments (clients), the file must first be added to the common file list of the current NPL environment, which is maintained by the server's scheduler. The addition of a file to a file list may be by means of an npl.addpublic file (Filename, id) function, filename being the file name and id being the number of the file. Such as:
- > npl.addpublicfile ("script/test. Lua", 1) means adding a test. Lua file to the public file list, and the number is set to 1.
The client can access the file name of the target file through the public file list, and after the client acquires the file name of the target file, the client uses the name to construct an NPL message.
In this embodiment, before the client sends the NPL message to the server via the TCP connection, the message needs to be TCP encapsulated, and the header of the TCP and other TCP protocol fields are added. Therefore, the client needs to perform TCP encapsulation on the constructed NPL message to obtain the target message.
The server can receive the target message sent by the client through the TCP connection, wherein the target message comprises NPL information and sender identity information. After receiving the target message, the server needs to unpack the target message before recovering the NPL message because the target message is a message encapsulated by TCP.
The server inserts the recovered NPL message into an input message queue of the first thread in which the NPL message waits to be activated and executed. The incoming message queue of a first thread manages the NPL message queue that the thread needs to process, the earlier messages will be processed.
And the server fetches and processes the messages in the input message queue according to the queue order, and when the messages are executed to the NPL, the server executes the target file, so that the remote scheduling of the client to the target file on the server is realized.
When it is detected that the communication request involves a task requiring authentication, the server needs to acquire sender identity information from the communication request, where the sender identity information is a unique identity of the client, and the sender identity information may be denoted as msg.
For example: when the client generates a communication request msg, the client needs to establish a TCP connection with the server, specifically, the client needs to send the communication request to the server, where the request carries the NPL identifier of the client, that is, the msg.nid of the client.
One server-side NPL runtime environment may need to interact with more than one client-side NPL runtime environment, which in turn involves management of the client's NPL identifier by the server-side NPL runtime environment.
In order to solve the above problem, an authentication connection list may be maintained in the server, where the authentication connection list is used to manage a list of clients allowed to make TCP connection with the server, each record in the list may be a key value pair from the server TCP connection to the client msg.nid, after receiving a TCP connection request sent by the client, the server matches the client msg.nid in the authentication connection list according to the request, if the matching is successful, it indicates that the client exists in the authentication connection list of the server, at this time, a TCP connection between the client and the server may be established, and if the matching is failed, it indicates that the client does not exist in the authentication connection list of the server, at this time, it needs to be further determined whether the connection needs to be established.
In this embodiment, msg contains the message accepted from the sender plus the sender's source id. For non-authenticated senders, source ids will be present in msg.tid, which is an automatically generated digital string such as "1". The recipient can always use this temporary id: msg.tid returns a message.
The recipient can also rename this temporary msg.id by calling npl.accept (msg.tid, nid_name), so if the next time the recipient gets a message from the same sender (e.g. the same TCP connection), msg.nid will contain the last assigned name while msg.tid is no longer present. We typically use npl.accept to distinguish between authenticated and non-authenticated senders and save CPU cycles by invoking npl.reject (msg.tid) to reject non-authenticated messages as early as possible.
Either msg.tid or msg.nid is often connected to a single lower-level TCP connection, so their names are shared to the neuron files in all processes. For example: you have received in one neuron file, all other neuron files have received the form msg.
For security reasons, all neuron files may be activated by other files in the same process. This includes scripts in other threads of the same process.
To expose the script to the remote computer, there are two things to do: the first is to turn on the NPL server by listening to an IP address and port, and the second is to tell the NPL that the file given by the run time is a common neuron file, using the TCP protocol for all dialogs. For example:
NPL.StartNetServer("0.0.0.0",8080);
NPL.AddPublicFile(filename,id);
where "0.0.0.0" represents all IP addresses, "127.0.0.1", "localhost" or any other IP address may be used; "8080" is a port number. You want to use it. The npl.addpublicfile second parameter is an integer, which is transmitted on behalf of the long filename save bandwidth. It must be unique if you add multiple public files.
Note that in this embodiment, the name of the file must correspond to the working directory, for example: npl.addpublicfile ("script/test/test.lua", 1). The absolute path is not supported at that time.
In this embodiment, a communication request sent by a first client is received first, where the first client has first identity information. And judging whether the second client is matched with the communication request according to the client identity in the authentication connection list. If the first client is not matched, the first client is determined to be an unauthenticated client. If so, the first client is determined to be an authenticated client. If the communication request is located, the communication request is directly responded, a communication channel with the first client is established, and communication is carried out. If the first temporary identity is not located, a first temporary identity is established for the first client according to the communication request. And judging whether the identity authentication of the first client is required according to the task level of the communication request. And if not, executing the communication request for the first client by using the first temporary identity. If so, acquiring a verification message in the communication request, wherein the verification message is the identity verification data sent by the first client. And judging whether the communication request is legal or not according to the verification message. If the first identity information is legal, a first function is called to rename the first client to generate a new client identity, the new client identity is stored in the first identity information to generate the new first identity information, and the new first identity information is stored in the authentication connection list. Inquiring socket information in the communication request, and traversing the endpoint through the iterator according to error codes received by the socket information. And detecting the matching degree of the endpoint set traversed by the socket information, and generating a matching result. And when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client. When the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client. The new first identity information is mapped onto the communication channel.
And receiving a target message sent by the first client through a communication channel, wherein the target message comprises NPL information and sender identity information. Unpacking the target message to recover the NPL message, wherein the NPL message comprises the file name of the target file, and the target file is the file required to be called by the first client. The NPL message is inserted into an input message queue of a first thread, the first thread being a thread on a server, the input message queue being used to manage the NPL message. And executing the NPL message to enable the target file corresponding to the file name to be executed.
When the communication information of the first client is received, whether the first client is authenticated or not is firstly confirmed, and after the first client is not authenticated, a first temporary identity is established for the first client according to the communication request, so that the client can execute the communication request by using the temporary identity under the condition that the client is not authenticated. When the communication request needs identity authentication and authentication is provided, the server renames the first client, establishes a communication channel with the first client based on the new first identity information, and can communicate with the first client through the new first identity information. The method can reduce the difficulty of establishing message communication between the client and the server while reducing authentication tasks.
In this embodiment, the first temporary identity is established for the first client when the communication request of the first client is received, so that the client can also use the temporary identity to perform the execution of the communication request under the condition that the client is not authenticated. When the communication request needs identity authentication and authentication is provided, the server can rename the first client, and if the subsequent first client needs to perform tasks, the server can interact with the first client through the first sender identity information. The method can reduce the authentication task and simultaneously reduce the circulation of the CPU in NPL message transmission.
Secondly, by designing the message structure of the temporary identity identifier msg.tid and the sender identity information msg.nid, the verification process of establishing message communication is simplified, and the judgment and transmission interface of the message communication are agreed through three functions of NPL.accept ()/NPL.reject ()/NPL.activate (); therefore, the difficulty in establishing message communication between the client and the server is greatly reduced.
Referring to fig. 3, the present application provides an embodiment of a message transmission apparatus, including:
a first receiving unit 301, configured to receive a communication request sent by a first client, where the first client has first identity information;
A first judging unit 302, configured to invoke the authentication connection list, and identify, according to the first identity information, whether the first client is located in the authentication connection list;
a first establishing unit 303, configured to directly respond to the communication request when the first judging unit determines that the first client is located in the authentication connection list, establish a communication channel with the first client, and perform communication;
a second establishing unit 304, configured to establish a first temporary identity for the first client according to the communication request when the first judging unit determines that the first client is not located in the authentication connection list;
a second judging unit 305, configured to judge whether authentication is required for the first client according to the task level of the communication request;
an obtaining unit 306, configured to obtain a verification message in the communication request when the second judging unit determines that identity verification needs to be performed on the first client, where the verification message is sent identity verification data of the first client;
a third judging unit 307 for judging whether the communication request is legal or not according to the verification message;
a generating unit 308, configured to invoke a first function to rename the first client to generate new first identity information when the third judging unit determines that the communication request is legal;
A third establishing unit 309 is configured to establish a communication channel with the first client based on the new first identity information in response to the communication request, and perform communication.
Referring to fig. 4, the present application provides an embodiment of a message transmission apparatus, including:
a first receiving unit 401, configured to receive a communication request sent by a first client, where the first client has first identity information;
a first judging unit 402, configured to invoke the authentication connection list, and identify, according to the first identity information, whether the first client is located in the authentication connection list;
optionally, the first determining unit 402 includes
Judging whether the second client is matched with the communication request according to the client identity in the authentication connection list;
if the first client is not matched with the second client, determining that the first client is an unauthenticated client;
if so, the first client is determined to be an authenticated client.
A first establishing unit 403, configured to directly respond to the communication request when the first judging unit 402 determines that the first client is in the authentication connection list, establish a communication channel with the first client, and perform communication;
a second establishing unit 404, configured to establish a first temporary identity for the first client according to the communication request when the first judging unit 402 determines that the first client is not located in the authentication connection list;
A second judging unit 405, configured to judge whether authentication is required for the first client according to the task level of the communication request;
a second execution unit 406, configured to execute, when the second determination unit 405 determines that authentication of the first client is not required, a communication request for the first client using the first temporary identity;
an obtaining unit 407, configured to obtain, when the second judging unit 405 determines that identity authentication is required for the first client, an authentication message in the communication request, where the authentication message is sent identity authentication data of the first client;
a third judging unit 408, configured to judge whether the communication request is legal according to the verification message;
a generating unit 409, configured to invoke a first function to rename the first client to generate new first identity information when the third judging unit 408 determines that the communication request is legal;
optionally, the generating unit 409 includes:
calling a first function to rename a first client to generate a new client identity;
and storing the new client identity in the first identity information to generate new first identity information, and storing the new first identity information in the authentication connection list.
A third establishing unit 410, configured to establish a communication channel with the first client based on the new first identity information in response to the communication request, and perform communication;
optionally, the third establishing unit 410 includes:
a response module 4101, configured to establish a communication channel for the first client in response to the communication request;
optionally, the communication request further includes socket information;
the response module 4101 includes:
inquiring socket information in the communication request, and traversing the endpoint through the iterator according to error codes received by the socket information;
detecting the matching degree of the endpoint set traversed by socket information, and generating a matching result;
when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client;
when the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client.
A mapping module 4102 for mapping the new first identity information onto the communication channel.
A second receiving unit 411, configured to receive, through a communication channel, a target message sent by the first client, where the target message includes NPL information and sender identity information;
Unpacking unit 412, configured to unpack the target message, recover the NPL message, where the NPL message includes a file name of the target file, and the target file is a file that needs to be called by the first client;
an inserting unit 413, configured to insert the NPL message into an input message queue of a first thread, where the first thread is a thread on a server, and the input message queue is used to manage the NPL message;
the first execution unit 414 is configured to execute the NPL message, so that the target file corresponding to the file name is executed.
The present application also provides a message transmission system, referring to fig. 5, fig. 5 is an embodiment of a thread scheduling device of a remote NPL operating environment provided by the present application, where the device includes:
a processor 501, a memory 502, an input/output unit 503, and a bus 504;
the processor 501 is connected to the memory 502, the input/output unit 503, and the bus 504;
the memory 502 holds a program, and the processor 501 calls the program to execute any one of the message transmission methods described above.
The application also relates to a computer readable storage medium having a program stored thereon, characterized in that the program, when run on a computer, causes the computer to perform any of the message transmission methods as described above.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.
In the several embodiments provided in the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (RAM, random access memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Claims (10)
1. A method of message transmission, comprising:
receiving a communication request sent by a first client, wherein the first client has first identity information;
invoking an authentication connection list, and identifying whether the first client is positioned in the authentication connection list according to the first identity information;
if the communication request is located, directly responding to the communication request, establishing a communication channel with the first client and carrying out communication;
if not, a first temporary identity is established for the first client according to the communication request;
judging whether the identity verification of the first client is required according to the task level of the communication request;
if so, acquiring verification information in the communication request, wherein the verification information is identification verification data sent by the first client;
judging whether the communication request is legal or not according to the verification message;
if the first identity information is legal, a first function is called to rename the first client, and new first identity information is generated;
and responding to the communication request, establishing a communication channel with the first client based on the new first identity information, and communicating.
2. The message transmission method of claim 1, wherein invoking a first function renames the first client to generate new first identity information comprises:
calling a first function to rename the first client to generate a new client identity;
and storing the new client identity in the first identity information to generate new first identity information, and storing the new first identity information in an authentication connection list.
3. The message transmission method according to claim 1, wherein the establishing a communication channel with the first client based on the new first identity information and communicating in response to the communication request includes:
responding to the communication request, and establishing a communication channel for the first client;
new first identity information is mapped onto the communication channel.
4. A message transmission method according to claim 3, wherein invoking an authentication connection list, identifying whether the first client is located in the authentication connection list based on the first identity information comprises
Judging whether the second client is matched with the communication request according to the client identity in the authentication connection list;
If the first client is not matched with the second client, determining that the first client is an unauthenticated client;
and if so, determining the first client as an authenticated client.
5. A message transmission method according to claim 3, characterized in that after mapping new first identity information onto the communication channel, the message transmission method further comprises:
receiving a target message sent by the first client through the communication channel, wherein the target message comprises NPL information and sender identity information;
unpacking the target message to recover an NPL message, wherein the NPL message comprises the file name of a target file, and the target file is a file to be called by the first client;
inserting the NPL message into an input message queue of a first thread, wherein the first thread is a thread on a server, and the input message queue is used for managing the NPL message;
and executing the NPL message to enable the target file corresponding to the file name to be executed.
6. A message transmission method according to claim 3, wherein the communication request further contains socket information;
responding to the communication request, establishing a communication channel for the first client, including:
Inquiring socket information in the communication request, and traversing an endpoint through an iterator according to an error code received by the socket information;
detecting the matching degree of the endpoint set traversed by the socket information, and generating a matching result;
when the matching result shows that the endpoint sets cannot be connected, sending a connection failure notification to the first client;
when the matching result shows that the endpoint set has connectable endpoints, a communication channel is established between the connectable endpoints and the first client, and then a connection success notification is sent to the first client.
7. The message transmission method according to any one of claims 1 to 6, characterized in that after judging whether authentication of the first client is required or not according to the task level of the communication request, the message transmission method further comprises:
and if not, executing the communication request for the first client by using the first temporary identity.
8. A message transmission apparatus, the message transmission apparatus comprising:
the first receiving unit is used for receiving a communication request sent by a first client, and the first client is provided with first identity information;
The first judging unit is used for calling an authentication connection list and identifying whether the first client is positioned in the authentication connection list according to the first identity information;
the first establishing unit is used for directly responding to the communication request and establishing a communication channel with the first client and carrying out communication when the first judging unit determines that the first client is positioned in the authentication connection list;
the second establishing unit is used for establishing a first temporary identity for the first client according to the communication request when the first judging unit determines that the first client is not located in the authentication connection list;
the second judging unit is used for judging whether the first client needs to be subjected to identity verification according to the task level of the communication request;
the second judging unit is used for judging whether the first client needs to be authenticated or not according to the authentication information sent by the first client;
a third judging unit, configured to judge whether the communication request is legal according to the verification message;
the generation unit is used for calling a first function to rename the first client when the third judging unit determines that the communication request is legal, and generating new first identity information;
And the third establishing unit is used for responding to the communication request, establishing a communication channel with the first client based on the new first identity information and carrying out communication.
9. A message transmission system, the apparatus comprising:
a processor, a memory, an input-output unit, and a bus;
the processor is connected with the memory, the input/output unit and the bus;
the memory holds a program that the processor invokes to execute the message transmission method according to any one of claims 1 to 7.
10. A computer-readable storage medium having stored thereon a program which, when executed on a computer, performs the message transmission method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310716408.8A CN116743463A (en) | 2023-06-15 | 2023-06-15 | Message transmission method, device, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310716408.8A CN116743463A (en) | 2023-06-15 | 2023-06-15 | Message transmission method, device, system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116743463A true CN116743463A (en) | 2023-09-12 |
Family
ID=87918184
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310716408.8A Pending CN116743463A (en) | 2023-06-15 | 2023-06-15 | Message transmission method, device, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116743463A (en) |
-
2023
- 2023-06-15 CN CN202310716408.8A patent/CN116743463A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11425047B2 (en) | Traffic analysis method, common service traffic attribution method, and corresponding computer system | |
| CN109450948B (en) | Data transmission method and device | |
| EP3211852A1 (en) | Ssh protocol-based session parsing method and system | |
| US20110060902A1 (en) | Vpn connection system and vpn connection method | |
| CN104717647B (en) | Professional ability method for authenticating, equipment and system | |
| CN109548022B (en) | Method for mobile terminal user to remotely access local network | |
| CN113360301B (en) | Message transmission system and method | |
| CN110213284A (en) | Detection method, system and the relevant apparatus of SSH server weak passwurd loophole | |
| CN111147196A (en) | Data transmission method, data sending device and data receiving device | |
| CN110602130B (en) | Terminal authentication system and method, equipment terminal and authentication server | |
| CN111327588A (en) | Network access security detection method, system, terminal and readable storage medium | |
| KR20120049194A (en) | Reducing unwanted and unsolicited electronic messages | |
| CN117527338A (en) | Bidirectional identity enhanced identification method and system in Internet of things application | |
| JP2022007690A (en) | Network service system, network management method and computer program | |
| CN116743463A (en) | Message transmission method, device, system and storage medium | |
| CN110022332B (en) | Hypertext transfer security protocol proxy method, device, equipment and medium | |
| CN107995184B (en) | Connector and communication method using same | |
| CN113794620B (en) | Message sending method, device, equipment, system and storage medium | |
| CN111711996B (en) | Method and device for stable transmission of TCP communication | |
| CN115361455A (en) | Data transmission and storage method and device and computer equipment | |
| CN113032123B (en) | Thread scheduling method, system and related device of remote NPL running environment | |
| CN114979259A (en) | Message queue agent device | |
| WO2004036360A2 (en) | Client-side ssl connection completion through secure proxy server | |
| CN110008032B (en) | Communication mode realization method and electronic equipment | |
| WO2018133551A1 (en) | Communication number verification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |