[go: up one dir, main page]

CN114363397A - Session processing method, device, electronic equipment and storage medium - Google Patents

Session processing method, device, electronic equipment and storage medium Download PDF

Info

Publication number
CN114363397A
CN114363397A CN202111526643.6A CN202111526643A CN114363397A CN 114363397 A CN114363397 A CN 114363397A CN 202111526643 A CN202111526643 A CN 202111526643A CN 114363397 A CN114363397 A CN 114363397A
Authority
CN
China
Prior art keywords
session
client
server
data
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111526643.6A
Other languages
Chinese (zh)
Other versions
CN114363397B (en
Inventor
赵广洋
朱士松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba China Co Ltd
Original Assignee
Alibaba China Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba China Co Ltd filed Critical Alibaba China Co Ltd
Priority to CN202111526643.6A priority Critical patent/CN114363397B/en
Publication of CN114363397A publication Critical patent/CN114363397A/en
Application granted granted Critical
Publication of CN114363397B publication Critical patent/CN114363397B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Computer And Data Communications (AREA)

Abstract

The embodiment of the application provides a session processing method, a session processing device, an electronic device and a storage medium, wherein the method comprises the following steps: determining a session identifier, and establishing connection with a first client and a first server respectively so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end; receiving a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier; and establishing connection with the second client, and sending the session data corresponding to the session identification to the second client. The embodiment of the application can improve the security of session sharing.

Description

Session processing method, device, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a session processing method, a session processing apparatus, an electronic device, and a storage medium.
Background
In the cloud-based operation and maintenance scene, a plurality of users are required to operate and maintain the same server at the same time. For example, in an after-sales support scenario on the cloud, customer service personnel need to share the user's session to assist in troubleshooting.
Currently, session sharing is generally implemented by using remote assistance technology. Specifically, the controlled terminal provides an account and a password, and the control terminal remotely logs in the controlled terminal according to the account and the password of the controlled terminal so as to remotely assist the controlled terminal.
In the current session sharing method, an account and a password of a controlled terminal are provided for a control terminal, which may cause information leakage of the controlled terminal, so that the security of session sharing is low.
Disclosure of Invention
The embodiment of the application provides a session processing method to improve the security of session sharing.
Correspondingly, the embodiment of the application also provides a session processing device, an electronic device and a storage medium, which are used for realizing the implementation and the application of the method.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first server, and the method is applied to a second server, and the method includes:
determining a session identifier, and establishing connection with a first client and a first server respectively so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end;
receiving a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
and establishing connection with the second client, and sending the session data corresponding to the session identification to the second client.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first service end, and the method is applied to a second client, and the method includes:
sending a session sharing request to a second server by calling an application programming interface; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
establishing connection with a second server, and receiving session data which is sent by the second server and corresponds to the session identifier; the second server is respectively connected with the first client and the first server so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service terminal.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first service end, and the method is applied to the first client, and the method includes:
receiving a session identifier and establishing connection with a second server; the second server is also connected with the first server to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first service end, and the method is applied to the first service end, and the method includes:
establishing connection with a second server; the second server is also connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first service, and the method includes:
the first client sends a connection request to the second server based on the application programming interface;
the second server side sends a first connection address and a session identifier to the first client side according to the connection request;
the first client establishes connection with the second server according to the first connection address;
after establishing connection with the first client, the second server establishes connection with the first server so as to establish a session between the first client and the first server, transfer session data and send the session data to the second client; the session data is session data between the first client and the first service terminal.
In order to solve the above problem, an embodiment of the present application discloses a session processing method, where the session corresponds to a session between a first client and a first server, and the method includes:
the second client sends a session sharing request to the second server based on the application programming interface;
the second server sends a second connection address to the second client according to the session sharing request;
the second client establishes connection with the second server according to the second connection address;
the second server side sends session data to the second client side; the second server is connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service terminal.
In order to solve the above problem, an embodiment of the present application discloses a session processing apparatus, where the session corresponds to a session between a first client and a first server, and the apparatus is applied to a second server, and the apparatus includes:
a determining module, configured to determine a session identifier;
the first connection module is used for establishing connection with the first client and the first server respectively so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end;
the receiving module is used for receiving a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
the second connection module is used for establishing connection with a second client;
and the sending module is used for sending the session data corresponding to the session identification to the second client.
In order to solve the above problem, an embodiment of the present application discloses an electronic device, including: a processor; and a memory having executable code stored thereon, which when executed, causes the processor to perform the method of any of the above embodiments.
To address the above issues, embodiments of the present application disclose one or more machine-readable media having executable code stored thereon that, when executed, cause a processor to perform a method as described in any of the above embodiments.
Compared with the prior art, the embodiment of the application has the following advantages:
in the technical scheme of the embodiment of the application, a session sharing request sent by a second client based on an application programming interface is received, and session data corresponding to a session identifier is shared to the second client according to the session identifier in the session sharing request. According to the embodiment of the application, the session sharing can be realized under the condition that the account and the password of the first client are not used, so that the security of the session sharing can be improved.
Drawings
FIG. 1 is a block diagram of a session processing system according to an embodiment of the present application;
fig. 2 is a flowchart illustrating steps of a method for establishing a connection between a first client and a second server according to an embodiment of the present application;
FIG. 3 is a flow chart of steps of a method of session establishment according to one embodiment of the present application;
FIG. 4 is a flow diagram of steps in a method of session processing according to one embodiment of the present application;
FIG. 5 is a flow diagram illustrating steps in a method for session handling according to one embodiment of the present application;
FIG. 6 is a schematic illustration of a method of sharing session data according to an embodiment of the present application;
FIG. 7 is a flow diagram of steps in a method of session processing according to one embodiment of the present application;
FIG. 8 is a flow diagram of steps in a method of session processing according to one embodiment of the present application;
FIG. 9 is a flow diagram of steps in a method of session processing according to one embodiment of the present application;
FIG. 10 is a block diagram of a session processing apparatus according to an embodiment of the present application;
FIG. 11 is a block diagram of a session processing apparatus according to an embodiment of the present application;
fig. 12 is a schematic structural diagram of a session processing apparatus according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of an exemplary apparatus provided in one embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, the present application is described in further detail with reference to the accompanying drawings and the detailed description.
In the embodiment of the present application, a session may refer to data that may be interacted between a client of a user and a service running on a server. Session data may refer to a collection of data related to a user's session.
In some embodiments, the session may correspond to a session between the first client and the first service. The number of the first clients may be one or more, and the number of the first service clients may be one or more. The embodiment of the present application mainly takes a session between one first client and one first service end as an example, and a session processing procedure is described, where a session processing procedure corresponding to a session between a plurality of first clients and one first service end and a session processing procedure corresponding to a session between one first client and a plurality of first service ends are referred to each other. The session sharing in the embodiment of the present application may mean that the session data of the first client is shared by the second client.
Referring to fig. 1, a schematic structural diagram of a session processing system according to an embodiment of the present application is shown, where the system specifically includes: the system comprises a first client 101, a second client 102, a first server 103 and a second server 104, wherein the second server 104 is connected with the first client 101, the second client 102 and the first server 103 respectively.
The first service terminal 103 may provide a service to the first client terminal 101. The services may include: a mail service, an instant messaging service, a television service, a news service, a multimedia service, or the like. The services may include: and (4) cloud service.
The cloud service obtains the required service in an on-demand and easily-extensible manner through the network, and the service can be IT (Internet Technology) and software, related to the Internet, other services (such as computing services) and the like. Examples of cloud services may include: the resource service, the resource corresponding to the resource service may include: servers, network technologies, storage and data center space, etc. For example, server resources of a cloud service may include: ECS (Elastic computing Service), and the like.
In one implementation, a proxy may be run on the first service end 103, and the proxy may communicate with the first client 101 to transfer session-related data.
The second server 104 may provide a session management service, establish a session between the first client 101 and the first server 103, transfer session data, and share the session data between the first client 101 and the first server 103 to the second client 102.
In a specific implementation, the second server 104 may provide an Application Programming Interface (API), which can be called by the second client 102 to send the session sharing request. The session sharing request may include a session identifier, and thus, session data corresponding to the session identifier may be shared with the second client according to the session sharing request. According to the embodiment of the application, the session sharing can be realized under the condition that the account and the password of the first client are not used, so that the security of the session sharing can be improved.
Method embodiment one
This embodiment explains a session processing procedure on the first client side.
The first client can receive the session identifier and establish connection with the second server in the session processing process. The second server is also connected with the first server to establish a session between the first client and the first server and transfer session data; the session data may be session data between the first client and the first server; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request can be obtained based on an application programming interface; the session sharing request may include a session identification.
Referring to fig. 2, a flowchart illustrating steps of a method for establishing a connection between a first client and a second server according to an embodiment of the present application is shown, where the method specifically includes the following steps:
step 201, a first client sends a connection request to a second server based on an application programming interface;
step 202, the second server checks the connection request, and returns the first connection address and the session identifier to the first client after the connection request passes the check;
step 203, the first client establishes connection with the second server according to the first connection address.
In step 201, the first client may send a connection request to the second server by calling an application programming interface, where the connection request may be used to connect to the first server.
In practical applications, the connection request may include: and the service information corresponding to the first service end is used for determining the first service end requesting connection. The service information corresponding to the first service end may be: a service address corresponding to the first service end, or a service identifier corresponding to the first service end, and the like. For example, in a case where the first service end corresponds to a cloud service, the service information may be an identification of the ECS instance. It can be understood that the embodiment of the present application does not impose a limitation on the service information carried in the connection.
In step 202, the connection request is checked to determine whether the connection request meets the requirements.
In a specific implementation, the connection request may include: the first authentication information may be verified.
The embodiment of the present application does not impose a limitation on the type of the first authentication information. For example, the types of the first authentication information may include: and (5) account authentication. As another example, the type of the first authentication information may include: token authentication. For another example, the type of the first authentication information may include: AK/SK authentication.
Wherein, AK (Access Key ID) is used to represent the user, and SK (private Access Key) is used to encrypt the authentication string. AK/SK authentication uses symmetric encryption and decryption.
In practical application, a client may apply for AK, a server may generate SK, store a mapping relationship between AK and SK, and return AK and SK to the client.
The first client may generate a first authentication string by using the first SK and an authentication mechanism, and carry the first AK and the first authentication string in the connection request. After receiving the connection request, the second server side inquires the mapping relation according to the first AK to obtain a first SK; and generating a second authentication character string by using the first SK and the authentication mechanism, comparing the second authentication character string with the first authentication character string contained in the connection request, and if the comparison is successful, determining that the connection request passes the verification.
The session identification may be used to uniquely identify the session. In practical application, the session identifier may be generated according to a preset algorithm. The preset algorithm may include: a random number generation algorithm. Alternatively, the preset algorithm may include: a combination of a predetermined character string and a random number, and the like. It is to be understood that the embodiments of the present application do not impose any limitation on the specific session identifier and the generation method thereof.
The first connection address may correspond to the session identifier for establishing a connection corresponding to the session identifier. The embodiment of the present application does not limit the connection type corresponding to the first connection address. For example, the connection types may include: an HTTP (hypertext Transfer Protocol) connection, or a WebSocket (web socket) connection, and the like.
Taking the WebSocket connection as an example, after the connection request passes the verification, the second server may return a WebSocket Url (Uniform Resource Locator) to the first client.
In step 203, the first client may establish a connection with the second server according to the first connection address and the specification of the connection protocol. For example, in the case of using a WebSocket connection, a connection may be established with the second server according to the specification of the WebSocket protocol. It is understood that the embodiments of the present application do not impose limitations on the specific connection process.
The session identifier received by the first client may be known by a user of the first client, and may be transferred to a user of the second client, so that the second client initiates a corresponding session sharing request for the session identifier.
After the connection with the second server and the connection between the second server and the first server are established, the corresponding session is established, and the first client and the first server can communicate. The specific communication process may include: the first client sends input data to the first server, and/or the first server sends output data to the first client.
In an implementation manner, after the second server establishes a connection with the first server, a first notification may be sent to the first client, where the first notification is used to notify that the session of the first client is completely established, and in this case, the first client and the first server may communicate.
In practical application, the first client can show a session interface. The session interface can include: the session data specifically includes: input data, and/or output data. The session interface may be a graphical interface or the session interface may be a command line interface. The Graphical User Interface (GUI) refers to a computer operation User Interface displayed in a Graphical manner. A Command Line Interface (CLI) generally does not support a mouse, and a user inputs an instruction through a keyboard, and a computer executes the instruction after receiving the instruction.
In the case where the session interface is a command line interface, the format of the session data may be in a command line format. In particular, the input data or the output data may be a binary stream in a command line format. According to the characteristics of simple and light command lines, the embodiment of the application can reduce the data transmission amount in the communication process and improve the conversation efficiency.
For example, in a fault handling scenario of a cloud service, fault detection can be performed quickly according to a command line. For example, in the case of determining whether the network is clear, the diagnosis may be performed using a ping command, specifically, an IP (Internet Protocol) address of a machine corresponding to a ping cloud service on a local machine of the first client, and whether the network is clear is determined according to a returned packet.
In summary, according to the session processing method in the embodiment of the present application, the session identifier may be obtained through communication between the first client and the second server, and a session between the first client and the first server may also be suggested to provide conditions for subsequent session sharing.
Method embodiment two
This embodiment explains a session processing procedure of the first service end side.
The first service end serves as one end, opposite to the first client end, in the conversation and can be used for providing services for the first client end. For example, a first server may provide ECS services to a first client.
In the embodiment of the application, a first server can establish connection with a second server; the second server is also connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data may be session data between the first client and the first server; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request can be obtained based on an application programming interface; the session sharing request may include a session identification.
In an implementation manner, the process of establishing a connection between the first service end and the second service end may specifically include: after establishing connection with the first client, the second server sends a second notification to the first server, wherein the notification is used for notifying the first server to establish connection with the second server; the second notification may include information such as the first connection address; after receiving the second notification, the first server may establish a connection with the second server according to the first connection address.
In practical applications, the first service end and the second service end may be located in a local area network environment. For example, in a scenario of a cloud service, the first server may correspond to an application program inside a cloud service operator. The second server may send the second notification to the first server using a channel within the local area network. And the input port of the first server can be in a closed state, so as to prevent illegal equipment from being accessed through the input port of the first server, and further improve the security of session sharing.
Of course, the above-mentioned sending the second notification to the first service end by using the channel inside the local area network, and the ingress port of the first service end is in the closed state, which is only an optional embodiment, actually, the ingress port of the first service end may also be in the open state, and in this case, the notification may be sent to the first service end through the ingress port of the first service end.
Referring to fig. 3, a flowchart illustrating steps of a session establishment method according to an embodiment of the present application is shown, which may specifically include the following steps:
step 301, the first client sends a connection request to the second server based on the application programming interface;
step 302, the second server checks the connection request, and returns the first connection address and the session identifier to the first client after the connection request passes the check;
step 303, the first client establishes a connection with the second server according to the first connection address;
step 304, after establishing connection with the first client, the second server sends a second notification to the first server;
and 305, the first service end establishes connection with the second service end according to the second notice.
In a specific implementation, the second server may establish a WebSocket connection with the first client, and the second server may establish a WebSocket connection with the first server, which, of course, is not limited to a specific connection type in this embodiment of the present application,
through the above steps, the first client can remotely log in to the first service end without a password by means of the second service end, and send a command to the first service end in a manner of a command line, for example.
Method embodiment three
This embodiment explains a session processing procedure on the second client side.
Referring to fig. 4, a flowchart illustrating steps of a session processing method according to an embodiment of the present application is shown, which may specifically include the following steps:
step 401, sending a session sharing request to a second server by calling an application programming interface; the session sharing request can be obtained based on an application programming interface; the session sharing request can include a session identifier;
step 402, establishing connection with a second server, and receiving session data which is sent by the second server and corresponds to the session identifier; the second server is respectively connected with the first client and the first server so as to establish a session between the first client and the first server and transfer session data; the session data may be session data between the first client and the first server.
The second client may be a terminal for which there is a session sharing requirement. For example, in a cloud after-sales support scenario, customer service personnel need to share a session of a user to assist in troubleshooting; the second client may be a terminal corresponding to the customer service staff. Of course, the embodiment of the present application does not impose any limitation on the specific second client.
In practical applications, the second client may obtain the application programming interface and the session identifier in advance. The user of the second client may obtain the session identifier from the user of the first client via instant messaging or the like. For example, the user of the first client may transfer the session identifier to the user of the second client after determining that the session is established. It is to be understood that the embodiments of the present application are not limited to the specific manner of obtaining the application programming interface and the session identifier.
The second client may send a session sharing request to the second server by calling the application programming interface, where the session sharing request may include a session identifier, so that the second server returns session data corresponding to the session identifier.
In summary, in the session processing method according to the embodiment of the present application, the second client sends the session sharing request by calling the application programming interface; since session sharing can be achieved without using the account and password of the first client, security of session sharing can be improved.
Method example four
This embodiment explains a session processing procedure of the second server side.
Referring to fig. 5, a flowchart illustrating steps of a session processing method according to an embodiment of the present application is shown, which may specifically include the following steps:
step 501, determining a session identifier, and establishing connections with a first client and a first server respectively, so as to establish a session between the first client and the first server and transfer session data; the session data may be session data between the first client and the first server;
step 502, receiving a session sharing request sent by a second client; the session sharing request can be obtained based on an application programming interface; the session sharing request can include a session identifier;
step 503, establishing connection with the second client, and sending session data corresponding to the session identifier to the second client.
Referring to fig. 2 and fig. 3, in the embodiment of the method, the second server may determine a session identifier according to the connection request sent by the first client, and return the session identifier and the first connection address to the first client, so that the first client establishes a connection with the second server according to the first connection address. Further, after establishing connection with the first client, the second server may also send a second notification to the first server, so that the first server establishes connection with the second server according to the second notification.
Referring to the method embodiment shown in fig. 4, the second client may send a session sharing request to the second server by calling the application programming interface.
In step 503, the second server may send the second connection address to the second client, so that the second client establishes a connection with the second server according to the second connection address.
The connection type corresponding to the second connection address may include: an HTTP connection, or a WebSocket connection, etc. Taking WebSocket connection as an example, the second server may return WebSocket Url to the second client.
In an implementation manner of the present application, the session sharing request may be verified, and when the session sharing request passes the verification, a connection is established with the second client.
In a specific implementation, the session sharing request may include: the second authentication information may be verified.
The embodiment of the present application does not impose a limitation on the type of the second authentication information. For example, the type of the second authentication information may include: and (5) account authentication. As another example, the type of the second authentication information may include: token authentication. For another example, the type of the second authentication information may include: AK/SK authentication.
Taking account authentication as an example, it may be determined whether a first account of a first client and a second account of a second client belong to the same account system, and if yes, the session sharing request passes the verification. Otherwise, whether the session sharing request passes the verification or not can be judged according to the setting of the first client or the server.
The account system may include: a user system or a customer service system, etc. The user of the first client can set a check rule corresponding to the account crossing condition according to the actual application requirement. For example, the check rule may include: and the check passes under the condition of cross-account, or the check does not pass under the condition of cross-account, and the like.
Taking AK/SK authentication as an example, in practical application, the second client may generate a third authentication string by using the second SK and an authentication mechanism, and carry the second AK and the third authentication string in the session sharing request. After receiving the session sharing request, the second server queries the mapping relation according to the second AK to obtain a second SK; and generating a fourth authentication character string by using the second SK and the authentication mechanism, comparing the fourth authentication character string with a third authentication character string contained in the connection request, and if the comparison is successful, determining that the session sharing request passes the verification.
After establishing a connection with the second client, the second server may send session data corresponding to the session identifier to the second client.
According to one implementation, the format of the session data includes: command line format. In particular, the input data or the output data may be a binary stream in a command line format. According to the characteristics of simple and light command lines, the embodiment of the application can reduce the data transmission amount in the communication process and improve the conversation efficiency.
According to another implementation manner, the sending of the session data corresponding to the session identifier to the second client specifically may include: determining the target type of the session data according to the authority information of the second client for the session corresponding to the session identifier; and sending the target type session data to the second client.
The rights information may be provided by the first client. A user of a first client may specify rights information for a session for a second client. For example, a target API associated with the rights information may be provided, and the user of the first client may specify the rights information for the session for the second client according to the target API.
The second server or other servers (e.g., the third server) may store the corresponding relationship between the second client, the session, and the permission information according to the information specified by the user, and then may determine, according to the corresponding relationship, the permission information of the session corresponding to the specific session identifier by the second client.
The authority information may specifically include: read permission, or read-write permission. Accordingly, the target types of session data may include: read type, or read-write type, etc.
The reading type and the reading and writing type of session data are the same in that the session data are visible, and a user can have the reading authority of the session data.
According to one implementation, for the read-type session data, the corresponding session interface may not include an input interface, that is, the user cannot generate the input data for the read-type session data. For the read-write type session data, the corresponding session interface may include an input interface, that is, the user may generate input data for the read-write type session data.
According to another implementation, the session interface corresponding to the read-type session data may include an input interface, but the input data of the user is discarded by the second server.
The processing flow corresponding to the permission information can flexibly control the operation permission of the second client to the session, and the second client can only read the session data and can also read and write the session data.
Referring to fig. 6, a schematic diagram of a session data sharing method according to an embodiment of the present application is shown, where a first client has a read-write right on a session, so the session corresponding to the first client is a read-write session, and may display output data on a session interface, and may also generate input data on the session interface, where the corresponding input data may be transmitted to a first service end through a second service end, and the first service end responds to the input data to obtain corresponding output data.
The second client has read-only right to the session, so the corresponding session is a read-only session, and the output data can be displayed on the session interface. The second client can generate input data on the session interface, and the corresponding input data is discarded by the second server; alternatively, the second client may not generate input data on the session interface.
In one implementation, the second server may forward the updated input data and/or output data after detecting the update of the input data and/or output data. For example, after receiving updated input data sent by a first client, the updated input data may be synchronized to a second client. For another example, after receiving the updated output data sent by the first service end, the updated output data may be synchronized to the second client.
In another implementation, in the case that the second client establishes a connection with the second server, the first client has already performed some operations, and there may already be some session data on the session interface, and the first client wishes to expose the session data to the second client. In this case, after the second client establishes a connection with the second server, for example, in an initialization process of the second client, the session data displayed on the session interface of the first client may be sent to the second client.
Referring to fig. 7, a flowchart illustrating a step of a session processing method according to an embodiment of the present application is shown, where the session corresponds to a session between a first client and a first server, and the method specifically includes the following steps:
step 701, the first client sends a connection request to the second server based on the application programming interface;
step 702, the second server sends a first connection address and a session identifier to the first client according to the connection request;
step 703, the first client establishes a connection with the second server according to the first connection address;
step 704, after establishing connection with the first client, the second server establishes connection with the first server, so as to establish a session between the first client and the first server, transfer session data, and send the session data to the second client; the session data is session data between the first client and the first service.
Referring to fig. 8, a flowchart illustrating steps of a session processing method according to an embodiment of the present application is shown, where the session corresponds to a session between a first client and a first server, and the method specifically includes the following steps:
step 801, the second client sends a session sharing request to the second server based on the application programming interface;
step 802, the second server sends a second connection address to the second client according to the session sharing request;
step 803, the second client establishes connection with the second server according to the second connection address;
step 804, the second server sends session data to the second client; the second server is connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service.
Referring to fig. 9, a flowchart illustrating steps of a session processing method according to an embodiment of the present application is shown, which may specifically include the following steps:
step 901, the second client sends a session sharing request to the second server;
step 902, the second server checks the session sharing request;
step 903, the second server sends a second connection address to the second client when the session sharing request passes the verification;
step 904, the second client establishes connection with the second server according to the second connection address;
step 905, the second server sends a third notification to the first client; the third notification may be used to notify that the connection with the second client is established;
step 906, the first client sends the existing session data to the second server; existing session data may be exposed in a session interface of the first client;
step 907, the second server sends the existing session data to the second client.
In summary, in the session processing method of the embodiment of the present application, the second server is used as a medium for session processing, and the second server realizes sharing of a session by mirroring of session data; the method has the following advantages:
firstly, a second server provides an application programming interface so that a second client sends a session sharing request by calling the application programming interface; since session sharing can be achieved without using the account and password of the first client, security of session sharing can be improved.
Secondly, conversation sharing is carried out in a command line mode, input and output are binary streams in a command line format, data transmission quantity in a communication process can be reduced, and conversation efficiency can be improved.
Moreover, the read-write permission of the sharing session can be flexibly controlled, and the sharing session can give the read-write permission and also can give the read-only permission.
In addition, the second server side can perform centralized management on the session, and richer processing functions such as operation audit, identification and interception of high-risk commands and the like are conveniently realized.
Further, in the session processing process, the ingress port of the first service end may be in a closed state, so as to prevent an illegal device from accessing via the ingress port of the first service end, so as to further improve the security of session sharing.
It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the embodiments. Further, those skilled in the art will also appreciate that the embodiments described in the specification are presently preferred and that no particular act is required of the embodiments of the application.
On the basis of the foregoing embodiment, an embodiment of the present application further provides a session processing apparatus, where the session corresponds to a session between a first client and a first server, and the apparatus is specifically applied to a second server, and with reference to fig. 10, the apparatus may include the following modules:
a determining module 1001, configured to determine a session identifier;
a first connection module 1002, configured to establish connections with a first client and a first server, respectively, so as to establish a session between the first client and the first server, and transfer session data; the session data may be session data between the first client and the first server;
a receiving module 1003, configured to receive a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
a second connection module 1004, configured to establish a connection with a second client;
a sending module 1005, configured to send session data corresponding to the session identifier to the second client.
Optionally, the format of the session data includes: command line format.
Optionally, the input port of the first server is in a closed state.
Optionally, the sending module 1005 may specifically include:
the type determining module is used for determining the target type of the session data according to the authority information of the second client for the session corresponding to the session identifier;
and the session data sending module is used for sending the session data of the target type to the second client.
Optionally, the second connection module 1004 is specifically configured to, when the session sharing request passes the verification, establish connection with the second client, and send session data corresponding to the session identifier to the second client.
To sum up, in the session processing apparatus according to the embodiment of the present application, the second server provides an application programming interface, so that the second client sends the session sharing request by calling the application programming interface; since session sharing can be achieved without using the account and password of the first client, security of session sharing can be improved.
An embodiment of the present application further provides a session processing apparatus, where the session corresponds to a session between a first client and a first service end, and the apparatus is applied to a second client, and with reference to fig. 11, the apparatus may specifically include the following modules:
the sending module 1101 sends a session sharing request to the second server by calling an application programming interface; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
a connection module 1102, configured to establish a connection with a second server;
the receiving module is used for receiving session data which is sent by the second server and corresponds to the session identifier; the second server is respectively connected with the first client and the first server so as to establish a session between the first client and the first server and transfer session data; the session data may be session data between the first client and the first server.
An embodiment of the present application further provides a session processing apparatus, where the session corresponds to a session between a first client and a first service end, and the apparatus is applied to the first client, and with reference to fig. 12, the apparatus specifically includes the following modules:
a receiving module 1201, configured to receive a session identifier;
a connection module 1202, configured to establish a connection with a second server; the second service end is also connected with the first service end so as to establish a session between the first client and the first service end and transfer session data; the session data may be session data between the first client and the first server; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request includes a session identifier.
An embodiment of the present application further provides a session processing apparatus, where the session corresponds to a session between a first client and a first service end, and the apparatus is applied to the first service end, and the apparatus may specifically include:
the connection module is used for establishing connection with the second server; the second server is also connected with the first client and the first server; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request includes a session identifier.
The present application further provides a non-transitory, readable storage medium, where one or more modules (programs) are stored, and when the one or more modules are applied to a device, the device may execute instructions (instructions) of method steps in this application.
Embodiments of the present application provide one or more machine-readable media having instructions stored thereon, which when executed by one or more processors, cause an electronic device to perform the methods as described in one or more of the above embodiments. In the embodiment of the application, the electronic device includes a server, a terminal device and other devices.
Embodiments of the present disclosure may be implemented as an apparatus, which may comprise a server (cluster), a terminal, etc., electronic device, using any suitable hardware, firmware, software, or any combination thereof, in a desired configuration. Fig. 13 schematically illustrates an example apparatus 1300 that can be used to implement various embodiments described herein.
For one embodiment, fig. 13 illustrates an example apparatus 1300 having one or more processors 1302, a control module (chipset) 1304 coupled to at least one of the processor(s) 1302, memory 1306 coupled to the control module 1304, non-volatile memory (NVM)/storage 1308 coupled to the control module 1304, one or more input/output devices 1310 coupled to the control module 1304, and a network interface 1312 coupled to the control module 1304.
Processor 1302 may include one or more single-core or multi-core processors, and processor 1302 may include any combination of general-purpose or special-purpose processors (e.g., graphics processors, application processors, baseband processors, etc.). In some embodiments, the apparatus 1300 can be a server, a terminal, or the like in this embodiment.
In some embodiments, apparatus 1300 may include one or more computer-readable media (e.g., memory 1306 or NVM/storage 1308) having instructions 1314 and one or more processors 1302, which in combination with the one or more computer-readable media, are configured to execute instructions 1314 to implement modules to perform actions described in this disclosure.
For one embodiment, control module 1304 may include any suitable interface controllers to provide any suitable interface to at least one of the processor(s) 1302 and/or any suitable device or component in communication with control module 1304.
The control module 1304 may include a memory controller module to provide an interface to the memory 1306. The memory controller module may be a hardware module, a software module, and/or a firmware module.
Memory 1306 may be used, for example, to load and store data and/or instructions 1314 for device 1300. For one embodiment, memory 1306 may comprise any suitable volatile memory, such as suitable DRAM. In some embodiments, the memory 1306 may comprise a double data rate type four synchronous dynamic random access memory (DDR4 SDRAM).
For one embodiment, control module 1304 may include one or more input/output controllers to provide an interface to NVM/storage 1308 and input/output device(s) 1310.
For example, NVM/storage 1308 may be used to store data and/or instructions 1314. NVM/storage 1308 may include any suitable non-volatile memory (e.g., flash memory) and/or may include any suitable non-volatile storage device(s) (e.g., one or more Hard Disk Drives (HDDs), one or more Compact Disc (CD) drives, and/or one or more Digital Versatile Disc (DVD) drives).
NVM/storage 1308 may include storage resources that are part of the device on which apparatus 1300 is installed, or it may be accessible by the device and need not be part of the device. For example, NVM/storage 1308 may be accessible over a network via input/output device(s) 1310.
Input/output device(s) 1310 may provide an interface for apparatus 1300 to communicate with any other suitable device, input/output device(s) 1310 may include communication components, audio components, sensor components, and so forth. The network interface 1312 may provide an interface for the device 1300 to communicate over one or more networks, and the device 1300 may wirelessly communicate with one or more components of a wireless network according to any of one or more wireless network standards and/or protocols, such as access to a communication standard-based wireless network, e.g., WiFi, 2G, 3G, 4G, 5G, etc., or a combination thereof.
For one embodiment, at least one of the processor(s) 1302 may be packaged together with logic for one or more controllers (e.g., memory controller modules) of the control module 1304. For one embodiment, at least one of the processor(s) 1302 may be packaged together with logic for one or more controllers of the control module 1304 to form a System In Package (SiP). For one embodiment, at least one of the processor(s) 1302 may be integrated on the same die with logic for one or more controller(s) of the control module 1304. For one embodiment, at least one of the processor(s) 1302 may be integrated on the same die with logic of one or more controllers of the control module 1304 to form a system on chip (SoC).
In various embodiments, apparatus 1300 may be, but is not limited to being: a server, a desktop computing device, or a mobile computing device (e.g., a laptop computing device, a handheld computing device, a tablet, a netbook, etc.), among other terminal devices. In various embodiments, apparatus 1300 may have more or fewer components and/or different architectures. For example, in some embodiments, device 1300 includes one or more cameras, a keyboard, a Liquid Crystal Display (LCD) screen (including a touch screen display), a non-volatile memory port, multiple antennas, a graphics chip, an Application Specific Integrated Circuit (ASIC), and speakers.
The apparatus 1300 may employ a main control chip as a processor or a control module, the sensor data, the location information, and the like are stored in a memory or an NVM/storage device, the sensor group may serve as an input/output device, and the communication interface may include a network interface.
An embodiment of the present application further provides an electronic device, including: a processor; and a memory having executable code stored thereon that, when executed, causes the processor to perform a method as described in one or more of the embodiments of the application.
Embodiments of the present application also provide one or more machine-readable media having executable code stored thereon that, when executed, cause a processor to perform a method as described in one or more of the embodiments of the present application.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including the preferred embodiment and all such alterations and modifications as fall within the true scope of the embodiments of the application.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The present application provides a session processing method, a session processing apparatus, an electronic device, and a storage medium, which are described in detail above, and specific examples are applied herein to illustrate the principles and embodiments of the present application, and the description of the above embodiments is only used to help understand the method and the core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (12)

1. A session processing method is characterized in that the session corresponds to a session between a first client and a first service end, and the method is applied to a second service end, and the method comprises the following steps:
determining a session identifier, and establishing connection with a first client and a first server respectively so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end;
receiving a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
and establishing connection with the second client, and sending the session data corresponding to the session identification to the second client.
2. The method of claim 1, wherein the format of the session data comprises: command line format.
3. The method of claim 1, wherein the ingress port of the first server is in an off state.
4. The method of claim 1, wherein sending session data corresponding to the session identifier to the second client comprises:
determining the target type of the session data according to the permission information of the second client for the session corresponding to the session identification;
and sending the target type session data to the second client.
5. A session processing method is characterized in that the session corresponds to a session between a first client and a first service end, and the method is applied to a second client, and comprises the following steps:
sending a session sharing request to a second server by calling an application programming interface; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
establishing connection with a second server, and receiving session data which is sent by the second server and corresponds to the session identifier; the second server is respectively connected with the first client and the first server so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service terminal.
6. A session processing method is characterized in that the session corresponds to a session between a first client and a first service end, and the method is applied to the first client, and comprises the following steps:
receiving a session identifier and establishing connection with a second server; the second server is also connected with the first server to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier.
7. A session processing method is characterized in that the session corresponds to a session between a first client and a first service end, and the method is applied to the first service end, and comprises the following steps:
establishing connection with a second server; the second server is also connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end; the second server establishes connection with the second client according to the session sharing request sent by the second client, and sends session data corresponding to the session identifier to the second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier.
8. A session processing method, wherein the session corresponds to a session between a first client and a first server, the method comprising:
the first client sends a connection request to the second server based on the application programming interface;
the second server side sends a first connection address and a session identifier to the first client side according to the connection request;
the first client establishes connection with the second server according to the first connection address;
after establishing connection with the first client, the second server establishes connection with the first server so as to establish a session between the first client and the first server, transfer session data and send the session data to the second client; the session data is session data between the first client and the first service terminal.
9. A session processing method, wherein the session corresponds to a session between a first client and a first server, the method comprising:
the second client sends a session sharing request to the second server based on the application programming interface;
the second server sends a second connection address to the second client according to the session sharing request;
the second client establishes connection with the second server according to the second connection address;
the second server side sends session data to the second client side; the second server is connected with the first client so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service terminal.
10. A session processing apparatus, wherein the session corresponds to a session between a first client and a first server, and the apparatus is applied to a second server, and the apparatus comprises:
a determining module, configured to determine a session identifier;
the first connection module is used for establishing connection with the first client and the first server respectively so as to establish a session between the first client and the first server and transfer session data; the session data is session data between the first client and the first service end;
the receiving module is used for receiving a session sharing request sent by a second client; the session sharing request is obtained based on an application programming interface; the session sharing request comprises a session identifier;
the second connection module is used for establishing connection with a second client;
and the sending module is used for sending the session data corresponding to the session identification to the second client.
11. An electronic device, comprising: a processor; and
a memory having executable code stored thereon that, when executed, causes the processor to perform the method of any of claims 1-9.
12. One or more machine-readable media having executable code stored thereon that, when executed, causes a processor to perform the method of any of claims 1-9.
CN202111526643.6A 2021-12-14 2021-12-14 Session processing method, device, electronic equipment and storage medium Active CN114363397B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111526643.6A CN114363397B (en) 2021-12-14 2021-12-14 Session processing method, device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111526643.6A CN114363397B (en) 2021-12-14 2021-12-14 Session processing method, device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN114363397A true CN114363397A (en) 2022-04-15
CN114363397B CN114363397B (en) 2024-08-06

Family

ID=81100042

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111526643.6A Active CN114363397B (en) 2021-12-14 2021-12-14 Session processing method, device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114363397B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030188195A1 (en) * 2002-04-01 2003-10-02 Abdo Nadim Y. Automatic re-authentication
US6779035B1 (en) * 2000-03-06 2004-08-17 Microsoft Corporation Application programming interface and generalized network address translator for translation of transport-layer sessions
US20080132215A1 (en) * 2006-12-01 2008-06-05 Yahoo! Inc. User initiated invite for automatic conference participation by invitee
US20090094688A1 (en) * 2007-10-04 2009-04-09 Cognos Incorporated Method and system for synchronizing user sessions
US7526560B1 (en) * 2000-03-30 2009-04-28 Oracle International Corporation Method and apparatus for sharing a secure connection between a client and multiple server nodes
CN104660616A (en) * 2015-03-18 2015-05-27 上海斐讯数据通信技术有限公司 Conversation remaining server side and conversation processing method thereof
CN105812351A (en) * 2016-02-23 2016-07-27 平安科技(深圳)有限公司 Method and system for sharing session
CN106105090A (en) * 2014-04-14 2016-11-09 迈克菲股份有限公司 Session is utilized to share automated log on and publish session
CN109324910A (en) * 2018-09-03 2019-02-12 视联动力信息技术股份有限公司 A kind of method and apparatus that session is shared
CN110233902A (en) * 2019-06-28 2019-09-13 杭州迪普科技股份有限公司 Conversation processing method, device, electronic equipment and machine readable storage medium
US20200358714A1 (en) * 2019-05-06 2020-11-12 Citrix Systems, Inc. Method and system for sharing user configuration data between different computing sessions
CN113329069A (en) * 2021-05-24 2021-08-31 西安统信软件技术有限公司 Instant messaging method, system and computing equipment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6779035B1 (en) * 2000-03-06 2004-08-17 Microsoft Corporation Application programming interface and generalized network address translator for translation of transport-layer sessions
US7526560B1 (en) * 2000-03-30 2009-04-28 Oracle International Corporation Method and apparatus for sharing a secure connection between a client and multiple server nodes
US20030188195A1 (en) * 2002-04-01 2003-10-02 Abdo Nadim Y. Automatic re-authentication
US20080132215A1 (en) * 2006-12-01 2008-06-05 Yahoo! Inc. User initiated invite for automatic conference participation by invitee
US20090094688A1 (en) * 2007-10-04 2009-04-09 Cognos Incorporated Method and system for synchronizing user sessions
CN106105090A (en) * 2014-04-14 2016-11-09 迈克菲股份有限公司 Session is utilized to share automated log on and publish session
CN104660616A (en) * 2015-03-18 2015-05-27 上海斐讯数据通信技术有限公司 Conversation remaining server side and conversation processing method thereof
CN105812351A (en) * 2016-02-23 2016-07-27 平安科技(深圳)有限公司 Method and system for sharing session
CN109324910A (en) * 2018-09-03 2019-02-12 视联动力信息技术股份有限公司 A kind of method and apparatus that session is shared
US20200358714A1 (en) * 2019-05-06 2020-11-12 Citrix Systems, Inc. Method and system for sharing user configuration data between different computing sessions
CN110233902A (en) * 2019-06-28 2019-09-13 杭州迪普科技股份有限公司 Conversation processing method, device, electronic equipment and machine readable storage medium
CN113329069A (en) * 2021-05-24 2021-08-31 西安统信软件技术有限公司 Instant messaging method, system and computing equipment

Also Published As

Publication number Publication date
CN114363397B (en) 2024-08-06

Similar Documents

Publication Publication Date Title
US11196561B2 (en) Authorized data sharing using smart contracts
US10033804B2 (en) Delivery of content
US11200334B2 (en) Data sharing via distributed ledgers
US10375064B2 (en) Method, apparatus, and system for remotely accessing cloud applications
CN109521956B (en) Cloud storage method, device, equipment and storage medium based on block chain
US11671279B2 (en) Determining a session key using session data
CN104539977A (en) Live broadcast previewing method and device
US10574703B1 (en) Content delivery employing multiple security levels
US11743101B2 (en) Techniques for accessing logical networks via a virtualized gateway
US12341856B2 (en) Communication protocols for an online content management system
US20120266222A1 (en) Provisioning using a generic configuration
CN118741265B (en) Camera video playback method, device, system and electronic equipment
US20130024543A1 (en) Methods for generating multiple responses to a single request message and devices thereof
CN120226364A (en) System and method for communication between a mobile device and a smart television
US10231004B2 (en) Network recording service
CN114363397B (en) Session processing method, device, electronic equipment and storage medium
CN117294445A (en) Rich media file transmission method, device and system
CN114615140B (en) Communication method, device, equipment and storage medium
US20200228879A1 (en) Detection And Redirection Of Video Playback
WO2023059386A1 (en) Remote command access in a hybrid cloud to on-premises devices
EP4413691A1 (en) Remote command access in a hybrid cloud to on-premises devices
CN113760563A (en) Data processing method and device based on open platform and data processing system
CN107454580A (en) A method and system for realizing directional guidance of application program traffic and mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant