JP2004220318A - Information processor and program to be used for same - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To increase the convenience of a user by sharing a single session between a server and a plurality of client programs on the same information processor. <P>SOLUTION: The information processor 2 has a session management means 2m for managing session identification information to share a single session established with a server program after user authentication between a plurality of client programs. Even the different client programs can use the identification information about the same session (server session) established after user authentication to communicate with the server program. <P>COPYRIGHT: (C)2004,JPO&NCIPI

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a technique for improving the convenience of a user and reducing the load on a server in an information processing apparatus having a communication function.
[0002]
[Prior art]
As a client program of a server that provides Web (World Wide Web etc.) services, it is possible to access not only Web browsers but also functions (Web services) provided by Web servers directly using HTTP (Hypertext Transfer Protocol) etc. Clients are becoming more common.
[0003]
When communication is performed between a server machine and a client machine on a network, user authentication is usually required. For example, in the case of using a Web service that requires a login, input of a user ID (identification information), a password (a password), and the like is required when using the Web service from a client program on a client machine.
[0004]
[Problems to be solved by the invention]
By the way, in the conventional device, since the same session cannot be shared between a plurality of client programs and information cannot be exchanged with a server program, for example, the following problem occurs.
[0005]
When only one type of client program for accessing a Web service or the like provided by the same server exists in one information processing apparatus, the client program (application) is started, and then a user ID, a password, and the like are set. To perform user authentication. However, when accessing the same Web service using a plurality of applications and the user desires to use the applications in cooperation with each other, it is necessary to input a user ID and a password for each application and start a session with the server. There is. In other words, even if the server is the same, a different session is started for each client program on the client machine.
[0006]
Under such circumstances, the following matters become problems.
[0007]
Since the user needs to input the same user ID and password for each application each time, the operation is bothersome and troublesome.
[0008]
For the server, different sessions must be started for one user, which consumes useless resources (computer resources).
[0009]
When information necessary for management for each session is managed as temporary information (volatile data) in the system design of a Web service or the like (for example, in a shopping system such as a shopping cart, after logging in, the content in the cart is In the case where the product information that the user wants to order is held, and the product information in the cart is cleared at the end of the session, etc.), between client programs managed as separate sessions, A problem arises that the data on the server side cannot be shared even though the users are the same.
[0010]
Therefore, an object of the present invention is to increase the convenience of a user by sharing a session between a server and a plurality of client programs on the same information processing apparatus.
[0011]
[Means for Solving the Problems]
The information processing apparatus according to the present invention, for a session established as a logical connection relationship between the server program and the client program through user authentication, to share one session among a plurality of client programs, A session management means for managing the identification information of the session is provided.
[0012]
Further, the program used in the information processing apparatus according to the present invention manages identification information of the session in order to share one session established with the server program after user authentication among a plurality of client programs. It has steps.
[0013]
Therefore, according to the present invention, even with different client programs, communication processing can be performed with the server program using the identification information of the same session established after user authentication.
[0014]
BEST MODE FOR CARRYING OUT THE INVENTION
According to the present invention, in a system for providing a client with a Web service provided by a server, one session (server session) can be shared by a plurality of clients on the same machine (client machine). is there. For example, when a user uses a plurality of client programs that can access one Web service, if the user is the same, there is no need to perform a separate login for each client program and once After logging in with the client program, there is no need to log in with other client programs thereafter. As a result, user convenience can be improved.
[0015]
Here, “session” means a logical connection relationship in communication established between a server program and a client program through user authentication using a user ID, a password, and the like. It is generated and started (or started) and disappears due to end conditions such as user operation or time limit. More simply, it represents a series of processes performed between the server and the client from the start of login to the end of logout or the like.
[0016]
FIG. 1 conceptually shows an example of a system including a computer network using the Internet or the like and an information processing device (a server machine or a client machine) connected thereto.
[0017]
In the present system (information communication system) 1, client machines 2c, 2c,... And a server machine 2s are provided as information processing apparatuses 2. That is, a server machine 2s that provides a specific information service (Web service or the like) to the client machines 2c, 2c,... Is connected on a network, and a server program executed on the server machine 2s is used. Various types of information processing required for information services and the like are performed.
[0018]
The client machine 2c can exchange information with a server program using a client program executed on the machine. As the “client machine”, for example, a personal computer having a network communication function, a mobile communication terminal device such as a PDA (Personal Digital Assistance), a mobile phone, or the like, which can access a Web service or the like, or a network connection is possible. Various devices (such as an imaging device and a video device) are included. The client program includes, for example, a browser (browsing software), but is not limited thereto, and various applications can be used.
[0019]
FIG. 1 conceptually shows a state in which a plurality of client programs A, B,... Are executed in a certain information processing apparatus (client machine 2c). The client machine is provided with session management means 2m for managing the identification information of the session in order to share one session among a plurality of client programs (processes) (as an actual hardware configuration, for example, A central processing unit, a main memory, various controllers such as a system controller, an auxiliary storage device, and the like are provided, and the session management unit 2m is realized using a program or the like, but is simplified in the figure.)
[0020]
As an example, an execution program (hereinafter, referred to as a “session management process”) corresponding to one server session is prepared on the client side, and session identification information is managed using this. In other words, this session management process constitutes the session management means 2m, and ID information (hereinafter referred to as ID) for identifying a session generated at the time of connection between the client machine or the program and the server machine or the program or at the time of login. , “Session ID”).
[0021]
Client programs to be executed when using the Web service and the like exist as separate programs (processes) on one client machine, respectively. These programs inquire and set a session ID to a session management process. It can be carried out.
[0022]
When logging in to the server from the first client program (client A), a session management process is started, and the session ID of the session started between client A and the server program is sent to client A by the session management process. Set.
[0023]
Thereafter, when the second client (client B) is activated, the session ID is notified to the client B from the session management process on condition that there is a session management process. That is, the client B determines whether or not the session management process exists, and if the process exists on the client machine, extracts the set session ID. Then, when communication with the server machine is started using the client B, access to the server is performed using the acquired session ID.
[0024]
Communication processing using the same session ID as in the case of the client A is performed between the client B and the server program, so that the user using the client B logs in to a Web service or the like, and thus a user name and a password are used. Therefore, there is no need to input data required for user authentication.
[0025]
In the above description, the session management process is generated at the first login, but the timing of generating the process does not require the action of “login”. Therefore, the present invention can be implemented in various forms, such as a resident program form, or by generating a process when connecting to a Web service or the like for the first time.
[0026]
Hereinafter, a web service of a photo sharing site (a site for sharing and using image information) that handles image data will be specifically described with reference to FIGS. 2 to 7.
[0027]
In this site (http://www.imagestation.jp/), image files are managed by a logical structure (one hierarchical structure) similar to a file system directory, called "album".
[0028]
An interface (External Interface) for a web service is an interface for providing a function of obtaining a list of albums, acquiring image information in an album, or uploading an image to a specific album, and a client program “Uploader”. "And" Function extension bar ".
[0029]
The “uploader” is a dedicated client program having a function of uploading (transmitting or transferring) an image file on a client machine (local machine) to a site.
[0030]
2A and 2B show examples of a screen (main screen) of the “uploader”. FIG. 2A shows a display state before login, and FIG. 2B shows a display state after login.
[0031]
(A) The meaning of each part (object) in the state before login shown in the figure is as follows.
[0032]
-Drop target section (3_1) = an area originally provided for dragging and dropping an image file (icon operation with a mouse pointer) (before login, only an animation or the like is displayed, and there is no special function.)
ID input section (3_2) = login ID (user ID) input and edit area
・ Password input part (3_3) = password input and edit area
"Login" button (3_4) = Button object for login operation
Menu button (3_5) = Button object that displays a pop-up menu (including items such as album list update, upload, new album creation, etc.) at the time of operation.
[0033]
On the right side of the menu button 3_5, objects such as an “open album” button 3_6 and an “invite to album” button 3_7 are arranged.
[0034]
Further, the meaning of each unit (object) in the state after login shown in FIG.
[0035]
・ Drop target part (3_1) = Uploading of the image file is started by an event generated by dragging and dropping the image file to this part in the state of login to the site, and the following “Album dropdown” The image file is uploaded to the album selected in "List".
[0036]
Nickname part (3_8) = display area for the name (nickname) registered by the logged-in user
"Logout" button (3_9) = Button object for logout operation Album dropdown list (3_10) = Display album list owned by user, upload image file by drag & drop, "Open album" button 3_6 All operations using the "invite to album" button 3_7 are performed on the album selected in this list object.
[0037]
The arrangement of the menu button 3_5, the “open album” button 3_6, and the “invite to album” button 3_7 are the same as those in FIG.
[0038]
For example, a procedure in which a user accesses a site using an “uploader” and uploads a desired image file to an album intended by the user is as follows.
[0039]
(1) Startup and login of “Uploader” (operation such as input of login ID and password on the screen shown in FIG. 2A)
(2) After the user authentication is completed, the display state shown in FIG. 2B is displayed, and the user selects an album to be uploaded from the album drop-down list 3_10.
(3) The image file is uploaded by the user performing an operation of moving the icon of the desired image file to the drop target unit 3_1 by drag and drop.
[0040]
Next, the “function extension bar” will be described with reference to FIGS. 3 and 4.
[0041]
The “function extension bar” is a client program (plug-in component or the like) that is functionally added as a plug-in (or add-in) to a specific browser or the like.
[0042]
FIG. 3 shows a form added to the browser, and FIG. 3 shows a “function extension bar” arranged at the bottom of a toolbar such as an address bar. For example, in the case of a plug-in form to Internet Explorer (trademark of Microsoft Corporation), in Windows (trademark of OS manufactured by Microsoft Corporation), this is implemented as a dynamic link library (DLL: Dynamic Link Library), and the system The memory is loaded by the browser by registering in.
[0043]
FIG. 4 shows an example of the screen of the “function extension bar”. FIG. 4A shows a display state before login, and FIG. 4B shows a state after login.
[0044]
(A) In the state before login shown in the figure, only the button object 4_1 is displayed, and when this button is pressed, a predetermined menu (login, help, etc.) is displayed.
[0045]
Further, the meaning of each unit (object) in the state after login shown in FIG.
[0046]
Button object (4_1) = By a button operation, a menu including various items such as logout, album information, creation of a new album, and the like is displayed.
[0047]
"Album" button (4_2) = a button object that displays an album title, and the latest one sorted (rearranged) at the time of updating the album is displayed in order from one side of the display screen. When the user presses the book button, the display transits to the image list page of the album.
[0048]
"Move album" button (4_3) = button objects (indicated by "<<" and ">>") located on both sides of the "album" button group displayed on the bar. This button is enabled when the display area of the “function extension bar” is small or the number of albums is large. For example, when the button is pressed, the “album” button is pressed in the direction indicated by “<<” or “>>” Is shifted (moved). Thereby, the display of the “album” button group displayed on the bar can be changed.
[0049]
The user can log in to the site from the “function extension bar”, and at that time, the user's album list data is obtained via an interface (External Interface), and they are “album” button (shortcut button) ) On the bar.
[0050]
A program (browser or the like) having the same function as the “function extension bar” can be designed and created from the beginning, but as shown in this example, it is necessary to add a function to an existing program that the user is familiar with. The form in which the processing is added has the advantage that the burden on the user is small, including learning the operation and the like anew, and the burden on creating the program is reduced.
[0051]
The "Uploader" and "Function Extension Bar" are separate client programs, but you can log in to the same site using either of them and essentially establish a session with the server. It is.
[0052]
FIG. 5 is a diagram for explaining a basic flow in the case of sharing a session, in which a server program (“S”) and client programs A and B connected by a network, and a session management process “M” are connected. Shows the relationship. In this example, the client program A is an “uploader” and the client program B is an “extension bar”. Only the “uploader” is activated first, and then a browser including the “extension bar” is displayed. Is assumed to be activated.
[0053]
As illustrated, the session ID (“000111” in this example) created in the server program S is sent to the client machine and managed by the session management process M.
[0054]
The session management process M holds a “client table”, which is a table for registering an execution instance of a client program. For example, when the client A issues a request to the server and information or data regarding a session inside the server is changed, the table is used so that the client B knows the event. When each client program (process) is ready to receive an event, an application handle is registered in this client table (the “application handle” is an identification used to specify an execution application). Information, for example, a window handle in the case of a GUI (Graphical User Interface).)
[0055]
When a predetermined event occurs (for example, when a user logs out with a certain client program), a message corresponding to the event is sent to all clients registered in the client table.
[0056]
A flow of a series of processes will be described below according to the procedure examples (1) to (8) shown in FIG.
[0057]
(1) Client A activation and user input steps
(2) User authentication and session generation steps
(3) Steps for creating a session management process and managing sessions
(4) Client B startup step
(5) Step of extracting session ID and registering application handle
(6) Session ID return step
(7) Step of calling the server using the session ID of (6)
(8) Returning a response to the logged-in session.
[0058]
First, in (1), a client A, that is, an "uploader" is started in response to a user's instruction. Thereafter, a screen requesting a login ID and a password for the site (see FIG. 2A) is presented to the user. The item (login ID, password) data input by the user is encrypted and sent to the server program S.
[0059]
In (2), user authentication is performed in the server, and it is determined whether or not the information input in (1) is correct user information. When it is determined that the user information is correct, a session (here, the session ID is temporarily assumed to be “000111”) is generated. The session ID information is returned from the server program S to the client A.
[0060]
In (3), when a correct session ID is sent from the server, the client A generates a session management process M and sets a session ID (“000111” in this example). This is because the session management process M needs to manage the session ID in order to share one session among a plurality of client programs. At the same time, the application handle (window handle) is registered in the client table of the session management process M (at this point, the client B has not been registered in the client table).
[0061]
In (4), the client B, that is, the browser is started in response to the user's instruction (see FIG. 3).
[0062]
In (5), the session management process M is searched immediately after the client B is started, and it is determined whether the process exists. If there is a session management process, the session ID set in (2) is extracted. At this time, an application handle (window handle) for specifying the “function extension bar” (including the browser) is registered (this is registered in the client table of the session management process).
[0063]
In (6), the session ID registered in the session management process is sent to the client B. That is, the session ID is notified to the client B so that communication processing using the session ID can be performed between the client B and the server program S.
[0064]
In (7), when calling the server of the site, access is made using the session ID obtained in (6). For example, in (1), when a user requests a page in a login state by the user ID input to the uploader, the session ID is sent to the server together.
In (8), a response to the logged-in session is returned to the client B.
[0065]
The processing of (1), (2) and (7), (8) is performed by network communication between the server machine and the client machine, and the processing of (3), (5), (6) The processing is performed by inter-process communication (such as LPC: Local Procedure call). Regarding the request to the server in (7), it is also possible to insert the session ID acquired in (6) into a so-called cookie (Cookie: a mechanism in which the WWW server identifies and manages the user) and notify the server.
[0066]
In FIG. 5, in (3) and (5), the applications (clients A and B) set application handles for the session management process M, and the session management process M holds the setting information in the client table. are doing. The client table is required for the session management process M to notify another client of an event (for example, logout or creation of a new album) generated from one client.
[0067]
Next, assuming that both the “uploader” and the “function extension bar” (including the browser) are in the logged-in state, the mechanism of event notification will be described with reference to FIG.
[0068]
The processing flow is as follows.
[0069]
(11) Perform a logout operation from the client A (“uploader”) to the server
(12) The status of successful logout returns to client A. Here, logout means deleting the server session. In this state, the client B does not know that the corresponding session (ID = 000111) has been lost in the server.
(13) Client A sends a logout event to session management process M
(14) The session management process M sends a logout event to all clients (client B in this example) other than the client A (sender) registered in the client table. Accordingly, the client knows that the current session is no longer valid, and can perform processing such as, for example, setting the user interface to a login standby state.
[0070]
FIG. 7 is a flowchart exemplifying the flow of processing from the start to the stop mainly of the client program (“uploader”) in relation to the session management process. The same is true for the "function expansion bar.")
[0071]
“State” in the drawing indicates whether the state is a login state (login) or a logout state (logout).
[0072]
First, in step S1, the client A is activated (at this point, it is in a logout state). In the next step S2, the application handle of the client A is registered in the client table of the session management process M.
[0073]
Then, in step S3, it is determined whether a session ID can be obtained from the session management process M. That is, if the session has already been established and the session ID is held in the session management process M, the process proceeds to step S4. If not (session not established), the process proceeds to step S5.
[0074]
In step S4, the user interface (UI) is set to a login state (State = login), and the process proceeds to next step S5.
[0075]
In step S5, a process for waiting for a message and a user event from the session management process M is started.
[0076]
In the next step S6, if the user is currently logged out, it is determined whether or not to log in using the user interface. Note that “State == logout” means a conditional expression having an equality relationship, and indicates a true value when the condition is satisfied. If the user is currently logged out and logs in, the process proceeds to step S7; otherwise, the process proceeds to step S11.
[0077]
In step S7, after a login request is sent from the client A to the server, the success or failure of the login is determined in the next step S8. If the login is successful, the process proceeds to step S9. If the login is unsuccessful, the process proceeds to step S5. Return to
[0078]
In step S9, the session ID sent from the server when the login is successful is set and managed in the session management process M. Then, after the user interface is set to the login state in the next step S10 (State = login), the process returns to step S5.
[0079]
In step S11, it is determined whether a logout message has been delivered from the session management process M to the client A. That is, as described above, when an event occurs when another client logs out, a logout message is sent to all clients registered in the client table. If the message comes, the process proceeds to step S12. After the user interface is logged out (State = logout), the process returns to step S5. If the logout message does not come to the client A, the process proceeds to the next step S13, where event detection processing is performed, for example, whether or not the message is a message for creating a new album is performed. , Update of the album list, etc.), and then return to step S5.
[0080]
Note that a loop that proceeds from step S13 to S14 and returns to S5 shows a main flow relating to event processing.
[0081]
When the process proceeds from step S13 to step S15, it is determined here whether or not the user has instructed termination of the client A (Exit). Then, when the end instruction is given, the process proceeds to step S16, but otherwise, the process returns to step S5.
[0082]
In step S16, the registration of the client A is deleted from the client table of the session management process M (the application handle is deleted). Then, proceeding to step S17, the application (client A) stops.
[0083]
As described above, after the activation of the client program, the application handle is registered in the client table, and the identification information (session ID) of the session started between another client program and the server program is held in the session management process M. Is determined. If the session ID can be obtained, the user interface is logged in so that communication processing with the server can be performed using the session ID. When a login is performed in a state where a session has not been established with the server, a session is newly started as shown in steps S7 to S10, and the login state is set after registration of the session ID in the session management process M. It is said.
[0084]
According to the above configuration, for example, the following advantages can be obtained.
[0085]
When a user accesses a single information service (Web service or the like) requiring a login from a different client program (application) on the same machine, if the user logs in with any one of the client programs, the other There is no need to log in again in the client program. In other words, the user does not need to log in for each application to be used, and can save the trouble of inputting a user ID, a password, and the like, thereby improving user convenience.
[0086]
In the conventional configuration, when viewed from the server side, it is necessary to prepare a plurality of sessions for each application even though the user using the client machine is the same user (that is, even if the user is the same, Each time, it is necessary to generate a session and assign a session ID.) On the other hand, in the above configuration according to the present invention, since one session ID is sufficient for a plurality of applications, it is possible to avoid unnecessary resources from being consumed.
[0087]
-In a service that uses valid data in one session (for example, a service using an application that implements a mechanism such as a shopping cart), one session can be accessed from different client programs (applications). In each client program, it is possible to refer to a common state, update information, and the like (that is, in a form in which a different session is established for each application and communication is performed between the server and the client, When viewed from the application side, server data and the like cannot be shared between multiple applications.)
[0088]
The present invention is not limited to the above-described information processing apparatus and the program used for the same, but may be applied to an information recording medium (a program that can be loaded into an information processing apparatus so that the program can be loaded into a memory). Various types of recording media and storage media), and a method of managing session identification information in order to share one session among a plurality of client programs.
[0089]
【The invention's effect】
As is apparent from the above description, according to the first and fourth aspects of the present invention, even if different client programs are used, the server program can use the same session identification information established after user authentication. The communication process can be performed between users, so that the user is released from the duplication of input operations for login, and sharing of server data etc. between client programs when viewed from multiple client programs. Can be.
[0090]
According to the second and fifth aspects of the present invention, when a client program is newly started, it is possible to notify the client program of session identification information.
[0091]
According to the third and sixth aspects of the present invention, when a predetermined event occurs (for example, logout from a certain client program), all the client programs registered in the table respond to the event. Since the message is sent, it is possible to prevent adverse effects and unnecessary operations caused by the message not being notified (for example, issuance of a request that assumes a login state despite being in a logout state).
[Brief description of the drawings]
FIG. 1 is a conceptual diagram showing a system configuration example according to the present invention.
FIG. 2 is an explanatory diagram showing an example of a screen of a client program “uploader”.
FIG. 3 is an explanatory diagram showing an example of a screen of a browser including a client program “function extension bar”;
FIG. 4 is an explanatory diagram showing an example of a screen of a client program “function extension bar”.
FIG. 5 is an explanatory diagram showing a processing example according to the present invention.
FIG. 6 is an explanatory diagram illustrating an example of processing related to event notification.
FIG. 7 is a flowchart for explaining a processing example from start to stop of a client program;
[Explanation of symbols]
2 information processing device, 2m session management means

Claims (6)

An information processing apparatus having a communication function of transmitting information through a session established as a logical connection relationship between a server program and a client program through user authentication,
An information processing apparatus comprising: session management means for managing identification information of a session in order to share one session among a plurality of client programs. The information processing device according to claim 1,
The identification information of the session started between the first client program and the server program is managed by the session management means, and when the second client program is subsequently activated, the identification information of the session Is notified to the second client program from the session management means, so that communication processing using the identification information of the session is performed between the second client program and the server program. Processing equipment. The information processing device according to claim 1,
The session management means includes a table for registering the client program, and when a predetermined event occurs, a message corresponding to the event is sent to all client programs registered in the table. An information processing apparatus characterized by the above-mentioned. A program used in an information processing apparatus having a communication function of transmitting information through a session established as a logical connection between a server program and a client program through user authentication,
A program for use in an information processing apparatus, comprising a step of managing identification information of a session in order to share one session among a plurality of client programs. A program used in the information processing apparatus according to claim 4,
Holds the identification information of the session started between the first client program and the server program, and then, when the second client program is started, the communication between the second client program and the server program A step of notifying the second client program of the identification information of the session so that a communication process using the identification information of the session can be performed. A program used in the information processing apparatus according to claim 4,
An information processing apparatus comprising: registering the client program in a table; and transmitting a message corresponding to the event to all client programs registered in the table when a predetermined event occurs. Program used for

Images