CN1854965B - Single accessing method of server system - Google Patents
Single accessing method of server system Download PDFInfo
- Publication number
- CN1854965B CN1854965B CN2005100674471A CN200510067447A CN1854965B CN 1854965 B CN1854965 B CN 1854965B CN 2005100674471 A CN2005100674471 A CN 2005100674471A CN 200510067447 A CN200510067447 A CN 200510067447A CN 1854965 B CN1854965 B CN 1854965B
- Authority
- CN
- China
- Prior art keywords
- administration module
- server system
- verify data
- user side
- logining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
A single logging in method of server system includes logging a user end in the first management module through a certification mechanism then sending a certification data to user end by the fist management module and finally logging user end in the second management module by utilizing said certification.
Description
Technical field
The present invention is about a kind of accessing method of server system, and more specifically, about a kind of single accessing method of server system.
Background technology
Reach more and more higher in progress to the degree of dependence of computer system along with science and technology.Therefore, market requires also more and more higher to the arithmetic capability of server, but day by day narrow along with free space, to server occupied office or factory building space, requirement can be more and more littler also.Traditional server has high stability for asking, thus compared to the size of general desktop PC, still go even farther, and in the management and on the spatial configuration, the server line of more deriving out many and the problem of management.With general company, two or three server is only arranged at least, but thousands of server at most.Therefore, use in the management of whole server system and space, more will be along with enterprise highlights day by day to the demand of computing machine.
The general server system is by a main management module, manages for the running of Servers-all in the server system.When system operator is desired in the management server system a certain data in server, at first need ID authentication mechanism by administration module, then just be able to carry out access and management for the data of particular server.In addition, in server system, usually the input media and the display device that only have one group, when the system operator desire is imported or is watched a server specific in the server system, switch between different server by another switching management module, whereby, system operator can be assigned instruction or monitor its state for the particular server in the server system in this group input and display device.And system person also needs the ID authentication mechanism by switching management module, just imports and shows.
Fig. 1 represents the calcspar of a blade type server system 100.(Modular Management Blade MMB) 120 manages a plurality of blade type servers 110 by a blade server administration module.Contain a baseboard management controller (Baseboard ManagementController in the blade server 110, BMC) 112, keyboard and mouse simulator (Keyboard Mouse Emulator, KME) 114, video adapter (Video Graphic Adapter, VGA) 116 with keyboard/screen/mouse switch control circuit (Keyboard Video Mouse, KVM) 118.(Intelligent Platform Management Bus, IPMB) communication protocol passes through I to blade server administration module 120 via Intelligent Platform Management Bus
2C (Inter-Integrated Circuit) interface manages for baseboard management controller 112, with the running of control blade type server 110.
In addition, blade server administration module 120 also is connected with the keyboard/screen/mouse switch control circuit 118 of server 110, by keyboard/screen/mouse switch control circuit 118 supervisory keyboard mouse simulators 114 and video adapter 116.Input and demonstration that keyboard/screen/130 managing blade types of mouse switch module server is 110, also be connected to the keyboard/screen/mouse switch control circuit 118 of blade type server 110, switching, and shown the data of particular blade type server 110 and imported in 110 of different blade type servers.In addition, 130 of blade server administration module 120 and keyboard/screen/mouse switch module are also via Intelligent Platform Management Bus (IPMB) communication protocol, by the 2nd I
2 C interface 150 carries out the exchange of data.
When system operator was desired to manage for server system 100, by a user side 140, for example the personal computer of far-end was connected to blade server administration module 120 and keyboard/screen/mouse switch module 130 via network.Blade server administration module 120 all has an identity authentication mechanism with keyboard/screen/mouse switch module 130, and system operator needs correct account number and the password of indivedual inputs, is just allowed to login to manage.Yet,,, be sent to blade server administration module 120 respectively and carry out authentication with keyboard/screen/mouse switch module 130 respectively by an encryption mechanism for the account number and the password that prevent system operator are stolen in logining process.
Yet, under existing management structure, the account number of system operator and password need respectively via encryption mechanism, be sent to blade server administration module 120 individually and login program, not only cause managerial inconvenience, also increase cost and time that administrative institute needs with keyboard/screen/mouse switch module 130, therefore, need a kind of improved mechanism of logining, be able to the gerentocratic program of logining of simplified system, promote the efficiency of management.
Summary of the invention
Therefore a purpose of the present invention is to provide a kind of single accessing method of server system, logins the process of server system in order to simplification.
Another object of the present invention is to provide a kind of tool the single server system of logining, have the mode of logining of simplification.
According to above-mentioned purpose of the present invention, a kind of single accessing method of server system is proposed.Server system is via one first administration module and one second administration module management multiple servers, and first administration module and second administration module carry out exchanges data via an internal transmission path.At first, a user side is logined first administration module via an authentication mechanism.Then, first administration module sends a verify data to user side.Subsequently, user side is logined second administration module with this verify data.Wherein, this user side is logined the step of this second administration module with this verify data, further comprises step: send this verify data to this second administration module; And this second administration module is sent to this first administration module via this internal transmission path with this verify data and authenticates.
According to another object of the present invention, the single server system of logining of a kind of tool is proposed, contain multiple servers, one first administration module and one second administration module.First administration module allows a user side to login with an authentication mechanism, with management server, and provides a verify data to user side.Second administration module allows user side to login with this verify data, and with management server, and second administration module carries out exchanges data via an internal transmission path and first administration module.Wherein, this second administration module receives this verify data by this user side, and via this internal transmission path this verify data is sent to this first administration module and authenticates, and logins this second administration module to allow this user side.
According to server system single accessing method of the present invention, system operator need not be logined one by one for all administration modules of server system, after system operator is logined an administration module, just can login other administration modules simultaneously, and then simplify the process of logining.
Description of drawings
For above-mentioned and other purposes of the present invention, feature, advantage and embodiment can be become apparent, being described in detail as follows of accompanying drawing:
Fig. 1 represents the blade type server square figure of known skill.
Fig. 2 represents according to the single server system calcspar of logining of tool of the present invention.
Fig. 3 represents the process flow diagram according to server system single accessing method of the present invention.
Fig. 4 represents the single blade type server system calcspar of logining of tool according to the present invention's one preferred embodiment.
Fig. 5 represents the process flow diagram according to the blade type server system single accessing method of the present invention's one preferred embodiment.
The main element symbol description
100: blade type server system 110: blade server
112: baseboard management controller 114: the keyboard and mouse simulator
116: video adapter 118: keyboard/screen/mouse switch control
120: blade server administration module circuit
130: keyboard/screen/mouse switch module 140: user side
200: 150: the two I of server system
2C interface
240: 230: the second administration modules of user side
400: blade type server system 250: the internal transmission path
412: baseboard management controller 410: the blade type server
416: video adapter 414: the keyboard and mouse simulator
420: blade server administration module 418: keyboard/screen/mouse switch control circuit
430: keyboard/screen/mouse switch module 440: user side
450: the 1
2C interface
Embodiment
Single accessing method according to server system of the present invention, system operator need not be logined each administration module in the server system individually, and only need login wherein an administration module, and just can finish the program of logining of other administration modules simultaneously, still possess simultaneously and login required security.
Please refer to Fig. 2, Fig. 2 represents to have a single server system calcspar of logining according to of the present invention.Server system 200 has multiple servers 210, first administration module 220 and second administration module 230.First administration module 220 allows user sides 240 to login with an authentication mechanism, with management server 210, simultaneously in user side 240 finish login after, provide a verify data to user side 240, with as the usefulness of logining second administration module 230 subsequently.230 of second administration modules allow the verify data of user side 240 to be obtained by first administration module 220, login and manage for server 210.230 of first administration module 220 and second administration modules carry out exchanges data via an internal transmission path 250.
Then please be simultaneously with reference to Fig. 2 and Fig. 3, with the single accessing method of explanation according to server system of the present invention, wherein Fig. 3 represents the process flow diagram according to server system single accessing method of the present invention.At first, user side 240 is logined first administration module 220 (step 302) via an authentication mechanism.Subsequently, first administration module 220 is sent to user side 240 (step 304) with a verify data.Verify data contains the identity information of second administration module 230, and this identity information is sent to first administration module 220 via internal transmission path 250 by second administration module 230, and further is sent to user side 240.Then, user side 240 is logined second administration module 230 (step 306) with the verify data that first administration module 220 sends.When the verify data of user side 240 with 220 transmissions of first administration module, when logining second administration module 230 (step 306), user side 240 at first is sent to this verify data second administration module 230, second administration module 230 is sent to first administration module 220 with this verify data and authenticates then via internal transmission path 250.
Please refer to Fig. 4 and Fig. 5.Fig. 4 represents the single blade type server system of logining 400 that has of according to the present invention one preferred embodiment, and Fig. 5 then represents the blade type server system single accessing method process flow diagram according to this preferred embodiment.A plurality of blade type servers 410 manage by blade server administration module 420.Contain baseboard management controller 412, keyboard and mouse simulator 414, video adapter 416 and keyboard/screen/mouse switch control circuit 418 in the blade type server 410.Blade server administration module 420 is via Intelligent Platform Management Bus (IPMB) communication protocol, by an I
2C interface manages for baseboard management controller 412, with the running of control blade type server 410.
In addition, blade server administration module 420 also is connected with the keyboard/screen/mouse switch control circuit 418 of blade type server 410, by keyboard/screen/mouse switch control circuit 418 supervisory keyboard mouse simulators 414 and video adapter 416.Keyboard/screen/mouse switch module 430 also is connected to the keyboard/screen/mouse switch control circuit 418 of blade type server 410, switching, and shown the data of particular blade type server 410 and imported in 410 of different blade type servers.In addition, 430 of blade server administration module 420 and keyboard/screen/mouse switch module are also via Intelligent Platform Management Bus (IPMB) communication protocol, by the 2nd I
2C interface 450 carries out the exchange of data.
Blade type server system single accessing method according to this preferred embodiment, when system operator is desired to manage for blade type server system 400, at first by user side 440, the personal computer of far-end for example, utilize network browser program (Web Browser), for example explorer's browser of Microsoft (Internet Explorer) be connected to blade server administration module 420 via network, and account number and password that the input system supvr is had is logined.Network browser program is by an authentication mechanism, for example secure communication end stratum (Secure Sockets Layer SSL), logins to blade server administration module 420 (step 502).
Subsequently, the working stage key (sessionkey) that blade server administration module 420 will produce at random is sent to network browser program (step 504).Network browser program is written into new keyboard/screen/mouse switch module console application program, for example (steps 506) such as Java Applet or OCX, then, again above-mentioned working stage key is passed to keyboard/screen/mouse switch module console application program (step 508), this step is used to confirm that for confirming program again and again user side 440 still uses identical browser window to connect.
Verify data comprise keyboard/screen/mouse switch module 430 network address (UniversalResource Locator, URL), an encryption key (encryption key), a session ID (session ID) and a random digit (random number).Wherein, the network address of keyboard/screen/mouse switch module 430 is by the 2nd I
2C interface 450 is obtained.The working stage key that session ID produces corresponding to step 504.Encryption key and random digit are then produced by blade server administration module 420.
Keyboard/screen/mouse switch module console application program is logined keyboard/screen/mouse switch module 430 (step 510) with this verify data.User side 440 utilizes browser, explorer's browser of Microsoft (Internet Explorer) for example, and via application program, for example Java Applet or OCX are connected to keyboard/screen/mouse switch module 430 by network and login.User side 440 utilizes encryption key with the random digit in the verify data, and coding becomes one and encrypts word string, and this is encrypted word string, together with network address and session ID, is sent to keyboard/screen/mouse switch module 430 in the lump and logins.
Keyboard/screen/mouse switch module 430 by user side 440 access authentication data after, just further with this verify data, via the 2nd I
2C interface 450 is sent to blade server administration module 420 and authenticates (step 512).Blade server administration module 420 is compared with initial its verify data that is sent to user side 440 at by the verify data that keyboard/screen/mouse switch module 430 is sent.Encryption word string after blade server administration module 420 is encoded user side 440 utilize encryption key to decode, and whether the random digit that the back of relatively decoding obtains is identical with the random digit that is sent to user side 440 at first.
Whether in addition, also compare the network address and the working stage identification code of keyboard/screen/mouse switch module 430 identical.If the result of comparison is all identical, user side 440 just can be logined keyboard/screen/mouse switch module 430.Keyboard/screen/mouse switch module 430 just can be utilized encryption key subsequently, keyboard and mouse signal breath for 440 of keyboard/screen/mouse switch module 430 and user sides are encrypted (step 514), and reach the connection of a safety, prevent that keyboard and mouse signal breath from suffering people's acquisition.
According to server system single accessing method of the present invention, system operator need not be logined one by one for all administration modules of server system, after system operator is logined an administration module, just can login other administration modules simultaneously, and then simplify the process of logining.
Though the present invention with preferred embodiment openly as above; right its is not that any those skilled in the art are under the situation that does not break away from the spirit and scope of the present invention in order to qualification the present invention; can change and modification, so protection scope of the present invention is as the criterion with the claim institute restricted portion that is proposed.
Claims (36)
1. the single accessing method of a server system, this server system is via one first administration module and one second administration module management multiple servers, this first administration module and this second administration module carry out exchanges data via an internal transmission path, and this single accessing method comprises at least:
One user side is logined this first administration module via an authentication mechanism;
This first administration module sends a verify data to this user side; And
This user side is logined this second administration module with this verify data,
Wherein, this user side is logined the step of this second administration module with this verify data, further comprises step:
Send this verify data to this second administration module; And
This second administration module is sent to this first administration module via this internal transmission path with this verify data and authenticates.
2. the single accessing method of server system as claimed in claim 1, wherein this server system is a blade type server system.
3. the single accessing method of server system as claimed in claim 1, wherein this first administration module is a blade server administration module.
4. the single accessing method of server system as claimed in claim 1, wherein this second administration module is one keyboard/screen/mouse switch.
5. the single accessing method of server system as claimed in claim 1, wherein this authentication mechanism is a secure communication end stratum.
6. the single accessing method of server system as claimed in claim 1, wherein this verify data is sent to this first administration module via this internal transmission path by this second administration module.
7. the single accessing method of server system as claimed in claim 1, wherein this internal transmission path is I
2C interface.
8. the single accessing method of server system as claimed in claim 1, wherein this verify data is reached an agreement on Intelligent Platform Management Bus, via this internal transmission path, is sent to this first administration module by this second administration module.
9. the single accessing method of server system as claimed in claim 1, wherein to comprise the network address of this second administration module be Universal Resource Locator to this verify data, URL.
10. the single accessing method of server system as claimed in claim 1, wherein this verify data comprises a session ID.
11. the single accessing method of server system as claimed in claim 10, wherein this verify data comprises an encryption key.
12. the single accessing method of server system as claimed in claim 11, wherein this verify data comprises a random digit.
13. the single accessing method of server system as claimed in claim 12, further comprise and with this encryption key this random digit is encoded to one and encrypts word string, and login to this second administration module with the network address and the described session ID of this second administration module with this encrypted word polyphone.
14. the single accessing method of server system as claimed in claim 1, wherein this user side utilizes an application program, logins this second administration module with this verify data.
15. the single accessing method of server system as claimed in claim 14, wherein this application program is JavaApplet.
16. the single accessing method of server system as claimed in claim 14, wherein this application program is OCX.
17. the single accessing method of server system as claimed in claim 1, wherein this first administration module sends the step of a verify data to this user side, further comprises:
This first administration module sends the network browser program of a working stage key to this user side; And
The network browser program of this user side is written into new keyboard/screen/mouse switch module console application program, again this working stage key is sent to keyboard/screen/mouse switch module console application program, confirm program again and again to carry out, be used to confirm that this user side uses identical browser window to connect.
18. the single accessing method of server system as claimed in claim 17, wherein this working stage key is corresponding to the session ID that is included in this verify data.
19. the single server system of logining of tool, this server system comprises at least:
Multiple servers;
One first administration module allows a user side to login with an authentication mechanism, managing those servers, and provides a verify data to this user side; And
One second administration module allows this user side to login with this verify data, and to manage those servers, this second administration module carries out exchanges data via an internal transmission path and this first administration module,
Wherein, this second administration module receives this verify data by this user side, and via this internal transmission path this verify data is sent to this first administration module and authenticates, and logins this second administration module to allow this user side.
20. the single server system of logining of tool as claimed in claim 19, wherein this server system is a blade type server system.
21. the single server system of logining of tool as claimed in claim 19, wherein this first administration module is a blade server administration module.
22. the single server system of logining of tool as claimed in claim 19, wherein this second administration module is one keyboard/screen/mouse switch.
23. the single server system of logining of tool as claimed in claim 19, wherein this authentication mechanism is a secure communication end stratum.
24. the single server system of logining of tool as claimed in claim 19, wherein this verify data is sent to this first administration module via this internal transmission path by this second administration module.
25. the single server system of logining of tool as claimed in claim 19, wherein this internal transmission path is I
2C interface.
26. the single server system of logining of tool as claimed in claim 19, wherein this verify data is reached an agreement on Intelligent Platform Management Bus, via this internal transmission path, is sent to this first administration module by this second administration module.
27. the single server system of logining of tool as claimed in claim 19, wherein to comprise the network address of this second administration module be Universal Resource Locator to this verify data, URL.
28. the single server system of logining of tool as claimed in claim 19, wherein this verify data comprises a session ID.
29. the single server system of logining of tool as claimed in claim 28, wherein this verify data comprises an encryption key.
30. the single server system of logining of tool as claimed in claim 29, wherein this verify data comprises a random digit.
31. the single server system of logining of tool as claimed in claim 30, wherein this user side is encoded to one with this encryption key with this random digit and encrypts word string, and logins to this second administration module with the network address and the described session ID of this second administration module with this encrypted word polyphone.
32. the single server system of logining of tool as claimed in claim 19, wherein this user side utilizes an application program, logins this second administration module with this verify data.
33. the single server system of logining of tool as claimed in claim 32, wherein this application program is Java Applet.
34. the single server system of logining of tool as claimed in claim 32, wherein this application program is OCX.
35. the single server system of logining of tool as claimed in claim 19, wherein this first administration module sends the network browser program of a working stage key to this user side, and the network browser program of this user side is written into new keyboard/screen/mouse switch module conso1e application program, again this working stage key is sent to keyboard/screen/mouse switch module console application program, confirm program again and again to carry out, be used to confirm that this user side uses identical browser window to connect.
36. the single server system of logining of tool as claimed in claim 35, wherein this working stage key is corresponding to the session ID that is included in this verify data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005100674471A CN1854965B (en) | 2005-04-21 | 2005-04-21 | Single accessing method of server system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005100674471A CN1854965B (en) | 2005-04-21 | 2005-04-21 | Single accessing method of server system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1854965A CN1854965A (en) | 2006-11-01 |
| CN1854965B true CN1854965B (en) | 2010-04-28 |
Family
ID=37195178
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2005100674471A Active CN1854965B (en) | 2005-04-21 | 2005-04-21 | Single accessing method of server system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1854965B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101656714B (en) * | 2008-08-18 | 2012-12-05 | 鼎新电脑股份有限公司 | Single login method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1289974A (en) * | 1999-09-24 | 2001-04-04 | 城市集团发展中心有限公司 | Method and system for visiting several servers in www network by a user for registration once only |
| WO2001055822A1 (en) * | 2000-01-28 | 2001-08-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Single logon system and method for distributed software applications |
| US20030188193A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Single sign on for kerberos authentication |
-
2005
- 2005-04-21 CN CN2005100674471A patent/CN1854965B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1289974A (en) * | 1999-09-24 | 2001-04-04 | 城市集团发展中心有限公司 | Method and system for visiting several servers in www network by a user for registration once only |
| WO2001055822A1 (en) * | 2000-01-28 | 2001-08-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Single logon system and method for distributed software applications |
| US20030188193A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Single sign on for kerberos authentication |
Non-Patent Citations (1)
| Title |
|---|
| JP特开2003-323409A 2003.11.14 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1854965A (en) | 2006-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100535808C (en) | System and method for secure remote access | |
| CN100477833C (en) | Authentication method | |
| TWI296477B (en) | Single logon method on a server system and a server system with single logon functionality | |
| US9088561B2 (en) | Method and system for authentication in a computer network | |
| CN101488857B (en) | Authenticated service virtualization | |
| CN101764819A (en) | methods and systems for detecting man-in-the-browser attacks | |
| CN101321068A (en) | Method and apparatus for implementing dual-identity authentication | |
| CN102195930B (en) | Security access method among equipment and communication equipment | |
| CN104168304A (en) | System and method for single-sign-on in virtual desktop infrastructure environment | |
| CN100365974C (en) | Device and method for controlling computer access | |
| CN101540757A (en) | Method and system for identifying network and identification equipment | |
| CN101610502A (en) | Based on the method that moves the different business systems mobile information integration of using door | |
| WO2016184221A1 (en) | Password management method, device and system | |
| CN105577677A (en) | Remote login method and system based on J2EE | |
| CN1601954B (en) | Moving principals across security boundaries without service interruption | |
| CN105959278B (en) | A kind of method, apparatus and system for calling VPN | |
| EP1542135B1 (en) | A method which is able to centralize the administration of the user registered information across networks | |
| CN111698259A (en) | Dynamic authentication login equipment, system and method based on Bluetooth equipment | |
| CN112187718B (en) | Remote access cloud terminal and system of IDV cloud desktop | |
| CN1854965B (en) | Single accessing method of server system | |
| CN102752308A (en) | Network-based digital certificate comprehensive service providing system and implementation method thereof | |
| CN103310138B (en) | account management device and method | |
| CN107770219A (en) | A kind of sharing method, gateway server and the system of form window | |
| CN110941412A (en) | Method, system and terminal for realizing multi-terminal animation co-browsing based on imaging | |
| CN110233825A (en) | Equipment initial methods, internet of things equipment, system, platform device and smart machine |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |