阅读说明：本技术 基于代理服务器的海波龙系统单点登录方法、系统及终端 (Single sign-on method, system and terminal of Syngnathus system based on proxy server ) 是由 顾留中 尹洋 王沛 王永志 于 2021-07-06 设计创作，主要内容包括：本发明公开了一种基于代理服务器的海波龙系统单点登录方法,包括：获取用户浏览器发起访问海波龙系统的请求；获取用户通过多种登录方式登录的登录信息；根据登录信息判断用户的合法性；若是合法用户,则将请求信息发送到海波龙系统页面；从海波龙系统页面中获取用户浏览器上一次的登录信息；根据登录信息解析HTTP头,重新构建HTTP头得到新的访问请求,将新的访问请求发送给海波龙系统的服务器；接收海波龙系统服务器反馈的请求结果；将所述请求结果转发给用户浏览器；若不是合法用户,则跳转到用户登录页面。该方法无需修改海波龙系统程序,灵活扩展海波龙系统的登录方式,能和企业的业务进行深层次结合,更符合企业的应用需求。(The invention discloses a single sign-on method of a Syngnathus system based on a proxy server, which comprises the following steps: acquiring a request for accessing a Hapion system initiated by a user browser; acquiring login information of a user logged in through a plurality of login modes; judging the legality of the user according to the login information; if the user is a legal user, sending the request information to a page of the Haibolon system; acquiring last login information of a user browser from a page of a Hapion system; analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system; receiving a request result fed back by a server of the Hapiolong system; forwarding the request result to a user browser; and if the user is not a legal user, jumping to a user login page. The method does not need to modify the program of the Hapiolong system, flexibly expands the login mode of the Hapiolong system, can be deeply combined with the business of an enterprise, and better meets the application requirement of the enterprise.)

1. A single sign-on method of a Syngnathus system based on a proxy server is characterized by comprising the following steps:

acquiring a request for accessing a Hapion system initiated by a user browser;

acquiring login information of a user logged in through a plurality of login modes;

judging the legality of the user according to the login information;

if the user is a legal user, sending the request information to a page of the Haibolon system;

acquiring last login information of a user browser from a page of a Hapion system;

analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system;

receiving a request result fed back by a server of the Hapiolong system;

forwarding the request result to a user browser;

if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again.

2. The method of claim 1, wherein said reconstructing the HTTP header for a new access request comprises adding a HYPLOGIN username to the HTTP header, wherein the username is consistent with a Syngnathus System login name.

3. The method of claim 1, wherein the means for logging in comprises: username password, oauth2, and third party application authorization.

4. The method of claim 3, wherein the third party applications include WeChat, Business WeChat, and nailing.

5. A single sign-on system of a Syngnathus system based on a proxy server, comprising: a first acquisition module, a second acquisition module, an analysis module, a receiving module and a forwarding module,

the first acquisition module is used for acquiring a request for a user browser to initiate access to the Hapiongrong system;

the second acquisition module is used for acquiring login information of a user logged in through a plurality of login modes;

the analysis module judges the legality of the user according to the login information;

if the user is a legal user, sending the request information to a page of the Haibolon system;

acquiring last login information of a user browser from a page of a Hapion system;

analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system;

if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again;

the receiving module is used for receiving a request result fed back by the Hapiolong system server;

and the forwarding module is used for forwarding the received request result to the user browser.

6. The system of claim 5, wherein reconstructing the HTTP header in the analysis module to obtain the new access request specifically comprises adding a HYPLOGIN username to the HTTP header, wherein the username is consistent with the Syngnathus System login name.

7. The system of claim 5, wherein the means for logging in comprises: username password, oauth2, and third party application authorization.

8. The system of claim 7, wherein the third party applications include WeChat, Business WeChat, and nailing.

9. An intelligent terminal comprising a processor, an input device, an output device and a memory, the processor, the input device, the output device and the memory being interconnected, the memory being adapted to store a computer program, the computer program comprising program instructions, characterized in that the processor is configured to invoke the program instructions to perform the method according to any of claims 1-4.

10. A computer-readable storage medium, characterized in that the computer storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to perform the method according to any of claims 1-4.

Technical Field

The invention relates to the technical field of software, in particular to a single sign-on method, a single sign-on system, a single sign-on terminal and a single sign-on medium of a Syngnathus system based on a proxy server.

Background

Oracle Hypersion (hereinafter referred to as Haibolon) is a financial reporting system used by many enterprises, and because the system is not updated for many years, the single sign-on implementation is complex. The scheme provided by the official now is in the forms of Oracle single sign-on, Oracle Access Manager, SiteMinder, X509 certificates, etc.

The prior art realizes the single sign-on of the hypo-ronchium system and has the following problems:

1. the single sign-on needs to be realized by modifying a Hapiolong system to increase the unstable factors of the system, and the single sign-on depends on other systems of Oracle.

2. Additional payment is required to purchase the official single sign-on system, and the purchased system is not necessarily single sign-on with the application inside the enterprise.

3. The enterprise can not log in by modern popular modes such as WeChat and nailing.

Disclosure of Invention

Aiming at the defects in the prior art, the embodiment of the invention provides a single sign-on method, a single sign-on system, a single sign-on terminal and a single sign-on medium of a Syngnathus system based on a proxy server, which do not need to modify the program of the Syngnathus system, flexibly extend the sign-on mode of the Syngnathus system and can be deeply combined with the business of enterprises.

In a first aspect, an embodiment of the present invention provides a single sign-on method for a seadragon system based on a proxy server, including:

acquiring a request for accessing a Hapion system initiated by a user browser;

acquiring login information of a user logged in through a plurality of login modes;

judging the legality of the user according to the login information;

if the user is a legal user, sending the request information to a page of the Haibolon system;

acquiring last login information of a user browser from a page of a Hapion system;

analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system;

receiving a request result fed back by a server of the Hapiolong system;

forwarding the request result to a user browser;

if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again.

In a second aspect, an embodiment of the present invention provides a single sign-on system for a marine dragon system based on a proxy server, including: a first acquisition module, a second acquisition module, an analysis module, a receiving module and a forwarding module,

the first acquisition module is used for acquiring a request for a user browser to initiate access to the Hapiongrong system;

the second acquisition module is used for acquiring login information of a user logged in through a plurality of login modes;

the analysis module judges the legality of the user according to the login information;

if the user is a legal user, sending the request information to a page of the Haibolon system;

acquiring last login information of a user browser from a page of a Hapion system;

analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system;

if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again;

the receiving module is used for receiving a request result fed back by the Hapiolong system server;

and the forwarding module is used for forwarding the received request result to the user browser.

In a third aspect, an intelligent terminal provided in an embodiment of the present invention includes a processor, an input device, an output device, and a memory, where the processor, the input device, the output device, and the memory are connected to each other, the memory is used to store a computer program, the computer program includes program instructions, and the processor is configured to call the program instructions to execute the method described in the foregoing embodiment.

In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, in which a computer program is stored, the computer program including program instructions, which, when executed by a processor, cause the processor to execute the method described in the above embodiment.

The invention has the beneficial effects that:

the single sign-on method, the single sign-on system, the single sign-on terminal and the single sign-on medium of the Syngnathus system based on the proxy server are provided by the embodiment of the invention, the program of the Syngnathus system is not required to be modified, the sign-on mode of the Syngnathus system is flexibly expanded, the registration method can be deeply combined with the business of an enterprise, and the application requirements of the enterprise are better met.

Drawings

In order to more clearly illustrate the detailed description of the invention or the technical solutions in the prior art, the drawings that are needed in the detailed description of the invention or the prior art will be briefly described below. Throughout the drawings, like elements or portions are generally identified by like reference numerals. In the drawings, elements or portions are not necessarily drawn to scale.

Fig. 1 shows a flowchart of a single sign-on method for a proxy-based hypotrons system according to a first embodiment of the present invention;

fig. 2 shows a block diagram of a single sign-on system of a seadragon system based on a proxy server according to a second embodiment of the present invention;

fig. 3 shows a block diagram of an intelligent terminal according to a third embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.

As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".

It is to be noted that, unless otherwise specified, technical or scientific terms used herein shall have the ordinary meaning as understood by those skilled in the art to which the invention pertains.

As shown in fig. 1, a flowchart of a single sign-on method for a seadragon system based on a proxy server according to a first embodiment of the present invention is shown, where the method includes:

acquiring a request for accessing a Hapion system initiated by a user browser;

acquiring login information of a user logged in through a plurality of login modes;

judging the legality of the user according to the login information;

if the user is a legal user, sending the request information to a page of the Haibolon system;

acquiring last login information of a user browser from a page of a Hapion system;

analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system;

receiving a request result fed back by a server of the Hapiolong system;

forwarding the request result to a user browser;

if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again.

The embodiment of the invention provides a single sign-on method of a Syngnathus system based on a proxy server, which can be applied to the single sign-on system of the Syngnathus system based on the proxy server. Open navigation menu management- > Shared Services Console. And then opens the menu management- > configures the user directory. Switching to the Security option enables SSO in a Single sign-on configuration, the SSO provider or agent selects the other, SSO mechanism: the custom HTTP header fills in HYPLOGIN. The hypotong system is then restarted. The data interaction can be realized only by setting a user authentication mode of the Hapion system and agreeing an authentication format with the Hapion system in advance without modifying a program of the Hapion system. The agreed authentication format is as follows: and adding a HYPLOGIN (user name) to an HTTP header in a user browser request. In this embodiment, the step of reconstructing the HTTP header to obtain the new access request specifically includes adding a user name, which is a hybrid name, to the HTTP header, where the user name is consistent with the registration name of the marine dragon system. The user logs in through a plurality of login modes, wherein the login modes comprise: username password, oauth2, and third party applications including WeChat, Enterprise WeChat, and nailing, among others. And sending the reconstructed HTTP request to a Syngnathus system server, receiving a request result fed back by the Syngnathus system server, and forwarding the fed-back request result to a user browser. In the specific implementation process, the method of the embodiment of the invention is not limited to the use of an oracle official scheme, and can also be implemented by flexibly using various technologies such as java, php, python and the like.

According to the single sign-on method of the Syngnathus system based on the proxy server, provided by the embodiment of the invention, the sign-on mode of the Syngnathus system is flexibly expanded without modifying the program of the Syngnathus system, and the method can be deeply combined with the business of an enterprise and better meet the application requirements of the enterprise.

In the first embodiment, a single sign-on method for a habotai system based on a proxy server is provided, and correspondingly, the application also provides a single sign-on system for a habotai system based on a proxy server. Please refer to fig. 2, which is a block diagram illustrating a single sign-on system of a habotong system based on a proxy server according to a second embodiment of the present invention. Since the apparatus embodiments are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for relevant points. The device embodiments described below are merely illustrative.

As shown in fig. 2, a block diagram of a single sign-on system of a seadragon system based on a proxy server according to a second embodiment of the present invention is shown, where the system includes: the system comprises a first acquisition module, a second acquisition module, an analysis module, a receiving module and a forwarding module, wherein the first acquisition module is used for acquiring a request initiated by a user browser for accessing the Hapiongrong system; the second acquisition module is used for acquiring login information of a user logged in through a plurality of login modes; the analysis module judges the legality of the user according to the login information; if the user is a legal user, sending the request information to a page of the Haibolon system; acquiring last login information of a user browser from a page of a Hapion system; analyzing the HTTP header according to the login information, reconstructing the HTTP header to obtain a new access request, and sending the new access request to a server of the Syngnathus system; if the user is not a legal user, the login information of the user logged in through a plurality of login modes is obtained again; the receiving module is used for receiving a request result fed back by the Hapiolong system server; and the forwarding module is used for forwarding the received request result to the user browser. The login method comprises the following steps: username password, oauth2, and third party application authorization. The third-party application comprises application programs such as WeChat, enterprise WeChat and nailing.

The method specifically comprises the step of adding a HYPLOGIN (user name) to the HTTP header, wherein the step of reconstructing the HTTP header in the analysis module to obtain a new access request comprises the step of adding the HYPLOGIN to the HTTP header, and the user name is consistent with the registration name of the Haplon system.

The foregoing is a description of an embodiment of a single sign-on system of a marine dragon system based on a proxy server according to a second embodiment of the present invention.

The single sign-on system of the Syngnathus system based on the proxy server and the single sign-on method of the Syngnathus system based on the proxy server provided by the invention have the same inventive concept and the same beneficial effects, and are not repeated herein.

As shown in fig. 3, a block diagram of an intelligent terminal according to a third embodiment of the present invention is shown, where the terminal includes a processor, an input device, an output device, and a memory, where the processor, the input device, the output device, and the memory are connected to each other, the memory is used to store a computer program, and the computer program includes program instructions, and the processor is configured to call the program instructions to execute the method described in the foregoing embodiment.

It should be understood that in the embodiments of the present invention, the Processor may be a Central Processing Unit (CPU), and the Processor may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

The input device may include a touch pad, a fingerprint sensor (for collecting fingerprint information of a user and direction information of the fingerprint), a microphone, etc., and the output device may include a display (LCD, etc.), a speaker, etc.

The memory may include both read-only memory and random access memory, and provides instructions and data to the processor. The portion of memory may also include non-volatile random access memory. For example, the memory may also store device type information.

In a specific implementation, the processor, the input device, and the output device described in the embodiments of the present invention may execute the implementation described in the method embodiments provided in the embodiments of the present invention, and may also execute the implementation described in the system embodiments in the embodiments of the present invention, which is not described herein again.

The invention also provides an embodiment of a computer-readable storage medium, in which a computer program is stored, which computer program comprises program instructions that, when executed by a processor, cause the processor to carry out the method described in the above embodiment.

The computer readable storage medium may be an internal storage unit of the terminal described in the foregoing embodiment, for example, a hard disk or a memory of the terminal. The computer readable storage medium may also be an external storage device of the terminal, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the terminal. Further, the computer-readable storage medium may also include both an internal storage unit and an external storage device of the terminal. The computer-readable storage medium is used for storing the computer program and other programs and data required by the terminal. The computer readable storage medium may also be used to temporarily store data that has been output or is to be output.

Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the terminal and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed terminal and method can be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.

Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the present invention, and they should be construed as being included in the following claims and description.