JP2010152818A - Server system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide technology for enabling a server system to properly handle and respond to a fluctuation in the number of accesses by adjusting the load and performance of the server in accordance with a channel, a user attribute, or the like. <P>SOLUTION: In the server system, a PL (presentation) server (group) 100 and a restriction management part 500 connected to the PL server 100 manage the current or previous number N of logins and an upper limit H for the number N of logins concerning a plurality of sessions in a plurality of channels between a plurality of users and client terminals. The PL server 100, at login for access from the client terminal, compares the number N of logins with a corresponding upper limit H, for example, for each channel, and imposes restriction so as to reject the log-in when the number N is equal to or higher than the upper limit H. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a server system (client server system) that provides a service (business process) to a user (client terminal) via a communication network via a Web or the like, and in particular, a login (session) for using the service. The present invention relates to control and control of traffic, load and performance.

  Server systems that provide services to users using the Web or the like generally have the functions of a Web server (presentation (PL) server), an application server (business logic (BL) server), and a database (DB) server. It has a so-called three-layer structure that is configured separately. A Web server (PL server) interacts with a client terminal used by a user and performs processing related to session management, screen generation, and the like. The application server (BL server) performs unique business (BL) processing associated with the service to be provided. The DB server holds and manages various data necessary for business processing as a DB.

  In the above server system, the increase in traffic due to the occurrence of a large number of accesses (requests) to the server has prevented the increase of the system, and there are many cases of congestion, failure, system down, etc. due to overflow of traffic. There is a problem. Therefore, there is a need for a system that can take appropriate measures by detecting and predicting, for example, an overflow of traffic.

  As a related art related to the above, Japanese Patent Application Laid-Open No. 2004-246833 (Patent Document 1) describes an upper limit value of the number of sessions that can be connected per unit time and the number of sessions established per unit time in the server load balancing technique. When a new session establishment request is received from the end user terminal, the number of sessions established per unit time is compared with the above upper limit value, and if it is less than the upper limit value, a new session establishment request is permitted. It is described that a new session establishment request is discarded when the value is equal to or greater than the upper limit value.

  Japanese Patent Application Laid-Open No. 2007-265244 (Patent Document 2) describes a technique for predicting the performance of a Web system and preventing overflow of future performance.

Japanese Patent Application Laid-Open No. 2007-265245 (Patent Document 3) describes a technique for monitoring a traffic on a network, estimating a traffic amount, and executing a predetermined countermeasure process when a resource shortage is predicted. ing.
JP 2004-246833 A JP 2007-265244 A JP 2007-265245 A

  As a server system using the Web or the like, a company portal site or the like is often provided so that a plurality of services can be used for various users (client terminals). Depending on the service provided by the server system, the traffic volume varies greatly on the time axis. For example, as a service (corresponding business processing), in the case of a securities trading order service or an information browsing service in a securities system, the number of accesses varies greatly depending on the situation of the market or news.

  In the case where the server system is configured to provide various services through a plurality of channels (access channel, service channel) corresponding to a large number of various users (client terminals), there is a difference in traffic fluctuation characteristics for each channel. .

  In addition, there is a system that provides a service according to an attribute of a user (client terminal) even when providing a service using the same channel. For example, there is a system that provides different types of services according to differences in user attributes such as excellent customers and general customers. In that case, there is a difference in the traffic fluctuation characteristics for each user attribute.

  Due to the increase in the number of accesses for various users, the server system can respond appropriately to each user (each channel and each user attribute) due to an increase in traffic volume and load in login processing and service processing. It becomes difficult. In other words, the load on the system cannot be properly controlled, or the performance of the system cannot be properly used, which may cause the above-described failure. In addition to the inconvenience that the desired service cannot be used due to a failure or the like, the user side is not sure whether or not the service can be used until the user actually tries to access (log in) the desired service. For example, since the state of waiting for a response from the server continues for a long time, the user feels that the convenience is not so high.

  As one countermeasure related to the above, a load distribution device (load balancer) is provided in front of a server (PL server) that receives access (request) from a user (client terminal), and load distribution to a plurality of servers in the subsequent stage And restricting access (request). Alternatively, it is possible to provide a load balancer in front of a server (BL server) that performs service processing (business processing).

  As another countermeasure, the number of logins (number of logged-in sessions) in the entire server group related to logins (sessions) processed by the server group (PL server) in the previous stage that accepts access is limited to a value lower than a predetermined upper limit. It is possible.

  However, in the case of such conventional control, there is a problem that an appropriate restriction effect cannot be obtained in many cases because the control does not reflect the access characteristics and situations of various channels and users (user attributes). For example, if there is a service provided by channel A (or a service for user attribute A) and a service provided by channel B (or a service for user attribute B), and only the access of B is rapidly increasing, A , B, the control that limits the number of logins to less than a predetermined value may result in a relatively inaccessible A access.

  An object of the present invention is a technology such as a server system in which a large number of various users (clients) can access a service provided by a server through a predetermined channel and provide different services according to a plurality of channels and a plurality of user attributes. Therefore, the server system can respond appropriately and respond to the fluctuations in the number of accesses (for example, sudden increase) by adjusting the load and performance of the server according to the channel and user attributes. It is to provide technology that can. It is another object of the present invention to provide a technology that can provide a response so that the user can easily understand the status of the system and service, and does not reduce convenience.

  The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  Of the inventions disclosed in the present application, the outline of typical ones will be briefly described as follows.

  This embodiment includes a plurality of first servers (PL servers) in the PL layer, a plurality of second servers (BL servers) in the BL layer, and a third server (DB server) in the DB layer, It is a server system that provides services processed by the second and third servers to the client terminal via the first server for access from a user's client terminal via a communication network. The first server includes, for example, a Web server function, a session management function, a screen control function, and the like.

  The first server includes a login process related to establishment of a session with the client terminal, including an authentication process for an access (request) on a predetermined channel (URL or the like) from the user client terminal. In response to a request from the client terminal in an established session, the second server requests the second server to process a predetermined service corresponding to the channel, and the third server Based on the result, a response screen data is generated and transmitted to the client terminal for display.

  The first server includes information on association of elements such as the channel, service, and business processing, session management information on the session, the plurality of first servers (individual, group, overall, etc.) and a plurality of Information on the current or most recent number of logins N regarding a plurality of sessions on a plurality of channels with the user's client terminal, and the number of logins per channel, which is a threshold value for determining the number of logins N Information on the upper limit value H of N. As the threshold value, for example, an upper limit value H of the login number N in the channel unit is set.

  The first server compares the number of logins N with the threshold value (upper limit H) during the login process for access from the client terminal, and determines whether to restrict the login. In accordance with the process and the determination, the log-in restriction is executed, and the response screen data corresponding to the restriction is generated, transmitted to the client terminal, and displayed.

  The first server restricts the login to be rejected when the number of logins N in the channel unit is equal to or greater than the upper limit H during the login process for the access from the client terminal. .

  Furthermore, it has a restriction management unit connected to the plurality of first servers, and the restriction management unit communicates with the plurality of first servers to exchange information, thereby the plurality of first servers. The channel unit, which is information on the current or most recent login number N regarding a plurality of sessions in a plurality of channels between the server of the user and the client terminals of a plurality of users, and a threshold for determining the number of logins N To manage the information of the upper limit value H of the number of logins N.

  Still further, the second server reads / writes the attribute information of the user with respect to the database of the third server during the business process constituting the service. The first server provides a predetermined service corresponding to an attribute of the user for access from the user's client terminal. The threshold value includes information on an upper limit value H of the number of logins N in the user attribute unit. The first server is limited to reject the login when the login number N in the unit of the user's attribute is equal to or more than the upper limit H during the login process for the access from the client terminal. To do.

  The effects obtained by typical ones of the inventions disclosed in the present application will be briefly described as follows. According to the exemplary embodiment of the present invention, the server system side adjusts the load and performance of the server according to the channel, user attribute, etc., even if the number of accesses (for example, sudden increase) is increased. And respond appropriately. In addition, a response is obtained so that the user can easily understand the state of the system and service, and the convenience is not deteriorated.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted.

  A system according to an embodiment of the present invention (an information processing system including a server system) will be described with reference to FIGS.

<Overview>
First, the outline and main features of the present embodiment are as follows. In a server system that accesses server services from a user's client terminal via a communication network via a predetermined channel, in a PL server (group) layer (PL layer) that performs login (session) management, screen control, etc., in units of channels In addition, service control (service provision availability determination, etc.) is performed in units of user attributes, and the number of logins (number of login state sessions) N is managed and determined by comparing the current value with a threshold value (upper limit value H) ( Control to execute the restriction of the login (number of logins).

  In response to access (request) on a predetermined channel from a client terminal, the PL server performs login (session establishment) processing including authentication. At this time, the number of logins N at the current time in the PL server (group) The threshold value (upper limit value H) is compared to determine whether or not to restrict the login. If there are no restrictions, respond as usual and provide services. When the restriction is executed, response screen data corresponding to the restriction content (type) is generated and transmitted to the client terminal for display.

  The channel unit is a unit of a route through which a user terminal accesses a PL server via a communication network when using a predetermined service. The channel is associated with, for example, a service use environment, a user's client terminal or a medium in a communication network, for example, a terminal installed at a sales office, or a PC or mobile phone of an end user (customer). The channel uses a communication path in various communication means such as a TCP / IP network, a wireless network, and a dedicated line. Further, the channel may differ depending on the website (Web server) linked to the website (Web server) providing the service. The channel can be identified by a URL when the user accesses the server system. When a service (business process) is associated with a channel, the channel unit is a service unit. In addition, when a user attribute is associated with a channel, the channel unit is a user attribute unit.

  The user attribute unit is an attribute in the use of the service of this system by the user. For example, attributes such as “excellent” and “general” are given based on the service usage status (history etc.) of a certain system (a form in which user attributes are variable information, for example, the example of FIG. 2). . Alternatively, attributes such as “excellent” and “general” are given based on a service use contract of the system in advance (a form in which the user attribute is fixed setting information, for example, the example of FIG. 1).

  A service refers to a unit realized by a series of processes consisting of a request from a user (client terminal) and a response to the request. Examples of services include various operations such as trading order processing, portfolio analysis, and simulation in a securities system, balance inquiry and transfer processing in an Internet banking system, and account information inquiry. A service is realized by combining one or more business processes (BL processes).

  In this system, the user (client terminal), user attribute, channel, PL server, service (business process), and the like are information-managed by a predetermined association. For example, a client terminal of a predetermined user (user attribute) accesses a predetermined PL server using a predetermined channel and receives a predetermined service. As an example of the association, there may be a case where different user attributes are included in the same channel, or a case where user attributes are divided for each channel. Other examples include a case where a plurality of different services are provided on the same channel, and a case where services are divided for each channel. Any form can be realized by designing and setting the system.

  The number of logins N is the number of sessions in which the user has logged into the server system (PL server) (number of login state sessions). Since each session is held and managed as session management information by the login (session) management process, the number of logins N can be grasped by referring to the information.

  For this login restriction management, as an implementation configuration example, a restriction management unit (for example, a server form) connected to a PL server (group) is provided. In the restriction management unit, the PL server (entire, group, individual) Information on the number of logins N, information on the threshold value (upper limit value H), and the like are managed. The information is exchanged between the individual PL server and the restriction management unit. Each PL server determines whether or not to execute login restriction using the information during the login process. In addition, session information is centrally managed from the PL server to the restriction management unit.

  The basic control method is to refer to channel and user attribute information during login (session establishment) processing at the PL server (restriction management unit), and threshold values (upper limit values) of these channels and user attributes. The number of logins is limited by making a comparative determination using H). For example, the number of logins N is determined for each channel (first control method). Alternatively, the number of logins N is determined on a user attribute basis (second control method). Alternatively, the number of logins N is determined by both channel units and user attributes (third control method).

  As a determination method, in the PL server, for example, when the number of logins N per channel reaches an upper limit value H during login processing, login on the channel is limited (rejected) (first control method). Alternatively, when the number of logins N in the user attribute unit reaches the upper limit value H, the login with the user attribute is restricted (rejected) (second control method).

  As a response screen corresponding to the restricted execution content, for example, a message screen such as busy is displayed without displaying a login screen for access. Alternatively, a login rejection (failure) screen including a message indicating that login cannot be performed is displayed in response to input of login information on the login screen. Alternatively, a login permission (success) screen is displayed in response to the login information input on the login screen, but the menu items of services available to the user are reduced according to the situation at that time.

  As a further function, the setting of the threshold value (upper limit value H) for restricting the login can be updated (changed). For example, means for manually updating by an administrator and means for automatically updating by program processing are provided. For example, the performance and load of this system (server) are monitored by system monitoring processing, and the threshold value (upper limit value H) setting is updated based on the result. For example, it is possible to efficiently deal with problems such as overflow by changing the threshold value (upper limit value H) according to the situation based on detection or prediction of changes in the number of logins on the time axis. it can.

  In addition, as a detailed control method, the determination is not made by looking at only one channel or one user attribute, but for the presence of multiple channels or multiple user attributes, the number of logins between them or between them, Control to adjust the ratio. For example, in the login process for using a service on a channel, if the access of a user with a certain user attribute increases rapidly, the access of the user attribute with the increased user attribute is prevented so that the access of the user with another user attribute is not squeezed. Restrict login for user access.

<System (1)>
FIG. 1 shows an outline and features of the present system. The entire system has a configuration in which a server system (server-side computer system) and a client (client terminal) are connected via a communication network 90. The server system includes a first load balancer (load balancer: LB1) 401, a PL layer PL server (group) 100, a second load balancer (load balancer: LB2) 402 in order from the front (front stage) side. It has a BL server (group) 200 in the BL layer and a DB (DB server) 300 in the DB layer. In addition, a restriction management unit (login restriction management unit) 500 and a system monitoring unit 600 are connected to these.

  On the client side, various client terminals used by the user are applicable. The client terminal has a function for using the server system, that is, a basic communication function, a function such as a Web browser and other application programs. The client terminal includes, for example, a personal computer (PC) and a mobile phone (mobile phone) owned by a user (customer), a terminal set up at a business office or a call center, a mobile terminal owned by a salesperson, and the like. The “user” and “client” mentioned here include sales offices and call centers.

  In the example illustrated in FIG. 1, a user (company) has an installation terminal of a call center or a sales office. These access the system, for example, via channels (A, B) that are given fixed priority. In addition, as a user (customer), for example, the user a is a user who uses a mobile phone as a medium, and the user attribute is “excellent”. User b is a user who uses a PC as a medium, and the user attribute is “excellent”. User c is a user who uses a mobile phone as a medium, and the user attribute is in a “general” state. The user d is a user who uses a PC as a medium, and the user attribute is “general”. Each user ad is accessed through a corresponding channel (CF). In the example of FIG. 1, user attributes and channels are associated in advance based on a service use contract or the like, and user attribute information in the DB 310 in the subsequent stage is used when accessing the PL server 100 from a client terminal. The user attribute of the user can be recognized without referring to.

  The communication network 90 includes, for example, the Internet and an intranet, a wireless communication network, a dedicated line, and the like. Each user's client terminal accesses this system (such as a Web site provided by the server system) via a corresponding communication network 90 on a predetermined channel.

  Access from each client terminal is first connected to LB1 (401). A description of the network devices before LB1 (401) is omitted. The LB1 (401) and the PL server (group) 100 are connected. Each PL server of the PL server (group) 100 and the restriction management unit 500 are connected. The PL server (group) 100 is connected to the LB2 (402). The LB2 (402) is connected to the BL server (group) 200. The BL server (group) 200 is connected to a DB (DB server) 300. The system monitoring unit 600 monitors the PL server 100 and the BL server 200. The restriction management unit 500 and the system monitoring unit 600 are connected. The PL server 100 may be connected to other modules, for example, a BL server of an external system.

  The PL server (group) 100 and the BL server (group) 200 are configured redundantly (multiple) by a plurality of individual PL servers and BL servers in order to process a large number of accesses. These server groups may be implemented by a plurality of servers having the same function (that is, a plurality of servers having a function capable of providing a plurality of services, for example) or a plurality of servers having different functions. It is good also as a structure divided into these groups (that is, for example, a separate server group for each channel-service). FIG. 2 shows a configuration example divided into a plurality of groups.

  LB1 (401) and LB2 (402) perform load distribution by distributing access to the plurality of servers in correspondence with the redundant configuration of the PL server 100 and the BL server 200. This is a known technique.

  Each PL server 100 first has basic processing functions such as a Web server function, authentication, session management, channel management, and service management. In addition, each PL server 100 has a function of performing characteristic login management, a function of communicating with the restriction management unit 500, and the like (FIG. 3).

  Each BL server 200 has a basic processing function for performing business (BL) processing associated with a service. The DB server 300 (DB310) stores data information related to services (business processing). This data information includes user attribute information.

  The limit management unit 500 communicates with each PL server 100 to exchange information, thereby determining the number of logins (number of login state sessions) N of the PL server 100 and the number of logins N in the internal DB. Holds and manages information including the upper limit value H, which is a threshold value for use. Further, the restriction management unit 500 performs a process of periodically checking (updating) the number of logins N, a process of updating the upper limit value H as necessary, and the like.

  The restriction management unit 500 and the PL server 100 perform control for restricting login (session establishment) to the system (provided service) by access in each channel based on DB information (N, H). For the restricted user client terminal, the corresponding response screen data is transmitted and displayed to appropriately cope with the client terminal. For example, when the number of accesses increases, the number of logins N for a specific channel unit or user attribute unit is limited to less than the upper limit value H based on the determination by the upper limit value H of the number of logins N for each channel unit or user attribute unit. As a result, in the channel unit or user attribute unit other than those restricted, the number of logins can be increased accordingly.

  In the example of FIG. 1, in the Web access of an end user (customer), a service is provided on another channel corresponding to the difference between a PC and a mobile phone in a client terminal. Further, at the time of execution of restriction, login of channels “a” and “b” of the users “a” and “b” having the user attribute “excellent” is permitted without restriction, and logins of the channels “E” and “F” of the “general” users c and d Has restricted and refused. Further, for example, in consideration of the fact that the screen data amount of the PC and the mobile phone is heavier, the login effect of the “general” user of the PC on the channel F is strongly restricted, thereby increasing the restriction effect.

  As described above, predetermined user attributes can be associated with channels and services. For example, a service on a specific channel may be provided to a user having a specific user attribute (for example, “excellent”).

  The system monitoring unit 600 also monitors the load and performance of the system (PL server 100, BL server 200, DB300, LB1 (401), LB2 (401), etc.). Based on the monitoring result information, the restriction management unit 500 updates the set value of the upper limit value H as necessary. For example, when the system load is high and the performance is degraded, the upper limit value H of a certain channel can be increased and the upper limit value H of another channel can be decreased.

<System (2)>
In FIG. 2, as a configuration example of this system, a configuration example relating to association of a user (client terminal), a user attribute, a channel, a URL (address), a PL server, a service, and the like is shown. The example shown in FIG. 2 is a case where a predetermined channel (URL) is associated with a predetermined PL server group. In addition, a plurality of channels for each medium such as a PC and a mobile phone, and different user attributes (“excellent” and “general”) are mixed in the same channel. For example, channels A and B are for fixed priorities such as call centers, and channels C and D are for mobile phones (customers) and PCs. A specific group of PL servers 100 is associated with each channel. For example, access to channel C (URL-C) for mobile phone is processed by group C to provide a mobile phone service. Access to the PC channel D (URL-D) is processed by the group D to provide a service for the PC.

  In the example of FIG. 2, the user attribute is information that changes from time to time depending on the service usage status or the like (for example, account balance information in the DB 310). When accessing the PL server 100 from a client terminal, the user attribute of the user is recognized by referring to the user attribute information in the DB 310 at the subsequent stage. Further, the user does not need to recognize his / her user attributes, and the server system manages and recognizes the information as information.

  As a configuration example of the PL server (group) 100, each channel (for example, A to D) is divided into groups (for example, A to D). For example, the group A of the PL server 100 includes a plurality of PL servers (# 1 to #m), is associated with a predetermined channel A (URL-A), and has a predetermined service (for example, services A, B, and C). I will provide a. The same applies to the groups B, C, and D, which are associated with different channels B, C, and D, respectively. Load distribution is performed from LB1 (401) to a plurality of PL servers 100 in the group. As described above, a form in which each PL server group provides the same service or a form in which different services are associated with each group is possible.

  Each individual PL server 100 has information on the number of logins N in units of its own server by performing login management processing. The restriction management unit 500 acquires information on the number of logins N for each individual PL server. Thereby, the restriction management unit 500 can grasp the number of logins N in units of individual, group, and whole in the DB. For example, the number of logins N (NA to ND) of each group A to D and the total number of logins N0 can be grasped. In addition, the individual PL server 100 obtains the information (individual, group, total number of logins N) from the restriction management unit 500, holds the information in the own server, and includes the group including the own server and the entire state. Can be grasped.

  Further, the limit management unit 500 holds an upper limit value H (individual, group, and overall upper limit value H) that is a threshold value regarding the number of various logins N. For example, the number of logins N (NA to ND) of each of the groups A to D and the upper limit value {HA to HD, H0} corresponding to the total number of logins N0 are held. Each PL server 100 can acquire and grasp information on the upper limit value H from the restriction management unit 500.

  The number of logins N of the entire PL server (group) 100 is N0, and the upper limit value is H0. The number of logins N of the first PL server group A is NA, and the upper limit value is HA. Others are the same. Further, information on the upper limit value H may be exchanged together with information on the number of logins N, for example.

  The login number N and the upper limit value H are managed according to control units such as a channel unit and a user attribute unit. For example, in the case of the first control method for limiting the number of logins N in units of channels, control is performed using the number of logins N in units of channels and the upper limit value H corresponding thereto. In the example of FIG. 2, the number of logins N for each channel is the number of logins N (NA to ND) for each group. In this example, different user attributes (excellent and general) are mixed in the same channel, and management of the number of logins N and the upper limit value H in user attribute units is not necessary. In the case of the second control method that restricts in user attribute units, the number of logins N and the upper limit value H in user attribute units are managed as in the first control method.

  As examples of restrictions, X is a restriction on channels A and B, Y is a restriction on channel C for mobile phone, and Z is a restriction on channel D for PC. For example, the restrictions become stronger in the order of X, Y, and Z (the priority for login and service provision decreases). Further, when the restriction is made in units of user attributes, for example, the restriction of Y is applied to the users a and b whose user attributes are “excellent”, and the restriction of Z is applied to the users c and d whose user attributes are “general”. And so on.

<System (3)>
FIG. 3 shows an internal detailed configuration example of each server and the like of this system. The example shown in FIG. 3 is a form in which the centralized management of the session is performed by the restriction management unit 500, and the login restriction determination and execution are performed by the individual PL server 100.

  The restriction management unit 500 and the system monitoring unit 600 are implemented, for example, in the form of a specific server (restriction management server, system monitoring server). Each server is implemented by predetermined hardware and software. For example, a single server device includes a processor, a memory, a communication interface, and the like, and a server function is realized by executing a program on the memory by the processor and a function of a dedicated circuit. Each server may be physically constructed in a separate device, or a part or all of the servers may be logically divided into the same device. When the server is physically constructed by another device, each server is connected by a LAN or the like.

  As processing units characteristic of the present system, there are a login number N update unit 52, an upper limit value H setting unit 53, a limit determination unit 14, and a limit execution unit 15. In the PL server 100 and the restriction management unit 500, these processing units are provided on at least one side. Alternatively, these processing units may be provided on both sides as a master-slave module.

<PL server>
In the PL layer, the PL server 100 includes a login management unit (session management unit) 10, a screen control unit (response control unit) 20, a well-known Web server function (not shown), a communication function, and the like. The login management unit 10 includes an authentication processing unit 11, a channel-service control unit 12, a login processing unit (session processing unit) 13, a restriction determination unit 14, a restriction execution unit 15, a communication unit 16, a user attribute control unit 17, and It includes session management information 31, restriction management information 32, channel-service management information 33, and the like.

  The login management unit 10 performs processing (login processing) of login (session establishment) to the present system for access from the user's client terminal, and processing (login (session) management processing) for managing the processing.

  The authentication processing unit 11 identifies whether or not various types of authentication are necessary when accessing from a client terminal, and performs authentication processing by a predetermined method. This authentication process itself is a known technique. Examples of authentication here include authentication using a digital certificate, authentication using a one-time password, authentication using a cookie, and other channel-specific authentication.

  The channel-service control unit 12 manages the channel-service management information 33 and controls the association of elements such as channels and services, the availability determination for each channel, the availability determination for each service, and the like. The channel-service control unit 12 or the like is used to control login restrictions on a channel basis. The channel-service control unit 12 sends a request to the BL server 200 (or an external system function) and receives a processing result as a response.

  The login processing unit 13 performs login (session) processing using the authentication processing unit 11, the channel-service control unit 12, the restriction determination unit 14, the communication unit 16, and the like. The login processing unit 13 (or the session centralized management unit 51) creates, refers to, or updates session management information 31 (session information) related to a session with a client terminal during login processing by access from a user (client terminal). , Delete, etc. The login manager 10 (or the session central manager 51) creates new session information at the time of a new login. Further, when the same user accesses thereafter, the content of the session information is updated. As the session management information 31 is created, updated, deleted, etc., the login processing unit 13 can grasp the number of logins N in its own server by counting the number of records.

  Whether or not to restrict the login by the access by comparing the latest number N of logins with the upper limit value H of the corresponding type during the login process by the access from the user (client terminal), etc. Determine.

  The restriction execution unit 15 executes the corresponding login restriction according to the determination result of the restriction determination unit 14. For example, response screen data corresponding to denial of access (login) is generated by the screen control unit 20 and transmitted to the client terminal for display.

  The communication unit 16 performs communication for exchanging information with the processing unit in the restriction management unit 500. For example, in accordance with an instruction from the login processing unit 13, the communication unit 16 communicates with the login number N update unit 52 in the restriction management unit 500 and exchanges information on the login number N. Similarly, the communication unit 16 communicates with the upper limit value H setting unit 53 in the limit management unit 500 and exchanges information on the upper limit value H. The login processing unit 13 updates the number of logins N in its own server, and communicates with the restriction management unit 500 (login number N updating unit 52) through the communication unit 16 to exchange the information.

  Individual PL servers in the PL server (group) 100 exchange information with the restriction management unit 500 via the communication unit 16, and thus the current number of logins N in the server, the group, and the whole The upper limit value H corresponding thereto can be grasped. Although the number N of logins at this time is not strictly a value reflecting a real-time situation, it can be grasped as an approximate value and can be used for control without any problem.

  Furthermore, in the case of the form of control in units of user attributes, control is performed using the user attribute control unit 17. The user attribute control unit 17 manages the association between user attributes and elements such as channels and services, and controls whether or not to provide services in units of user attributes.

  The screen control unit 20 generates response screen data based on the results processed through the login management unit 10 and the BL server 200 according to the request from the client terminal (Web browser or the like) by the Web server function, Send it to the original client terminal for display. The response screen data (login or service response information) is generated based on data such as a screen file that is held (for example, in HTML format). In the client terminal, the response screen data is displayed on the display device screen by a Web browser or the like, and can be browsed by the user. The screen control unit 20 performs processing for generating corresponding type of response screen data when login is restricted.

<Restriction Management Department>
The restriction management unit 500 (restriction management server) includes a session centralized management unit 51, a login number N update unit 52, an upper limit value H setting unit 53, a session management DB 41, a restriction management DB 42, and the like.

  The session central management unit 51 is a function for centrally managing each session management information (corresponding to 31) in the PL server (group) 100 in the session management DB 41. Each PL server 100 reads / writes the session management information 31 in its own server from / to the session management DB 41 via the communication unit 16 and the session centralized management unit 51 of the restriction management unit 500. Alternatively, in the case where the session management is performed by the individual PL server main body, the restriction management unit 500 may acquire and collect the session management information 31 from each PL server 100.

  The login number N update unit 52 refers to the session management DB 41 or exchanges information with each PL server 100, whereby the entire number, group, and individual number of logins in the PL server (group) 100 are obtained. This is a function of periodically checking (updating) N and managing the number N of logins in the DB (42) in units of channels or user attributes.

  The upper limit value H setting unit 53 is a function for setting (updating) information on each upper limit value H related to the number of logins N in channel units or user attribute units, based on settings and controls. Information set in this way is held in the restriction management DB 42.

  The session management DB 41 is a DB in which session management information (corresponding to 31) in the PL server (group) 100 is centrally managed. The restriction management DB 42 is a DB that comprehensively manages information on the number of logins N and the upper limit value H (corresponding to 32) in the PL server (group) 100.

  The upper limit value H setting unit 53 updates (changes) each upper limit value H based on control and setting from the system monitoring unit 600 and the setting unit 700. The setting unit 700 is an interface used when, for example, manual setting is performed by a system administrator.

  The session central management unit 51 communicates with the login management unit 10 to create session information and write it to the session management DB 41 at the time of new login processing, and update the content of the session information at the subsequent access by the user. . Further, the session central management unit 51 periodically checks the session information in the session management DB 41 and deletes it with a predetermined trigger and condition. For example, the session centralized management unit 51 sets the retention time (elapsed time from the session creation / update date / time) to a certain time (for example, in units of 10 minutes or 20 minutes) among a plurality of session information records in the session management DB 41. Delete excess records. By periodically deleting in this way, it is possible to grasp the current (latest) number of logins N (approximate value) only by confirming the number of records of the session information.

  When a user disconnects without performing a formal logout procedure, even if a record of the corresponding session information exists, the user is not necessarily logged in at that time. Regarding this, not only a simple count at the time of access but also the number of logins N (approximate value) can be grasped by coping with periodic deletion of the session information.

<BL server, DB>
In the BL server 200 of the BL layer, the service-BL control unit 210 controls a business (BL) process associated with a predetermined service requested from the PL server 100 side, and a user attribute information confirmation process as necessary. Also do. The business module 220 executes individual business processing according to control from the service-BL control unit 210. In the processing by the BL server 200 (service-BL control unit 210 and business module 220), the business DB 310 of the DB server 300 is read and written for processing, and user attribute information (indicated by U) stored in the business DB 310. Read and write. The business DB 310 is, for example, an account information DB.

  In the BL server 200, one or more business modules 220 necessary for realizing business (BL) processing associated with the requested service are executed sequentially or in parallel. In addition, a service may be realized by cooperation of business modules 220 of a plurality of BL servers 200. Depending on the scale of the provided service, in order to process a certain service (for example, securities trading order service), the BL server 300 usually has a plurality of applications that provide subdivided business processing and the like. A series of processing is performed by calling and cooperating a plurality of operating business modules sequentially or in parallel. As a result, processing for a large-scale service is realized.

  In addition, services that can be provided may vary depending on user attributes. For example, according to the service usage status (history, etc.), the user attribute is divided into “general”, “excellent”, etc., and a system that provides different services depending on whether the user attribute is “general” or “excellent” Is possible.

<Modification>
The following are examples of modifications of the PL server 100 and the restriction management unit 500 such as the arrangement and role assignment of each processing unit (function).

  The order of processing by each processing unit such as the authentication processing unit 11 and the channel-service control unit 12 in the login management unit 10 can be reversed.

  In this example, the restriction management unit 500 performs session centralized management. However, a session may be managed by individual PL server entities (the session centralized management unit 51 and the session management DB 41 are not required).

  Moreover, the form with which the restriction | limiting determination part 14 is provided in the main part of the restriction | limiting management part 500 is also considered. In this case, a restriction execution instruction is given from the restriction management unit 500 to the individual PL server 100, and the individual PL server 100 executes restriction according to the instruction.

  In addition, when the individual PL server 100 performs login processing and restriction determination for access from a user, information (session management information 31, number of logins N, etc.) is basically sent to the restriction management unit 500 (restriction management server). However, if the access to the restriction management unit 500 is performed every time the access occurs, there is a concern that the processing load becomes too large. Therefore, as an example of processing for improving the efficiency, access from the PL server 100 to the restriction management unit 500 is appropriately omitted. That is, the processing load can be reduced by accessing the restriction management unit 500 at regular intervals or more and exchanging information in units of the access unit. For example, the PL server 100 retains information such as the number of logins N and the upper limit value H when the limit management unit 500 was previously accessed and processed in its own server. When determining a restriction on a new user access, the last approximate value held is used. In this case, accurate numerical values in real time cannot be grasped, but approximate numerical values can be grasped, which is sufficient for this control.

<Process (1): Login process>
Next, FIG. 4 shows a processing sequence of login processing in the present system (S indicates processing steps and the like). It should be noted that processes according to known techniques such as authentication process and service-BL process will be omitted.

  The user's client terminal accesses a login screen (described later in FIG. 7). From the login screen, in order to use a predetermined service, the user inputs necessary login information and executes a login operation. In response to this, the client terminal transmits information of a login request (session establishment request) to the PL server 100 through a predetermined channel (URL) (S401). The login request information includes information such as URL (or channel ID), user ID (or client terminal ID), password (PWD), and the like. This login request information is transmitted to the PL server 100 having an address associated with a predetermined channel via LB1 (401).

  In the PL server 100 that has received the login request information, the login management unit 10 performs login processing including authentication, channel-service control, login restriction determination / execution, and the like. The authentication processing unit 11 performs predetermined authentication processing such as authentication with a digital certificate on the login request information. In the login process including the authentication process, request information (including a user ID) is sent from the PL server 100 to the BL server 200, and the user attribute information (U) in the DB server 300 (DB310) is transmitted via the BL server 200. These are also referred to for determination (S402). For example, the BL server 200 acquires a password, user attribute information (U), and the like from the business DB 310 using the user ID in the request information as a key. The response information from the BL server 200 to the PL server 100 includes URL (channel ID), user ID, PWD, user attribute information (U), and the like. In the PL server 100, the determination is made by collating the received password from the client terminal with the acquired password from the BL server 200.

  With the authentication process, the channel-service control unit 12 and the user attribute control unit 17 identify the channel (URL) of access (request information) received from the client terminal by the Web server function of the PL server 100, and Whether or not a service available to the user in the channel-unit PL server 100 can be provided is determined with reference to the channel-service management information 33 and the user attribute information (U) (S403).

  When the above authentication is normally passed, a characteristic login restriction determination or the like is performed by the login processing unit 13 and the restriction determination unit 14 or the like. The restriction determination unit 14 compares the current number of logins N in the channel unit of the PL server 100 (group, etc.) counted in connection with the latest login request with the upper limit value H of the corresponding type ( S404). At this time, information such as the number of logins N and the upper limit value N in the restriction management information 32 or the restriction management DB 42 is referred to. If it is less than the upper limit H, the login (that is, session establishment) is permitted, and if it is equal to or higher than the upper limit H, the login is rejected.

  If the login is permitted, the login management unit 13 creates or updates a record of the corresponding session management information 31 (S405). The session management information 31 includes information such as a session ID, a channel ID (URL), a user ID, and a session attribute. The session ID is assigned by the channel-service control unit 12, for example. If necessary, the session management information 31 is written into the session management DB 41 by the session central management unit 51 of the restriction management unit 500 through the communication unit 16. On the other hand, based on the result of the permission, the screen control unit 20 generates predetermined response screen data, adds information such as a session ID, and transmits it to the requesting client terminal.

  When the login is rejected, the restriction execution unit 15 executes restriction of a specific type to be applied according to the channel and the user attribute. The screen control unit 20 generates predetermined response screen data corresponding to the restriction type and transmits it to the requesting client terminal (S406). An example of the response screen will be described later.

  For the service use of the user after the successful login, a session for using the user's service by using the session ID by the login management unit 10 (channel-service control unit 12 or the like) of the PL server 100. Is identified.

<Process (2): Service process>
An example of service processing control when a user accesses the server system from a client terminal and uses a desired service in the session (session ID) after successful login will be described with reference to FIG. The user selects a menu item of a desired service from the service screen (described later, FIG. 8) of the client terminal, and executes a service request operation. In response to this, service request information is transmitted from the client terminal to the PL server 200 through a predetermined channel (S501).

  The PL server 100 receives a service request from the client terminal via the LB1 (401). This service request includes information such as URL (channel ID), service information (such as service name or service ID), and session ID.

  In the PL server 100 that has received the service request, the login management unit 10 uses the channel-service control unit 12 and the user attribute control unit 17 to perform channel-service management information 33, user attribute information (U), session management information 31, etc. In accordance with the contents of the above, it is determined whether or not the service to be used by the user can be provided on the channel. For example, the channel-service control unit 12 refers to the channel-service management information 33, identifies the channel (channel ID) from the URL in the service request, and uses the channel using the URL (channel ID) as a key. Judgment is made. If the channel is available, the channel-service control unit 12 identifies a service that is to be used by the user regarding the channel (S502). Based on the session management information 31, information such as session attributes is acquired using the session ID as a key (S503). Then, using the information such as the session attribute, it is determined whether or not the service can be provided.

  When the service to be used by the user on the channel can be provided, the channel-service control unit 12 calls the BL server 200 that performs the business process associated with the service and requests the business process. In addition, when the service to be used is an external service provided by an external system (for example, a stock price information service provided by a financial service company), the external service function requests the external service to perform processing. The service is realized in the same way by linking.

  A service request from the PL server 100 is transmitted to the BL server 200 that processes the service (business process). When the requested service (business process) can be executed, the service-BL control unit 210 calls and executes the required business module 220 according to the processing sequence. Each business module 220 executes the business process by accessing the business DB 310 of the DB server 300 and reading / writing data as necessary (S504). At that time, the user attribute information (U) in the business DB 310 is also referred to and updated as necessary. Then, in the session, a response including the processing result of the service (business processing) (service processing result response) is transmitted from the BL server 200 to the PL server 100 (S505). In this response, the user attribute information (U) in the business DB 310 or information created based on the user attribute information (U) may be transmitted.

  The PL server 100 updates the corresponding record of the session management information 31 by the channel-service control unit 12 based on the response information from the BL server 200 (S506). Update the time stamp of the update date of the record with the current time. Then, the screen control unit 20 generates response screen data including information such as a service processing result and transmits it to the client terminal (S507).

  During the above process, if it is determined that the corresponding channel is unusable or if it is determined that the corresponding service cannot be provided, the subsequent server or the like is not accessed, for example, the screen The control unit 20 generates response screen data including information indicating that the channel cannot be used or information indicating that the service cannot be provided, and transmits the response screen data to the client terminal.

  In addition, for example, in the case where the server is temporarily unable to provide a service, such as irregular maintenance of the server or in the event of a failure, information on the service entry of the server in the channel-service management information 33 Can be dealt with by changing it by an administrator or computer processing.

  In addition, for example, when a service of a specific channel is temporarily unavailable on a channel basis due to a failure or the like, the value of the item of availability of the entry of the corresponding channel in the channel-service management information 33 is set to “No”. Can be dealt with by changing to "".

<Response screen>
Next, FIG. 6 shows a transition example of the response screen display for the client terminal. 7 to 9 schematically show display examples of corresponding screens. A client terminal (Web browser or the like) accesses a Web site or the like provided by the server system. In a normal state, a standard main screen or a login screen as shown in (A) is displayed for access from the client terminal. A login request is accepted by inputting login information (user ID, password, etc.) by the user from the screen of (A). In response to the login request, the PL server 100 performs the login process (FIG. 4). Accordingly, after the login is permitted (successful), a standard service screen (menu screen) such as (B) is displayed on the client terminal. When the user selects and executes a service (corresponding menu item) from the screen (B), the service is provided. The service processing (FIG. 5) is performed through the PL server 100 and the BL server 200, and a service response screen such as (C) is displayed on the client terminal.

  (A) shown in FIG. 7 is a main screen such as a website, a login screen, or a login screen included in the main screen.

  A menu screen 1 (service screen) shown in FIG. 8B displays menu items of services available on the channel. The user selects a desired service item from the menu screen 1 in (B) and executes a service request. When the server system performs determination and service processing and returns response screen data, the service response screen shown in FIG. On the service response screen (C), information such as a service selection result or a service processing result is displayed.

  When the login is rejected by the PL server 100, predetermined response screen data corresponding to the type of application of the login restriction is generated and transmitted to the user's client terminal. There are the following examples. When an attempt is made to access the screen (A) from a client terminal (Web browser or the like), the message screen (D) is displayed by executing a specific type of restriction (a: login screen not displayed).

  On the message screen (D) shown in FIG. 9, for example, a message indicating that the service of this system cannot be used because it is currently congested is displayed, and the login screen (A) is not displayed. Therefore, the login information input operation itself by the user is impossible. The screen (D) is a replacement for the standard screen (A). There is an effect of reducing the load caused by a login request without requiring the user to input login information.

  In addition, when login is rejected (failed) through a login process on the server system side by a login request by inputting login information from the login screen of (A), login failure (rejected) of (E) is rejected. ) Move to the screen. On the screen (E), for example, a message indicating that login could not be performed due to current congestion (or that login is impossible) is displayed. In this case, for example, by operating the “return” button, the user can return to the login screen of (A), and the user can try a login request by inputting login information again. However, if the same restriction is executed depending on the situation, the login is rejected again.

  Also, when login is permitted (successful) with a predetermined restriction through a login process on the server system side by a login request by inputting login information from the login screen of (A) (c: login permission (with restriction)) ) And (F) move to the menu screen 2 (service screen). In the screen of (F), the display content is basically the same as that of the screen of (B), but compared to the screen of (B), the menu items of the services available to the user depend on the situation. Limited to specific items, reduced. The user can select and execute only the menu items displayed on the screen (F).

  In this case, in response to the login request, the PL server 100 performs processing for determining a service that can be used by the user attribute of the user at that time, and the screen of (F) including only the menu items of the available service. Is processed by the screen control unit 20 or the like. Further, for example, on the screen (F), a list of service names and service provision times may be displayed in a form divided for each time zone in which the service can be provided based on the service time information.

  As an example of this process, the user is based on the channel-service management information 33, the current time, etc. by the channel-service control unit 12 during the login process (FIG. 4) or the service process (FIG. 5). Acquire information (service name, service time zone, etc.) of a list of services currently available for the attribute. Based on this information, control is performed such that information such as a service that can be currently used by the logged-in user and information on the available time zone are displayed on the service screen after successful login.

  In this case, the user can know whether or not the service can be used by looking at the screen (F) without actually executing a service use request for a certain service.

<Data>
Hereinafter, configuration examples (tables) of various data and information used and managed in the server system will be described. Note that various methods such as a database, a file, and a memory table can be used for mounting these data and information. The data item of each table is an example, and may have other data items. Each table can be divided or combined into one.

<Data: Channel-service management information>
FIG. 10 shows a configuration example of the channel-service management information 33. In the channel-service management information 33, association of elements such as a channel (URL), a service, and the PL server 100 is defined. The channel-service management information 33 includes items such as channel ID, URL, provided service information, PL server information, BL information, channel attribute (usability), service attribute (provision availability), and service time zone.

  The channel ID and URL indicate a channel and URL used when a user accesses the server system from a client terminal. The channel ID and URL are set to different values for each channel. The provided service information is information such as a service ID or a service name related to a service associated with the channel. When a plurality of services are associated with one channel, a plurality of records are set.

  The PL server information is information of a PL server that accepts the service, and is, for example, a group type (group ID), an individual PL server ID, or the like. The BL information is information (BL-ID or the like) of one or more business (BL) processes constituting the service and information of the processing sequence.

  The information on the channel attribute (usability) indicates whether or not the corresponding channel (URL) is currently available. For example, in the case where a specific channel with a low priority is made unusable for each channel due to a failure or the like, the value of the availability is set to “No”.

  The service attribute (provision availability) information indicates whether or not the corresponding service can be provided.

  The service time zone information indicates a time zone during which the service can be provided. For example, 24 hours, a specific time, a date and time of a certain period, and the like. In addition, for example, when the service provision time is temporarily changed or restricted due to irregular maintenance or failure of the server, the value of this item can be changed to cope with it. Note that, when the login restriction is generated, the service provision is temporarily stopped even in the original service time zone.

<Data: Session management information>
FIG. 11 shows a configuration example of the session management information 31 (or session management DB 41). The session management information 31 includes items such as a session ID, a session attribute, a user ID or client terminal ID, a user attribute, a channel ID or URL, and an update date (login date).

  The session ID is an ID for identifying a session, and is assigned to identify a session established by a successful login from the user's client terminal to the server system. The session attribute represents a session attribute determined according to the user attribute or channel of the user of the session. For example, a value corresponding to the type or status of the restriction to be applied is set.

  The user ID is an ID for identifying a user who has logged into the server system and established the session. The client terminal ID is an ID for identifying the user's client terminal. The user attribute is information representing the attribute of the user. For example, values such as “excellent” and “general” are set according to the service usage status (history).

  The channel ID and URL represent the channel or URL that has passed through when the session is established. The update date / time is the date / time (time stamp) when the entry (record) of the session in the session management information 31 is updated (including newly created). A new session entry is created at the first login, and the contents of the session entry are updated at the second and subsequent logins. The update date / time information is used to grasp the active state of the session (number of logins N). By the periodic check / periodic deletion process of the session management information, the information of the update date / time is referred to and deleted by a unit such as a certain elapsed time.

<Data: Restriction management information>
A configuration example of the restriction management information 32 (restriction management DB 42) is as follows.

  FIG. 12 shows an example of management information related to the number of logins N and the upper limit value H of the PL server (group) 100 in the restriction management DB 42 of the restriction management unit 500. This table includes items such as PL server information, URL (address), provided service, number of logins N, and upper limit value H.

  The PL server information is a PL server group type, an individual PL server ID, and the like. For example, PL01-01 is the first PL server in the first group. URL (address) is the URL (address) of the PL server (group). The provided service is a service ID of a service provided by the PL server (group). The number N of logins is a count value of N at the present time in the unit of the PL server (group). The upper limit value H is a threshold value of the type (same unit) associated with the login number N.

  The restriction management information 32 regarding N and H held by the individual PL server 100 is the same information as part of the restriction management DB 42.

  FIG. 13A shows an example of the limit management information 32 in units of channels associated with the DB (42) in FIG. In the limit management information 32 in units of channels, each channel (channel ID) has items such as PL server information (group type, etc.), provided service information, restriction attributes, an upper limit value H, etc., and a predetermined set value is assigned. It is done.

  In the restriction attribute, information such as a restriction type or a control method type applied to the channel and a restriction state applied at that time is set. For example, 0 is not applicable (normal), and 1 (X) is the highest priority (for example, corresponding to channels and user attributes permitted with fixed priority). 2 (Y) has the second highest priority (eg, corresponds to the “excellent” user attribute and is limited to the second). 3 (Z) has the third highest priority (eg, corresponding to the “general” user attribute and limited first).

  The upper limit value H is a set value of the upper limit value H converted in units such as a PL server group associated with the channel unit.

  FIG. 13B shows an example of user attribute unit restriction management information 32 associated with the DB 42 in FIG. Similar to the limit management information 32 in units of channels in FIG. 13A, each user attribute has items such as a limit attribute and an upper limit value H, and a predetermined set value is assigned.

  The upper limit value H is a set value of the upper limit value H converted in units such as a PL server group associated with the user attribute.

  In this example, user attributes are simply divided into “excellent” and “general”. However, the user attributes may be controlled in more detailed steps.

  When limiting control is performed in units of channels, user attributes, and the like, a plurality of items of the upper limit value H corresponding to the control step may be managed for the item of the upper limit value H (for example, H1, H2 described later) ).

  In the case of the third control method, both the limit management information 32 in units of channels in FIG. 13A and the limit management information 32 in units of user attributes in FIG. 13B are combined into one channel. Management information in a form in which an ID is associated with a user attribute is used.

<Control example (1)>
The basic control example of this system is as follows. By flexibly changing the setting of the upper limit value H according to the situation, for example, a situation such as a sudden increase in the number of accesses can be dealt with. In the setting of the upper limit H, for example, it is changed by manually inputting and setting information using the setting unit 700 by a system administrator or the like. Alternatively, the setting of the upper limit value H is automatically changed by computer processing (system monitoring unit 500) using a predetermined prediction program or the like.

  As an example of the situation, the administrator (or forecasting program, etc.) recognizes that the number of access to information browsing services, etc., and the number of logins on a certain channel are increasing rapidly due to fluctuations in stock prices at a certain date and time. ,To detect. Then, the administrator (or a prediction program or the like) predicts further increases in the number of accesses and logins on the same channel in the subsequent time. Thereby, the manager (or the prediction program or the like) appropriately sets or updates the set value of the upper limit value H of the channel, for example. The upper limit value H may be set in advance based on past experience or the like.

  For example, as in the example of FIG. 1, the number of logins N of “general” attribute users d using a PC is largely limited by setting the corresponding upper limit value H small, while the “excellent” attribute users a, b The number of logins N is controlled so as not to be limited.

  Further, for example, each upper limit value H may be adjusted by raising or lowering it from the normal time. For example, when the upper limit value H is increased, the performance and resources of the system are required accordingly. Therefore, the PL server 100 of another channel, the spare PL server, etc. are made valid, or the PL server 100 of another channel is set. The performance and resources are adjusted by, for example, lowering the upper limit value H.

<Control example (2)>
FIG. 14 is a transition example of the number of logins N in the case of the first control method that is simply determined on a channel basis. The horizontal axis represents time, and the vertical axis represents the change in the number of logins N in providing a predetermined service (for example, information browsing service) on a certain channel X. It is assumed that the user of the channel X includes a user 2 whose user attribute is “excellent” and a user 3 who is “general”. In the first time zone T1, the number of accesses increases rapidly, that is, the number of logins N increases rapidly. In the first time zone T1, the restriction state is no restriction (restriction 0), and all users are permitted to log in. It is assumed that the login number N reaches the upper limit value HX (HX <H0) at time t1. Thereby, in the second time zone T2, as a restriction state, a predetermined restriction (restriction 1) is executed, and among the users, the “excellent” user 2 and the “general” user 3 are denied login, and the channel X The number of logins N is suppressed below the upper limit value HX. Therefore, channels other than the channel X out of the plurality of channels have a sufficient number of logins.

  In this control example, there is no limitation in units of user attributes. Of the number N of logins of the channel X, for example, the actual ratio of the “excellent” user 2 and the “general” user 3 can be considered various cases. For example, at first, the actual ratio of the user 2 to the user 3 is about 50% -50%, but at the time t1 when the upper limit value HX is reached due to the rapid increase in the access of the “general” user 3, the ratio is, for example, 10%. Suppose that it has changed to about -90%. In this case, the service to the “excellent” user 2 is under pressure. Therefore, in this system, for example, when it is desired to secure or improve the service to the “excellent” user 2, the limitation to the “general” user 3 rather than the “excellent” user 2 is controlled using the control of the user attribute unit described later. Strengthen.

<Control example (3)>
Further, as an example of control added to the above, there is the following restriction release function. This uses a predetermined threshold value (lower limit value L) to control the determination regarding the cancellation of the restriction and the execution of the cancellation. In the above control example, when the upper limit value HX is reached at the time t1, the login restriction of the channel X is started, and the number of logins N is leveled off or tends to decrease, but for example, due to a decrease in N, it is smaller than the upper limit value HX. Assume that the value falls below a predetermined lower limit value LX (HX> LX). At this time, the PL server 100 releases the login restriction for the channel X, that is, starts to permit login. Thereby, after that, N tends to level off or increase. Thereafter, similarly, the execution of restriction is controlled using the upper limit value HX and the lower limit value LX. By using this function, for example, after the limit (for example, replacement to the screen of (D)) is started by the upper limit value H, the number of logins N is lowered to some extent, and the system load is sufficiently reduced. Therefore, it is possible to perform control such that the service is started again by the lower limit value L.

<Control example (4)>
An example of login restriction control in this system (when considering user attribute units) is as follows. This control example is a case where the size of the limitation effect due to the number of logins N and the difference in the priority of user attributes are considered. Since the effect of the restriction is higher for a user with a larger number of logins N, the restriction (strong restriction) is made first. In addition, the user with the user attribute “excellent” is given higher priority (ie, the restriction is weaker), and the user with the user attribute “general” is given lower priority (ie, the restriction is stronger).

  A two-step login restriction control method corresponding to the above concept is shown below. This is a control method for determining in channel units and user attribute units, and using two threshold values (first upper limit value H1, second upper limit value H2, H1 <H2), different types on the time axis. Restrictions are applied in order. In this control example, user attributes, channels, PL server groups, and services are associated with each other in a predetermined manner, and for example, services are provided in different series for each of user attributes 2 (excellent) and 3 (general). The priority of the user attribute 2 (excellent) is relatively high, and the priority of the user attribute 3 (general) is relatively low.

  FIG. 15 is a transition example of the number of logins N in this control example. The vertical axis represents the number of logins N in the provision of a predetermined service (for example, information browsing service) on a predetermined channel related to the user, which is a combination of user attribute 2 (excellent) and user attribute 3 (general). The number of logins N in the solid curve is a combination of the number of logins N2 and N3 for each user attribute 2 and 3. The number of logins N in the dashed curve indicates the number of logins N3 of the user attribute 3.

  Initially, in the first time zone T1, there is no limit (limit 0) as the limit state, and all users are permitted to log in. At T1, for some reason, access to the PL server 100, that is, the number of logins N is increasing. For example, there may be a case where access to the information browsing service increases rapidly due to fluctuations in stock prices. As an actual situation, for example, it is assumed that both user attributes 2 and 3 have an increasing tendency of access, but in particular, the access of an unspecified number of user attributes 3 (general) is rapidly increasing.

  It is assumed that the number of logins N (N2 + N3) first reaches the first upper limit value H1 at time t1. H1 is a channel unit threshold value corresponding to N (N2 + N3). Thereby, in the second time zone T2, a predetermined restriction (restriction 1) is executed as a restriction state, and among the users, restriction starts first from the user attribute 3 (general) having a low priority and a large number. (Login is refused). On the other hand, the user attribute 2 (excellent) remains permitted to log in.

  In the second time period T2 after t1, due to the state of restriction 1, for example, the number of logins N3 of the user attribute 3 (general) is less than H1. If new logins with the user attribute 3 (general) continue to be rejected, the number of logins N3 tends to decrease. On the other hand, since user attribute 2 (excellent) is permitted, it is assumed that the number of logins N2 continues to increase.

  It is assumed that the login number N (N2 + N3) reaches the second upper limit value H2 at time t2. H2 is a channel unit threshold value corresponding to N (N2 + N3). Thereby, in the third time zone T3, a predetermined restriction (restriction 2) is executed as the restriction state, and among the users, in addition to the user attribute 3 (general), the user attribute having a high priority and a small number 2 (excellent) is also restricted (login denied). The number of logins N (N2 + N3) of the channel is suppressed to less than the upper limit value H2.

  Therefore, of all channels other than the corresponding channel, the number of logins is sufficient, and the quality of service is ensured without the service to “excellent” users being overwhelmed by the access of many “general” users. ing.

  The magnitudes of the threshold values (H1, H2) are appropriately set based on the prediction of the number of accesses for each user attribute, experience, and the like. For example, H1 related to N (N2 + N3) is 4000, H2 is 5000, and so on.

  If the number of logins N2 due to access of user attribute 2 (excellent) does not increase at T2 after t1 in the above example, N (N1 + N2) decreases, and in this case, user attribute 3 (general) again You can also accept logins. In this case, determination and restriction are similarly performed using H1 as needed.

  In addition, the above-described restriction release function can be used. The lower limit values L1 and L2 corresponding to H1 and H2 are used. For example, when N (N1 + N2) decreases after reaching H1 at t1 and starts limiting, the limitation is released when N falls below the lower limit L1, and N (N1 + N2) can be increased again. That is, a user with user attribute 3 (general) can also log in. The same applies to H2 and L2.

  Regarding the above control example, for example, the number N of logins of the first channel (first service) starts to be limited in the first stage, and the number of logins N of the second channel (second service) is additionally added in the second stage. It is also possible to start the restriction.

  The management information for the above control example is managed by, for example, the restriction management DB 42. In the table, information on the ratio (number) of the number of logins N (upper limit value H) in the service of each channel (PL server group, FIG. 2) , The limit attribute (user attribute), the first upper limit value H1, the second upper limit value H2, and the like. For example, the information on the ratio (number) of N (H) is 100% (10,000) for the entire PL server 100, 20% (2,000) for the first PL server group, and the like. That is, for the channel and service corresponding to the first PL server group, resources are secured so as to allow the number of logins N up to 20% (2,000) of the entire (maximum resource).

<System monitoring unit, upper limit value H update function>
Next, a function for updating the upper limit value H using the system monitoring unit 600 or the like will be described. The system monitoring unit 600 is used to monitor and detect the system status (performance, load, etc.), and the set value of the upper limit value H, which is a threshold value for login restriction control, is updated (adjusted) as needed. To control.

  The system monitoring unit 600 monitors the server system and grasps performance and load. The system monitoring unit 600 monitors the PL server (group) 100 and the BL server (group) 200. For example, the CPU usage rate, turnaround time, and important transactions (for example, stock trading orders, contracts (sales transaction establishment)) Calculate and obtain information such as the number of cases (information indicating performance and load). For example, a large number of predetermined transactions corresponds to a high service load on a specific channel.

  These monitoring results (performance and load status) are reflected in the contents of the login restriction control described above. Based on the monitoring result information, the system monitoring unit 600 accesses the limit management unit 500 (upper limit value H setting unit 53) and updates the set value of the upper limit value H. Alternatively, the upper limit value H setting unit 53 may access the system monitoring unit 600 to acquire monitoring result information and update the upper limit value H.

  An example of automatic threshold update control by the system monitoring unit 600 is as follows. For example, as a system performance or load state at a certain point in time, a service of a certain first channel is in a state where the load is high and the performance is lowered, and a service of a certain second channel is relatively low in performance. Suppose that it is in a raised state. In this case, the upper limit value H of the number of logins N for the service of the first channel is slightly lowered, and the upper limit value H of the number of logins N for the service of the second channel is adjusted to be slightly increased. The overall upper limit value H0 is kept the same, and the ratio of the individual upper limit value H is changed.

  As another control example, the upper limit value H may be determined and updated by predicting the number N of logins at a future time point on the time axis. For example, as a measured value, when the number of logins N in a service of a certain channel or user attribute is a curve of a predetermined shape, the other channel, user attribute, other time zone, etc. A sharp increase can be expected with a curve of similar shape. According to this prediction, the upper limit value H is determined and updated.

  As described above, in the server system according to the present embodiment, as a characteristic configuration, service control in units of channels and user attributes is mainly performed by the login management unit 10 and the restriction management unit 500 of the PL server 100. Control login restrictions associated with. As a result, it is possible to adjust the system performance and load, and respond by responding appropriately to the user through the response screen.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say.

  The present invention is applicable to a server system that provides a service via the Web.

It is the figure which showed the structure outline | summary of the server system which is one embodiment of this invention. It is the figure which showed the structural example of matching of the channel and server in this Embodiment. It is the figure which showed the example internal detailed structure of each server in this Embodiment. It is the figure which showed the process sequence of the login process in this Embodiment. It is the figure which showed the process sequence of the service process in this Embodiment. It is the figure which showed the example of the transition of the response screen to the client terminal in this Embodiment. It is the figure which showed the example (A) (login screen) of the response screen in this Embodiment. It is the figure which showed the example (B) (service screen) of the response screen in this Embodiment. It is the figure which showed the example (D) (message screen) of the response screen in this Embodiment. It is the figure which showed the structural example of the channel-service management information in this Embodiment. It is the figure which showed the structural example of the session management information in this Embodiment. It is the figure which showed the structural example of the restriction | limiting management DB in this Embodiment. It is the figure which showed the structural example of the restriction | limiting management information in this Embodiment, (a) is restriction | limiting management information per channel, (b) is restriction | limiting management information per user attribute. It is the figure which showed the example of the time transition of the login number N in the example of control in this Embodiment (the 1). It is the figure which showed the example of the time transition of the login number N in the control example (the 2) in this Embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... Login management part (session management part), 11 ... Authentication processing part, 12 ... Channel-service control part, 13 ... Login processing part (session processing part), 14 ... Restriction determination part, 15 ... Restriction execution part, 16 ... Communication unit, 17 ... User attribute control unit, 20 ... Screen control unit (response control unit), 31 ... Session management information, 32 ... Restriction management information, 33 ... Channel-service management information, 41 ... Session management DB, 42 ... Restriction Management DB, 51 ... Session centralized management unit, 52 ... Login number N update unit, 53 ... Upper limit H setting unit, 90 ... Communication network, 100 ... PL server, 200 ... BL server, 210 ... Service-BL control unit, 300 ... DB server, 310 ... DB (business DB), 401 ... first load balancer (LB1), 402 ... second load balancer (LB2), 500 ... Limit management unit (limiting management server), 600 ... system monitoring unit, 700 ... setting unit, N ... number of log-ins, H ... upper limit, U ... user attribute information.

Claims (11)

A plurality of first servers in the presentation logic layer, a plurality of second servers in the business logic layer, and a third server in the database layer, and for access via a communication network from client terminals of a plurality of users A server system for providing services to be processed by the second and third servers to the client terminal via the first server,
The first server performs login processing related to establishment of a session with the client terminal, including authentication processing, for access on a predetermined channel from the user's client terminal, and establishes an established session In response to a request from the client terminal, the second server is requested to process a predetermined service corresponding to the channel, and the second server reads and writes the database of the third server. Perform the business processing that constitutes the service, and based on the result, generate response screen data and send it to the client terminal for display,
The first server is
Information on correspondence between the channel, service, and business process;
Session management information regarding the session;
Information on the current or most recent login count for a plurality of sessions on a plurality of channels between the plurality of first servers and a plurality of user client terminals;
Information on the upper limit value of the number of logins in the channel unit, which is a threshold for determining the number of logins,
The first server is
In the login process for access from the client terminal, a process of comparing the number of logins with the threshold and determining whether to limit the login;
In accordance with the determination, the log-in restriction is executed, and the response screen data corresponding to the restriction is generated and transmitted to the client terminal and displayed.
The first server restricts the login to be rejected when the number of logins per channel is greater than or equal to the upper limit during the login process for access from the client terminal. Server system. The server system according to claim 1,
A restriction management unit connected to the plurality of first servers;
The restriction management unit
By communicating with the plurality of first servers to exchange information,
Information on the current or most recent login count for a plurality of sessions on a plurality of channels between the plurality of first servers and a plurality of user client terminals;
And a process for managing information on an upper limit value of the number of logins per channel, which is a threshold for determining the number of logins. The server system according to claim 1,
The second server reads / writes the attribute information of the user with respect to the database of the third server at the time of the business process constituting the service,
The first server provides a predetermined service corresponding to an attribute of the user for access from the user's client terminal,
As the threshold, information on the upper limit of the number of logins in the unit of the user attribute,
The first server restricts the login to be rejected when the number of logins in the unit of the user's attribute is equal to or more than the upper limit during the login process for the access from the client terminal. The server system characterized by this. The server system according to claim 3, wherein
As an attribute of the user, it has at least two types of excellent and general,
The server system is characterized in that the first server is controlled so as to weaken the restriction for the excellent user and to strengthen the restriction for the general user. In the server system according to any one of claims 1 to 4,
When the first server restricts the login to be rejected in the login process for the access from the client terminal, the login screen can input login information as response screen data to the client terminal. A server system, characterized in that control is performed so as not to be displayed. In the server system according to any one of claims 1 to 4,
The first server determines a service that can be used by the user on the channel at the time of the login process for access from the client terminal, and uses the use as response screen data to the client terminal. A server system characterized by transmitting and displaying a screen including a list of possible services. The server system according to claim 3, wherein
As the threshold value, a first upper limit value of the number of logins and a second upper limit value larger than that are set,
In the login process for access from the client terminal, when the number of logins per channel is equal to or more than the first upper limit value, the first server performs the login for the user with the first attribute. When the number of logins per channel is equal to or greater than the second upper limit value, the login is started for the user with the second attribute in addition to the user with the first attribute. A server system characterized by initiating a restriction to refuse. The server system according to claim 2,
A system monitoring unit that performs processing for monitoring performance or load of the system including the plurality of first servers;
The server system, wherein the first server or the restriction management unit performs a process of updating the threshold value so as to change based on the monitoring result information. The server system according to claim 2,
The server system, wherein the first server or the restriction management unit performs a process of updating the threshold value to be changed based on a manual information input by an administrator. The server system according to claim 2,
The first server or the restriction management unit periodically checks the session management information and performs a process of deleting a record after a predetermined time has elapsed, thereby grasping the number of logins. Server system. The server system according to claim 1,
As the threshold value, a lower limit value smaller than that is set corresponding to the upper limit value,
When the number of logins is greater than or equal to the upper limit during the login process, the first server starts to limit the login so that the number of logins falls below the lower limit. In this case, the server system is characterized in that the restriction is released so as to permit the login.

Images