CN110913011B - Session holding method, session holding device, readable storage medium and electronic device - Google Patents
Session holding method, session holding device, readable storage medium and electronic device Download PDFInfo
- Publication number
- CN110913011B CN110913011B CN201911235643.3A CN201911235643A CN110913011B CN 110913011 B CN110913011 B CN 110913011B CN 201911235643 A CN201911235643 A CN 201911235643A CN 110913011 B CN110913011 B CN 110913011B
- Authority
- CN
- China
- Prior art keywords
- session
- information
- server
- service node
- identification information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/142—Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The disclosure relates to a session holding method, a session holding apparatus, a readable storage medium, and an electronic device. The method is applied to the gateway and comprises the following steps: when a first HTTP message carrying first Cookie information and sent by a client is received, acquiring a gateway session ID and server session identification information from the first Cookie information; if the first HTTP message is determined to be sent to the server according to the gateway session ID, determining a first target service node for receiving the first HTTP message from a plurality of service nodes of the server; and if the identification information of the first target service node is matched with the identification information of the service node in the session identification information of the server, sending a first HTTP message carrying second Cookie information to the first target service node. Therefore, as additional third-party middleware is not required to be deployed to store the gateway session and the server session, and the gateway session and the server session are not required to be stored in the Cookie information, the problems in the related technology can be avoided, and the communication efficiency is ensured.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a session holding method, a session holding apparatus, a readable storage medium, and an electronic device.
Background
In practical application, the requests sent by the client to the server are all stateless HTTP protocols, each time a user sends a request, a new link is sent, and the server cannot identify the user. Under the single-body architecture, in order for the server to identify the user, the server is first required to generate and store a session (session) to record various information of the user. Cookie information is involved in order to realize the maintenance of the session between the server and the client. The Cookie information is stored in the client, the Cookie information includes an identifier of a session of the server (recorded as a session ID of the server), and when the client sends a request to the server, the Cookie information is attached to the request. Therefore, when the server receives the request carrying the Cookie information, the server can distinguish the user from which the request comes according to the session ID of the server, and then returns corresponding response information to the client corresponding to the user.
However, in a scenario using a gateway, both the server and the gateway need to store user information by creating a session, and thus, the session maintaining method under the single architecture cannot be applied to the scenario using the gateway. In the related art, the method is applied to a session holding mode in a scenario of using a gateway, and one is to save the session by using additionally deployed third-party middleware, so that the deployment and maintenance costs are high; the other method is to store the conversation in the Cookie information, so that the Cookie information has more contents, network congestion is caused, and the communication efficiency is lower.
Disclosure of Invention
An object of the present disclosure is to provide a session holding method, a session holding apparatus, a readable storage medium, and an electronic device to ensure communication efficiency.
In order to achieve the above object, a first aspect of the present disclosure provides a session holding method applied to a gateway, the method including:
when a first HTTP message carrying first Cookie information and sent by a client is received, acquiring a gateway session ID and server session identification information from the first Cookie information, wherein the server session identification information comprises identification information of a service node and a server session ID;
if the first HTTP message is determined to be sent to a server according to the gateway session ID, determining a first target service node for receiving the first HTTP message from a plurality of service nodes of the server;
and if the identification information of the first target service node is matched with the identification information of the service node in the server session identification information, sending the first HTTP message carrying second Cookie information to the first target service node, wherein the second Cookie information comprises the server session ID in the server session identification information.
Optionally, before receiving a first HTTP message carrying first Cookie information sent by a client, the method further includes:
after a login request sent by the client is received, verifying the login request according to first user information included in the login request;
if the login request passes the verification, a gateway session is established for the user corresponding to the first user information, and the gateway session has a corresponding gateway session ID;
receiving a second HTTP message sent by the client;
determining a second target service node for receiving the second HTTP message from a plurality of service nodes of the server;
sending the second HTTP message and the first user information to a second target service node, so that the second target service node creates a first service end session for a user corresponding to the first user information, and returns a first response message carrying third Cookie information, wherein the third Cookie information comprises a service end session ID of the first service end session;
after receiving the first response message, generating server session identification information of the second target service node, wherein the server session identification information includes the identification information of the second target service node and the server session ID in the third Cookie information;
generating fourth Cookie information comprising server-side session identification information of the second target service node and the gateway session ID corresponding to the gateway session;
and sending the first response message carrying the fourth Cookie information to the client.
Optionally, the method further comprises:
if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, sending a first HTTP message not carrying the first Cookie information and second user information of the client to the first target service node so that the first target service node creates a second server session for a user corresponding to the second user information, and returning a second response message carrying fifth Cookie information, wherein the fifth Cookie information comprises a server session ID of the second server session;
after receiving the second response message, generating server session identification information of the first target service node, wherein the server session identification information includes the identification information of the first target service node and the server session ID in the fifth Cookie information;
generating sixth Cookie information comprising server session identification information of the first target service node, the server session identification information in the first Cookie information and the gateway session ID;
and sending the second response message carrying the sixth Cookie information to the client.
Optionally, the identification information of the service node in the service-side session identification information is encrypted.
Optionally, the determining, from a plurality of service nodes of the server, a first target service node for receiving the first HTTP message includes:
and determining a first target service node for receiving the first HTTP message according to a load balancing strategy.
Optionally, the method further comprises:
acquiring an application identification list of accessible applications of the user corresponding to the gateway session ID according to the gateway session ID;
determining whether an application identifier of an application to be accessed included in the first HTTP message is located in the application identifier list;
and if the application identifier is located in the application identifier list, determining to send the first HTTP message to the server.
Optionally, the method further comprises:
and if the first HTTP message is determined not to be sent to the server according to the gateway session ID, returning prompt information representing that the server is not accessed to the client.
A second aspect of the present disclosure provides a session holding apparatus applied to a gateway, the apparatus including:
the first obtaining module is used for obtaining a gateway session ID and server session identification information from first Cookie information when receiving a first HTTP message which is sent by a client and carries the first Cookie information, wherein the server session identification information comprises identification information of a service node and a server session ID;
a first determining module, configured to determine, if it is determined according to the gateway session ID that the first HTTP packet is sent to a server, a first target service node for receiving the first HTTP packet from among a plurality of service nodes of the server;
a first sending module, configured to send the first HTTP packet carrying second Cookie information to the first target service node if the identification information of the first target service node matches the identification information of the service node in the server session identification information, where the second Cookie information includes the server session ID in the server session identification information.
Optionally, the apparatus further comprises:
the auditing module is used for auditing the login request according to first user information included in the login request after receiving the login request sent by the client;
the creating module is used for creating a gateway session for a user corresponding to the first user information if the login request passes the verification, wherein the gateway session has a corresponding gateway session ID;
the first receiving module is used for receiving a second HTTP message sent by the client;
a second determining module, configured to determine, from a plurality of service nodes of the server, a second target service node for receiving the second HTTP packet;
a second sending module, configured to send the second HTTP message and the first user information to a second target service node, so that the second target service node creates a first service end session for a user corresponding to the first user information, and returns a first response message carrying third Cookie information, where the third Cookie information includes a service end session ID of the first service end session;
a first generating module, configured to generate server session identification information of the second target service node after receiving the first response packet, where the server session identification information includes identification information of the second target service node and the server session ID in the third Cookie information;
a second generating module, configured to generate fourth Cookie information that includes server session identification information of the second target service node and the gateway session ID corresponding to the gateway session;
and the third sending module is used for sending the first response message carrying the fourth Cookie information to the client.
Optionally, the apparatus further comprises:
a fourth sending module, configured to send, to the first target service node, a first HTTP message that does not carry the first Cookie information and second user information of the client if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, so that the first target service node creates a second server session for a user corresponding to the second user information, and returns a second response message that carries fifth Cookie information, where the fifth Cookie information includes a server session ID of the second server session;
a third generating module, configured to generate server session identification information of the first target service node after receiving the second response packet, where the server session identification information includes the identification information of the first target service node and the server session ID in the fifth Cookie information;
a fourth generating module, configured to generate sixth Cookie information including the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID;
and the fifth sending module is configured to send the second response packet carrying the sixth Cookie information to the client.
Optionally, the identification information of the service node in the session identification information of the service end is encrypted.
Optionally, the first determining module is configured to determine, according to a load balancing policy, a first target service node for receiving the first HTTP packet.
Optionally, the apparatus further comprises:
a second obtaining module, configured to obtain, according to the gateway session ID, an application identifier list of an accessible application of a user corresponding to the gateway session ID;
a third determining module, configured to determine whether an application identifier of the application to be accessed included in the first HTTP message is located in the application identifier list;
and the fourth determining module is used for determining to send the first HTTP message to the server if the application identifier is located in the application identifier list.
Optionally, the apparatus further comprises:
and the return module is used for returning prompt information representing that the server is not authorized to be accessed to the client if the first HTTP message is determined not to be sent to the server according to the gateway session ID.
A third aspect of the present disclosure provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method provided by the first aspect of the present disclosure.
A fourth aspect of the present disclosure provides an electronic device, comprising:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to implement the steps of the method provided by the first aspect of the present disclosure.
According to the technical scheme, the first Cookie information comprises the gateway session ID and the server session identification information, so that when the gateway receives a first HTTP message carrying the first Cookie information, whether the first HTTP message is sent to the server or not can be determined based on the gateway session ID, when the first HTTP message is determined to be sent to the server, a first target service node used for receiving the first HTTP message is determined, and when the identification information of the first target service node is matched with the identification information of the service node in the server session identification information, the first HTTP message carrying the second Cookie information comprising the server session ID in the server session identification information is sent to the first target service node, so that the first target service node identifies a user according to the server session ID, and further response information is returned to the client of the user, and communication between the client and the server is achieved. Therefore, as additional third-party middleware is not required to be deployed to save the gateway session and the server session, the deployment and maintenance cost can be reduced. In addition, because the first Cookie information comprises the gateway session ID and the server session identification information, the gateway session and the server session do not need to be stored in the first Cookie information, the content in the first Cookie information and the occupied bandwidth thereof are greatly reduced, network congestion is avoided, and the communication efficiency is improved.
Additional features and advantages of the present disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
fig. 1 is a schematic diagram illustrating an implementation scenario of a session holding method according to an exemplary embodiment.
Fig. 2 is a flow chart illustrating a session-hold method according to an example embodiment.
Fig. 3 is a flow diagram illustrating the generation of Cookie information according to an exemplary embodiment.
Fig. 4 is a flow chart illustrating a session-hold method according to another exemplary embodiment.
Fig. 5 is a block diagram illustrating a session-holding device according to an example embodiment.
FIG. 6 is a block diagram illustrating an electronic device in accordance with an example embodiment.
Detailed Description
The following detailed description of specific embodiments of the present disclosure is provided in connection with the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present disclosure, are given by way of illustration and explanation only, not limitation.
In the related art, in a scenario where a gateway is used, session maintenance is mostly achieved in the following two ways. The first session maintaining mode is as follows: and deploying third-party middleware (such as a distributed cache Redis or a database), storing the gateway session and the server session in the third-party middleware, and acquiring or inquiring the session from the third-party middleware by the gateway and the server during communication so as to achieve the purpose of keeping the gateway session and the server session consistent. In this way, there are the following problems: in order to facilitate the gateway and the server to acquire or query the session, the high availability of the third-party middleware needs to be ensured, and security control needs to be added to the third-party middleware to ensure the security of the session stored in the third-party middleware, so that the cost of implementation, deployment and maintenance is high; aiming at the existing non-Spring Cloud application, the service of the application needs to be registered to a scene where a gateway is issued to the outside uniformly, and the original session access method of the application needs to be changed, so that the workload is large.
The second session holding mode is as follows: and storing the gateway session and the server session in the Cookie information, wherein the gateway and the server do not store the sessions. When the client sends a request to the server, the request carries Cookie information, the gateway searches user information from the Cookie information to identify the user when receiving the request, and the server searches the user information from the Cookie information to identify the user when receiving the request. In this way, there are the following problems: the client carries the Cookie information when sending a request to the server every time, and because the Cookie information has more contents and occupies more bandwidth, network congestion is caused, and communication efficiency is influenced; because the length of the Cookie information is limited, the stored session content cannot be excessive, that is, the user information in the session stored by the Cookie information is limited; when the session includes the authority information, the authority information is not safely stored in the Cookie information, the authority information needs to be encrypted for ensuring the safety, and the code complexity is increased.
In view of this, the present disclosure provides a session holding method, a session holding apparatus, a readable storage medium, and an electronic device, so as to ensure communication efficiency.
A possible implementation scenario of the present disclosure is first explained. As shown in fig. 1, the implementation scenario may include a client, a gateway, and a server, and the server may include n service nodes, where the n service nodes may be used to provide the same service (for example, n service nodes are all used to provide a service for querying orders) or different services (for example, service node 1 and service node 2 are used to provide a service for querying orders, service node 3 to service node n are used to provide a service for querying shopping carts, and so on).
In one embodiment, the client automatically sends the access request. For example, when a user logs in the treasure making device, the client firstly sends a login request to the gateway, and actively sends an access request to the gateway after receiving a signal that the login request returned by the gateway passes the audit. After receiving the access request, the gateway sends the access request to the server, so that the server returns response information aiming at the access request, and the client displays the Taobao homepage. In another embodiment, the client sends the access request based on a user's operation. For example, after the client displays the main page of the Taobao, the user can click on an "order" icon in the main page of the Taobao, and the client sends an access request to the gateway based on the click operation of the user. After receiving the access request, the gateway sends the access request to a server corresponding to the order, so that the server returns response information for the access request, and the client displays an order page. It should be noted that the access request or response information between the client and the gateway, and between the gateway and the server are all transmitted in the form of HTTP messages.
A session holding method provided by the embodiment of the present disclosure is described by taking an implementation scenario shown in fig. 1 as an example. Fig. 2 is a flow chart illustrating a session-hold method according to an example embodiment. The method may be applied to the gateway in fig. 1, and as shown in fig. 2, the method may include steps 201 to 203.
In step 201, when a first HTTP message carrying first Cookie information sent by a client is received, a gateway session ID and server session identification information are obtained from the first Cookie information. The server session identification information includes identification information of the service node and a server session ID.
In the disclosure, the first Cookie information is stored in the client, so that the client can insert the first Cookie information into the first HTTP message when sending the first HTTP message. Illustratively, the first Cookie information may be inserted in a header of the first HTTP message.
Further, the identification information of the serving node may include, but is not limited to: IP address information, port information, path information, and domain name information. The present disclosure takes the identification information of the service node including IP address information, port information, path information, and domain name information as an example for explanation.
In one embodiment, the identification information of the service node is a combination of IP address information, port information, path information, and domain name information.
In another embodiment, the identification information of the service node in the session identification information of the service end is encrypted.
Considering that the identification information of the service node is located in the first Cookie information, the first Cookie information is stored in the client and may be changed by a user by mistake, and that the Cookie information in the first HTTP message is transmitted in a plaintext in the transmission process of the first HTTP message, if the combination of the IP address information, the port information, the path information, and the domain name information is directly used as the session identification information of the service end, the security of the session identification information of the service end is low, and therefore, in the present disclosure, the identification information of the service node in the session identification information of the service end is encrypted. That is, the encrypted IP address information, port information, path information, and domain name information are used as the identification information of the service node in the service session identification information. For example, the IP address information, the port information, the path information, and the domain name information may be encrypted using DES (Data Encryption Standard). It should be noted that the present disclosure shows only one encryption method, and other encryption methods are also applicable to the present disclosure.
In step 202, if it is determined to send the first HTTP message to the server according to the gateway session ID, a first target service node for receiving the first HTTP message is determined from a plurality of service nodes of the server.
It should be noted that, both the gateway and the server create a session for the user, and the session includes user information, which at least includes account information and password information. In this disclosure, after obtaining the gateway session ID from the first Cookie information, the gateway may determine a session corresponding to the gateway session ID based on the gateway session ID, identify a user based on user information included in the determined session, and determine whether to send the first HTTP message to the server according to the permission information of the user.
When determining to send the first HTTP message to the server, a first target service node for receiving the first HTTP message is determined from a plurality of service nodes (e.g., n service nodes in fig. 1) of the server.
In one embodiment, a first target service node for receiving a first HTTP message may be determined according to a load balancing policy. The load balancing policy may include polling, weighted polling, minimum connection, weighted minimum connection, etc., and the load balancing policy is not specifically described in this disclosure.
It should be noted that the first target service node for receiving the first HTTP packet may also be determined in other manners, for example, randomly determined in an idle service node, and the like, which is not specifically limited in this disclosure.
In step 203, if the identification information of the first target service node matches the identification information of the service node in the session identification information of the service end, a first HTTP message carrying the second Cookie information is sent to the first target service node. And the second Cookie information comprises a server session ID in the server session identification information.
The service node registers its identification information into the gateway when accessing the gateway, so that the gateway can obtain the identification information of the first target service node when determining the first target service node, and further can determine whether the first target service node creates a session for a user based on the identification information and the identification information of the service node in the service end session identification information.
For example, if the identification information of the first target service node matches the identification information of the service node in the server session identification information, that is, the identification information of the first target service node is consistent with the identification information of the service node in the server session identification information, it is determined that the first target service node creates a session for the user.
After determining that the first target service node creates a session for the user, sending a first HTTP message carrying second Cookie information to the first target service node, wherein the second Cookie information comprises a server session ID in server session identification information. Therefore, after receiving the first HTTP message sent by the gateway, the first target service node searches the session corresponding to the session ID of the server according to the session ID of the server in the second Cookie information so as to identify the user. The gateway sends the packet to the service node, which belongs to the prior art in the field and is not described in detail herein.
In an embodiment, the second Cookie information may include all server session IDs in the first Cookie information. In this way, when the gateway determines that the identification information of the first target service node matches the identification information of the service node in the service-side session identification information, the gateway session ID in the first Cookie information and the identification information of the service node in the service-side session identification information are deleted to generate second Cookie information including the service-side session ID.
However, considering that the second Cookie information occupies more bandwidth when the content included in the second Cookie information is more, in order to further avoid network congestion, the second Cookie information may further include only the server session ID of the server session created by the first target service node in the present disclosure.
Therefore, in another embodiment, the second Cookie information only includes a server session ID of the server session created by the first target service node. In this way, when the gateway determines that the identification information of the first target service node matches the identification information of the service node in the service-side session identification information, the gateway session ID in the first Cookie information, the service-side session identification information of other service nodes except the first target service node, and the identification information of the service node in the service-side session identification information of the first target service node are deleted, so as to generate second Cookie information only including the service-side session ID of the service-side session created by the first target service node.
By adopting the technical scheme, because the first Cookie information comprises the gateway session ID and the server session identification information, when receiving a first HTTP message carrying the first Cookie information, the gateway can determine whether to send the first HTTP message to the server based on the gateway session ID, and when determining to send the first HTTP message to the server, determine a first target service node for receiving the first HTTP message, and when the identification information of the first target service node is matched with the identification information of the service node in the server session identification information, send the first message carrying the second Cookie information comprising the server session ID in the server session identification information to the first target service node, so that the first target HTTP service node identifies the user according to the server session ID, and further return the response information to the client of the user, thereby realizing the communication between the client and the server. Therefore, as additional third-party middleware is not required to be deployed to store the gateway session and the server session, the deployment and maintenance cost can be reduced. In addition, because the first Cookie information comprises the gateway session ID and the server session identification information, the gateway session and the server session do not need to be stored in the first Cookie information, the content in the first Cookie information and the occupied bandwidth thereof are greatly reduced, network congestion is avoided, and the communication efficiency is improved.
In addition, before the step 201, the present disclosure also provides a method for generating Cookie information, and as shown in fig. 3, the method for generating Cookie information may include steps 301 to 308.
In step 301, after receiving a login request sent by a client, the login request is checked according to first user information included in the login request.
In an embodiment, the first user information may include account information, and the gateway may determine, based on the account information, whether a user corresponding to the first user information has a right to log in an application that the user requests to log in, where the log-in request passes the audit if the user has the right, and otherwise, the log-in request does not pass the audit.
In another embodiment, the first user information may include account information and password information, and the gateway determines, according to the account information and the password information included in the first user information, whether the account information and the password information are consistent with the account information and the password information during previous registration, if so, the login request passes the audit, otherwise, the login request does not pass the audit.
In step 302, if the login request passes the audit, a gateway session is created for the user corresponding to the first user information, where the gateway session has a corresponding gateway session ID.
And when the gateway determines that the login request passes the audit, establishing a gateway session for a user corresponding to the first user information, wherein the gateway session can comprise the first user information. And after the gateway creates the gateway session for the user corresponding to the first user information, the gateway session ID may also be allocated to the gateway session, so that the gateway session has the gateway session ID with the unique identifier.
In addition, if the login request is not passed, the gateway can return prompt information to the client. The prompt information may be information prompting that the user fails to pass the audit, may also be information notifying the user of the reason why the login request fails to pass the audit, and may also be information prompting that the user fails to pass the audit and the reason why the login request fails to pass the audit.
In step 303, a second HTTP message sent by the client is received.
Wherein, the second HTTP message does not carry Cookie information.
In step 304, a second target service node for receiving the second HTTP message is determined from the plurality of service nodes of the service end.
After receiving the second HTTP message, the gateway may determine a second target service node for receiving the second HTTP message from the plurality of service nodes of the service end. For example, the gateway may determine a second target service node for receiving the second HTTP packet according to a load balancing policy.
In step 305, a second HTTP message and first user information are sent to a second target service node, so that the second target service node creates a first service end session for a user corresponding to the first user information, and returns a first response message carrying third Cookie information, where the third Cookie information includes a service end session ID of the first service end session.
In this disclosure, when sending the second HTTP message to the second target service node, the gateway further needs to send the first user information to the second target service node, so that when receiving the first user information, the second target service node may create a first service session for a user corresponding to the first user information, where the first service session includes the first user information. In this way, the second target service node may generate third Cookie information including the server session ID of the first server session, insert the third Cookie information into the first response packet, and return the first response packet carrying the third Cookie information to the gateway.
For example, the content in the third Cookie information may be expressed as: the Name = JSESSIONID and the Value = server session ID of the first server session, which may also be denoted as JSESSIONID = server session ID of the first server session. The JSESSIONID in the Cookie information is generally used to indicate the gateway or the client to determine the session corresponding to the current user.
In step 306, after receiving the first response packet, generating server session identification information of the second target service node, where the server session identification information includes the identification information of the second target service node and a server session ID in the third Cookie information.
As described above, the first response packet carries third Cookie information, and the third Cookie information includes the server session ID of the first server session, so that after receiving the first corresponding packet, the gateway may parse the third Cookie information to obtain the server session ID of the first server session included therein, and then generate the server session identification information of the second target service node according to the identification information of the second target service node and the server session ID of the first server session, so that the generated server session identification information of the second target service node includes the identification information of the second target service node and the server session ID in the third Cookie information.
In step 307, fourth Cookie information including the server session identification information of the second target service node and the gateway session ID corresponding to the gateway session is generated.
After the server session identification information of the second target service node is generated, the gateway further generates fourth Cookie information, where the fourth Cookie information includes the server session identification information of the second target service node and a gateway session ID corresponding to the gateway session.
For example, the fourth Cookie information may include two sets of Name-Value pairs, where the first set of Name-Value pairs is used to characterize a gateway session ID corresponding to the gateway session, and in the first set of Name-Value pairs, name = JSESSIONID, and Value = gateway session ID; and a second group of Name-Value pairs is used for representing the server session identification information of the second target service node, in the second group of Name-Value pairs, name = the identification information of the second target service node, and Value = the server session ID of the first server session. Therein, in the second group of Name-Value pairs, name = prefix character + identification information of the second target service node may also be defined, and the prefix character may be, for example, _ up, and so on.
In step 308, a first response packet carrying the fourth Cookie information is sent to the client.
The fourth Cookie information generated in step 307 includes both the server session identification information and the gateway session ID, so that the gateway may insert the fourth Cookie information into the first response packet when sending the first response packet to the client. Therefore, the client can acquire the fourth Cookie information when receiving the first response message, store the fourth Cookie information, and further insert the fourth Cookie information into the HTTP message to be sent when the client sends the HTTP message again, so that conversation during communication among the client, the gateway and the server is kept.
By adopting the technical scheme, the gateway and the service node respectively establish the gateway session and the server session for the user corresponding to the first user information, and the gateway session and the server session do not need to be stored in the third-party middleware or the Cookie information, so that the problem generated when the third-party middleware or the Cookie information is used for storing the session in the related technology can be avoided. Moreover, because the server session identification information in the Cookie information stored by the client includes the identification information of the service node, the gateway can also determine whether to insert the Cookie information into the first HTTP message when sending the first HTTP message to the first target service node according to the determined identification information of the first target service node and the identification information of the service node in the server session identification information.
To facilitate a better understanding of the session maintenance methods provided by the present disclosure, a full embodiment is described below. As shown in fig. 4, the method may include the following steps.
In step 401, when a first HTTP message sent by a client is received, it is determined whether the first HTTP message carries first Cookie information.
In an embodiment, when a first HTTP message sent by a client is received, whether the first HTTP message carries Cookie information is determined. When the client sends the HTTP message for the first time, the HTTP message does not carry Cookie information, or when the Cookie information stored in the client exceeds the life cycle of the client, the HTTP message sent by the client does not carry Cookie information, so that when the first HTTP message sent by the client is received, it is first determined whether the first HTTP message carries the first Cookie information, so as to perform subsequent processing. And if the first Cookie information is carried, executing the step 402, otherwise, generating the Cookie information according to the method for generating the Cookie information. The method for generating Cookie information is shown in fig. 3, and is not described herein again.
In step 402 (201), a gateway session ID and server session identification information are obtained from the first Cookie information.
In step 403, according to the gateway session ID, an application identification list of the accessible application of the user corresponding to the gateway session ID is obtained.
In one embodiment, when the gateway creates a gateway session for a user, an application identification list of an accessible application of the user is obtained based on account information of the user, and the application identification list, account information of the user and password information are stored in the gateway session. In this embodiment, after acquiring the gateway session ID, the gateway may find the gateway session corresponding to the gateway session ID according to the gateway session ID, and acquire the application identifier list of the accessible application of the user corresponding to the gateway session ID from the gateway session.
In another embodiment, the gateway creates a gateway session for the user that does not include the list of application identifications for the user's accessible applications. In this embodiment, after obtaining the gateway session ID, the gateway may find the gateway session corresponding to the gateway session ID according to the gateway session ID, and obtain the user information from the gateway session, and further obtain the application identifier list of the accessible application of the user from the preset permission database based on the user information.
In step 404, it is determined whether the application identifier of the application to be accessed included in the first HTTP message is located in the application identifier list.
In this disclosure, the first HTTP message sent by the client includes an application identifier of an application to be accessed, so that when the gateway receives the first HTTP message, the gateway can obtain the application identifier of the application to be accessed by the user from the first HTTP message.
After the application identification list of the accessible application of the user corresponding to the gateway session ID is obtained in the manner of any of the above embodiments, it is determined whether the application identification of the application to be accessed is located in the application identification list. If not, executing step 405 and step 406, otherwise, executing step 407 and the subsequent steps.
In step 405, it is determined not to send the first HTTP message to the server.
If the application identifier of the application to be accessed is determined not to be located in the application identifier list, it indicates that the user does not have the authority to access the application to be accessed, and at this time, in order to reduce the workload of sending and ensure information security, the gateway determines not to send the first HTTP message to the server.
In step 406, a prompt is returned to the client characterizing no access to the server.
And when the first HTTP message is determined not to be sent to the server, returning prompt information representing the server without the right to access to the client so as to prompt the user corresponding to the client to have no right to access the server.
In step 407, it is determined to send the first HTTP message to the server.
If the application identifier of the application to be accessed is determined to be in the application identifier list, the user is indicated to have the permission to access the application to be accessed, and at the moment, the gateway determines to send a first HTTP message to the server side.
In step 408 (202), a first target service node for receiving the first HTTP message is determined from a plurality of service nodes of the server.
In step 409, it is determined whether the identification information of the first target service node matches the identification information of the service node in the service session identification information.
If so, go to step 410, otherwise go to steps 411 to 414.
In step 410 (203), a first HTTP message carrying the second Cookie information is sent to the first target service node.
In step 411, a first HTTP message not carrying the first Cookie information and second user information of the client are sent to the first target service node, so that the first target service node creates a second server session for a user corresponding to the second user information, and returns a second response message carrying fifth Cookie information, where the fifth Cookie information includes a server session ID of the second server session.
And if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, indicating that the first target service node does not establish a second server session for the user corresponding to the second user information of the client. That is, the server session ID of the second server session created by the first target service node for the user corresponding to the second user information does not exist in the first Cookie information, so that the first Cookie information carried by the first HTTP message can be deleted when the first HTTP message is sent to the first target service node, and the first HTTP message not carrying the first Cookie information is sent to the first target service node.
In addition, in order to identify a user during communication, a first target service node needs to create a session for the user, and therefore, in the present disclosure, when sending a first HTTP packet that does not carry first Cookie information to the first target service node, second user information of a client needs to be sent to the first target service node, so that the first target service node creates a second service session for the user corresponding to the second user information, where the second service session includes the second user information. In this way, the first target service node may generate fifth Cookie information including the server session ID of the second server session, insert the fifth Cookie information into the second response message, and return the second response message carrying the fifth Cookie information to the gateway.
In step 412, after receiving the second response packet, the server session identifier information of the first target service node is generated.
When receiving the second response message, the gateway analyzes the fifth Cookie information carried by the second response message to obtain a server session ID of the second server session, and generates server session identification information of the first target service node according to the identification information of the first target service node and the server session ID of the second server session. The server session identification information of the first target service node includes the identification information of the first target service node and the server session ID in the fifth Cookie information.
In step 413, sixth Cookie information including the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID is generated.
Specifically, in an embodiment, after generating the server session identification information of the first target service node, the gateway deletes the server session ID of the second server session in the fifth Cookie information, and then adds the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID to the fifth Cookie information to generate the sixth Cookie information.
In another embodiment, when the gateway acquires the server session ID of the second server session from the fifth Cookie information, the gateway deletes the fifth Cookie information, and then generates sixth Cookie information including the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID.
In step 414, a second response packet carrying the sixth Cookie information is sent to the client.
After the sixth Cookie information is generated, the gateway inserts the sixth Cookie information into the second response message, and further sends the second response message carrying the sixth Cookie information to the client.
It should be noted that the number of the server session identification information included in the sixth Cookie information is greater than the number of the server session identification information included in the first Cookie information. That is to say, under the condition that the identification information of the first target service node for receiving the first HTTP message, which is determined by the gateway, is not matched with the identification information of the service node in the server session identification information, the sixth Cookie information carried in the second response message returned by the client for the first HTTP message includes not only the server session identification information in the first Cookie information previously stored by the client, but also the server session identification information of the first target service node determined this time. Therefore, after the gateway sends the HTTP message to each service node once according to the load balancing strategy, the Cookie information stored by the client can comprise the server session identification information of each service node, and then the service node can identify the user according to the server session ID in the server session identification information after receiving the HTTP message of the client sent by the gateway again.
Based on the same inventive concept, the present disclosure provides a session holding apparatus. FIG. 5 is a block diagram illustrating a session-holding device according to an exemplary embodiment. The session holding apparatus 50 is applied to a gateway, and the apparatus 50 may include:
a first obtaining module 501, configured to obtain a gateway session ID and server session identification information from first Cookie information when receiving a first HTTP message carrying the first Cookie information and sent by a client, where the server session identification information includes identification information of a service node and a server session ID;
a first determining module 502, configured to determine, if it is determined according to the gateway session ID that the first HTTP packet is sent to a server, a first target service node for receiving the first HTTP packet from a plurality of service nodes of the server;
a first sending module 503, configured to send the first HTTP packet carrying second Cookie information to the first target service node if the identification information of the first target service node matches the identification information of the service node in the service-side session identification information, where the second Cookie information includes the service-side session ID in the service-side session identification information.
Optionally, the apparatus may further include:
the auditing module is used for auditing the login request according to first user information included in the login request after receiving the login request sent by the client;
the creating module is used for creating a gateway session for a user corresponding to the first user information if the login request passes the verification, wherein the gateway session has a corresponding gateway session ID;
the first receiving module is used for receiving a second HTTP message sent by the client;
a second determining module, configured to determine, from a plurality of service nodes of the server, a second target service node for receiving the second HTTP packet;
a second sending module, configured to send the second HTTP message and the first user information to a second target service node, so that the second target service node creates a first service end session for a user corresponding to the first user information, and returns a first response message carrying third Cookie information, where the third Cookie information includes a service end session ID of the first service end session;
a first generating module, configured to generate server session identification information of the second target service node after receiving the first response packet, where the server session identification information includes identification information of the second target service node and the server session ID in the third Cookie information;
a second generating module, configured to generate fourth Cookie information that includes server session identification information of the second target service node and the gateway session ID corresponding to the gateway session;
and the third sending module is used for sending the first response message carrying the fourth Cookie information to the client.
Optionally, the apparatus may further include:
a fourth sending module, configured to send, to the first target service node, a first HTTP message that does not carry the first Cookie information and second user information of the client if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, so that the first target service node creates a second server session for a user corresponding to the second user information, and returns a second response message that carries fifth Cookie information, where the fifth Cookie information includes a server session ID of the second server session;
a third generating module, configured to generate server session identification information of the first target service node after receiving the second response packet, where the server session identification information includes identification information of the first target service node and the server session ID in the fifth Cookie information;
a fourth generating module, configured to generate sixth Cookie information that includes the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID;
and a fifth sending module, configured to send the second response packet carrying the sixth Cookie information to the client.
Optionally, the identification information of the service node in the session identification information of the service end is encrypted.
Optionally, the first determining module 502 may be configured to determine, according to a load balancing policy, a first target service node for receiving the first HTTP packet.
Optionally, the apparatus may further include:
a second obtaining module, configured to obtain, according to the gateway session ID, an application identifier list of an accessible application of a user corresponding to the gateway session ID;
a third determining module, configured to determine whether an application identifier of the application to be accessed included in the first HTTP message is located in the application identifier list;
and the fourth determining module is used for determining to send the first HTTP message to the server if the application identifier is located in the application identifier list.
Optionally, the apparatus may further include:
and the return module is used for returning prompt information representing that the server is not accessed to the client side if the first HTTP message is determined not to be sent to the server side according to the gateway session ID.
With regard to the apparatus in the above embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be described in detail here.
Fig. 6 is a block diagram illustrating an electronic device 600 according to an example embodiment. As shown in fig. 6, the electronic device 600 may include: a processor 601 and a memory 602. The electronic device 600 may also include one or more of a multimedia component 603, an input/output (I/O) interface 604, and a communications component 605.
The processor 601 is configured to control the overall operation of the electronic device 600, so as to complete all or part of the steps of the session maintaining method. The memory 602 is used to store various types of data to support operation at the electronic device 600, such as instructions for any application or method operating on the electronic device 600 and application-related data, such as contact data, transmitted and received messages, pictures, audio, video, and so forth. The Memory 602 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically Erasable Programmable Read-Only Memory (EEPROM), erasable Programmable Read-Only Memory (EPROM), programmable Read-Only Memory (PROM), read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk or optical disk. The multimedia components 603 may include a screen and audio components. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving an external audio signal. The received audio signal may further be stored in the memory 602 or transmitted through the communication component 605. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 604 provides an interface between the processor 601 and other interface modules, such as a keyboard, mouse, buttons, and the like. These buttons may be virtual buttons or physical buttons. The communication component 605 is used for wired or wireless communication between the electronic device 600 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, near Field Communication (NFC), 2G, 3G, 4G, NB-IOT, eMTC, or other 5G, or combinations thereof, which is not limited herein. The corresponding communication component 605 may therefore include: wi-Fi module, bluetooth module, NFC module, etc.
In an exemplary embodiment, the electronic Device 600 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components for performing the above-described session holding method.
In another exemplary embodiment, a computer readable storage medium is also provided, which comprises program instructions, which when executed by a processor, implement the steps of the session holding method described above. For example, the computer readable storage medium may be the memory 602 described above that includes program instructions that are executable by the processor 601 of the electronic device 600 to perform the session maintenance method described above.
In another exemplary embodiment, a computer program product is also provided, which comprises a computer program executable by a programmable apparatus, the computer program having code portions for performing the above-mentioned session holding method when executed by the programmable apparatus.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that the various features described in the above embodiments may be combined in any suitable manner without departing from the scope of the invention. In order to avoid unnecessary repetition, various possible combinations will not be separately described in this disclosure.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure, as long as it does not depart from the spirit of the present disclosure.
Claims (9)
1. A session holding method applied to a gateway, the method comprising:
when a first HTTP message carrying first Cookie information and sent by a client is received, acquiring a gateway session ID and server session identification information from the first Cookie information, wherein the server session identification information comprises identification information of a service node and a server session ID;
if the first HTTP message is determined to be sent to a server according to the gateway session ID, determining a first target service node for receiving the first HTTP message from a plurality of service nodes of the server;
if the identification information of the first target service node is matched with the identification information of the service node in the server session identification information, sending the first HTTP message carrying second Cookie information to the first target service node, wherein the second Cookie information comprises the server session ID in the server session identification information;
if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, sending a first HTTP message not carrying the first Cookie information and second user information of the client to the first target service node so that the first target service node creates a second server session for a user corresponding to the second user information, and returning a second response message carrying fifth Cookie information, wherein the fifth Cookie information comprises a server session ID of the second server session;
after receiving the second response message, generating server session identification information of the first target service node, wherein the server session identification information includes the identification information of the first target service node and the server session ID in the fifth Cookie information;
generating sixth Cookie information comprising server session identification information of the first target service node, the server session identification information in the first Cookie information and the gateway session ID;
and sending the second response message carrying the sixth Cookie information to the client.
2. The method according to claim 1, wherein before receiving a first HTTP message carrying first Cookie information sent by a client, the method further comprises:
after a login request sent by the client is received, verifying the login request according to first user information included in the login request;
if the login request passes the verification, a gateway session is established for the user corresponding to the first user information, and the gateway session has a corresponding gateway session ID;
receiving a second HTTP message sent by the client;
determining a second target service node for receiving the second HTTP message from a plurality of service nodes of the server;
sending the second HTTP message and the first user information to a second target service node, so that the second target service node creates a first service end session for a user corresponding to the first user information, and returns a first response message carrying third Cookie information, wherein the third Cookie information comprises a service end session ID of the first service end session;
after receiving the first response message, generating server session identification information of the second target service node, wherein the server session identification information includes the identification information of the second target service node and the server session ID in the third Cookie information;
generating fourth Cookie information comprising server-side session identification information of the second target service node and the gateway session ID corresponding to the gateway session;
and sending the first response message carrying the fourth Cookie information to the client.
3. The method of claim 1, wherein the identification information of the service node in the server session identification information is encrypted.
4. The method according to claim 1, wherein the determining a first target service node from a plurality of service nodes of the service end for receiving the first HTTP packet comprises:
and determining a first target service node for receiving the first HTTP message according to a load balancing strategy.
5. The method of claim 1, further comprising:
acquiring an application identification list of accessible applications of the user corresponding to the gateway session ID according to the gateway session ID;
determining whether an application identifier of an application to be accessed included in the first HTTP message is located in the application identifier list;
and if the application identifier is located in the application identifier list, determining to send the first HTTP message to the server.
6. The method of claim 1, further comprising:
and if the first HTTP message is determined not to be sent to the server according to the gateway session ID, returning prompt information representing that the server is not accessed to the client.
7. A session holding apparatus, applied to a gateway, the apparatus comprising:
the first acquisition module is used for acquiring a gateway session ID and server session identification information from first Cookie information when receiving a first HTTP message which is sent by a client and carries the first Cookie information, wherein the server session identification information comprises identification information of a service node and a server session ID;
a first determining module, configured to determine, if it is determined according to the gateway session ID that the first HTTP packet is sent to a server, a first target service node for receiving the first HTTP packet from among a plurality of service nodes of the server;
a first sending module, configured to send, to the first target service node, the first HTTP message carrying second Cookie information if the identification information of the first target service node matches the identification information of the service node in the server session identification information, where the second Cookie information includes the server session ID in the server session identification information;
the apparatus may further include:
a fourth sending module, configured to send, to the first target service node, a first HTTP message that does not carry the first Cookie information and second user information of the client if the identification information of the first target service node is not matched with the identification information of the service node in the server session identification information, so that the first target service node creates a second server session for a user corresponding to the second user information, and returns a second response message that carries fifth Cookie information, where the fifth Cookie information includes a server session ID of the second server session;
a third generating module, configured to generate server session identification information of the first target service node after receiving the second response packet, where the server session identification information includes identification information of the first target service node and the server session ID in the fifth Cookie information;
a fourth generating module, configured to generate sixth Cookie information including the server session identification information of the first target service node, the server session identification information in the first Cookie information, and the gateway session ID;
and the fifth sending module is configured to send the second response packet carrying the sixth Cookie information to the client.
8. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
9. An electronic device, comprising:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to carry out the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911235643.3A CN110913011B (en) | 2019-12-05 | 2019-12-05 | Session holding method, session holding device, readable storage medium and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911235643.3A CN110913011B (en) | 2019-12-05 | 2019-12-05 | Session holding method, session holding device, readable storage medium and electronic device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110913011A CN110913011A (en) | 2020-03-24 |
| CN110913011B true CN110913011B (en) | 2022-12-20 |
Family
ID=69823203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911235643.3A Active CN110913011B (en) | 2019-12-05 | 2019-12-05 | Session holding method, session holding device, readable storage medium and electronic device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110913011B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112887756B (en) * | 2021-01-11 | 2023-02-07 | 上海七牛信息技术有限公司 | Multi-input multi-output communication system and method for multimedia micro-service |
| CN113098935B (en) * | 2021-03-24 | 2022-12-30 | 北京顺达同行科技有限公司 | Session keeping method, device and storage medium |
| CN113259429B (en) * | 2021-05-11 | 2023-12-05 | 鸬鹚科技(深圳)有限公司 | Session maintenance management and control method, device, computer equipment and medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1878170A (en) * | 2005-06-06 | 2006-12-13 | 国际商业机器公司 | Method and device for managing session identifiers |
| US7296076B1 (en) * | 2002-10-23 | 2007-11-13 | Cisco Technology, Inc. | Maintaining session persistence without client-supported cookies |
| CN103095857A (en) * | 2011-10-28 | 2013-05-08 | 中兴通讯股份有限公司 | Method of accessing and quitting network and sending messages and network side equipment |
| CN104410650A (en) * | 2014-12-24 | 2015-03-11 | 四川金网通电子科技有限公司 | Method for authenticating user based on Session and Cookie |
| CN107360251A (en) * | 2017-08-16 | 2017-11-17 | 中国工商银行股份有限公司 | Method, system and the load balancing apparatus that session is kept |
| CN107995304A (en) * | 2017-12-13 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of session keeping method and device based on cookie |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247395B (en) * | 2008-03-13 | 2011-03-16 | 武汉理工大学 | ISAPI access control system for Session ID fully transparent transmission |
| CN101340371B (en) * | 2008-08-12 | 2011-09-21 | 杭州华三通信技术有限公司 | Session keeping method and load balance apparatus |
| CN103457869A (en) * | 2013-08-28 | 2013-12-18 | 北京星网锐捷网络技术有限公司 | Conversation maintaining method and device |
| CN103986720B (en) * | 2014-05-26 | 2017-11-17 | 网之易信息技术(北京)有限公司 | A kind of login method and device |
| CN105897694B (en) * | 2016-03-25 | 2019-02-26 | 网宿科技股份有限公司 | A kind of client session recognition methods and system |
-
2019
- 2019-12-05 CN CN201911235643.3A patent/CN110913011B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7296076B1 (en) * | 2002-10-23 | 2007-11-13 | Cisco Technology, Inc. | Maintaining session persistence without client-supported cookies |
| CN1878170A (en) * | 2005-06-06 | 2006-12-13 | 国际商业机器公司 | Method and device for managing session identifiers |
| CN103095857A (en) * | 2011-10-28 | 2013-05-08 | 中兴通讯股份有限公司 | Method of accessing and quitting network and sending messages and network side equipment |
| CN104410650A (en) * | 2014-12-24 | 2015-03-11 | 四川金网通电子科技有限公司 | Method for authenticating user based on Session and Cookie |
| CN107360251A (en) * | 2017-08-16 | 2017-11-17 | 中国工商银行股份有限公司 | Method, system and the load balancing apparatus that session is kept |
| CN107995304A (en) * | 2017-12-13 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of session keeping method and device based on cookie |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110913011A (en) | 2020-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108616490B (en) | Network access control method, device and system | |
| CN109474916B (en) | Equipment authentication method, device and machine readable medium | |
| EP3752947B1 (en) | Protecting a message transmitted between core network domains | |
| EP2959632B1 (en) | Augmenting name/prefix based routing protocols with trust anchor in information-centric networks | |
| US9264430B2 (en) | Obtaining targeted services using a unique identification header (UIDH) | |
| CN110913011B (en) | Session holding method, session holding device, readable storage medium and electronic device | |
| CN110311929B (en) | Access control method and device, electronic equipment and storage medium | |
| US20220360989A1 (en) | Methods, systems, and computer readable media for generating and using single-use oauth 2.0 access tokens for securing specific service-based architecture (sba) interfaces | |
| US10904220B2 (en) | Provisioning using a generic configuration | |
| CN111355986B (en) | Message processing method and device in live broadcast room and storage medium | |
| CN105722072A (en) | Business authorization method, device, system and router | |
| CN113746788A (en) | Data processing method and device | |
| KR20170033267A (en) | Method for processing request message in wireless communication system and apparatus therefor | |
| CN117280656A (en) | Methods, systems, and computer readable media for hiding network function instance identifiers | |
| US20230254146A1 (en) | Cybersecurity guard for core network elements | |
| US20200267189A1 (en) | Lawful interception security | |
| CN112087412B (en) | Service access processing method and device based on unique token | |
| US9313627B2 (en) | Multimedia messaging service (MMS) originator authentication | |
| CN108259454B (en) | Portal authentication method and device | |
| Schulz et al. | d 2 Deleting Diaspora: Practical attacks for profile discovery and deletion | |
| US8881241B2 (en) | Method of and system for implementing privacy control | |
| CN114584558A (en) | Cloud edge cooperative distributed API gateway system and API calling method | |
| US10305857B2 (en) | Technique for obtaining a policy for routing requests emitted by a software module running on a client device | |
| KR100463751B1 (en) | Method for generating packet-data in wireless-communication and method and apparatus for wireless-communication using that packet-data | |
| US20240114323A1 (en) | Apparatus and method for providing service function chaining service exposure in wireless communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |