WO2012126286A1 - Aaa server status detection method and system - Google Patents

Aaa server status detection method and system Download PDF

Info

Publication number
WO2012126286A1
WO2012126286A1 PCT/CN2012/070333 CN2012070333W WO2012126286A1 WO 2012126286 A1 WO2012126286 A1 WO 2012126286A1 CN 2012070333 W CN2012070333 W CN 2012070333W WO 2012126286 A1 WO2012126286 A1 WO 2012126286A1
Authority
WO
WIPO (PCT)
Prior art keywords
preset user
access
preset
aaa server
aaa
Prior art date
Application number
PCT/CN2012/070333
Other languages
French (fr)
Chinese (zh)
Inventor
周俊超
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012126286A1 publication Critical patent/WO2012126286A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3055Monitoring arrangements for monitoring the status of the computing system or of the computing system component, e.g. monitoring if the computing system is on, off, available, not available
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3006Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system is distributed, e.g. networked systems, clusters, multiprocessor systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an AAA server service state detecting method and system. Background technique
  • the AAA Authentication, Authorization, Accounting, Authentication, Authorization, and Accounting
  • the AAA server serves as the authentication, authorization, and accounting center for the PS service. It needs to interact with multiple network element devices and terminals.
  • the user first initiates an online request, and the AAA server authenticates the validity of the user.
  • the authentication passes the user's subscription information or configuration information to authorize the relevant service parameters, and records the user's business process.
  • the billing information generated in the bill is charged to the user in real time or offline.
  • the AAA server is the core network element for the user to perform PS related services. How to detect whether the services provided by the AAA server are normal is also crucial.
  • the detection method adopted by the general network system is detected by sending a ping packet to the AAA server. If the AAA server can ping, the AAA server is considered to be operating normally. However, the ping packet can only detect whether the AAA underlying link is normal, and cannot detect whether the service provided by the AAA server is normal. Therefore, the purpose of detecting whether the service provided by the AAA server is normal is not achieved. Summary of the invention
  • the invention provides a method and a system for detecting the service status of an AAA server, which are used to solve the problem that the service provided by the AAA server cannot be detected by using the ping packet in the prior art. question.
  • An authentication, authorization, and accounting AAA server service status detection method includes:
  • the AAA server receives the access request message of the preset user, and if the connection status of the data source is normal, the access network element feeds back the access response message of the preset user;
  • the access NE If the access NE receives the preset response content in the access response message of the preset user, it determines that the service status of the AAA server is normal.
  • the access network element does not receive the access response message of the preset user or the received response message of the preset user does not carry the preset response content, determine AAA.
  • the server's service status is abnormal.
  • the AAA server feeds back the preset user's access rejection message to the access network element if the connection status of the database source is abnormal.
  • the access network element and the AAA server are configured with the same preset user information.
  • the preset user information includes a preset user name, a preset user password, and a preset. Response content.
  • An AAA server service status detection system includes:
  • the access network element is configured to: when receiving the access response message of the preset user, and the preset response content is carried in the access response message, determining that the service state of the AAA server is normal;
  • the AAA server is configured to receive an access request message of the preset user, and if the connection state of the data source is normal, feed back an access response message of the preset user to the access network element.
  • the access network element is further configured to: when the preset response message is not received, or the preset response content is received in the preset user's access response message, Determine the service status of the AAA server is abnormal.
  • the AAA server is further configured to receive an access request message of the preset user. Then, if the connection status of the data source is abnormal, the access network element feeds back the preset user's access rejection message.
  • the AAA server includes an AAA service processing module and an AAA configuration module, where
  • the AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the data source in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking the data source When the connection state is normal, the access network element is fed back to the access network element for the preset user's access response message; when the connection status of the data source is abnormal, the access network element is fed back the preset user's access rejection message;
  • AAA configuration module used to configure preset user information.
  • An AAA server includes an AAA service processing module and an AAA configuration module, where the AAA service processing module is configured to perform message processing, process logic control, and connection status of the data source in the process of user authentication, authorization, and charging.
  • the checking includes: receiving an access request message of the preset user, and checking, when the connection status of the data source is normal, feeding back the access response message of the preset user to the access network element;
  • AAA configuration module used to configure preset user information.
  • the AAA service processing module is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, feeding back an access denied message of the preset user to the access network element, or not responding Message.
  • the technical solution of the present invention detects the service status of the AAA server by sending an access request message of the preset user to the AAA server, and overcomes the service of the AAA server in the prior art by sending a ping packet to the AAA server.
  • the state is detected, only the fault of the underlying link is detected, and the service state of the AAA server is normal.
  • the technical solution of the present invention can be preset differently for different services of the AAA server. Users and data, detecting different services, using different preset users and returning within DRAWINGS
  • FIG. 1 is a flowchart of a preferred embodiment of a method for detecting a service state of an AAA server according to the present invention
  • FIG. 2 is a structural block diagram of a preferred embodiment of a AAA server service state detecting system according to the present invention
  • FIG. 3 is a structural block diagram of a preferred embodiment of the AAA server according to the present invention. detailed description
  • FIG. 1 is a flowchart of a preferred embodiment of a method for detecting a service state of an AAA server according to the present invention, the method mainly includes the following steps:
  • Step 1 Enable the preset user detection switch of the access network element and the AAA server, and configure the same preset user information in the access network element and the AAA server;
  • the preset user information includes the user name of the preset user, the password of the preset user, and the preset response content.
  • the user name of the preset user is set to Anonymous, and the password of the preset user is used.
  • Set to lifetest set the preset response content to I am OK! .
  • Step 2 The access network element sends a service status detection request to the AAA server by sending a preset user access request (Access Request) message to the AAA server.
  • Access Request preset user access request
  • the preset user's access request message carries at least the preset user's username and the preset user's password.
  • the preset user's access request message carries the preset user's username. Anonymous, the preset user's password lifetest.
  • Step 3 The AAA server receives the access request message of the preset user, and determines that the preset user is the service state detection user, and then starts to check the data source (for example, a physical database, a data file, and an internal The connection status of the database, other resources that store the data, and so on. If the connection status of the data source is normal, the user access feedback (Access accept) message is fed back to the access network element, and the preset user's access response message carries at least the user name and preset of the preset user. In the embodiment, the preset user's access response message carries the user name Anonymous of the preset user, and the preset response content is I am OK!
  • the data source for example, a physical database, a data file, and an internal The connection status of the database, other resources that store the data, and so on. If the connection status of the data source is normal, the user access feedback (Access accept) message is fed back to the access network element, and the preset user's access response message carries at least the user name and preset
  • the access reject message (access reject) message or the non-response message is directly fed back to the access network element, where the preset user's access reject message carries at least a pre- The username of the user is set.
  • the access denied message of the preset user carries the username of the preset user Anonymous.
  • Step 4 When the access network element receives the access response message of the preset user, and the response message carries the preset response content (the preset response content in this embodiment is l am OK, then the AAA is determined.
  • the service status of the server is normal; when the access network element does not receive the access response message of the preset user or the response content carried in the received access message of the preset user is inconsistent with the preset response content, Then determine that the service status of the AAA server is abnormal.
  • the access network element does not receive the access response message of the preset user, and includes two cases: In the first case, the access network element does not receive any message sent by the preset user; The incoming NE receives the access denied message sent by the preset user.
  • the present invention further provides an AAA server service status detecting system.
  • FIG. 2 is a structural block diagram of a preferred embodiment of the AAA server service status detecting system according to the present invention.
  • the access network element and the AAA server are mainly included, wherein the access network element is configured to send an access request message of the preset user to the AAA server, and receive an access response message of the preset user, and the response message is When the preset response content is carried, it is determined that the service status of the AAA server is normal. When the preset user's access response message or the received preset user's access response message is not received, the preset response content is not carried.
  • the access network element does not receive the access response message of the preset user.
  • the first case is that the access network element does not receive any message sent by the preset user.
  • the second case is the access network. The element receives an access reject message sent by the preset user.
  • the AAA server is configured to receive an access request message, and if the connection status of the data source (such as a physical database, a data file, an in-memory database, and other resources for storing data) is normal, feed the access NE to the preset user.
  • the response message if the connection status of the data source is abnormal, feeds back the preset user's access rejection message to the access network element.
  • the AAA server includes an AAA service processing module and an AAA configuration module, where
  • the AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the database in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking the data source.
  • the access network element is fed back to the access network element, and is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, accessing the network element Feedback of the preset user's access rejection message;
  • the AAA configuration module is configured to enable whether to enable the preset user detection switch and configure the preset user information, which generally includes: a preset user name, a preset user password, and a preset response content (the response content configured here is required) It is consistent with the configuration on the access NE side, for example: I am OK!
  • FIG. 3 is a structural block diagram of a preferred embodiment of the AAA server according to the present invention, which mainly includes an AAA service processing module and an AAA configuration module, where
  • AAA service processing module for performing message processing, process logic control, and connection of data sources (such as physical databases, data files, in-memory databases, and other resources for storing data) in the process of user authentication, authorization, and accounting.
  • Status check After receiving the access request message of the preset user, the AAA service processing module starts to check the data source connection status. If the connection status of the data source is normal, the access user message is fed back to the access network element, and the preset user's access response message carries at least the user name of the preset user and the preset response content; If the connection status of the data source is abnormal, the access denied message of the preset user is directly fed back to the access network element, and the access denied message of the preset user carries at least the user name of the preset user.
  • data sources such as physical databases, data files, in-memory databases, and other resources for storing data
  • the AAA configuration module is configured to enable whether to enable the preset user detection switch and configure the preset user information, which generally includes: a preset user name, a preset user password, and a preset response content (the response content configured here is required) It is consistent with the configuration on the access NE side, for example: I am OK!

Abstract

Disclosed is a server status detection method and system for use on AAA servers, used to resolve problems in detecting whether the service provided by an AAA server is normal. The method comprises: an AAA server receives a preset user access request message. If the data source connection is normal, the server sends to the access network element a preset user access reply message. Reception by the access network element of preset response content in said preset user access reply message confirms that the server status of the AAA server is normal. The system comprises said access network element and an AAA server. The invention overcomes the flaws in the prior art whereby a ping packet sent to an AAA server to test the server status is only able to check whether lower-level links are normal. The invention can effectively test whether a server status of an AAA server is normal.

Description

一种 AAA服务器服务状态检测方法及系统 技术领域  AAA server service state detecting method and system
本发明涉及通信技术领域,尤其涉及一种 AAA服务器服务状态检测方 法及系统。 背景技术  The present invention relates to the field of communications technologies, and in particular, to an AAA server service state detecting method and system. Background technique
在电信通讯网络 PS ( Packet Switching ,分组交换 )域系统设备中, AAA ( Authentication, Authorization, Accounting , 认证、 授权、 计费)月良务器 作为用户进行 PS业务的认证、 授权、 计费中心, 需要与多种网元设备以及 终端进行交互。 用户在一次业务的过程中, 首先用户发起上网请求, AAA 服务器对用户的合法性进行认证, 认证通过则根据用户签约信息或者配置 信息, 为用户进行相关业务参数的授权, 并记录用户在业务过程中产生的 计费信息, 以实时或者离线的方式对用户进行计费。 在这个过程中, AAA 服务器是用户进行 PS相关业务的核心网元。 如何检测 AAA服务器提供的 服务是否正常, 也变得至关重要。  In the PS (Packet Switching) domain system equipment of the telecommunication communication network, the AAA (Authentication, Authorization, Accounting, Authentication, Authorization, and Accounting) server serves as the authentication, authorization, and accounting center for the PS service. It needs to interact with multiple network element devices and terminals. In the process of a service, the user first initiates an online request, and the AAA server authenticates the validity of the user. The authentication passes the user's subscription information or configuration information to authorize the relevant service parameters, and records the user's business process. The billing information generated in the bill is charged to the user in real time or offline. In this process, the AAA server is the core network element for the user to perform PS related services. How to detect whether the services provided by the AAA server are normal is also crucial.
现有技术中,一般网络系统采用的检测方法是通过向 AAA服务器发送 ping包的方法进行检测, 如果 AAA服务器能够 ping通, 则认为 AAA服务 器运行正常。 但 ping包仅能检测 AAA底层链路是否正常, 不能检测 AAA 服务器所提供的服务是否正常, 因此并未达到检测 AAA服务器所提供的服 务是否正常的目的。 发明内容  In the prior art, the detection method adopted by the general network system is detected by sending a ping packet to the AAA server. If the AAA server can ping, the AAA server is considered to be operating normally. However, the ping packet can only detect whether the AAA underlying link is normal, and cannot detect whether the service provided by the AAA server is normal. Therefore, the purpose of detecting whether the service provided by the AAA server is normal is not achieved. Summary of the invention
本发明提供一种 AAA服务器服务状态检测方法及系统,用以解决现有 技术采用 ping包的方式不能检测 AAA服务器所提供的服务是否正常的问 题。 The invention provides a method and a system for detecting the service status of an AAA server, which are used to solve the problem that the service provided by the AAA server cannot be detected by using the ping packet in the prior art. question.
本发明技术方案包括:  The technical solution of the present invention includes:
一种认证、 授权、 计费 AAA服务器服务状态检测方法, 包括:  An authentication, authorization, and accounting AAA server service status detection method includes:
AAA服务器收到预置用户的接入请求消息,若数据源的连接状态正常, 则向接入网元反馈预置用户的接入应答消息;  The AAA server receives the access request message of the preset user, and if the connection status of the data source is normal, the access network element feeds back the access response message of the preset user;
若接入网元收到所述预置用户的接入应答消息中携带有预置的回应内 容, 则确定 AAA服务器的服务状态正常。  If the access NE receives the preset response content in the access response message of the preset user, it determines that the service status of the AAA server is normal.
较佳地, 若所述接入网元未收到所述预置用户的接入应答消息或收到 的所述预置用户的接入应答消息中未携带预置的回应内容,则确定 AAA服 务器的服务状态异常。  Preferably, if the access network element does not receive the access response message of the preset user or the received response message of the preset user does not carry the preset response content, determine AAA. The server's service status is abnormal.
较佳地, 所述 AAA服务器收到所述预置用户的接入请求消息后, 若数 据库源的连接状态异常, 则向接入网元反馈预置用户的接入拒绝消息。  Preferably, after receiving the access request message of the preset user, the AAA server feeds back the preset user's access rejection message to the access network element if the connection status of the database source is abnormal.
较佳地,所述接入网元和所述 AAA服务器中配置有相同的预置用户信 较佳地, 所述预置用户信息包括预置用户的用户名、 预置用户的密码 及预置的回应内容。  Preferably, the access network element and the AAA server are configured with the same preset user information. Preferably, the preset user information includes a preset user name, a preset user password, and a preset. Response content.
一种 AAA服务器服务状态检测系统, 包括:  An AAA server service status detection system includes:
接入网元, 用于在收到预置用户的接入应答消息且所述接入应答消息 中携带有预置的回应内容时, 确定 AAA服务器的服务状态正常;  The access network element is configured to: when receiving the access response message of the preset user, and the preset response content is carried in the access response message, determining that the service state of the AAA server is normal;
AAA服务器, 用于接收预置用户的接入请求消息, 若数据源的连接状 态正常, 向所述接入网元反馈预置用户的接入应答消息。  The AAA server is configured to receive an access request message of the preset user, and if the connection state of the data source is normal, feed back an access response message of the preset user to the access network element.
较佳地, 所述接入网元还用于在未收到预置用户的接入应答消息或收 到的所述预置用户的接入应答消息中所述携带预置的回应内容时, 确定 AAA服务器的服务状态异常。  Preferably, the access network element is further configured to: when the preset response message is not received, or the preset response content is received in the preset user's access response message, Determine the service status of the AAA server is abnormal.
较佳地,所述 AAA服务器还用于在接收所述预置用户的接入请求消息 后, 若数据源的连接状态异常, 向接入网元反馈预置用户的接入拒绝消息。 较佳地, 所述 AAA服务器包括 AAA业务处理模块和 AAA配置模块, 其中, Preferably, the AAA server is further configured to receive an access request message of the preset user. Then, if the connection status of the data source is abnormal, the access network element feeds back the preset user's access rejection message. Preferably, the AAA server includes an AAA service processing module and an AAA configuration module, where
AAA业务处理模块, 用于在用户认证、 授权及计费过程中进行消息处 理、 流程逻辑控制, 以及对数据源的连接状态进行检查, 包括: 接收预置 用户的接入请求消息, 检查数据源的连接状态正常时, 向接入网元反馈预 置用户的接入应答消息; 检查数据源的连接状态异常时, 向接入网元反馈 预置用户的接入拒绝消息;  The AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the data source in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking the data source When the connection state is normal, the access network element is fed back to the access network element for the preset user's access response message; when the connection status of the data source is abnormal, the access network element is fed back the preset user's access rejection message;
AAA配置模块, 用于配置预置用户信息。  AAA configuration module, used to configure preset user information.
一种 AAA服务器, 包括 AAA业务处理模块和 AAA配置模块, 其中, AAA业务处理模块, 用于在用户认证、 授权及计费过程中进行消息处 理、 流程逻辑控制, 以及对数据源的连接状态进行检查, 包括: 接收预置 用户的接入请求消息, 检查数据源的连接状态正常时, 向接入网元反馈预 置用户的接入应答消息;  An AAA server includes an AAA service processing module and an AAA configuration module, where the AAA service processing module is configured to perform message processing, process logic control, and connection status of the data source in the process of user authentication, authorization, and charging. The checking includes: receiving an access request message of the preset user, and checking, when the connection status of the data source is normal, feeding back the access response message of the preset user to the access network element;
AAA配置模块, 用于配置预置用户信息。  AAA configuration module, used to configure preset user information.
所述 AAA业务处理模块,还用于在接收所述预置用户的接入请求消息 后, 若数据源的连接状态异常, 向接入网元反馈预置用户的接入拒绝消息, 或者不回应消息。  The AAA service processing module is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, feeding back an access denied message of the preset user to the access network element, or not responding Message.
本发明有益效果如下:  The beneficial effects of the present invention are as follows:
本发明所述技术方案通过向 AAA服务器发送预置用户的接入请求消 息的方式对 AAA服务器的服务状态进行检测, 克服了现有技术中采用向 AAA服务器发送 ping包的方式对 AAA服务器的服务状态进行检测时只能 检测出底层链路是否正常的缺陷,可有效的检测出 AAA服务器的服务状态 是否正常; 进一步地, 对 AAA服务器的不同服务, 本发明所述技术方案可 预置不同的用户和数据, 检测不同的服务, 使用不同的预置用户和返回内 附图说明 The technical solution of the present invention detects the service status of the AAA server by sending an access request message of the preset user to the AAA server, and overcomes the service of the AAA server in the prior art by sending a ping packet to the AAA server. When the state is detected, only the fault of the underlying link is detected, and the service state of the AAA server is normal. The technical solution of the present invention can be preset differently for different services of the AAA server. Users and data, detecting different services, using different preset users and returning within DRAWINGS
图 1为本发明所述 AAA服务器服务状态检测方法的一个较佳实施例的 流程图;  1 is a flowchart of a preferred embodiment of a method for detecting a service state of an AAA server according to the present invention;
图 2为本发明所述 AAA服务器服务状态检测系统的一个较佳实施例的 结构框图;  2 is a structural block diagram of a preferred embodiment of a AAA server service state detecting system according to the present invention;
图 3为本发明所述 AAA服务器的一个较佳实施例的结构框图。 具体实施方式  FIG. 3 is a structural block diagram of a preferred embodiment of the AAA server according to the present invention. detailed description
下面将结合各个附图对本发明的具体实现过程予以进一步详细的说 明。  The specific implementation process of the present invention will be further described in detail below with reference to the accompanying drawings.
请参阅图 1 , 该图为本发明 AAA服务器服务状态检测方法的一个较佳 实施例的流程图, 其主要包括如下步驟:  Referring to FIG. 1, which is a flowchart of a preferred embodiment of a method for detecting a service state of an AAA server according to the present invention, the method mainly includes the following steps:
步驟 1、 开启接入网元和 AAA服务器的预置用户检测开关, 同时在接 入网元和 AAA服务器中配置相同的预置用户信息;  Step 1: Enable the preset user detection switch of the access network element and the AAA server, and configure the same preset user information in the access network element and the AAA server;
本步驟中, 预置用户信息包括预置用户的用户名、 预置用户的密码及 预置的回应内容, 本实施例中, 将预置用户的用户名设置为 Anonymous, 将预置用户的密码设置为 lifetest, 将预置的回应内容设置为 I am OK!。  In this step, the preset user information includes the user name of the preset user, the password of the preset user, and the preset response content. In this embodiment, the user name of the preset user is set to Anonymous, and the password of the preset user is used. Set to lifetest, set the preset response content to I am OK! .
步驟 2、接入网元通过向 AAA服务器发送预置用户的接入请求( Access Request ) 消息向 AAA服务器发起服务状态检测请求;  Step 2: The access network element sends a service status detection request to the AAA server by sending a preset user access request (Access Request) message to the AAA server.
本步驟中, 预置用户的接入请求消息中至少携带有预置用户的用户名 和预置用户的密码, 本实施例中, 预置用户的接入请求消息中携带有预置 用户的用户名 Anonymous, 预置用户的密码 lifetest。  In this step, the preset user's access request message carries at least the preset user's username and the preset user's password. In this embodiment, the preset user's access request message carries the preset user's username. Anonymous, the preset user's password lifetest.
步驟 3、 AAA服务器接收预置用户的接入请求消息, 判断预置用户为 服务状态检测用户后, 开始检查数据源 (例如物理数据库、 数据文件、 内 存数据库、 以及存储数据的其他资源等) 的连接状态。 若数据源的连接状 态正常, 则向接入网元反馈预置用户的接入应答 ( Access accept )消息, 该 预置用户的接入应答消息中至少携带有预置用户的用户名及预置的回应内 容, 本实施例中, 预置用户的接入应答消息中携带有预置用户的用户名 Anonymous , 预置的回应内容为 I am OK!; 若数据源的连接状态异常, 则 直接向接入网元反馈预置用户的接入拒绝( Access reject ) 消息或者不回应 消息, 其中, 该预置用户的接入拒绝消息中至少携带有预置用户的用户名, 本实施例中, 预置用户的接入拒绝消息中携带有预置用户的用户名 Anonymous Step 3: The AAA server receives the access request message of the preset user, and determines that the preset user is the service state detection user, and then starts to check the data source (for example, a physical database, a data file, and an internal The connection status of the database, other resources that store the data, and so on. If the connection status of the data source is normal, the user access feedback (Access accept) message is fed back to the access network element, and the preset user's access response message carries at least the user name and preset of the preset user. In the embodiment, the preset user's access response message carries the user name Anonymous of the preset user, and the preset response content is I am OK! If the connection status of the data source is abnormal, the access reject message (access reject) message or the non-response message is directly fed back to the access network element, where the preset user's access reject message carries at least a pre- The username of the user is set. In this embodiment, the access denied message of the preset user carries the username of the preset user Anonymous.
步驟 4、 当接入网元收到预置用户的接入应答消息、且该应答消息中携 带有预置的回应内容(本实施例中预置的回应内容为 l am OK 时, 则确 定 AAA服务器的服务状态正常; 当接入网元未收到预置用户的接入应答消 息或收到的所述预置用户的接入应答消息中携带的回应内容与预置的回应 内容不一致时, 则确定 AAA服务器的服务状态异常。  Step 4: When the access network element receives the access response message of the preset user, and the response message carries the preset response content (the preset response content in this embodiment is l am OK, then the AAA is determined. The service status of the server is normal; when the access network element does not receive the access response message of the preset user or the response content carried in the received access message of the preset user is inconsistent with the preset response content, Then determine that the service status of the AAA server is abnormal.
本步驟中, 接入网元未收到预置用户的接入应答消息包括两种情况: 第一种情况是接入网元未收到预置用户发送的任何消息; 第二种情况是接 入网元收到预置用户发送的接入拒绝消息。  In this step, the access network element does not receive the access response message of the preset user, and includes two cases: In the first case, the access network element does not receive any message sent by the preset user; The incoming NE receives the access denied message sent by the preset user.
相应于本发明上述方法,本发明还提供了一种 AAA服务器服务状态检 测系统, 请参阅图 2, 该图为本发明所述 AAA服务器服务状态检测系统的 一个较佳实施例的结构框图, 其主要包括接入网元和 AAA服务器, 其中, 接入网元, 用于向 AAA服务器发送预置用户的接入请求消息, 以及在 收到预置用户的接入应答消息、 且该应答消息中携带有预置的回应内容时, 确定 AAA服务器的服务状态正常,在未收到预置用户的接入应答消息或收 到的预置用户的接入应答消息中未携带预置的回应内容时,确定 AAA服务 器的服务状态异常; 其中, 接入网元未收到预置用户的接入应答消息包括两种情况: 第一 种情况是接入网元未收到预置用户发送的任何消息; 第二种情况是接入网 元收到预置用户发送的接入拒绝消息。 Corresponding to the above method of the present invention, the present invention further provides an AAA server service status detecting system. Please refer to FIG. 2, which is a structural block diagram of a preferred embodiment of the AAA server service status detecting system according to the present invention. The access network element and the AAA server are mainly included, wherein the access network element is configured to send an access request message of the preset user to the AAA server, and receive an access response message of the preset user, and the response message is When the preset response content is carried, it is determined that the service status of the AAA server is normal. When the preset user's access response message or the received preset user's access response message is not received, the preset response content is not carried. , determining that the service status of the AAA server is abnormal; The access network element does not receive the access response message of the preset user. The first case is that the access network element does not receive any message sent by the preset user. The second case is the access network. The element receives an access reject message sent by the preset user.
AAA服务器, 用于接收接入请求消息, 若数据源 (例如物理数据库、 数据文件、 内存数据库、 以及存储数据的其他资源等) 的连接状态正常, 向接入网元反馈预置用户的接入应答消息, 若数据源的连接状态异常, 向 接入网元反馈预置用户的接入拒绝消息。  The AAA server is configured to receive an access request message, and if the connection status of the data source (such as a physical database, a data file, an in-memory database, and other resources for storing data) is normal, feed the access NE to the preset user. The response message, if the connection status of the data source is abnormal, feeds back the preset user's access rejection message to the access network element.
进一步地, AAA服务器包括 AAA业务处理模块和 AAA配置模块, 其 中,  Further, the AAA server includes an AAA service processing module and an AAA configuration module, where
AAA业务处理模块, 用于在用户认证、 授权及计费过程中进行消息处 理、 流程逻辑控制, 以及对数据库的连接状态进行检查, 包括: 接收预置 用户的接入请求消息, 检查数据源的连接状态正常时, 向接入网元反馈预 置用户的接入应答消息; 还用于在接收所述预置用户的接入请求消息后, 若数据源的连接状态异常, 向接入网元反馈预置用户的接入拒绝消息; The AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the database in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking the data source. When the connection status is normal, the access network element is fed back to the access network element, and is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, accessing the network element Feedback of the preset user's access rejection message;
AAA配置模块, 用于配置是否开启预置用户检测开关以及配置预置用 户信息, 一般包含: 预置用户的用户名、 预置用户的密码以及预置的回应 内容(此处配置的回应内容需要与接入网元侧配置的一致),例如: I am OK! 等。 The AAA configuration module is configured to enable whether to enable the preset user detection switch and configure the preset user information, which generally includes: a preset user name, a preset user password, and a preset response content (the response content configured here is required) It is consistent with the configuration on the access NE side, for example: I am OK!
本发明所述系统的具体工作过程请参阅本发明方法中相应部门的描 述, 这里不再给予过多赘述。  For a specific working process of the system of the present invention, please refer to the description of the corresponding department in the method of the present invention, and no further description is given here.
请参阅图 3 , 该图为本发明所述 AAA服务器的一个较佳实施例的结构 框图, 其主要包括 AAA业务处理模块和 AAA配置模块, 其中,  Referring to FIG. 3, which is a structural block diagram of a preferred embodiment of the AAA server according to the present invention, which mainly includes an AAA service processing module and an AAA configuration module, where
AAA业务处理模块, 用于在用户认证、 授权及计费过程中进行消息处 理、 流程逻辑控制, 以及对数据源 (例如物理数据库、 数据文件、 内存数 据库、 以及存储数据的其他资源等) 的连接状态进行检查; AAA业务处理模块在接收预置用户的接入请求消息后, 开始检查数据 源连接状态。 若数据源的连接状态正常, 则向接入网元反馈预置用户的接 入应答消息, 该预置用户的接入应答消息中至少携带有预置用户的用户名 及预置的回应内容; 若数据源的连接状态异常, 则直接向接入网元反馈预 置用户的接入拒绝消息, 该预置用户的接入拒绝消息中至少携带有预置用 户的用户名。 AAA service processing module for performing message processing, process logic control, and connection of data sources (such as physical databases, data files, in-memory databases, and other resources for storing data) in the process of user authentication, authorization, and accounting. Status check After receiving the access request message of the preset user, the AAA service processing module starts to check the data source connection status. If the connection status of the data source is normal, the access user message is fed back to the access network element, and the preset user's access response message carries at least the user name of the preset user and the preset response content; If the connection status of the data source is abnormal, the access denied message of the preset user is directly fed back to the access network element, and the access denied message of the preset user carries at least the user name of the preset user.
AAA配置模块, 用于配置是否开启预置用户检测开关以及配置预置用 户信息, 一般包含: 预置用户的用户名、 预置用户的密码以及预置的回应 内容(此处配置的回应内容需要与接入网元侧配置的一致),例如: I am OK! 等。  The AAA configuration module is configured to enable whether to enable the preset user detection switch and configure the preset user information, which generally includes: a preset user name, a preset user password, and a preset response content (the response content configured here is required) It is consistent with the configuration on the access NE side, for example: I am OK!
显然, 本领域的技术人员可以对本发明进行各种改动和变型而不脱离 本发明的精神和范围。 这样, 倘若本发明的这些修改和变型属于本发明权 利要求及其等同技术的范围之内, 则本发明也意图包含这些改动和变型在 内。  It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and modifications of the invention

Claims

权利要求书 Claim
1、 一种认证、 授权、 计费 AAA服务器服务状态检测方法, 其特征在 于, 包括:  1. An authentication, authorization, and accounting AAA server service state detection method, which is characterized in that:
AAA服务器收到预置用户的接入请求消息,若数据源的连接状态正常, 则向接入网元反馈预置用户的接入应答消息;  The AAA server receives the access request message of the preset user, and if the connection status of the data source is normal, the access network element feeds back the access response message of the preset user;
若接入网元收到所述预置用户的接入应答消息中携带有预置的回应内 容, 则确定 AAA服务器的服务状态正常。  If the access NE receives the preset response content in the access response message of the preset user, it determines that the service status of the AAA server is normal.
2、 如权利要求 1所述的方法, 其特征在于, 若所述接入网元未收到所 述预置用户的接入应答消息或收到的所述预置用户的接入应答消息中未携 带预置的回应内容, 则确定 AAA服务器的服务状态异常。  2. The method according to claim 1, wherein if the access network element does not receive the access response message of the preset user or the received access response message of the preset user If the preset response content is not carried, it is determined that the service status of the AAA server is abnormal.
3、 如权利要求 1所述的方法, 其特征在于, 所述 AAA服务器收到所 述预置用户的接入请求消息后, 若数据库源的连接状态异常, 则向接入网 元反馈预置用户的接入拒绝消息。  The method according to claim 1, wherein, after receiving the access request message of the preset user, the AAA server feeds back a preset to the access network element if the connection status of the database source is abnormal. User's access denied message.
4、 如权利要求 1或 2或 3所述的方法, 其特征在于, 所述接入网元和 所述 AAA服务器中配置有相同的预置用户信息。  The method according to claim 1 or 2 or 3, wherein the access network element and the AAA server are configured with the same preset user information.
5、 如权利要求 4所述的方法, 其特征在于, 所述预置用户信息包括预 置用户的用户名、 预置用户的密码及预置的回应内容。  The method according to claim 4, wherein the preset user information comprises a user name of the preset user, a password of the preset user, and a preset response content.
6、 一种 AAA服务器服务状态检测系统, 其特征在于, 包括: 接入网元, 用于在收到预置用户的接入应答消息且所述接入应答消息 中携带有预置的回应内容时, 确定 AAA服务器的服务状态正常;  An AAA server service state detection system, comprising: an access network element, configured to receive an access response message of a preset user, and the access response message carries a preset response content When it is determined that the service state of the AAA server is normal;
AAA服务器, 用于接收预置用户的接入请求消息, 若数据源的连接状 态正常, 向所述接入网元反馈预置用户的接入应答消息。  The AAA server is configured to receive an access request message of the preset user, and if the connection state of the data source is normal, feed back an access response message of the preset user to the access network element.
7、 如权利要求 6所述的系统, 其特征在于, 所述接入网元还用于在未 收到预置用户的接入应答消息或收到的所述预置用户的接入应答消息中未 携带预置的回应内容时, 确定 AAA服务器的服务状态异常。 The system of claim 6, wherein the access network element is further configured to: not receive an access response message of the preset user or the received access response message of the preset user. When the preset response content is not carried, it is determined that the service status of the AAA server is abnormal.
8、 如权利要求 6或 7所述的系统, 其特征在于, 所述 AAA服务器还 用于在接收所述预置用户的接入请求消息后, 若数据源的连接状态异常, 向接入网元反馈预置用户的接入拒绝消息。 The system according to claim 6 or 7, wherein the AAA server is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, to the access network The meta feedback presets the user's access rejection message.
9、如权利要求 8所述的系统,其特征在于,所述 AAA服务器包括 AAA 业务处理模块和 AAA配置模块, 其中,  The system of claim 8, wherein the AAA server comprises an AAA service processing module and an AAA configuration module, where
AAA业务处理模块, 用于在用户认证、 授权及计费过程中进行消息处 理、 流程逻辑控制, 以及对数据源的连接状态进行检查, 包括: 接收预置 用户的接入请求消息, 检查数据源的连接状态正常时, 向接入网元反馈预 置用户的接入应答消息; 检查数据源的连接状态异常时, 向接入网元反馈 预置用户的接入拒绝消息;  The AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the data source in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking the data source When the connection state is normal, the access network element is fed back to the access network element for the preset user's access response message; when the connection status of the data source is abnormal, the access network element is fed back the preset user's access rejection message;
AAA配置模块, 用于配置预置用户信息。  AAA configuration module, used to configure preset user information.
10、 一种 AAA服务器, 其特征在于, 包括 AAA业务处理模块和 AAA 配置模块, 其中,  An AAA server, which is characterized in that it includes an AAA service processing module and an AAA configuration module, where
所述 AAA业务处理模块, 用于在用户认证、授权及计费过程中进行消 息处理、 流程逻辑控制, 以及对数据源的连接状态进行检查, 包括: 接收 预置用户的接入请求消息, 检查数据源的连接状态正常时, 向接入网元反 馈预置用户的接入应答消息;  The AAA service processing module is configured to perform message processing, process logic control, and check the connection status of the data source in the process of user authentication, authorization, and charging, including: receiving an access request message of the preset user, and checking When the connection status of the data source is normal, the access network element feeds back the preset user's access response message to the access network element;
所述 AAA配置模块, 用于配置预置用户信息。  The AAA configuration module is configured to configure preset user information.
11、 根据权利要求 10所述 AAA服务器, 其特征在于,  11. The AAA server according to claim 10, wherein:
所述 AAA业务处理模块,还用于在接收所述预置用户的接入请求消息 后, 若数据源的连接状态异常, 向接入网元反馈预置用户的接入拒绝消息, 或者不回应消息。  The AAA service processing module is further configured to: after receiving the access request message of the preset user, if the connection status of the data source is abnormal, feeding back an access denied message of the preset user to the access network element, or not responding Message.
PCT/CN2012/070333 2011-03-21 2012-01-13 Aaa server status detection method and system WO2012126286A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2011100682717A CN102148725A (en) 2011-03-21 2011-03-21 Service state detecting method and system for AAA server
CN201110068271.7 2011-03-21

Publications (1)

Publication Number Publication Date
WO2012126286A1 true WO2012126286A1 (en) 2012-09-27

Family

ID=44422742

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/070333 WO2012126286A1 (en) 2011-03-21 2012-01-13 Aaa server status detection method and system

Country Status (2)

Country Link
CN (1) CN102148725A (en)
WO (1) WO2012126286A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566416A (en) * 2017-10-25 2018-01-09 北京安博通科技股份有限公司 Authentication performance method of testing, apparatus and system, terminal, network access server
CN112994962A (en) * 2019-12-13 2021-06-18 北大方正集团有限公司 AAA authentication test-based device, method, storage medium and system

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102148725A (en) * 2011-03-21 2011-08-10 中兴通讯股份有限公司 Service state detecting method and system for AAA server
CN102780577A (en) * 2012-04-26 2012-11-14 新奥特(北京)视频技术有限公司 Method for detecting network fault
CN103533544B (en) * 2013-10-10 2016-06-01 北京首信科技股份有限公司 A kind of method carrying out AAA certification when database generation fault
CN103685501A (en) * 2013-12-06 2014-03-26 北京奇虎科技有限公司 Data processing method, device and system
CN105978938A (en) * 2016-04-25 2016-09-28 乐视控股(北京)有限公司 Service processing equipment service status determining method and scheduling equipment

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000151663A (en) * 1998-11-17 2000-05-30 Mitsubishi Electric Corp Failure detecting device and failure detecting method
JP2000298636A (en) * 1999-04-13 2000-10-24 Mitsubishi Electric Corp Method and device for managing communication network between client and server
US6691244B1 (en) * 2000-03-14 2004-02-10 Sun Microsystems, Inc. System and method for comprehensive availability management in a high-availability computer system
US6874099B1 (en) * 2001-05-31 2005-03-29 Sprint Communications Company L.P. Method and software for testing and performance monitoring
CN1650263A (en) * 2002-04-08 2005-08-03 国际商业机器公司 Method and system for problem determination in distributed enterprise applications
CN1682211A (en) * 2002-09-20 2005-10-12 国际商业机器公司 Method and apparatus for publishing and monitoring entities providing services in a distributed data processing system
CN1791034A (en) * 2004-12-13 2006-06-21 华为技术有限公司 Detecting method
CN101304343A (en) * 2008-06-10 2008-11-12 华为技术有限公司 Method, apparatus and system for detecting network fault
KR20090127575A (en) * 2008-06-09 2009-12-14 주식회사 케이티 Method and apparatus for monitoring service status via special message watcher in authentication service system
CN102148725A (en) * 2011-03-21 2011-08-10 中兴通讯股份有限公司 Service state detecting method and system for AAA server

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1494257A (en) * 2002-10-31 2004-05-05 华为技术有限公司 Method of proceeding real time monitoring against identification authorized charging service apparatus
CN101465862A (en) * 2009-01-09 2009-06-24 北京星网锐捷网络技术有限公司 Method and device for processing switch of authentication business, network appliance and communication system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000151663A (en) * 1998-11-17 2000-05-30 Mitsubishi Electric Corp Failure detecting device and failure detecting method
JP2000298636A (en) * 1999-04-13 2000-10-24 Mitsubishi Electric Corp Method and device for managing communication network between client and server
US6691244B1 (en) * 2000-03-14 2004-02-10 Sun Microsystems, Inc. System and method for comprehensive availability management in a high-availability computer system
US6874099B1 (en) * 2001-05-31 2005-03-29 Sprint Communications Company L.P. Method and software for testing and performance monitoring
CN1650263A (en) * 2002-04-08 2005-08-03 国际商业机器公司 Method and system for problem determination in distributed enterprise applications
CN1682211A (en) * 2002-09-20 2005-10-12 国际商业机器公司 Method and apparatus for publishing and monitoring entities providing services in a distributed data processing system
CN1791034A (en) * 2004-12-13 2006-06-21 华为技术有限公司 Detecting method
KR20090127575A (en) * 2008-06-09 2009-12-14 주식회사 케이티 Method and apparatus for monitoring service status via special message watcher in authentication service system
CN101304343A (en) * 2008-06-10 2008-11-12 华为技术有限公司 Method, apparatus and system for detecting network fault
CN102148725A (en) * 2011-03-21 2011-08-10 中兴通讯股份有限公司 Service state detecting method and system for AAA server

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566416A (en) * 2017-10-25 2018-01-09 北京安博通科技股份有限公司 Authentication performance method of testing, apparatus and system, terminal, network access server
CN107566416B (en) * 2017-10-25 2020-09-29 北京安博通科技股份有限公司 Authentication performance testing method, device and system, terminal and network access server
CN112994962A (en) * 2019-12-13 2021-06-18 北大方正集团有限公司 AAA authentication test-based device, method, storage medium and system

Also Published As

Publication number Publication date
CN102148725A (en) 2011-08-10

Similar Documents

Publication Publication Date Title
WO2012126286A1 (en) Aaa server status detection method and system
CN105450582B (en) Method for processing business, terminal, server and system
US7451209B1 (en) Improving reliability and availability of a load balanced server
WO2015085848A1 (en) Security authentication method and bidirectional forwarding detection method
WO2020073039A1 (en) Apparatuses, methods, and computer program products for secure access credential management
WO2014169804A1 (en) Registration method and system for common service entity
WO2011020363A1 (en) Method and system for realizing load balance and diameter client
JP2018522323A (en) Voice communication processing method and system, electronic apparatus, and storage medium
WO2011026358A1 (en) Method and system for processing abnormal off-line for web authentication user
CN109361753A (en) A kind of Internet of things system framework and encryption method
CN113672897B (en) Data communication method, device, electronic equipment and storage medium
WO2009018732A1 (en) A method, server and system of service authorization
CN109104475A (en) Connect restoration methods, apparatus and system
CN106686592B (en) Network access method and system with authentication
JP2006279636A (en) Consistency guarantee management system for inter-client communication log
WO2003081839A1 (en) A method for implementing handshaking between the network accessing device and the user based on 802.1x protocol
CN101697550A (en) Method and system for controlling access authority of double-protocol-stack network
CN104837134B (en) A kind of web authentication user login method, equipment and system
CN111031053B (en) Identity authentication method and device, electronic equipment and readable storage medium
CN105991619A (en) Safety authentication method and device
CN103873585A (en) Radius authentication device and method
JP5470145B2 (en) Authentication switch and terminal authentication method
WO2010121551A1 (en) Method for processing group messages, service delivery platform and associated equipment
CN106304071B (en) A kind of network access verifying method, access authentication equipment and system
CN104753774A (en) Distributed enterprise integrated access gateway

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12760927

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12760927

Country of ref document: EP

Kind code of ref document: A1