CN117354010B - Authentication method, system and storage medium - Google Patents

Authentication method, system and storage medium Download PDF

Info

Publication number
CN117354010B
CN117354010B CN202311312376.1A CN202311312376A CN117354010B CN 117354010 B CN117354010 B CN 117354010B CN 202311312376 A CN202311312376 A CN 202311312376A CN 117354010 B CN117354010 B CN 117354010B
Authority
CN
China
Prior art keywords
mode
authentication
operation mode
preset
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311312376.1A
Other languages
Chinese (zh)
Other versions
CN117354010A (en
Inventor
李连万
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianyi Digital Life Technology Co Ltd
Original Assignee
Tianyi Digital Life Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianyi Digital Life Technology Co Ltd filed Critical Tianyi Digital Life Technology Co Ltd
Priority to CN202311312376.1A priority Critical patent/CN117354010B/en
Publication of CN117354010A publication Critical patent/CN117354010A/en
Application granted granted Critical
Publication of CN117354010B publication Critical patent/CN117354010B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an authentication and authorization method, an authentication and authorization system and a storage medium, which are applied to the technical field of Internet application development, and can effectively improve the processing capacity of authentication and authorization under a high concurrency scene, relieve the problem of abnormal response and improve the stability and reliability of authentication and authorization. The method comprises the following steps: acquiring an authentication request; determining health grade data of the corresponding client according to the authentication request; when the health grade data meets the first grade condition, determining a first operation mode according to a first configuration file; when the operation state of the first operation mode is determined to not meet the preset operation condition, performing operation mode switching to obtain a second operation mode; and carrying out authentication through the second operation mode to obtain authentication information, and returning to the client.

Description

Authentication method, system and storage medium
Technical Field
The present invention relates to the field of internet application development technologies, and in particular, to an authentication method, an authentication system, and a storage medium.
Background
In recent years, with the rapid expansion of internet services and the rapid development of internet application development, the concurrency of authentication and authorization of a service system is also increasing continuously. In the related technology, a database cache adding mode is generally adopted, and under the conditions of rapid increase of user quantity and high platform pressure, the conditions of platform collapse and data return delay exist, and the problems of user login failure, response overtime and the like are easy to occur. In addition, because the user authentication requirements of each system for complex services are not uniform, the service platform needs to adapt to authentication under different modes. Therefore, the above technical problems need to be solved.
Disclosure of Invention
In order to solve at least one of the above technical problems, the present invention provides an authentication method, an authentication system and a storage medium, which can effectively improve the processing capability of authentication under a high concurrence scenario, alleviate the problem of abnormal response, and improve the stability and reliability of authentication.
In one aspect, an embodiment of the present invention provides an authentication method, including the following steps:
acquiring an authentication request;
Determining health grade data of the corresponding client according to the authentication request;
When the health grade data meets the first grade condition, determining a first operation mode according to a first configuration file;
When the operation state of the first operation mode is determined to not meet the preset operation condition, performing operation mode switching to obtain a second operation mode;
And carrying out authentication through the second operation mode to obtain authentication information, and returning to the client.
According to some embodiments of the invention, when determining that the health level data meets a first level condition, determining a first operation mode according to a first configuration file includes:
When the health grade data is determined to be zero, a first operation mode is determined according to the first configuration file; the first operation mode comprises a double-pass mode, a MySQL mode, a Redis mode and a straight-through mode.
According to some embodiments of the invention, the method further comprises:
When the health grade data is determined to meet the second grade condition, acquiring the authentication information according to the local cache information, and subtracting one operation from the health grade data; wherein the second level condition includes the health level data being non-zero.
According to some embodiments of the present invention, when it is determined that the operation state of the first operation mode does not meet the preset operation condition, performing operation mode switching to obtain a second operation mode, including:
Acquiring a request response state in the first operation mode;
and when the request response state is determined to reach a preset response threshold, switching the first operation mode to the second operation mode.
According to some embodiments of the invention, the second mode of operation includes MySQL mode, redis mode, dual pass mode, or pass-through mode;
when the request response state is determined to reach a preset response threshold, switching the first operation mode to the second operation mode includes:
When the first operation mode is the double-pass mode, determining that the MySQL database is down, and switching the operation mode from the double-pass mode to the Redis mode;
Or when the first operation mode is the double-pass mode, determining that the Redis database is down, and switching the operation mode from the double-pass mode to the MySQL mode;
Or when the MySQL database and the Redis database are determined to be down, switching the operation mode to the direct mode;
Or when the MySQL database and the Redis database are determined to be not down, switching the operation mode to the double-pass mode.
According to some embodiments of the invention, the performing authentication through the second operation mode, obtaining authentication information, and returning the client side includes:
When the second operation mode is the double-pass mode, processing is carried out according to a first activation state of a preset user and the IP information of the authentication request, and a user access token is generated; constructing a first character string with a preset format according to the user access token, and returning to the client; the first activation state comprises an activation state of the preset user in the Redis database and an activation state of the preset user in the MySQL database;
or when the second operation mode is the MySQL mode, processing according to a second activation state of a preset user and the IP information of the authentication request to generate the user access token; constructing a second character string with a preset format according to the user access token, and returning to the client; the second activation state comprises an activation state of the preset user in the MySQL database;
Or when the second operation mode is the Redis mode, processing according to a third activation state of a preset user and the IP information of the authentication request to generate the user access token; constructing a third character string with a preset format according to the user access token, and returning to the client; wherein the third activation state comprises an activation state of the preset user in the Redis database;
Or when the second operation mode is the through mode, configuring the authentication information in a second configuration file, and returning to the client.
According to some embodiments of the invention, after performing the step of obtaining an authentication request, the method further comprises:
Decrypting the parameters according to the authentication request to obtain request parameters;
and carrying out preset parameter verification according to the request parameters to obtain a verification result.
On the other hand, the embodiment of the invention also provides an authentication and authorization system, which comprises:
the first module is used for acquiring an authentication request;
the second module is used for determining the health grade data of the corresponding client according to the authentication request;
A third module, configured to determine a first operation mode according to a first configuration file when it is determined that the health level data meets a first level condition;
A fourth module, configured to switch an operation mode when it is determined that the operation state of the first operation mode does not meet a preset operation condition, so as to obtain a second operation mode;
and a fifth module, configured to perform authentication through the second operation mode, obtain authentication information, and return to the client.
On the other hand, the embodiment of the invention also provides an authentication and authorization system, which comprises:
at least one processor;
at least one memory for storing at least one program;
the at least one program, when executed by the at least one processor, causes the at least one processor to implement the authentication method as described in the above embodiments.
In another aspect, an embodiment of the present invention further provides a computer storage medium, in which a program executable by a processor is stored, where the program executable by the processor is used to implement the authentication method according to the above embodiment.
The authentication method, the authentication system and the storage medium have the following advantages: the embodiment of the invention firstly acquires the authentication request to determine the health grade data of the corresponding client according to the authentication request, thereby judging whether the health grade data meets the first grade condition. When the health grade data meets the first grade condition, the embodiment of the invention determines a first operation mode according to the first configuration file. It is easy to understand that the embodiment of the invention can be used for relieving the authentication pressure caused by the large inrush of the authentication and authorization request by determining the corresponding operation mode through the health grade data of the corresponding client. Then, when the running state of the first running mode is determined not to meet the preset running condition, the running mode is switched to obtain a second running mode. Further, the embodiment of the invention performs authentication through the second operation mode to obtain authentication information and returns the authentication information to the corresponding client, thereby realizing authentication. It is easy to understand that the method and the device can effectively improve the processing capacity of authentication and authorization in a high concurrency scene, alleviate the problem of abnormal response and improve the stability and reliability of authentication and authorization by combining the health grade data and the operation mode switching of the corresponding client.
Drawings
FIG. 1 is a flowchart of an authentication method provided by an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a first operation mode according to a first configuration file when it is determined that the health level data satisfies a first level condition according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of the health level data meeting the second level condition according to the embodiment of the present invention;
FIG. 4 is a schematic flow chart of an embodiment of the present invention when it is determined that the operation state of the first operation mode does not meet the preset operation condition, and the operation mode is switched to obtain a second operation mode;
fig. 5 is a schematic flow chart of checking preset parameters of an authentication request according to an embodiment of the present invention;
FIG. 6 is a timing diagram of authentication provided by an embodiment of the present invention;
Fig. 7 is a schematic diagram of an overall authentication and authorization flow provided in an embodiment of the present invention;
FIG. 8 is a flowchart illustrating steps of authentication details according to an embodiment of the present invention;
fig. 9 is a schematic diagram of an authentication system according to an embodiment of the present invention;
fig. 10 is a schematic block diagram of an authentication and authorization system according to an embodiment of the present invention.
Detailed Description
The embodiments described herein should not be construed as limiting the application, and all other embodiments, which may be made by those of ordinary skill in the art without the benefit of the present disclosure, are intended to be within the scope of the present application.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is to be understood that "some embodiments" can be the same subset or different subsets of all possible embodiments and can be combined with one another without conflict.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of the application only and is not intended to be limiting of the application.
Before describing embodiments of the present application, related terms referred to in the present application will be first described.
MySQL mode: refers to a security mechanism used by MySQL database servers to verify user identity and authorize access. MySQL provides a variety of authentication modes including native authentication, SHA256 password authentication, cached SHA2 password authentication, etc. These modes determine how the user is authenticated and authorized for access and can be configured and altered according to security requirements.
Redis mode: refers to a mode of authentication and rights control when using the Redis database. In this mode, the user needs to provide valid identity credentials (e.g., a user name and password) to verify his identity. Once authentication is successful, the user may perform a corresponding operation, such as reading, writing or deleting data, depending on his permission level. This mode may help protect the Redis database from unauthorized access and potential security threats.
Through mode: when identity authentication and authority authentication are carried out, a user can directly communicate with an authentication and authorization system to finish the authentication and authorization process without other middleware or services. In the pass-through mode, the user can directly send a request to the authentication and authorization system and receive a response to complete the operations of identity verification and authority control. This mode is typically used in scenarios requiring real-time authentication and authorization of a user, such as website login, API access control, and the like.
In recent years, with the rapid expansion of internet services and the rapid development of internet application development, the concurrency of authentication and authorization of a service system is also increasing continuously. In the related technology, a database cache adding mode is generally adopted, and under the conditions of rapid increase of user quantity and high platform pressure, the conditions of platform collapse and data return delay exist, and the problems of user login failure, response overtime and the like are easy to occur. In addition, because the user authentication requirements of each system for complex services are not uniform, the service platform needs to adapt to authentication under different modes. Therefore, the above technical problems need to be solved.
An embodiment of the invention provides an authentication method, an authentication system and a storage medium, which can effectively improve the processing capacity of authentication under a high concurrency scene, relieve the problem of abnormal response and improve the stability and reliability of authentication. Referring to fig. 1, the method of the embodiment of the present invention includes, but is not limited to, step S110, step S120, step S130, step S140, and step S150.
Specifically, the method application process of the embodiment of the invention includes, but is not limited to, the following steps:
S110: an authentication request is obtained.
S120: and determining the health grade data of the corresponding client according to the authentication request.
S130: and when the health grade data meets the first grade condition, determining a first operation mode according to the first configuration file.
S140: and when the operation state of the first operation mode is determined not to meet the preset operation condition, performing operation mode switching to obtain a second operation mode.
S150: and carrying out authentication through the second operation mode to obtain authentication information, and returning to the client.
In the working process of the specific embodiment, the embodiment of the invention firstly obtains the authentication request. In the embodiment of the invention, the authentication request refers to that the client sends a request for verifying the identity and authority of the client to the corresponding server, so as to protect network resources from unauthorized access. Then, the embodiment of the invention determines the health grade data of the corresponding client according to the received authentication request. Specifically, the health grade data in the embodiment of the invention refers to the health state of the corresponding client, so that the authentication information is obtained through the corresponding health grade data. The method for determining the health grade data of the client through the acquired authentication request in the embodiment of the invention can be determined through corresponding data information carried in the authentication request, or the health grade data can be confirmed according to the times, the frequency and the like of initiating the authentication request by the corresponding client. Further, the embodiment of the invention judges whether the health grade data of the client meets the first grade condition. When the health grade data meets the first grade condition, the embodiment of the invention determines a first operation mode according to the first configuration file. Specifically, in the embodiment of the present invention, the first configuration file refers to a file for storing system configuration information, and includes parameters and options for specifying system mode behaviors. When the health grade data meets the first grade condition, the embodiment of the invention determines the current running mode, namely the first running mode by reading the first configuration file. And then, when the running state of the first running mode is determined not to meet the preset running condition, the running mode is switched to obtain a second running mode, authentication is further carried out through the second running mode to obtain corresponding authentication information, and the obtained authentication information is returned to the client corresponding to the value to complete the authentication process. Specifically, in the operation process of the first operation mode, the embodiment of the invention monitors the operation state of the platform end or the system in the corresponding operation mode to judge whether the operation mode is required to be switched. Correspondingly, when the running state of the first running mode is determined not to meet the preset running condition, such as overtime of the first running mode response or downtime of a corresponding database and a server, the embodiment of the invention switches the running mode and switches the first running mode to the second running mode, so that the request of a corresponding client under the high concurrency condition can be met while the stability of the system is maintained in a multi-mode switching mode. It is easy to understand that when the health grade data meets the first grade condition, the embodiment of the invention improves the processing capability of the system in a high concurrency scene by requesting authentication information from the platform end, and avoids the problem of untimely response or no response caused by concurrency bottleneck. Meanwhile, the embodiment of the invention can effectively improve the processing capacity of an interface layer by a multi-mode switching mode, improve the processing capacity of authentication under a high concurrency scene, prevent the problems of slow platform processing, overtime response and the like caused by a large number of request rushes, relieve the problem of abnormal response and improve the stability and reliability of authentication.
Referring to fig. 2 in conjunction with fig. 1, in some embodiments of the invention, when it is determined that the health level data meets a first level condition, a first mode of operation is determined from a first profile, including, but not limited to, the steps of:
S210: when the health level data is determined to be zero, a first operation mode is determined according to the first configuration file. The first operation mode comprises a double-pass mode, a MySQL mode, a Redis mode and a straight-through mode.
In this embodiment, the health grade data is divided into several grades, such as 0-7. In the embodiment of the invention, the authentication and authorization modes adopted when the client is in different health grade data are different. Specifically, when the health grade data of the corresponding client is zero, the embodiment of the invention performs authentication by requesting authentication information from the platform, namely, determines a corresponding first operation mode according to the first configuration file so as to perform a subsequent authentication process. Accordingly, in the embodiment of the present invention, the first operation mode includes a dual-pass mode, a MySQL mode, a Redis mode, and a pass-through mode. In the embodiment of the invention, the dual-pass mode refers to authentication and authorization by using two modes of MySQL and Redis simultaneously. It should be noted that, in general, the embodiment of the present invention sends the authentication request to MySQL and Redis databases for processing, and determines and responds according to the result, so as to improve the stability and performance of the system. It is easy to understand that, because Redis has fast read-write capability and MySQL database has persistent data capability, the embodiment of the invention can respond to the request of the client in time under the condition of high concurrency by combining the two modes. In addition, in the embodiment of the invention, the MySQL mode refers to a mode of authentication and authorization through a MySQL database, and the Redis mode refers to a mode of authentication and authorization through a Redis database. Accordingly, in the embodiment of the present invention, the pass-through mode refers to a mode of configuring authentication information in a configuration file and directly returning the authentication information, and no complex data processing and storage process is required. It should be noted that, when the health level data of the corresponding client is zero, the embodiment of the invention performs authentication by requesting authentication information from the platform, and determines the first operation mode, such as one of a dual-pass mode, a pass-through mode, a MySQL mode and a Redis mode, through the first configuration file. On the contrary, when the health grade data of the corresponding client is determined not to be zero, the embodiment of the invention can carry out authentication through the pre-stored data, thereby effectively improving the stability of an authentication and authorization system by utilizing the mode of combining the health grade data and multi-mode switching, improving the high concurrency performance and relieving the problems of response overtime or slower processing speed caused by a large number of request rushes in.
Referring to fig. 3 in conjunction with fig. 1, in some embodiments of the present invention, the authentication method provided in the embodiments of the present invention further includes, but is not limited to, the following steps:
s310: and when the health grade data meets the second grade condition, acquiring authentication information according to the local cache information, and subtracting the health grade data. Wherein the second level condition includes the health level data being non-zero.
In this embodiment, when the health grade data meets the second grade condition, the embodiment of the present invention obtains corresponding authentication information through the local cache information, and at the same time, the embodiment of the present invention performs a subtracting operation on the corresponding health grade data. Specifically, in the embodiment of the present invention, the second level condition includes that the health level data is not zero, that is, the health level data is greater than zero, and the embodiment of the present invention obtains corresponding authentication information according to the local cache information. The local cache information in the embodiment of the invention refers to the acquired authentication information stored locally by the corresponding client. It is easy to understand that under the high concurrency authentication scene, if the client needs to request authentication information from the platform end each time, the system platform is easily loaded with the problems of overlarge pressure, response delay and the like. According to the embodiment of the invention, after the corresponding authentication information is obtained, the authentication information is stored in the local cache, namely the local cache information is formed, and meanwhile, the embodiment of the invention constructs the corresponding health grade so as to judge whether the authentication information needs to be requested to the platform end according to the corresponding health grade data. When the health grade data meets the second grade condition, namely the health grade data is not zero, the embodiment of the invention performs authentication by using the local cache information to perform verification, thereby reducing the dependence on a platform, relieving the pressure of the platform end and improving the processing capacity of the system. Illustratively, in the embodiment of the present invention, the health level is set to be 0 to 7, and when the client does not initiate the authentication request, the health level data is 7. Correspondingly, when the client initiates an authentication request, the embodiment of the invention performs one-level reduction operation on the corresponding health grade data of the client, namely, one-level reduction is performed, if the current health grade data of the client is 7, and when the client initiates the authentication request, the embodiment of the invention acquires authentication information through the local cache information and performs authentication because the current health grade data is not zero. Meanwhile, the embodiment of the invention subtracts one from the corresponding health grade data of the client, so as to update the corresponding health grade data to be 6. It should be noted that, in the embodiment of the present invention, when the client initiates the authentication request, the corresponding health level data is subtracted by one until the health level data is zero, and the embodiment of the present invention requests the authentication information from the platform. After a new authentication information is requested to be obtained from the platform end, the embodiment of the invention updates the local cache information according to the newly obtained authentication information and resets corresponding health grade data. It is easy to understand that when the authentication and authorization request is suddenly increased, the embodiment of the invention informs the client of preferentially using the local cache information by adjusting the corresponding health grade data until the corresponding health grade data is reduced to zero, and the embodiment of the invention requests the authentication and authorization information from the platform end, thereby effectively improving the processing capacity of the system in a high concurrency scene and alleviating the problem of untimely response or even no response caused by concurrency bottleneck.
Referring to fig. 4, in some embodiments of the present invention, when it is determined that the operation state of the first operation mode does not meet the preset operation condition, the operation mode is switched to obtain the second operation mode, including, but not limited to, the following steps:
S410: a request response state in a first mode of operation is obtained.
S420: and when the request response state is determined to reach the preset response threshold, switching the first operation mode to the second operation mode.
In this embodiment, the embodiment of the present invention first obtains a request response state in a first operation mode, so as to determine whether the corresponding request response state reaches a preset response threshold. When the request response state is determined to reach the preset response threshold, the embodiment of the invention switches the first operation mode to the second operation mode. Specifically, in the embodiment of the present invention, the request response state refers to a response situation to an authentication request initiated by a client in a first operation mode. For example, in a preset duration, the client initiates response states of a plurality of authentication and authorization requests. Then, when the request response state reaches a preset response threshold, the embodiment of the invention switches between the first operation mode and the second operation mode. Illustratively, when it is determined that more than 200 requests are unresponsive within 3 seconds in the first operating mode, embodiments of the present invention switch the first operating mode to the second operating mode. It is easy to understand that in the embodiment of the present invention, by setting the primary and backup environments, that is, the MySQL database and the Redis database, when the request response state of a certain component is detected to reach the preset response threshold, if there are more than a preset number of authentication requests within a preset duration, the embodiment of the present invention determines that the component is down or the request amount is too large. Correspondingly, the embodiment of the invention switches the first operation mode to the second operation mode, so that the first operation mode is switched to the corresponding second operation mode under the condition that the corresponding authentication request is difficult to process in time, the stability of the system is effectively improved, and the requirement of responding to the client request in time under the high concurrency condition is met.
In some embodiments of the present invention, the second operation mode in the embodiments of the present invention includes MySQL mode, redis mode, dual pass mode, or pass-through mode. Accordingly, in the embodiment of the present invention, when it is determined that the request response state reaches the preset response threshold, the first operation mode is switched to the second operation mode, which includes but is not limited to the following steps:
When the first operation mode is a double-pass mode, determining that the MySQL database is down, and switching the operation mode from the double-pass mode to a Redis mode.
Or when the first operation mode is a double-pass mode, determining that the Redis database is down, and switching the operation mode from the double-pass mode to the MySQL mode.
Or when the MySQL database and the Redis database are determined to be down, switching the operation mode to the direct mode.
Or when the MySQL database and the Redis database are determined not to be down, switching the operation mode to the double-pass mode.
In this embodiment, the working states, such as normal operation or downtime, of the MySQL database and the Redis database are determined according to the corresponding request response states, so that the current operation state of the first operation mode is obtained through judgment, and then the operation mode is switched according to the current operation state of the first operation mode, so that the problem of unresponsiveness caused by downtime of part of components is relieved. Specifically, in the embodiment of the present invention, the second operation mode includes one of MySQL mode, redis mode, dual-pass mode, or through mode. In the embodiment of the invention, downtime refers to a state that a MySQL database or a Redis database fails or is abnormal, so that service is provided after normal operation is not possible, and the problems of response stopping, incapability of access, data loss and the like of a system are caused. Correspondingly, when the first operation mode is a double-pass mode and the MySQL database is determined to be down, the embodiment of the invention switches the operation mode from the double-pass mode to the Redis mode. It is easy to understand that when the current running mode is the two-way mode, the embodiment of the invention uses the MySQL database and the Redis database to carry out authentication. Therefore, when determining that the MySQL database is down, the embodiment of the invention switches the first operation mode, namely the two-way mode, to the Redis mode, thereby relieving the problem that the system does not respond. In addition, when the first operation mode is a double-pass mode and the Redis database is determined to be down, the embodiment of the invention switches the corresponding operation mode from the double-pass mode to the MySQL mode. It is easy to understand that, similar to the situation that the MySQL database is down in the two-way mode, when the first operation mode is the two-way mode, the embodiment of the invention switches the operation mode from the two-way mode in the first operation mode to the Redis mode in the second operation mode when the Redis database is down. Further, when determining that both the MySQL database and the Redis database are down, the embodiment of the invention switches the operation mode to the through mode. It is easy to understand that when the MySQL database and the Redis database are down, authentication cannot be performed by requesting authentication information from the MySQL database and the Redis database at the platform end. Therefore, the embodiment of the invention can ensure that the authentication information returns normally when the MySQL database and the Redis database are down under the high concurrency scene by switching the operation mode to the direct mode. Further, when it is determined that the MySQL database and the Redis database are not down, the embodiment of the present invention switches the operation mode to the two-pass mode. It is easy to understand that when the MySQL database and the Redis database can both work normally, if the current operation mode, i.e. the first operation mode is not the two-way mode, the embodiment of the invention switches the corresponding first operation mode to the two-way mode, so that the request of the client can be responded in time under the condition of high concurrency. It should be noted that, in the embodiment of the present invention, the condition that the whole system does not respond due to downtime of a certain component is avoided by using a mode of multi-mode switching. The embodiment of the invention can enable a double-pass mode under normal conditions, namely, the Redis and MySQL databases are used for authentication and authorization. But when the Redis database is down, the embodiment of the invention can automatically switch to a MySQL mode, and the MySQL database is used for authentication. Likewise, when MySQL database is down, embodiments of the invention switch to Redis mode. The embodiment of the invention can not only keep stable operation, but also respond to the request of the client in time under the high concurrency condition by adopting the mode of multi-mode switching.
In some embodiments of the present invention, authentication is performed in the second operation mode to obtain authentication information, and the authentication information is returned to the client, including but not limited to the following steps:
And when the second operation mode is a double-pass mode, processing according to a first activation state of a preset user and IP information of an authentication and authorization request to generate a user access token. And constructing a first character string in a preset format according to the user access token, and returning to the client. The first activation state comprises the activation state of a preset user in a Redis database and the activation state of the preset user in a MySQL database.
Or when the second operation mode is a MySQL mode, processing according to a second activation state of a preset user and IP information of an authentication and authorization request to generate a user access token. And constructing a second character string in a preset format according to the user access token, and returning to the client. The second activation state comprises an activation state of a preset user in the MySQL database.
Or when the second operation mode is a Redis mode, processing according to a third activation state of a preset user and IP information of an authentication and authorization request to generate a user access token. And constructing a third character string in a preset format according to the user access token, and returning to the client. Wherein the third activation state comprises an activation state of a preset user in the Redis database.
Or when the second operation mode is the through mode, configuring the authentication information in the second configuration file, and returning to the client.
In this embodiment, when the second operation mode is the two-way mode, the embodiment of the invention processes according to the first activation state of the preset user and the IP information of the authentication and authorization request to generate the corresponding user access token, further constructs the first character string of the preset format according to the user access token, and returns to the value client to complete the authentication and authorization process. Specifically, in the embodiment of the present invention, the first activation state includes presetting an activation state of a user in a Redis database, and presetting an activation state of a user in a MySQL database. When the second operation mode is the dual-pass mode, the embodiment of the invention firstly judges whether the corresponding user, namely the preset user, is activated in the Redis database, and judges whether the preset user is activated in the MySQL database. Correspondingly, when the corresponding users in the Redis database and the MySQL database are not activated, the embodiment of the invention judges whether the white list request exists in the database, such as judging whether the white list request exists in the MAC address library of the all-in-one machine. If the authentication request does not exist in the MAC address library of the all-in-one machine, the embodiment of the invention acquires the province of the client according to the IP information of the authentication request, judges the province parameter table, further generates a corresponding user token, assembles a JSON string and returns the JSON string to the client. Further, when the second operation mode is MySQL mode, the embodiment of the invention processes according to the second activation state of the preset user and the IP information of the authentication request, generates the user access token, constructs the second character string of the preset format according to the two days of user access, and returns to the client. Specifically, in the embodiment of the present invention, the second activation state includes an activation state of a preset user in the MySQL database. When the second operation mode is MySQL mode, the embodiment of the present invention first determines whether the preset user is activated in the MySQL database. Then, when the preset user is activated, the embodiment of the invention acquires the terminal information from the corresponding database, otherwise, when the preset user is not activated, the embodiment of the invention judges whether the preset user exists in the MAC address library of the all-in-one machine. Then, when the preset user does not have the MAC address library of the all-in-one machine, the embodiment of the invention acquires the current province of the client according to the corresponding request IP information, judges according to the province parameter table to determine whether the user is an automatic activation occasion, and if the user is a non-automatic activation occasion, generates the corresponding user access token, assembles a JSON string and returns to the client to finish the authentication and authorization process.
Further, when the second operation mode is the Redis mode, the embodiment of the invention processes according to the third activation state of the preset user and the IP information of the authentication request to generate the user access token, further constructs a third character string in the preset format according to the user access token, and returns to the client. Specifically, in the embodiment of the present invention, the third activation state includes an activation state of a preset user in the Redis database. Accordingly, the authentication procedure in the Redis mode is similar to that in the MySQL mode. Illustratively, the embodiment of the present invention first determines whether there is activation status information about the preset user in the Redis database to determine whether the preset user is activated. When the preset user is determined to be activated in the Redis database, the embodiment of the invention acquires the terminal information from the corresponding database. On the contrary, when the preset user is not activated in the Redis database, the embodiment of the invention judges whether the preset user exists in the MAC address library of the all-in-one machine. Correspondingly, when the preset user does not have the MAC address library of the all-in-one machine, the embodiment of the invention acquires the current province of the client according to the corresponding request IP information, judges according to the province parameter table to determine whether the occasion is automatic activation or not, and generates the corresponding user access token if the occasion is non-automatic activation, and then assembles a JSON string to return to the client. Further, when the second operation mode is the pass-through mode, the embodiment of the invention configures the authentication information in the second configuration file and returns to the client. Specifically, in the embodiment of the invention, in the through mode, the authentication and authorization information is configured in the second configuration file and is directly returned to the client, so that query and processing of the Redis database or the MySQL database are not needed, authentication and authorization can be realized when both the Redis database and the MySQL database are down, the stability of authentication and authorization is effectively improved, and high concurrent processing performance is improved.
Referring to fig. 5, in some embodiments of the present invention, after performing the step of obtaining the authentication request, the authentication method provided by the embodiment of the present invention further includes, but is not limited to, the following steps:
S510: and decrypting the parameters according to the authentication request to obtain the request parameters.
S520: and carrying out preset parameter verification according to the request parameters to obtain a verification result.
In this embodiment, after obtaining the authentication request, the embodiment of the invention firstly performs parameter decryption according to the authentication request to obtain a corresponding request parameter, and further performs preset parameter verification according to the request parameter to obtain a verification result. In the authentication and authorization process, the embodiment of the invention firstly decodes according to the authentication and authorization request to obtain corresponding request parameters including user identity information, request information and the like. Then, the embodiment of the invention performs preset parameter verification according to the corresponding request parameters. Illustratively, in the embodiment of the present invention, it is first determined whether the corresponding parameters exist, so as to ensure that all necessary parameters have been entered. The embodiment of the invention then verifies the legitimacy of the corresponding parameters to ensure that the parameters conform to the expected format and requirements. Next, the embodiment of the present invention determines whether the request is in the white list, i.e., whether the request is allowed to be accessed. Further, the embodiment of the invention judges whether the request IP is the preset IP or not so as to ensure that the source of the request is credible. Finally, the embodiment of the invention verifies the existence and consistency of the APK version signature so as to ensure that the request comes from a legal client. After the corresponding verification result is consistent, the embodiment of the invention further executes a subsequent authentication and authorization process.
Referring to fig. 6, 7 and 8, fig. 6 is an authentication timing chart provided by an embodiment of the present invention, fig. 7 is an overall authentication flow chart provided by an embodiment of the present invention, and fig. 8 is a detailed authentication flow chart provided by an embodiment of the present invention. In an exemplary authentication application scenario of a mobile terminal, the mobile terminal (client) of the embodiment of the present invention starts up and initiates login, and the client initiates a request to an authentication and authentication plug-in APK through an authentication plug-in, so as to verify whether a user logs in. When the user is not logged in, the embodiment of the invention prompts the user to be not logged in, and when the user is logged in, the embodiment of the invention returns to the login token. In addition, when the user is checked to be logged in, the embodiment of the invention returns corresponding authentication information. Then, the client initiates a request to the authentication login interface through the authentication and authentication plug-in APK, and then returns corresponding authentication and authentication information after authentication and authentication. Correspondingly, after an authentication request is obtained, the embodiment of the invention firstly carries out parameter decryption according to the authentication request, and carries out preset parameter verification according to the obtained request parameters so as to obtain a corresponding verification result. When the verification result is determined to pass, the embodiment of the invention determines the health grade data of the client according to the authentication request. The health level data in the embodiment of the present invention may be divided into several levels, such as 0 to 7 levels. When the health level data is determined to be zero, the embodiment of the invention determines a first operation mode according to the first configuration file, wherein the first operation mode comprises one of a double-pass mode, a MySQL mode, a Redis mode and a straight-through mode. Correspondingly, when the health grade data is not zero, that is, when the health grade data meets the second grade condition, the embodiment of the invention acquires the authentication information according to the local cache information, and performs a subtracting operation on the corresponding health grade data, that is, when the health grade data of the corresponding client is not zero, the embodiment of the invention preferentially uses the locally cached authentication information until the health grade data of the corresponding client is reduced to 0, and then invokes the interface of the platform end to acquire the authentication information, thereby alleviating the problem of sudden pressure increase of the platform end when the authentication request is greatly gushed.
Further, the embodiment of the invention obtains the request response state in the first operation mode to judge whether the operation state in the first operation mode meets the preset operation condition. Correspondingly, when the request response state is determined to reach the preset response threshold value, namely the operation state does not meet the preset operation condition, the embodiment of the invention switches the first operation mode to the second operation mode. For example, when more than 200 authentication requests in the first operation mode do not respond within 3 seconds, the embodiment of the present invention considers that the operation state of the first operation mode does not satisfy the preset operation condition, that is, the request response state reaches the preset response threshold, and switches the first operation mode to the second operation mode. Specifically, when the first operation mode is a dual-pass mode and the MySQL database is determined to be down according to the corresponding request response state, the embodiment of the invention switches the operation mode from the dual-pass mode to the Redis mode. In addition, when the first operation mode is a double-pass mode and the Redis database is determined to be down according to the corresponding request response state, the embodiment of the invention switches the operation mode from the double-pass mode to the MySQL mode. Or when the MySQL database and the Redis database are determined to be down according to the corresponding request response states, the embodiment of the invention switches the operation mode to the through mode. Or when the MySQL database and the Redis database are determined not to be down according to the corresponding request response state, namely the MySQL database and the Redis database are operated normally, the operation mode is switched to the double-pass mode.
Further, the embodiment of the invention performs authentication through the second operation mode to obtain corresponding authentication information, and returns the corresponding authentication information to the client. Specifically, when the second operation mode is a two-way mode, according to a first activation state of a preset user, including the preset activation state of the user in the Redis database, the preset activation state of the user in the MySQL database, and the IP information of the authentication request are processed, a user access token is generated, and then a first character string in a preset format is constructed according to the user access token and returned to the client. Or when the second operation mode is MySQL mode, the embodiment of the invention processes the preset activation state of the user and the IP information of the authentication request in the MySQL database according to the second activation state of the preset user, generates the user access token, thereby constructing a second character string in the preset format according to the user access token, and returns to the client. Or when the second operation mode is a Redis mode, according to the third activation state of the preset user, including the activation state of the preset user in the Redis database and the IP information of the authentication request, processing is performed to generate a user access token, then a third character string in a preset format is constructed according to the user access token, and the third character string is returned to the client. Or when the second operation mode is the through mode, the embodiment of the invention configures the authentication information in the second configuration file and returns the authentication information to the client.
Referring to fig. 9, an embodiment of the present invention further provides an authentication and authorization system, including:
a first module 610 is configured to obtain an authentication request.
A second module 620, configured to determine health level data of the corresponding client according to the authentication request.
A third module 630 is configured to determine a first operation mode according to the first configuration file when it is determined that the health level data meets the first level condition.
And a fourth module 640, configured to switch the operation modes when it is determined that the operation state of the first operation mode does not meet the preset operation condition, so as to obtain the second operation mode.
And a fifth module 650, configured to perform authentication through the second operation mode, obtain authentication information, and return to the client.
The content of the method embodiment of the invention is suitable for the system embodiment, the specific function of the system embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
Referring to fig. 10, an embodiment of the present invention further provides an authentication and authorization system, including:
at least one processor 710.
At least one memory 720 for storing at least one program.
The at least one program, when executed by the at least one processor 710, causes the at least one processor 710 to implement the authentication method as described in the above embodiments.
The content of the method embodiment of the invention is suitable for the system embodiment, the specific function of the system embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
An embodiment of the present invention also provides a computer-readable storage medium storing computer-executable instructions for execution by one or more control processors, for example, performing the authentication method steps described in the above embodiments.
The content of the method embodiment of the invention is suitable for the system embodiment, the specific function of the system embodiment is the same as that of the method embodiment, and the achieved beneficial effects are the same as those of the method.
The terms "first," "second," "third," "fourth," and the like in the description of the application and in the above figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented, for example, in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that in the present application, "at least one (item)" means one or more, and "a plurality" means two or more. "and/or" for describing the association relationship of the association object, the representation may have three relationships, for example, "a and/or B" may represent: only a, only B and both a and B are present, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
In the several embodiments provided in the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
The step numbers in the above method embodiments are set for convenience of illustration, and the order of steps is not limited in any way, and the execution order of the steps in the embodiments may be adaptively adjusted according to the understanding of those skilled in the art.
While the preferred embodiment of the present application has been described in detail, the present application is not limited to the embodiments described above, and various equivalent modifications and substitutions can be made by those skilled in the art without departing from the spirit of the present application, and these equivalent modifications and substitutions are intended to be included in the scope of the present application as defined in the appended claims.

Claims (9)

1. An authentication method, comprising the steps of:
acquiring an authentication request;
Determining health grade data of the corresponding client according to the authentication request;
When the health grade data meets the first grade condition, determining a first operation mode according to a first configuration file;
When the operation state of the first operation mode is determined to not meet the preset operation condition, performing operation mode switching to obtain a second operation mode;
authentication is carried out through the second operation mode, authentication information is obtained, and the client is returned;
Wherein the method further comprises:
When the health grade data is determined to meet the second grade condition, acquiring the authentication information according to the local cache information, and subtracting one operation from the health grade data; wherein the second level condition includes the health level data being non-zero.
2. The authentication method of claim 1, wherein when determining that the health level data satisfies a first level condition, determining a first operation mode according to a first profile comprises:
When the health grade data is determined to be zero, a first operation mode is determined according to the first configuration file; the first operation mode comprises a double-pass mode, a MySQL mode, a Redis mode and a straight-through mode.
3. The authentication method according to claim 1, wherein when it is determined that the operation state of the first operation mode does not meet the preset operation condition, performing operation mode switching to obtain a second operation mode, includes:
Acquiring a request response state in the first operation mode;
and when the request response state is determined to reach a preset response threshold, switching the first operation mode to the second operation mode.
4. A method of authenticating according to claim 3, wherein the second mode of operation comprises MySQL mode, redis mode, dual pass mode or pass-through mode;
when the request response state is determined to reach a preset response threshold, switching the first operation mode to the second operation mode includes:
When the first operation mode is the double-pass mode, determining that the MySQL database is down, and switching the operation mode from the double-pass mode to the Redis mode;
Or when the first operation mode is the double-pass mode, determining that the Redis database is down, and switching the operation mode from the double-pass mode to the MySQL mode;
Or when the MySQL database and the Redis database are determined to be down, switching the operation mode to the direct mode;
Or when the MySQL database and the Redis database are determined to be not down, switching the operation mode to the double-pass mode.
5. The authentication method according to claim 4, wherein said performing authentication in the second operation mode, obtaining authentication information, and returning the authentication information to the client, includes:
When the second operation mode is the double-pass mode, processing is carried out according to a first activation state of a preset user and the IP information of the authentication request, and a user access token is generated; constructing a first character string with a preset format according to the user access token, and returning to the client; the first activation state comprises an activation state of the preset user in the Redis database and an activation state of the preset user in the MySQL database;
or when the second operation mode is the MySQL mode, processing according to a second activation state of a preset user and the IP information of the authentication request to generate the user access token; constructing a second character string with a preset format according to the user access token, and returning to the client; the second activation state comprises an activation state of the preset user in the MySQL database;
Or when the second operation mode is the Redis mode, processing according to a third activation state of a preset user and the IP information of the authentication request to generate the user access token; constructing a third character string with a preset format according to the user access token, and returning to the client; wherein the third activation state comprises an activation state of the preset user in the Redis database;
Or when the second operation mode is the through mode, configuring the authentication information in a second configuration file, and returning to the client.
6. The authentication method according to claim 1, wherein after the step of obtaining the authentication request, the method further comprises:
Decrypting the parameters according to the authentication request to obtain request parameters;
and carrying out preset parameter verification according to the request parameters to obtain a verification result.
7. An authentication and authorization system is disclosed, characterized by comprising the following steps:
the first module is used for acquiring an authentication request;
the second module is used for determining the health grade data of the corresponding client according to the authentication request;
A third module, configured to determine a first operation mode according to a first configuration file when it is determined that the health level data meets a first level condition;
A fourth module, configured to switch an operation mode when it is determined that the operation state of the first operation mode does not meet a preset operation condition, so as to obtain a second operation mode;
A fifth module, configured to perform authentication through the second operation mode, obtain authentication information, and return to the client;
The third module is further configured to obtain the authentication information according to the local cache information when it is determined that the health grade data meets a second grade condition, and perform a subtracting operation on the health grade data; wherein the second level condition includes the health level data being non-zero.
8. An authentication and authorization system is disclosed, characterized by comprising the following steps:
at least one processor;
at least one memory for storing at least one program;
When the at least one program is executed by the at least one processor, the at least one processor is caused to implement the authentication method of any one of claims 1 to 6.
9. A computer storage medium in which a processor-executable program is stored, characterized in that the processor-executable program is for implementing the authentication method according to any one of claims 1 to 6 when being executed by the processor.
CN202311312376.1A 2023-10-10 2023-10-10 Authentication method, system and storage medium Active CN117354010B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311312376.1A CN117354010B (en) 2023-10-10 2023-10-10 Authentication method, system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311312376.1A CN117354010B (en) 2023-10-10 2023-10-10 Authentication method, system and storage medium

Publications (2)

Publication Number Publication Date
CN117354010A CN117354010A (en) 2024-01-05
CN117354010B true CN117354010B (en) 2024-08-13

Family

ID=89370563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311312376.1A Active CN117354010B (en) 2023-10-10 2023-10-10 Authentication method, system and storage medium

Country Status (1)

Country Link
CN (1) CN117354010B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491778A (en) * 2019-09-11 2021-03-12 北京京东尚科信息技术有限公司 Authentication method, device, system and medium

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8935768B1 (en) * 2013-02-21 2015-01-13 Ca, Inc. Controlling client access to email responsive to email class levels
US11822637B2 (en) * 2018-10-18 2023-11-21 Oracle International Corporation Adaptive authentication in spreadsheet interface integrated with web service
CN110569303B (en) * 2019-08-19 2020-12-08 杭州衣科信息技术有限公司 MySQL application layer high-availability system and method suitable for various cloud environments
CN113297562A (en) * 2021-06-18 2021-08-24 北京中祥英科技有限公司 Authentication method, device, system, electronic equipment and storage medium
CN115085999B (en) * 2022-06-09 2024-03-15 北京奇艺世纪科技有限公司 Authentication method, system, computer device and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491778A (en) * 2019-09-11 2021-03-12 北京京东尚科信息技术有限公司 Authentication method, device, system and medium

Also Published As

Publication number Publication date
CN117354010A (en) 2024-01-05

Similar Documents

Publication Publication Date Title
EP3675418B1 (en) Issuance of service configuration file
AU2019246872B2 (en) Tiered connection pooling methods, systems and computer readable storage media
CN103746812B (en) A kind of access authentication method and system
CN111147453A (en) System login method and integrated login system
US11269655B2 (en) Bare metal device management
CN108462687B (en) Anti-swipe login method and device, terminal device and storage medium
CN111526111B (en) Control method, device and equipment for logging in light application and computer storage medium
CN110069909B (en) Method and device for login of third-party system without secret
US9544296B2 (en) Transferring web-application prerequisite files while authentication interface occludes web-application interface
CN110602136B (en) Cluster access method and related product
CN105991614A (en) Open authorization, resource access method and device, and a server
KR20130141939A (en) Security method for single use of device interlocking mobile terminal, and mobile host and device apparatus using the same
CN110826086A (en) Cross-tenant authorization method and device, computer equipment and storage medium
CN111625263A (en) Server component firmware updating method
CN112162825A (en) Equipment configuration method, device, equipment and storage medium
CN107566329A (en) A kind of access control method and device
CN111966422A (en) Localized plug-in service method and device, electronic equipment and storage medium
CN113806720A (en) Software authentication method, system and storage medium supporting offline scene
CN112272093B (en) Token management method, electronic equipment and readable storage medium
US20140007197A1 (en) Delegation within a computing environment
CN117354010B (en) Authentication method, system and storage medium
CN113114464A (en) Unified security management system and identity authentication method
US7350065B2 (en) Method, apparatus and program storage device for providing a remote power reset at a remote server through a network connection
CN107172082B (en) File sharing method and system
WO2022127583A1 (en) Virtual machine control method, cloud management device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant