CN108718339A - Data processing method, device and server - Google Patents
Data processing method, device and server Download PDFInfo
- Publication number
- CN108718339A CN108718339A CN201810504061.XA CN201810504061A CN108718339A CN 108718339 A CN108718339 A CN 108718339A CN 201810504061 A CN201810504061 A CN 201810504061A CN 108718339 A CN108718339 A CN 108718339A
- Authority
- CN
- China
- Prior art keywords
- parameter
- target object
- destination request
- request parameter
- destination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the present invention proposes a kind of data processing method, device and server, is related to information technology field, this method includes:The http request of reception is handled, to generate destination request parameter corresponding with http request;According to destination request parameter, in preset database, target object service corresponding with destination request parameter is obtained;Http request is responded, target object service is converted into external object model.A kind of data processing method, device and the server that the embodiment of the present invention is provided, can reduce the input cost of enterprise.
Description
Technical field
The present invention relates to information technology fields, in particular to a kind of data processing method, device and server.
Background technology
In internet, enterprise becomes increasingly closer with cooperating for enterprise, and many companies can all propose the service of oneself
It supplies partner to use, realized value maximizes.With the development of corporate business, the partner of exposed service and access gets over
Come more.This when is particularly important the management of exposure service and the permission control of partner.
But in the prior art, open platform access partner is often carried out by the way of newly-increased program code
It realizes.That is, being accessed for new partner, newly-increased http interfaces, authorization check, Parameter Switch, internal services are needed
A series of flows such as call to support the calling of new partner, this technical implementation way needs follow complete test and reach the standard grade
Flow can be adapted to third party's special demand although customization capability is strong, higher for enterprise's cost of implementation.
Invention content
The purpose of the present invention is to provide a kind of data processing method, device and servers, can reduce the input of enterprise
Cost.
To achieve the goals above, technical solution used in the embodiment of the present invention is as follows:
In a first aspect, an embodiment of the present invention provides a kind of data processing method, the method includes:To the http of reception
Request is handled, to generate destination request parameter corresponding with the http request;According to the destination request parameter,
In preset database, target object service corresponding with the destination request parameter is obtained;The http request is responded, it will
The target object service is converted to external object model.
Second aspect, an embodiment of the present invention provides a kind of data processing equipment, described device includes:Destination request parameter
Generation module is handled for the http request to reception, is joined with generating destination request corresponding with the http request
Number;Target object services determining module, for according to the destination request parameter, in preset database, obtain with it is described
The corresponding target object service of destination request parameter;External object model conversion module will for responding the http request
The target object service is converted to external object model.
The third aspect, an embodiment of the present invention provides a kind of server, the server includes memory, for storing one
A or multiple programs;Processor.When one or more of programs are executed by the processor, above-mentioned data processing is realized
Method.
Compared with the existing technology, a kind of data processing method, device and the server that the embodiment of the present invention is provided, pass through
All internal services provided by the server are subjected to unified configuration management, and the http transmitted by user terminal is asked
It asks, obtains destination request parameter by parsing the http request, and then determine and be somebody's turn to do according to the destination request parameter parsed
The internal services of http request institute object can connect enterprise by user terminal in partner and pass through compared to the prior art
When internal services provided by the server, reduce the workflow of developer, and then the input cost of enterprise can be reduced;And
And increase or change corresponding configuration newly in the server, you can realize newly-increased or change internal services provided by the server, easily
In management.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment cited below particularly, and coordinate
Appended attached drawing, is described in detail below.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of a kind of illustrative application scene graph for data processing method that the embodiment of the present invention is provided;
Fig. 2 shows a kind of a kind of schematic block diagrams for server that the embodiment of the present invention is provided;
Fig. 3 shows a kind of a kind of schematic diagram for data processing equipment that the embodiment of the present invention is provided;
Fig. 4 shows a kind of destination request parameter generation module for data processing equipment that the embodiment of the present invention is provided
A kind of schematic diagram;
Fig. 5 shows a kind of target object service determining module for data processing equipment that the embodiment of the present invention is provided
A kind of schematic diagram;
Fig. 6 shows a kind of a kind of signal of the authorization check module for data processing equipment that the embodiment of the present invention is provided
Property structure chart;
Fig. 7 shows a kind of a kind of schematic flow chart for data processing method that the embodiment of the present invention is provided;
Fig. 8 is a kind of schematic flow chart of the sub-step of step S100 in Fig. 7;
Fig. 9 is a kind of schematic flow chart of the sub-step of step S300 in Fig. 7;
Figure 10 is a kind of schematic flow chart of the sub-step of step S200 in Fig. 7.
In figure:10- servers;20- data processing equipments;30- user terminals;110- memories;120- processors;130-
Communication interface;200- destination request parameter generation modules;210- extraction configuration determination units;220- required parameter generation units;
300- target objects service determining module;310- target object service determination units;The extraction of 320- target object service configuration is single
Member;330- target objects service extraction unit;400- external object model conversion modules;500- authorization check modules;510-
One judging unit;520- second judgment units;530- Target Signature generation units;540- third judging units;600- error codes
Feedback module.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.The present invention being usually described and illustrated herein in the accompanying drawings is implemented
The component of example can be arranged and be designed with a variety of different configurations.
Therefore, below the detailed description of the embodiment of the present invention to providing in the accompanying drawings be not intended to limit it is claimed
The scope of the present invention, but be merely representative of the present invention selected embodiment.Based on the embodiments of the present invention, this field is common
The every other embodiment that technical staff is obtained without creative efforts belongs to the model that the present invention protects
It encloses.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined, then it further need not be defined and explained in subsequent attached drawing in a attached drawing.Meanwhile the present invention's
In description, term " first ", " second " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
In the description of the present invention, it is also necessary to which explanation is unless specifically defined or limited otherwise, term " setting ",
" connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;Can be
Mechanical connection can also be electrical connection;It can be directly connected, can also can be indirectly connected through an intermediary two
Connection inside element.For the ordinary skill in the art, above-mentioned term can be understood in the present invention with concrete condition
In concrete meaning.
Below in conjunction with the accompanying drawings, it elaborates to some embodiments of the present invention.In the absence of conflict, following
Feature in embodiment and embodiment can be combined with each other.
Accessing new partner for open platform in the prior art needs the test for following completion to reach the standard grade flow, causes to look forward to
The higher objective defect of industry cost of implementation, a kind of settling mode that inventor is provided in embodiments of the present invention are:Unified pipe
The 30 respective configuration of internal services, all user terminals 30 and each user terminal that reason server 10 externally provides, and
When determining 30 access server 10 of user terminal calls its required internal services, by the user terminal for calling the determination
30 configure accordingly, i.e., match with corresponding internal services.
Specifically, referring to Fig. 1, Fig. 1 shows a kind of one kind for data processing method that the embodiment of the present invention is provided
Illustrative application scene graph, wherein user terminal 30, server 10 are located in wireless network or cable network, wireless by this
Network or cable network, user terminal 30 carry out data interaction with server 10.In embodiments of the present invention, pacify in server 10
It is corresponding with user terminal 30 equipped at least one application program (APP), so that when the user terminal 30 is sent out to the server 10
When sending service access requests, corresponding processing is made.
For example, in a specific implement scene, partner passes through the wireless network or wired using user terminal 30
After the foundation of network and server 10 communicate, to the transmission service request of server 10, server 10 is according to the user terminal of reception
Service request transmitted by 30 makes corresponding processing, to respond the service request that the user terminal 30 is started.
Referring to Fig. 2, a kind of a kind of schematic structure frame of the server 10 provided Fig. 2 shows the embodiment of the present invention
Figure.The server 10 may be, but not limited to, PC (personal computer, PC), tablet computer, on knee
Pocket computer, vehicle-mounted computer, personal digital assistant (personal digital assistant, PDA) etc..The service
Device 10 includes data processing equipment 20, memory 110, processor 120 and communication interface 130.
The memory 110, processor 120 and 130 each element of communication interface between each other can be directly or indirectly electric
Property connection, to realize the transmission or interaction of data.For example, these elements between each other can by one or more communication bus or
Signal wire, which is realized, to be electrically connected.The data processing equipment 20 include it is at least one can be with software or firmware (firmware)
Form is stored in the memory 110 or is solidificated in the operating system (operating system, OS) of the server 10
In software function module.The processor 120 can be used for executing the one or more journeys stored in the memory 110
Sequence, such as software function module or computer program that the data processing equipment 20 includes, to realize institute of the embodiment of the present invention
The data processing method of offer.
Wherein, the memory 110 may be, but not limited to, random access memory (Random Access
Memory, RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable
Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only
Memory, EPROM), electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only
Memory, EEPROM) etc..Wherein, the memory 110 can be used for storing one or more programs, and the processor 120 can
After receiving and executing instruction, to execute one or more of programs, to realize a kind of number that the embodiment of the present invention is provided
According to processing method.Method performed by the server 10 for the flow definition that any embodiment of the present invention discloses can be applied to handle
In device 120, or realized by processor 120.
Processor 120 can be a kind of IC chip, have signal handling capacity.Above-mentioned processor 120 can be with
It is general processor, including central processing unit (Central Processing Unit, CPU), network processing unit (Network
Processor, NP), speech processor and video processor etc.;Can also be digital signal processor, application-specific integrated circuit,
Field programmable gate array either other programmable logic device, discrete gate or transistor logic, discrete hardware components.
It may be implemented or execute disclosed each method, step and the logic diagram in the embodiment of the present invention.General processor can be
Microprocessor or the processor 120 can also be any conventional processor etc..
The communication interface 130 can be used for the data processing equipment 20 and other nodes or equipment carrying out signaling or number
According to communication.
It is appreciated that structure shown in Fig. 2 is only to illustrate, server 10 may also include than shown in Fig. 2 more or more
Few component, or with the configuration different from shown in Fig. 2.Hardware, software or its group may be used in each component shown in Fig. 2
It closes and realizes.
Specifically, referring to Fig. 3, Fig. 3 shows the one of a kind of data processing equipment 20 that the embodiment of the present invention is provided
Kind of schematic diagram, in embodiments of the present invention, the data processing equipment 20 include destination request parameter generation module 200,
Target object services determining module 300 and external object model conversion module 400.Wherein,
Destination request parameter generation module 200 is for handling the http request of reception, to generate and the http
Ask corresponding destination request parameter.
Specifically, referring to Fig. 4, Fig. 4 shows a kind of mesh for data processing equipment 20 that the embodiment of the present invention is provided
A kind of schematic diagram of required parameter generation module 200 is marked, in embodiments of the present invention, which generates mould
Block 200 includes extraction configuration determination unit 210 and required parameter generation unit 220.Wherein,
Extraction configuration determination unit 210 is used to, according to the URL prefix of the http request received, determine the http request
Parameter extraction configures, wherein the mode that the parameter extraction configuration characterization handles the http request.
Required parameter generation unit 220 is used to handle the http request with parameter extraction configuration, generates
Destination request parameter corresponding with the http request.
Target object services determining module 300 and is used for according to the destination request parameter, in preset database, obtains
Target object service corresponding with the destination request parameter.
Specifically, referring to Fig. 5, Fig. 5 shows a kind of mesh for data processing equipment 20 that the embodiment of the present invention is provided
A kind of schematic diagram of objects services determining module 300 is marked, in embodiments of the present invention, which determines mould
Block 300 is carried including target object service determination unit 310, target object service configuration extraction unit 320 and target object service
Take unit 330.Wherein,
Target object service determination unit 310 is used to, according to the destination request parameter, obtain in preset database
Target object service model corresponding with the destination request parameter and target object configure parameter.
Target object service configuration extraction unit 320 is used to configure parameter according to the target object, described preset
The target object service configuration of the target object service model is obtained in database.
Target object services extraction unit 330 and is used for according to the target object service model and the target object service
Configuration determines target corresponding with service corresponding with the destination request parameter.
External object model conversion module 400 is converted to the target object service for responding the http request
External object model.
As an implementation, please continue to refer to Fig. 3, in embodiments of the present invention, which also wraps
Include authorization check module 500 and error code feedback module 600.Wherein,
Authorization check module 500 is used to, according to the destination request parameter, determine whether the destination request parameter meets
Jurisdictions mandate.
Error code feedback module 600 is used for when the destination request parameter is unsatisfactory for the jurisdictions mandate, and feedback is default
Authorization check error code.
Specifically, referring to Fig. 6, Fig. 6 shows a kind of power for data processing equipment 20 that the embodiment of the present invention is provided
A kind of schematic diagram of correction verification module 500 is limited, in embodiments of the present invention, which sentences including first
Disconnected unit 510, second judgment unit 520, Target Signature generation unit 530 and third judging unit 540.Wherein,
Whether the difference of timestamp and current time stamp of first judging unit 510 for judging the destination request parameter
Less than the first preset value.
Second judgment unit 520 is used for when the timestamp and the difference of the current time stamp of the destination request parameter are small
When first preset value, judge that the target ip address corresponding to the destination request parameter whether there is in preset white name
In single-row table.
Target Signature generation unit 530 be used for the target ip address corresponding to the destination request parameter be present in it is described
When preset white list, the destination request parameter is handled according to preset signature algorithm, generates Target Signature;
Third judging unit 540 be used for judge the Target Signature in the http request it is initial sign whether phase
Together, wherein when the Target Signature is identical as the initially signature in the http request, judge that the destination request parameter is full
The foot jurisdictions mandate.
Specifically, referring to Fig. 7, Fig. 7 shows a kind of one kind for data processing method that the embodiment of the present invention is provided
Schematic flow chart, in embodiments of the present invention, the data processing method include the following steps:
Step S100 handles the http request of reception, is joined with generating destination request corresponding with http request
Number.
Application scenarios as shown in Figure 1, when the internal services that partner needs access enterprise to be provided, partner is i.e. logical
It crosses user terminal 30 and sends http request to the server 10 of enterprise, to obtain server 10 for 30 access service of user terminal
The feedback for the internal services that device 10 is provided.Correspondingly, http request of the server 10 according to reception, carries out the http request
Processing, to generate corresponding with http request destination request parameter, with according to the destination request parameter, and then response user
Http request transmitted by terminal 30 accesses the internal services of corresponding server 10.
There are many in such a way that http request determines destination request parameter, a kind of implementation that the embodiment of the present invention is provided
Mode is:By the URL prefix of http request, the parameter extraction of http request is determined with postponing, further according to what is determined
Parameter extraction configures, and handles http request, to obtain the destination request parameter corresponding to the http request.Wherein, it walks
Rapid S100 can be executed by above-mentioned destination request parameter generation module 200.Specifically, referring to Fig. 8, Fig. 8 is step in Fig. 7
A kind of schematic flow chart of the sub-step of S100, in embodiments of the present invention, step S100 include following sub-step:
Sub-step S110 determines the parameter extraction configuration of http request according to the URL prefix of the http request received.
When server 10 receives the internal services access request transmitted by user terminal 30, use by oneself according to receiving
The http request of family terminal 30 determines the parameter extraction configuration of the http request according to the URL prefix of the http request.Its
In, the mode that parameter extraction configuration characterization handles the http request, different parameter extractions configuration characterization is to http
Request is handled different in a manner of obtaining destination request parameter.
For example, for the reference format of URL:Domain name/version number/type identification/API marks, wherein the version of server 10
This number is generally identical as version number entrained in the http request transmitted by user terminal 30, but when the inside of server 10
When system upgrades, then the version number of server 10 is and version entrained in the http request transmitted by user terminal 30
This number has occurred difference, that is to say, that with the continuous upgrading of the built-in system of server 10, different user terminals 30, to
Entrained version number is possible different in http request transmitted by server 10, and therefore, server 10 is receiving one
When http request transmitted by determining user terminal 30, that is, need the version entrained by the URL prefix according to the http request
Number, call different processing modes.
Meanwhile for different user terminals 30, it might have different type identifications, such as post/form, post/
Self-defined xml formats of json, post/ etc. for different type identifications are often also required to that different processing modes is called to carry out
Processing.Wherein, sub-step S110 can configure determination unit 210 by above-mentioned extraction and execute.
Sub-step S120 handles http request with parameter extraction configuration, generates mesh corresponding with http request
Mark required parameter.
It is configured in the parameter extraction for the http request determined according to sub-step S110, with parameter extraction configuration pair
The http request is handled, and then generates destination request parameter corresponding with the http request.That is, according to sub-step
The parameter extraction configuration for the http request that rapid S110 is determined, carries out the http request so that it is determined that having gone out server 10
The mode of processing, and then the processing mode determined according to this, handle http request, to generate and the http request
Corresponding destination request parameter.Wherein, sub-step S120 can be executed by above-mentioned required parameter generation unit 220.
Step S300 in preset database, is obtained corresponding with destination request parameter according to destination request parameter
Target object service.
After destination request parameter corresponding to the http request for getting the transmission of user terminal 30 according to step S100, clothes
Device 10 be engaged in i.e. according to the destination request parameter, in preset database, gets mesh corresponding with the destination request parameter
Objects services are marked, which is that the server 10 to be accessed of the http request transmitted by user terminal 30 is carried
The internal services of confession.Wherein, step S300 can service determining module 300 by above-mentioned target object and execute.
As an implementation, referring to Fig. 9, Fig. 9 is a kind of schematic flow of the sub-step of step S300 in Fig. 7
Figure, in embodiments of the present invention, step S300 includes following sub-step:
Sub-step S310 is obtained corresponding with destination request parameter according to destination request parameter in preset database
Target object service model and target object configure parameter.
The destination request parameter corresponding to http request that server 10 is obtained according to step S100, in preset data
Target object service model corresponding with the destination request parameter is obtained in library and target object configures parameter.Wherein, the mesh
Mark objects services model is model of the internal services that are provided of server 10 server 10 inside, which configures
Parameter is then the configuration required configuration parameter of the target object service model.Wherein, sub-step S310 can be by above-mentioned mesh
Objects services determination unit 310 is marked to execute.
Sub-step S320, parameter is configured according to target object, is obtained in preset database and is serviced mould with target object
The corresponding target object service configuration of type.
By the target object service model and target pair corresponding to the http request obtained according to sub-step S320
As in configuration parameter, target object configuration parameter is unable to end user and configures the target object service model to form target object
Service is accessed for user terminal 30, and specific target corresponding with service is needed to configure to the target object service model
Reason, could obtain the target object service corresponding to http request.Therefore, after obtaining target object configuration parameter, according to this
Target object configures parameter, and target object service corresponding with the target object service model is obtained in preset database and is matched
It sets, so that server 10 configures target object service model according to the target object service configuration, forms target object
Service.Wherein, sub-step S320 can be executed by above-mentioned target object service configuration extraction unit 320.
Sub-step S330 is determined and destination request parameter according to target object service model and target object service configuration
Corresponding target object service.
According to the target object service configuration obtained by target object configuration parameter in sub-step S320, to by sub-step
The target object service model that rapid S310 is obtained is configured, and then determines target object clothes corresponding with destination request parameter
In other words business according to the target object service configuration, to be configured to target object service model, and then is determined and is used
Target object service corresponding to http request transmitted by family terminal 30.Wherein, sub-step S330 can be by above-mentioned target
Objects services extraction unit 330 executes.
Step S400 responds http request, target object service is converted to external object model.
After obtaining target object service corresponding with http request according to step S300, server 10 responds user
Http request transmitted by terminal 30, and the target object service is converted to and is matched with the api interface of user terminal 30
External object model, so that user terminal 30 accesses the target object service.Wherein, step S400 can be right by above-mentioned outside
As model conversion module 400 executes.
Based on above-mentioned design, a kind of data processing method that the embodiment of the present invention is provided, by being carried server 10
All internal services supplied carry out unified configuration management, and the http request transmitted by user terminal 30, pass through parsing
The http request obtains destination request parameter, and then right according to the determination of destination request parameter and http request institute parsed
The internal services of elephant can connect enterprise by user terminal 30 in partner and pass through 10 institute of server compared to the prior art
When the internal services of offer, reduce the workflow of developer, and then the input cost of enterprise can be reduced;And it is servicing
Increase or change corresponding configuration in device 10 newly, you can realize the internal services that newly-increased or modification server 10 is provided, be easy to pipe
Reason.
In order to avoid the malicious attack of either partner of some non-partners, generally require to carry out server 10
Security configuration, a kind of embodiment that the embodiment of the present invention is provided are:It is asked when user terminal 30 sends http to server 10
When asking to ask internal services that access server 10 is provided, that is, whether the http request for verifying the user terminal 30 has power
Limit accesses the internal services that the server 10 is provided.Specifically, referring to Fig. 7, in the embodiment of the present invention, in step
Before S300, which further includes step S200, judges whether destination request parameter meets jurisdictions mandate?
For the http request transmitted by user terminal 30, obtained according to server 10 by parsing the http request
The correspondence of destination request parameter and preset destination request parameter and partner, server 10 can determine http request institute
Corresponding specific partner, and then according to the specific partner, determine whether the specific partner has permission access clothes
The internal services that business device 10 is provided.That is, in server 10, by judging whether destination request parameter meets service
10 preset jurisdictions mandate of device, and then judge whether corresponding user terminal 30 takes with the inside that access server 10 is provided
The jurisdictions mandate of business.Wherein, it when destination request parameter meets jurisdictions mandate, that is, characterizes user terminal 30 and meets server 10
Jurisdictions mandate, the internal services that 30 access server 10 of user terminal can be allowed to be provided execute step S300;If mesh
Mark required parameter is unsatisfactory for jurisdictions mandate, that is, characterizes the jurisdictions mandate that user terminal 30 is unsatisfactory for server 10, and server 10 will
Refuse the internal services that 30 access server 10 of user terminal is provided, that is, executes step S500.Wherein, step S200 can
To be executed by above-mentioned authorization check module 500.
Specifically, as an implementation, referring to Fig. 10, Figure 10 is one kind of the sub-step of step S200 in Fig. 7
Schematic flow chart, in embodiments of the present invention, step S200 include following sub-step:
Sub-step S210, whether the difference of the timestamp and current time stamp that judge destination request parameter, which is less than first, is preset
Value?If being less than, sub-step S220 is executed;If being not less than, step S500 is executed.
When user terminal 30 sends http request to server 10, server 10 is to be parsed according to http request
Destination request parameter, and then the timestamp for being included according to the destination request parameter carries out mathematic interpolation with current time stamp, and
Whether the difference of the timestamp and current time stamp that judge the destination request parameter is less than the first preset value, only works as destination request
When the timestamp of parameter and the difference of current time stamp are less than the first preset value, server 10 just continues to execute sub-step S220,
Otherwise step S500 is executed, is played back to avoid the request of user terminal 30.Wherein, sub-step S210 can be by above-mentioned first
Judging unit 510 executes.
As an implementation, which could be provided as 60 seconds.It is, of course, understood that this first
Preset value may be arranged as other values, such as 30 seconds, 90 seconds etc..
Sub-step S220 judges that the target ip address corresponding to destination request parameter whether there is and is arranged in preset white list
Table?If in the presence of sub-step S230 is continued to execute;If being not present, S500 is thened follow the steps.
After the timestamp for judging the destination request parameter is less than the first preset value with current time stamp, the indicator user is whole
The http request at end is not belonging to request playback, at this point, sub-step S220 is executed, to judge the mesh corresponding to the destination request parameter
IP address is marked to whether there is in 10 default white list of server.Wherein, the preset white list characterization service
Device 10 allows the IP address of the user terminal 30 of access, only when to be present in this preset for the target ip address of user terminal 30
When white list, the use for the internal services that the user terminal 30 allows access server 10 to be provided by server 10 is characterized
Family terminal 30.
Meanwhile only when judging that the target ip address corresponding to the destination request parameter is present in preset white list row
Table just continues to execute sub-step S230;If it is preset white that the target ip address corresponding to the destination request parameter is not present in this
When list list, S500 is thened follow the steps.To avoid nonbusiness partner malicious attack.Wherein, sub-step S220 can
To be executed by above-mentioned second judgment unit 520.
Sub-step S230 is handled destination request parameter according to preset signature algorithm, generates Target Signature.
Judging that it is preset white that the target ip address corresponding to the destination request parameter is present in this by sub-step S220
After list list, it may be the use that the server 10 allows access to characterize the user terminal 30 corresponding to the destination request parameter
Family terminal 30 is handled the destination request parameter, at this point, i.e. according to preset signature algorithm to generate the destination request
The corresponding Target Signature of parameter.Wherein, sub-step S230 can be executed by above-mentioned Target Signature generation unit 530.
Sub-step S240 judges whether Target Signature and the initial signature in http request are identical?If identical, judgement should
Destination request meets jurisdictions mandate;If differing, if it is determined that the destination request parameter is unsatisfactory for jurisdictions mandate.
After by the Target Signature corresponding to sub-step S230 or the destination request parameter, i.e., according to the target label
Name, with included in http request initially sign compared with pair.Wherein, the initial signature which is included is that user is whole
End 30 handles destination request parameter generated signature, typically, since different according to its preset signature algorithm
Signature algorithm identical destination request parameter is handled, the signature generated is different;Also, identical signature is calculated
Method handles different destination request parameters, and the signature generated is also different.Therefore, if Target Signature and http
Ask the initially signature for being included identical, then characterizing the user terminal 30 is allowed the user terminal 30 of access by server 10,
I.e. the destination request parameter meets the jurisdictions mandate of server 10;If the initial signature that Target Signature is included with http request is not
Together, then it is not the user terminal 30 that server 10 allows access to characterize the user terminal 30, i.e. the destination request parameter is discontented
The jurisdictions mandate of sufficient server 10, and then prevent the malicious attack of the partner of nonbusiness.Wherein, sub-step S240 can be by upper
The third judging unit 540 stated executes.
Meanwhile as an implementation, when destination request parameter is unsatisfactory for jurisdictions mandate, that is, step S500 is executed,
Feed back preset authorization check error code.
When destination request parameter is unsatisfactory for the jurisdictions mandate of server 10, server 10 can refuse the user terminal at this time
The request for the internal services that 30 access servers 10 are provided, also, feed back preset authorization check mistake to the user terminal 30
Error code, to be indicated to the user terminal 30, which does not have the internal services that permission access server 10 is provided.Its
In, step S500 can be executed by above-mentioned error code feedback module 600.
Based on above-mentioned design, a kind of data processing method that the embodiment of the present invention is provided, by destination request parameter
Authorization check is carried out, to ensure that the inside that access server 10 is provided under the premise of meeting permission of user terminal 30 takes
Business, prevents server 10 by malicious attack.
In embodiment provided herein, it should be understood that disclosed device and method, it can also be by other
Mode realize.The apparatus embodiments described above are merely exemplary, for example, the flow chart and block diagram in attached drawing are shown
The architecture, function and operation in the cards of device according to the ... of the embodiment of the present invention, method and computer program product.
In this regard, each box in flowchart or block diagram can represent a part for a module, section or code, the mould
A part for block, program segment or code includes one or more executable instructions for implementing the specified logical function.Also it answers
When note that at some as in the realization method replaced, the function of being marked in box can also be to be different from being marked in attached drawing
The sequence of note occurs.For example, two continuous boxes can essentially be basically executed in parallel, they sometimes can also be by opposite
Sequence execute, this is depended on the functions involved.It is also noted that each box in block diagram and or flow chart and
The combination of box in block diagram and or flow chart can use the dedicated hardware based system of function or action as defined in executing
It unites to realize, or can realize using a combination of dedicated hardware and computer instructions.
In addition, each function module in embodiments of the present invention can integrate to form an independent part,
Can be modules individualism, can also two or more modules be integrated to form an independent part.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module
It is stored in a computer read/write memory medium.Based on this understanding, technical scheme of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be expressed in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be
People's computer, server or network equipment etc.) execute the method for the embodiment of the present invention all or part of step.And it is preceding
The storage medium stated includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory
The various media that can store program code such as (RAM, Random Access Memory), magnetic disc or CD.
In conclusion a kind of data processing method, device and server that the embodiment of the present invention is provided, by that will service
All internal services that device 10 is provided carry out unified configuration management, and the http request transmitted by user terminal 30,
Destination request parameter is obtained by parsing the http request, and then is determined and the http according to the destination request parameter parsed
The internal services of institute's object are asked, compared to the prior art, enterprise can be connected by user terminal 30 in partner and pass through clothes
When the internal services that business device 10 is provided, reduce the workflow of developer, and then the input cost of enterprise can be reduced;And
And increase or change corresponding configuration newly in server 10, you can realize the inside clothes that newly-increased or modification server 10 is provided
Business, is easily managed;Also by carrying out authorization check to destination request parameter, to ensure the user terminal 30 before meeting permission
The internal services that access server 10 is provided are put, prevent server 10 by malicious attack.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Profit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent requirements of the claims
Variation is included within the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.
Claims (10)
1. a kind of data processing method, which is characterized in that the method includes:
The http request of reception is handled, to generate destination request parameter corresponding with the http request;
According to the destination request parameter, in preset database, target corresponding with the destination request parameter is obtained
Objects services;
The http request is responded, the target object service is converted into external object model.
2. the method as described in claim 1, which is characterized in that described pair reception http request handle, with generate with
The step of http request corresponding destination request parameter, including:
According to the URL prefix of the http request received, the parameter extraction configuration of the http request is determined, wherein the parameter
The mode that extraction configuration characterization handles the http request;
The http request is handled with parameter extraction configuration, target corresponding with the http request is generated and asks
Seek parameter.
3. the method as described in claim 1, which is characterized in that it is described according to the destination request parameter, in preset data
In library, the step of target object corresponding with the destination request parameter services is obtained, including:
According to the destination request parameter, target pair corresponding with the destination request parameter is obtained in preset database
As service model and target object configure parameter;
Parameter is configured according to the target object, is obtained and the target object service model phase in the preset database
The target object service configuration answered;
According to the target object service model and the target object service configuration, determination is opposite with the destination request parameter
The target object service answered.
4. the method as described in claim 1, which is characterized in that described according to the destination request parameter, in preset number
Before the step of in library, obtaining target object service corresponding with the destination request parameter, the method further includes:
According to the destination request parameter, determine whether the destination request parameter meets jurisdictions mandate, wherein when the target
When required parameter meets the jurisdictions mandate, execution is described according to the destination request parameter, in preset database, obtains
The step of target object service corresponding with the destination request parameter.
5. method as claimed in claim 4, which is characterized in that it is described according to the destination request parameter, determine the target
The step of whether required parameter meets jurisdictions mandate, including:
Whether the difference of the timestamp and current time stamp that judge the destination request parameter is less than the first preset value;
When the difference of the timestamp of the destination request parameter and the current time stamp is less than first preset value, judge
Target ip address corresponding to the destination request parameter whether there is in preset white list;
When target ip address corresponding to the destination request parameter is present in the preset white list, according to default
Signature algorithm the destination request parameter is handled, generate Target Signature;
Judge the Target Signature and in the http request it is initial signature it is whether identical, wherein when the Target Signature with
When initially signature in the http request is identical, judge that the destination request parameter meets the jurisdictions mandate.
6. method as claimed in claim 4, which is characterized in that described according to the destination request parameter, in preset number
Before the step of in library, obtaining target object service corresponding with the destination request parameter, the method further includes:
When the destination request parameter is unsatisfactory for the jurisdictions mandate, preset authorization check error code is fed back.
7. a kind of data processing equipment, which is characterized in that described device includes:
Destination request parameter generation module is handled for the http request to reception, to generate and the http request phase
Corresponding destination request parameter;
Target object services determining module, for according to the destination request parameter, in preset database, obtain with it is described
The corresponding target object service of destination request parameter;
External object model conversion module, for responding the http request, it is external right that the target object service is converted to
As model.
8. device as claimed in claim 7, which is characterized in that the target object services determining module and includes:
Target object service determination unit, for according to the destination request parameter, obtained in preset database with it is described
The corresponding target object service model of destination request parameter and target object configure parameter;
Target object service configuration extraction unit, for configuring parameter according to the target object, in the preset database
The middle target object service configuration for obtaining the target object service model;
Target object services extraction unit, for being matched according to the target object server model and the target object service
It sets, determines target corresponding with service corresponding with the destination request parameter.
9. device as claimed in claim 7, which is characterized in that described device further includes:
Authorization check module, for according to the destination request parameter, determining whether the destination request parameter meets permission and want
It asks.
10. a kind of server, which is characterized in that including:
Memory, for storing one or more programs;
Processor;
When one or more of programs are executed by the processor, the side as described in any one of claim 1-6 is realized
Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810504061.XA CN108718339A (en) | 2018-05-23 | 2018-05-23 | Data processing method, device and server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810504061.XA CN108718339A (en) | 2018-05-23 | 2018-05-23 | Data processing method, device and server |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108718339A true CN108718339A (en) | 2018-10-30 |
Family
ID=63900497
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810504061.XA Pending CN108718339A (en) | 2018-05-23 | 2018-05-23 | Data processing method, device and server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108718339A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114760133A (en) * | 2022-04-15 | 2022-07-15 | 中国电信股份有限公司 | RESTful interface authentication method, device, system, equipment and medium |
CN116560641A (en) * | 2023-04-19 | 2023-08-08 | 上海百秋智尚网络服务有限公司 | Automatic interface generation method, device, equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102073953A (en) * | 2009-11-24 | 2011-05-25 | 阿里巴巴集团控股有限公司 | On-line payment method and system |
CN103581173A (en) * | 2013-09-11 | 2014-02-12 | 北京东土科技股份有限公司 | Safe data transmission method, system and device based on industrial Ethernet |
US20170315524A1 (en) * | 2016-04-27 | 2017-11-02 | Hypertherm, Inc. | Systems and methods for wireless communications between components of a material processing system |
CN107733922A (en) * | 2017-11-20 | 2018-02-23 | 百度在线网络技术(北京)有限公司 | Method and apparatus for calling service |
-
2018
- 2018-05-23 CN CN201810504061.XA patent/CN108718339A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102073953A (en) * | 2009-11-24 | 2011-05-25 | 阿里巴巴集团控股有限公司 | On-line payment method and system |
CN103581173A (en) * | 2013-09-11 | 2014-02-12 | 北京东土科技股份有限公司 | Safe data transmission method, system and device based on industrial Ethernet |
US20170315524A1 (en) * | 2016-04-27 | 2017-11-02 | Hypertherm, Inc. | Systems and methods for wireless communications between components of a material processing system |
CN107733922A (en) * | 2017-11-20 | 2018-02-23 | 百度在线网络技术(北京)有限公司 | Method and apparatus for calling service |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114760133A (en) * | 2022-04-15 | 2022-07-15 | 中国电信股份有限公司 | RESTful interface authentication method, device, system, equipment and medium |
CN114760133B (en) * | 2022-04-15 | 2023-10-03 | 中国电信股份有限公司 | RESTful interface authentication method, device, system, equipment and medium |
CN116560641A (en) * | 2023-04-19 | 2023-08-08 | 上海百秋智尚网络服务有限公司 | Automatic interface generation method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109558748A (en) | Data processing method, device, electronic equipment and storage medium | |
CN107357914B (en) | Information processing method and device | |
CN113268336B (en) | Service acquisition method, device, equipment and readable medium | |
JP6023121B2 (en) | Vulnerability visualization server, vulnerability visualization method, vulnerability visualization server program | |
CN113641940B (en) | Page jump method, device, system, equipment and storage medium | |
CN112835782B (en) | Interface access test method and system | |
CN112380145A (en) | SDK generation method, device, equipment and readable storage medium | |
CN113923144A (en) | Service test system, method, electronic device and storage medium | |
CN105100132B (en) | The method and system of terminal device, identification terminal equipment | |
CN108718339A (en) | Data processing method, device and server | |
CN111427613A (en) | Application program interface API management method and device | |
CN111294347B (en) | Safety management method and system for industrial control equipment | |
CN110769064B (en) | System, method and equipment for offline message pushing | |
AU2014412020B2 (en) | Techniques to transform network resource requests to zero rated network requests | |
CN112068854A (en) | Intelligent device algorithm updating system, intelligent device and platform server | |
EP2728472A2 (en) | User terminal, reliability management server, and method and program for preventing unauthorized remote operation | |
CN112882948A (en) | Stability testing method, device and system for application and storage medium | |
CN112579682A (en) | Data model change notification method and device, electronic device and storage medium | |
CN112306041A (en) | Vehicle configuration information writing method and device and electronic equipment | |
CN110930253A (en) | Intelligent contract internal main key generation method and device, computer equipment and storage medium | |
CN110705637A (en) | User classification method and device based on application installation list information and electronic equipment | |
CN107690057B (en) | Conference video data interaction method and device | |
CN110221958B (en) | Application testing method, device, computing equipment and computer readable storage medium | |
CN114968696A (en) | Index monitoring method, electronic equipment and chip system | |
AU2013206622B2 (en) | Download management method and device based on Android browser |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181030 |
|
RJ01 | Rejection of invention patent application after publication |