CN111641675A - Multi-tenant access service implementation method, device, equipment and storage medium - Google Patents
Multi-tenant access service implementation method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111641675A CN111641675A CN202010350026.4A CN202010350026A CN111641675A CN 111641675 A CN111641675 A CN 111641675A CN 202010350026 A CN202010350026 A CN 202010350026A CN 111641675 A CN111641675 A CN 111641675A
- Authority
- CN
- China
- Prior art keywords
- tenant
- access service
- implementation class
- function implementation
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000006870 function Effects 0.000 claims abstract description 121
- 230000008571 general function Effects 0.000 claims abstract description 74
- 238000012545 processing Methods 0.000 claims description 23
- 238000004590 computer program Methods 0.000 claims description 4
- 238000012216 screening Methods 0.000 claims description 4
- 238000013500 data storage Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 11
- 238000005516 engineering process Methods 0.000 abstract description 9
- 238000013473 artificial intelligence Methods 0.000 abstract description 2
- 238000013475 authorization Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 6
- 238000011161 development Methods 0.000 description 4
- 235000010627 Phaseolus vulgaris Nutrition 0.000 description 3
- 244000046052 Phaseolus vulgaris Species 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 3
- 235000014510 cooky Nutrition 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000002716 delivery method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 239000003550 marker Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/306—User profiles
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Stored Programmes (AREA)
Abstract
Description
技术领域technical field
本发明涉及人工智能技术领域,尤其涉及一种多租户访问服务实现方法、装置、设备及存储介质。The present invention relates to the technical field of artificial intelligence, and in particular, to a method, apparatus, device and storage medium for implementing a multi-tenant access service.
背景技术Background technique
微服务作为一项在云中部署应用和服务的新技术已成为当下最新的热门话题。微服务技术的发展最先在于解决传统大型软件的开发、测试、部署与维护问题,每个功能模块的修改都需要考虑软件应用整体的变动,而微服务技术将整个大的应用切割成多个独立的小模块,每个小模块基本上只需要负责各自的业务功能开发、测试、部署、运维即可。而现今,微服务更是作为软件应用模式创新的领头羊,从传统的企业内部部署软件产品到使用云端部署,定义了一种新的交付方式,减少本地部署所需的大量前期投入,将软件应用回归到其本质的服务属性。Microservices, as a new technology for deploying applications and services in the cloud, has become the latest hot topic. The development of microservice technology firstly solves the problems of development, testing, deployment and maintenance of traditional large-scale software. The modification of each functional module needs to consider the overall changes of the software application, while the microservice technology divides the entire large application into multiple Independent small modules, each small module basically only needs to be responsible for its own business function development, testing, deployment, and operation and maintenance. Today, microservices are the leader in software application model innovation. From traditional on-premise deployment of software products to cloud deployments, a new delivery method has been defined, which reduces the large amount of upfront investment required for local deployment and integrates software The application returns to its essential service properties.
现今的微服务使用多租户架构,同一套服务面向多个客户,需要尽量满足多租户各自的需求。对于个人用户,平台仅需满足公共需求即可。对于企业用户,则需要尽量满足,但是由于客户需求各种各样,甚至相互冲突,所以很难面向企业用户展开。往往为了满足一个租户的需求,影响了其它租户的业务。故如何在多租户架构上提供多套定制化服务以满足不同用户需求?Today's microservices use a multi-tenant architecture. The same set of services is oriented to multiple customers and needs to meet the respective needs of multiple tenants as much as possible. For individual users, the platform only needs to meet public needs. For enterprise users, it needs to be satisfied as much as possible, but due to the various and even conflicting needs of customers, it is difficult to expand for enterprise users. Often in order to meet the needs of one tenant, the business of other tenants is affected. So how to provide multiple sets of customized services on a multi-tenant architecture to meet different user needs?
发明内容SUMMARY OF THE INVENTION
本发明的主要目的在于解决如何在多租户架构上提供多套定制化服务以满足不同用户需求的问题。The main purpose of the present invention is to solve the problem of how to provide multiple sets of customized services on a multi-tenant architecture to meet the needs of different users.
本发明第一方面提供了一种多租户访问服务实现微服务架构方法,包括:A first aspect of the present invention provides a multi-tenant access service implementation micro-service architecture method, including:
读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;Reading a tenant configuration file, where the tenant configuration file includes a custom function implementation class and/or a general function implementation class corresponding to each tenant access service;
基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;Create an application context corresponding to each tenant access service based on the custom function implementation class and/or general function implementation class corresponding to each tenant access service;
接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;receiving and parsing the access service request initiated by the tenant client to obtain tenant credential information corresponding to the tenant client;
根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;According to the tenant credential information, obtain the corresponding tenant information and parse it to obtain the tenant identification information;
根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。According to the tenant identification information, the application context corresponding to the access service of the tenant client is determined and allocated to the thread where the access service request is located.
可选的,在本发明第一方面的第一种实现方式中,在所述读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类步骤之前,还包括:Optionally, in the first implementation manner of the first aspect of the present invention, when the tenant configuration file is read, the tenant configuration file contains custom function implementation classes and/or general functions corresponding to each tenant access service. Before implementing the class step, also include:
加载预置的默认应用上下文,以供实现各租户访问服务的通用功能;Load the preset default application context to implement common functions for each tenant to access services;
判断所述默认应用上下文所需接口是否对应一个或多个通用功能实现类;Determine whether the interface required by the default application context corresponds to one or more general function implementation classes;
若对应一个通用功能实现类,则以该通用功能实现类作为所述默认应用上下文的接口对应的实现类;If it corresponds to a general function implementation class, the general function implementation class is used as the implementation class corresponding to the interface of the default application context;
若对应多个通用功能实现类,则选择其中一个预置通用功能实现类作为所述默认应用上下文所需接口对应的实现类。If it corresponds to multiple general function implementation classes, select one of the preset general function implementation classes as the implementation class corresponding to the interface required by the default application context.
可选的,在本发明第一方面的第二种实现方式中,所述基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文多租户访问服务实现包括:Optionally, in the second implementation manner of the first aspect of the present invention, the application corresponding to each tenant access service is created based on the custom function implementation class and/or the general function implementation class corresponding to each tenant access service. Context multi-tenant access service implementations include:
解析租户配置文件,获得各租户访问服务对应的带有第一标识信息的定制功能实现类和/或带有第二标识信息的通用功能实现类;Parse the tenant configuration file, and obtain the custom function implementation class with the first identification information and/or the general function implementation class with the second identification information corresponding to each tenant access service;
基于所述第一标识信息和/或所述第二标识信息、以及各租户访问服务对应应用上下文的所需接口,确定所述应用上下文与各定制功能实现类和/或各通用功能实现类之间的关联关系;Based on the first identification information and/or the second identification information, and the required interface of each tenant's access service corresponding to the application context, determine the application context and each custom function implementation class and/or each general function implementation class relationship between;
基于所述关联关系,将所述所需接口与对应的定制功能实现类和/或通用功能实现类进行绑定,生成每一租户访问服务对应应用上下文并使用对应租户的租户标识信息进行标识。Based on the association relationship, the required interface is bound to the corresponding custom function implementation class and/or general function implementation class, an application context corresponding to each tenant access service is generated, and the tenant identification information of the corresponding tenant is used for identification.
可选的,在本发明第一方面的第三种实现方式中,所述接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息包括:Optionally, in a third implementation manner of the first aspect of the present invention, the receiving and parsing the access service request initiated by the tenant client to obtain the tenant credential information corresponding to the tenant client includes:
拦截所述租户客户端发起的访问服务请求;Intercept the access service request initiated by the tenant client;
根据所述访问服务请求,确定所述租户客户端的访问服务类型;determining the access service type of the tenant client according to the access service request;
若所述访问服务类型为非登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为秘钥;If the access service type is a non-login access service, parse the access service request, and obtain the tenant credential information corresponding to the tenant client as a secret key;
若所述访问服务类型为登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为租户身份令牌。If the access service type is a login access service, the access service request is parsed, and the tenant credential information corresponding to the tenant client is obtained as a tenant identity token.
可选的,在本发明第一方面的第四种实现方式中,在所述根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息步骤之后,还包括:Optionally, in the fourth implementation manner of the first aspect of the present invention, after the step of acquiring and parsing the corresponding tenant information according to the tenant credential information to obtain the tenant identification information, the method further includes:
若所述租户凭证信息为租户身份令牌,基于所述租户身份令牌,创建所述租户客户端对应的会话对象;If the tenant credential information is a tenant identity token, create a session object corresponding to the tenant client based on the tenant identity token;
生成所述会话对象相应的会话标识信息并发送至租户客户端进行保存;generating the session identification information corresponding to the session object and sending it to the tenant client for saving;
保存所述租户信息至所述会话对象,根据所述会话对象储存的所述租户信息以调用相应实现类。The tenant information is saved to the session object, and a corresponding implementation class is called according to the tenant information stored in the session object.
可选的,在本发明第一方面的第五种实现方式中,在所述根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程步骤之后,还包括:Optionally, in the fifth implementation manner of the first aspect of the present invention, according to the tenant identification information, the application context corresponding to the access service of the tenant client is determined and allocated to the thread where the access service request is located. After the steps, also include:
接收所述租户客户端调用定制功能时发起的带有所述会话标识信息以及所述第一标识信息或所述第二标识信息的业务处理请求;receiving a service processing request with the session identification information and the first identification information or the second identification information initiated when the tenant client invokes the customization function;
根据所述会话标识信息,确定所述租户客户端对应的会话对象;determining, according to the session identification information, a session object corresponding to the tenant client;
根据所述第一标识信息或第二标识信息,确定所述会话对象存储的租户信息内对应的功能实现类,并通过所述功能实现类实例化客户端业务处理对应的应用上下文接口。According to the first identification information or the second identification information, a corresponding function implementation class in the tenant information stored in the session object is determined, and an application context interface corresponding to client business processing is instantiated through the function implementation class.
本发明第二方面提供了一种多租户访问服务实现装置,包括:A second aspect of the present invention provides a device for implementing a multi-tenant access service, including:
接收模块,用于读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;a receiving module, configured to read a tenant configuration file, where the tenant configuration file includes a custom function implementation class and/or a general function implementation class corresponding to each tenant access service;
创建模块,用于基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;A creation module, configured to create an application context corresponding to each tenant access service based on the custom function implementation class and/or general function implementation class corresponding to each tenant access service;
解析模块,用于接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;a parsing module, configured to receive and parse an access service request initiated by a tenant client to obtain tenant credential information corresponding to the tenant client; acquire and parse corresponding tenant information according to the tenant credential information to obtain tenant identification information;
分配模块,用于根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。The allocation module is configured to determine, according to the tenant identification information, an application context corresponding to the access service of the tenant client and allocate it to the thread where the access service request is located.
可选的,在本发明第二方面的第一种实现方式中,还包括启动模块,具体用于:Optionally, in the first implementation manner of the second aspect of the present invention, a startup module is also included, which is specifically used for:
加载预置的默认应用上下文,以供实现各租户访问服务的通用功能;Load the preset default application context to implement common functions for each tenant to access services;
判断所述默认应用上下文所需接口是否对应一个或多个通用功能实现类;Determine whether the interface required by the default application context corresponds to one or more general function implementation classes;
若对应一个通用功能实现类,则以该通用功能实现类作为所述默认应用上下文的接口对应的实现类;If it corresponds to a general function implementation class, the general function implementation class is used as the implementation class corresponding to the interface of the default application context;
若对应多个通用功能实现类,则选择其中一个预置通用功能实现类作为所述默认应用上下文所需接口对应的实现类。If it corresponds to multiple general function implementation classes, select one of the preset general function implementation classes as the implementation class corresponding to the interface required by the default application context.
可选的,在本发明第二方面的第二种实现方式中,所述创建模块还包括:Optionally, in a second implementation manner of the second aspect of the present invention, the creation module further includes:
第一解析单元,用于解析租户配置文件,获得各租户访问服务对应的带有第一标识信息的定制功能实现类和/或带有第二标识信息的通用功能实现类;a first parsing unit, configured to parse a tenant configuration file, and obtain a custom function implementation class with first identification information and/or a general function implementation class with second identification information corresponding to each tenant access service;
筛选单元,用于基于所述第一标识信息和/或所述第二标识信息、以及各租户访问服务对应应用上下文的所需接口,确定所述应用上下文与各定制功能实现类和/或各通用功能实现类之间的关联关系;The screening unit is configured to determine, based on the first identification information and/or the second identification information, and the required interface of the application context corresponding to each tenant access service, the application context and each custom function implementation class and/or each Association between generic function implementation classes;
匹配单元,用于基于所述关联关系,将所述所需接口与对应的定制功能实现类和/或通用功能实现类进行绑定,生成每一租户访问服务对应应用上下文并使用对应租户的租户标识信息进行标识。A matching unit, configured to bind the required interface with the corresponding custom function implementation class and/or general function implementation class based on the association relationship, generate an application context corresponding to each tenant access service, and use the tenant of the corresponding tenant identification information for identification.
可选的,在本发明第二方面的第三种实现方式中,所述解析模块具体用于:Optionally, in a third implementation manner of the second aspect of the present invention, the parsing module is specifically used for:
拦截所述租户客户端发起的访问服务请求;Intercept the access service request initiated by the tenant client;
根据所述访问服务请求,确定所述租户客户端的访问服务类型;determining the access service type of the tenant client according to the access service request;
若所述访问服务类型为非登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为秘钥;If the access service type is a non-login access service, parse the access service request, and obtain the tenant credential information corresponding to the tenant client as a secret key;
若所述访问服务类型为登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为租户身份令牌。If the access service type is a login access service, the access service request is parsed, and the tenant credential information corresponding to the tenant client is obtained as a tenant identity token.
可选的,在本发明第二方面的第四种实现方式中,多租户访问服务实现装置还包括记录模块,用于:Optionally, in a fourth implementation manner of the second aspect of the present invention, the device for implementing multi-tenant access services further includes a recording module for:
若所述租户凭证信息为租户身份令牌,基于所述租户身份令牌,创建所述租户客户端对应的会话对象;If the tenant credential information is a tenant identity token, create a session object corresponding to the tenant client based on the tenant identity token;
生成所述会话对象相应的会话标识信息并发送至租户客户端进行保存;generating the session identification information corresponding to the session object and sending it to the tenant client for saving;
保存所述租户信息至所述会话对象,根据所述会话对象储存的所述租户信息以调用相应实现类。The tenant information is saved to the session object, and a corresponding implementation class is called according to the tenant information stored in the session object.
可选的,在本发明第二方面的第五种实现方式中,所述分配模块具体还用于:Optionally, in a fifth implementation manner of the second aspect of the present invention, the allocation module is further used for:
接收所述租户客户端调用定制功能时发起的带有所述会话标识信息以及所述第一标识信息或所述第二标识信息的业务处理请求;receiving a service processing request with the session identification information and the first identification information or the second identification information initiated when the tenant client invokes the customization function;
根据所述会话标识信息,确定所述租户客户端对应的会话对象;determining, according to the session identification information, a session object corresponding to the tenant client;
根据所述第一标识信息或第二标识信息,确定所述会话对象存储的租户信息内对应的功能实现类,并通过所述功能实现类实例化客户端业务处理对应的应用上下文接口。According to the first identification information or the second identification information, a corresponding function implementation class in the tenant information stored in the session object is determined, and an application context interface corresponding to client business processing is instantiated through the function implementation class.
本发明第三方面提供了一种多租户访问服务实现设备,包括:存储器和至少一个处理器,所述存储器中存储有指令,所述存储器和所述至少一个处理器通过线路互连;所述至少一个处理器调用所述存储器中的所述指令,以使得所述多租户访问服务实现设备执行上述的多租户访问服务实现方法。A third aspect of the present invention provides a device for implementing multi-tenant access services, comprising: a memory and at least one processor, wherein the memory stores instructions, and the memory and the at least one processor are interconnected through a line; the At least one processor invokes the instructions in the memory, so that the multi-tenant access service implementation device executes the above-mentioned multi-tenant access service implementation method.
本发明的第四方面提供了一种计算机可读存储介质,包括存储数据区和存储程序区,存储数据区存储根据区块链节点的使用所创建的数据,存储程序区存储有计算机程序,其中,所述计算机程序被处理器执行上述的多租户访问服务实现方法。A fourth aspect of the present invention provides a computer-readable storage medium, comprising a storage data area and a storage program area, the storage data area stores data created according to the use of blockchain nodes, and the storage program area stores a computer program, wherein , the computer program is executed by the processor to implement the above multi-tenant access service implementation method.
本发明提供的技术方案中,读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。本发明实施例中,获得在多租户架构上提供多套定制化服务的有益效果。In the technical solution provided by the present invention, a tenant configuration file is read, and the tenant configuration file contains custom function implementation classes and/or general function implementation classes corresponding to each tenant access service; based on the customization corresponding to each tenant access service A function implementation class and/or a general function implementation class, to create an application context corresponding to each tenant's access service; receive and parse the access service request initiated by the tenant client to obtain the tenant credential information corresponding to the tenant client; according to the tenant For the credential information, the corresponding tenant information is obtained and analyzed to obtain the tenant identification information; according to the tenant identification information, the application context corresponding to the access service of the tenant client is determined and allocated to the thread where the access service request is located. In the embodiment of the present invention, the beneficial effect of providing multiple sets of customized services on a multi-tenant architecture is obtained.
附图说明Description of drawings
图1为本发明实施例中多租户访问服务实现方法的一个实施例示意图;FIG. 1 is a schematic diagram of an embodiment of a method for implementing a multi-tenant access service in an embodiment of the present invention;
图2为本发明实施例中多租户访问服务实现方法的另一个实施例示意图;FIG. 2 is a schematic diagram of another embodiment of a method for implementing a multi-tenant access service in an embodiment of the present invention;
图3为本发明实施例中多租户访问服务实现装置的一个实施例示意图;3 is a schematic diagram of an embodiment of an apparatus for implementing a multi-tenant access service in an embodiment of the present invention;
图4为本发明实施例中多租户访问服务实现装置的另一个实施例示意图;4 is a schematic diagram of another embodiment of an apparatus for implementing a multi-tenant access service in an embodiment of the present invention;
图5为本发明实施例中多租户访问服务实现设备的一个实施例示意图。FIG. 5 is a schematic diagram of an embodiment of a device for implementing a multi-tenant access service in an embodiment of the present invention.
具体实施方式Detailed ways
本发明实施例提供了一种多租户访问服务实现方法、装置、设备及存储介质,通过修改多租户架构的底层技术,将同一个平台上适配一套租户访问服务的应用上下文修改为适配多套独立租户访问服务的应用上下文,并为每套租户访问服务配置通用的功能实现类与租户定制功能实现类,通过应用上下文的接口编程启动每个功能实现类对应的实例;在服务启动阶段,先为每套租户访问服务加载对应的应用上下文;在服务运行过程,通过租户客户端的租户凭证信息获取对应的应用上下文并接入当前线程,启动对应的租户访问服务,以获得通过优化多租户架构满足多用户不同需求的有益效果。The embodiments of the present invention provide a multi-tenant access service implementation method, device, device and storage medium. By modifying the underlying technology of the multi-tenant architecture, the application context for adapting a set of tenant access services on the same platform is modified to adapt Multiple sets of independent tenants access the application context of the service, and configure common function implementation classes and tenant-customized function implementation classes for each set of tenant access services, and start the corresponding instance of each function implementation class through the interface programming of the application context; in the service startup phase , first load the corresponding application context for each set of tenant access services; during the service operation process, obtain the corresponding application context through the tenant credential information of the tenant client and access the current thread, start the corresponding tenant access service, and obtain the multi-tenant optimization through optimization. The beneficial effect of the architecture meeting the different needs of multiple users.
本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”或“具有”及其任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third", "fourth", etc. (if present) in the description and claims of the present invention and the above-mentioned drawings are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It is to be understood that data so used may be interchanged under appropriate circumstances so that the embodiments described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" or "having" and any variations thereof are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those expressly listed steps or units, but may include other steps or units not expressly listed or inherent to these processes, methods, products or devices.
为便于理解,下面对本发明实施例的具体流程进行描述,请参阅图1,本发明实施例中多租户访问服务实现方法的一个实施例包括:For ease of understanding, the following describes the specific process of the embodiment of the present invention. Referring to FIG. 1 , an embodiment of a method for implementing a multi-tenant access service in the embodiment of the present invention includes:
101、读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;101. Read a tenant configuration file, where the tenant configuration file includes a custom function implementation class and/or a general function implementation class corresponding to each tenant access service;
可以理解的是,本发明的执行主体可以为多租户访问服务实现装置,还可以是终端或者服务器,具体此处不做限定。本发明实施例以服务器为执行主体为例进行说明。It can be understood that the executive body of the present invention may be an apparatus for implementing multi-tenant access services, and may also be a terminal or a server, which is not specifically limited here. The embodiments of the present invention are described by taking a server as an execution subject as an example.
本实施例中,通过spring框架讲解本发明方法的具体实施方式。在本系统开发时,已创建一外部配置文件并储存有租户信息表与功能实现类;在租户访问服务启动时,根据租户信息表内说明的每一租户访问服务对应定制功能实现类和/或通用功能实现类以启动实例。In this embodiment, the specific implementation of the method of the present invention is explained through the spring framework. During the development of this system, an external configuration file has been created and the tenant information table and function implementation class are stored; when the tenant access service is started, the corresponding custom function implementation class and/or the corresponding tenant access service described in the tenant information table Generic function implementation class to start an instance.
如租户访问服务A包含Comonbean1、Comonbean2、Comonbean3、Comonbean4;租户访问服务B包含Comonbean1、Comonbean3、bean110、bean121,其中,Comonbean为通用功能实现类,bean为定制功能实现类。For example, tenant access service A includes Comonbean1, Comonbean2, Comonbean3, and Comonbean4; tenant access service B includes Comonbean1, Comonbean3, bean110, and bean121, where Comonbean is a general function implementation class, and bean is a custom function implementation class.
102、基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;102. Create an application context corresponding to each tenant access service based on the custom function implementation class and/or general function implementation class corresponding to each tenant access service;
本实施例中,spring属于一种容器框架,这里我们修改spring的底层技术应用上下文容器,将本来平台全局只有一套应用上下文修改为每个租户访问服务拥有各自的应用上下文。首先将适配一套租户访问服务的应用上下文环境修改为适配多套租户访问服务的应用上下文环境,平台服务端在获取得到每一租户访问服务的定制功能实现类和/或通用功能实现类后,基于每一租户访问服务的不同需求,标记对应接口编程,每一定制功能实现类标记自身可实现接口与所属租户,每一通用功能实现类标记自身可实现接口,对租户访问服务的每一标记接口与对应的功能实现类进行关联,生成每一租户访问服务对应的应用上下文。In this embodiment, spring belongs to a container framework. Here, we modify the application context container of the underlying technology of spring, and modify the original platform to have only one set of application contexts so that each tenant access service has its own application context. First, modify the application context environment adapted to one set of tenant access services to the application context environment adapted to multiple sets of tenant access services. The platform server obtains the custom function implementation class and/or general function implementation class for each tenant access service. Then, based on the different needs of each tenant to access the service, mark the corresponding interface programming, each custom function implementation class mark itself can implement the interface and the tenant to which it belongs, and each general function implementation class mark itself can implement the interface, and each of the tenants accessing the service is marked. A marker interface is associated with a corresponding function implementation class to generate an application context corresponding to each tenant's access service.
如租户访问服务A标记使用应用上下文环境的接口1、接口2、接口3、接口中的接口1、接口3、接口4、Comonbean1标记实现接口1、Comonbean2标记实现接口2、bean标记实现接口3且属于租户A、bean4标记实现接口4且属于租户A,则在租户访问A的应用上下文环境中,关联Comonbean1与接口1、bean113与接口3、bean114与接口4,得到租户访问服务A的专属应用上下文。For example, tenant access service A marks interface 1, interface 2, interface 3, interface 1 in interface, interface 3, interface 4, Comonbean1 tag implements interface 1, Comonbean2 tag implements interface 2, bean tag implements interface 3 and If it belongs to tenant A and bean4 marks implementation interface 4 and belongs to tenant A, in the application context of tenant access A, associate Comonbean1 with interface 1, bean113 and interface 3, bean114 and interface 4, and obtain the exclusive application context of tenant access service A .
103、接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;103. Receive and parse the access service request initiated by the tenant client to obtain tenant credential information corresponding to the tenant client;
本实施例中,在租户客户端访问由本spring框架搭建的虚拟应用平台时,需向平台服务端发起访问服务请求以进入对应的应用界面,访问服务请求头部带有该租户客户端的租户凭证信息,用于平台服务端验证租户客户端的身份。In this embodiment, when a tenant client accesses the virtual application platform built by the spring framework, it needs to initiate an access service request to the platform server to enter the corresponding application interface, and the header of the access service request carries the tenant credential information of the tenant client , which is used by the platform server to verify the identity of the tenant client.
其中一类租户凭证信息为租户身份令牌,其示例为:字段A.字段B.字段C。其中,租户身份令牌最重要的信息为两个“.”之间的负载字段“字段B”,该字段代表租户身份令牌的租户客户端ID、及用于帮助检索租户客户端的创建时间与过期时间,表明本租户身份令牌的身份与有效性。One type of tenant credential information is a tenant identity token, an example of which is: field A. field B. field C. Among them, the most important information of the tenant identity token is the load field "field B" between two ".", which represents the tenant client ID of the tenant identity token, and the creation time and the time used to help retrieve the tenant client. Expiration time, indicating the identity and validity of the tenant identity token.
104、根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;104. Obtain and parse corresponding tenant information according to the tenant credential information to obtain tenant identification information;
本实施例中,每个租户访问服务都存储有一份配置的租户信息,并用租户标识信息进行标记。在用户选择所需的租户访问服务时,绑定用户的租户客户端ID与该租户访问服务相应租户信息的租户标识信息。通过上一步获取的租户标识信息内的租户客户端ID,检索对应的租户标识信息,并获取该租户标识信息对应的租户信息,以供平台服务器为租户客户端调用所需的租户访问服务,且可用于后续平台服务端为租户客户端的所需定制服务调用相应的功能实现类。In this embodiment, each tenant access service stores a copy of the configured tenant information, which is marked with the tenant identification information. When the user selects the desired tenant access service, the user's tenant client ID is bound to the tenant identification information of the tenant information corresponding to the tenant access service. Using the tenant client ID in the tenant identification information obtained in the previous step, retrieve the corresponding tenant identification information, and obtain the tenant information corresponding to the tenant identification information, so that the platform server can invoke the required tenant access service for the tenant client, and It can be used by the subsequent platform server to call the corresponding function implementation class for the required custom service of the tenant client.
如租户凭证信息为租户安全令牌时,包含签名后的“字段B”,解码后得到该负载字段内的租户客户端ID,若该租户客户端ID绑定租户信息T的租户标识信息I,则检索租户标识信息I并获取对应的租户信息T。For example, when the tenant credential information is a tenant security token, it includes the signed "field B", and after decoding, the tenant client ID in the payload field is obtained. If the tenant client ID is bound to the tenant identification information I of the tenant information T, Then, the tenant identification information I is retrieved and the corresponding tenant information T is obtained.
105、根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。105. Determine, according to the tenant identification information, an application context corresponding to the access service of the tenant client and assign it to the thread where the access service request is located.
本实施例中,每个租户访问服务对应的应用上下文亦用租户标识信息进行标记,通过检索传入的租户标识信息即可找到租户访问服务对应的应用上下文;而虚拟应用平台依靠该应用上下文实现每个租户独立定制功能,具体是通过调用应用上下文的功能实现类实例化所需接口,这里通过访问服务请求所在线程访问应用上下文即可实现租户客户端的对应租户访问服务。In this embodiment, the application context corresponding to each tenant access service is also marked with the tenant identification information, and the application context corresponding to the tenant access service can be found by retrieving the incoming tenant identification information; and the virtual application platform relies on the application context to realize Each tenant independently customizes the function, specifically by calling the function of the application context to realize the required interface for class instantiation. Here, the corresponding tenant access service of the tenant client can be realized by accessing the application context by accessing the thread where the service request is located.
如租户客户端A默认功能为功能1、功能2、功能3;租户客户端A线程中存在租户访问服务A对应的应用上下文A,实现功能A需要Comonbean1实例化接口1,实现功能2需要bean113实例化接口3,实现功能3需要bean114实例化接口4;将应用上下文A分配至访问服务请求所在线程即可为租户客户端A实现功能1、功能2、功能3。For example, the default functions of tenant client A are function 1, function 2, and function 3; there is an application context A corresponding to tenant access service A in the thread of tenant client A, the implementation of function A requires Comonbean1 to instantiate interface 1, and the implementation of function 2 requires an instance of bean113 To implement interface 3, bean 114 needs to instantiate interface 4 to realize function 3; function 1, function 2, and function 3 can be implemented for tenant client A by assigning application context A to the thread where the access service request is located.
本发明实施例中,通过修改多租户架构的底层技术,将同一个平台上适配一套租户访问服务的应用上下文修改为适配多套独立租户访问服务的应用上下文,并为每套租户访问服务配置通用的功能实现类与租户定制功能实现类,通过应用上下文的接口编程启动每个功能实现类对应的实例;在服务启动阶段,先为每套租户访问服务加载对应的应用上下文;在服务运行过程,通过租户客户端的租户凭证信息获取对应的应用上下文并接入当前线程,启动对应的租户访问服务,以获得在多租户架构上提供多套定制化服务的有益效果。In the embodiment of the present invention, by modifying the underlying technology of the multi-tenant architecture, the application context adapted to one set of tenant access services on the same platform is modified to the application context adapted to multiple sets of independent tenant access services. The service configures the general function implementation class and the tenant-customized function implementation class, and starts the corresponding instance of each function implementation class through the interface programming of the application context; in the service startup phase, first load the corresponding application context for each set of tenant access services; During the running process, the corresponding application context is obtained through the tenant credential information of the tenant client, and the current thread is accessed, and the corresponding tenant access service is started, so as to obtain the beneficial effect of providing multiple sets of customized services on the multi-tenant architecture.
请参阅图2,本发明实施例中多租户访问服务实现方法的另一个实施例包括:Referring to FIG. 2, another embodiment of a method for implementing a multi-tenant access service in an embodiment of the present invention includes:
201、加载预置的默认应用上下文,以供实现各租户访问服务的通用功能;201. Load a preset default application context for realizing the general function of each tenant accessing the service;
202、判断所述默认应用上下文所需接口对应一个或多个通用功能实现类;202. Determine that the interface required by the default application context corresponds to one or more general function implementation classes;
203、若对应一个通用功能实现类,则以该通用功能实现类作为所述默认应用上下文的接口对应的实现类;203. If it corresponds to a general function implementation class, use the general function implementation class as the implementation class corresponding to the interface of the default application context;
204、若对应多个通用功能实现类,则选择其中一个预置通用功能实现类作为所述默认应用上下文所需接口对应的实现类。204. If it corresponds to multiple general function implementation classes, select one of the preset general function implementation classes as the implementation class corresponding to the interface required by the default application context.
本实施例中,在租户访问服务启动时,亦会加载一套通用的租户访问服务,构建默认的应用上下文。对于没有定制化功能权限的用户,以访问通用功能的方式访问其租户访问服务。In this embodiment, when the tenant access service is started, a set of general tenant access services will also be loaded to construct a default application context. For users who do not have custom function permissions, they can access their tenant access services in the same way as general functions.
本实施例中,对于默认应用上下所需接口与通用功能实现类的关联关系可通过所需接口的编程信息与通用功能实现类所属接口的标记信息进行判断。In this embodiment, the association relationship between the interface required by the default application and the generic function implementation class can be determined by the programming information of the required interface and the label information of the interface to which the generic function implementation class belongs.
本实施例中,默认应用上下文所需接口可能对应多个通用功能实现类与定制功能实现类,由于定制功能实现类不仅标记自身实现接口,亦标记其所属租户访问服务且不包括本通用租户访问服务,,而每个应用上下文所需接口亦标记自身引用偏好,故平台服务端在选择默认应用上下文所需接口对应的多个功能实现类时,通过该引用偏好标记选择预置通用功能实现类。In this embodiment, the interface required by the default application context may correspond to multiple general function implementation classes and custom function implementation classes, because the custom function implementation class not only marks its own implementation interface, but also marks the tenant access service to which it belongs and does not include the general tenant access service, and the interface required by each application context also marks its own reference preference, so when the platform server selects multiple function implementation classes corresponding to the interface required by the default application context, it selects the preset general function implementation class through the reference preference mark .
例如,与默认应用上下文所需接口A对应的实现类有:Comonbean3、Comonbean4、Comonbean5、bean3、bean4、bean5,则平台服务器直接从Comonbean3、Comonbean4、Comonbean5三个通用实现类中筛选用于实例化接口A所需的通用实现类。For example, if the implementation classes corresponding to the interface A required by the default application context are: Comonbean3, Comonbean4, Comonbean5, bean3, bean4, and bean5, the platform server directly selects the three general implementation classes Comonbean3, Comonbean4, and Comonbean5 for instantiating the interface. A required generic implementation class.
本实施例中,通过在租户访问服务启动时加载默认应用上下文,可用于后续租户客户端调用该默认应用上下文使用通用租户访问服务。In this embodiment, by loading the default application context when the tenant access service is started, it can be used for subsequent tenant clients to invoke the default application context to use the general tenant access service.
205、读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;205. Read a tenant configuration file, where the tenant configuration file includes a custom function implementation class and/or a general function implementation class corresponding to each tenant access service;
206、基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;206. Create an application context corresponding to each tenant access service based on the custom function implementation class and/or general function implementation class corresponding to each tenant access service;
本实施例中,每一租户访问服务对应的应用上下文具体创建过程如下:In this embodiment, the specific creation process of the application context corresponding to each tenant access service is as follows:
解析租户配置文件,获得各租户访问服务对应的带有第一标识信息的定制功能实现类和/或带有第二标识信息的通用功能实现类;Parse the tenant configuration file, and obtain the custom function implementation class with the first identification information and/or the general function implementation class with the second identification information corresponding to each tenant access service;
基于所述第一标识信息和/或所述第二标识信息、以及各租户访问服务对应应用上下文的所需接口,确定所述应用上下文与各定制功能实现类和/或各通用功能实现类之间的关联关系;Based on the first identification information and/or the second identification information, and the required interface of each tenant's access service corresponding to the application context, determine the application context and each custom function implementation class and/or each general function implementation class relationship between;
基于所述关联关系,将所述所需接口与对应的定制功能实现类和/或通用功能实现类进行绑定,生成每一租户访问服务对应应用上下文并使用对应租户的租户标识信息进行标识。Based on the association relationship, the required interface is bound to the corresponding custom function implementation class and/or general function implementation class, an application context corresponding to each tenant access service is generated, and the tenant identification information of the corresponding tenant is used for identification.
本实施例中,本发明可通过动态代理实现运行过程中实例的创建与切换,租户配置文件内存储有各租户访问服务的对应功能实现类,每一功能实现类均以标识信息进行标识。定制功能实现类对应的第一标识信息用于识别所实现接口与所属租户,通用功能实现类对应的第二标识信息用于识别所实现接口。In this embodiment, the present invention can realize the creation and switching of instances in the running process through the dynamic proxy. The tenant configuration file stores the corresponding function implementation classes of each tenant's access service, and each function implementation class is identified by identification information. The first identification information corresponding to the custom function implementation class is used to identify the implemented interface and the tenant to which it belongs, and the second identification information corresponding to the general function implementation class is used to identify the implemented interface.
在租户使用过程中调用功能时可通过动态代理实现应用上下文中实例的创建与调用,服务启动时,需要定义注解、应用上下文接口与对功能实现类进行注解声明。比如,定义一个名为AbcAnnotation的注解,在@Target中传入ElementType.TYPE以标明注解可用于功能实现类及接口,以@Retention(RetentionPolicy.RUNTIME)表示该注解生存期是在运行时,租户服务端通过功能实现类与该AbcAnnotation注解的引用关系,即可调用相应的功能实现类。When invoking functions during tenant use, instances in the application context can be created and invoked through dynamic proxy. When the service is started, annotations, application context interfaces, and function implementation classes need to be defined. For example, define an annotation named AbcAnnotation, pass in ElementType.TYPE in @Target to indicate that the annotation can be used for function implementation classes and interfaces, and use @Retention(RetentionPolicy.RUNTIME) to indicate that the annotation lifetime is at runtime, the tenant service The client can call the corresponding function implementation class through the reference relationship between the function implementation class and the AbcAnnotation annotation.
本实施例中,本平台基于每一租户访问服务的需求,标记对应的应用上下文所需接口,应用上下文接口编程与对应的第一标识信息和/或第二标识信息具有对应关系,确定应用上下文每一接口对应的定制功能实现类和/或各通用功能实现类。In this embodiment, the platform marks the required interface of the corresponding application context based on the requirements of each tenant to access the service, and the programming of the application context interface has a corresponding relationship with the corresponding first identification information and/or second identification information, and determines the application context. A custom function implementation class corresponding to each interface and/or each general function implementation class.
本实施例中,功能实现类引用ClassAnnotation注解,并通过应用上下文所属接口的功能标识,两者形成关联关系,通过应用上下文所需接口的功能标识与功能实现类的定义注解对相应的应用上下文接口与功能实现类进行绑定以生成租户访问服务对应的应用上下文,并由所属租户访问服务对应的租户标识信息进行标识。In this embodiment, the function implementation class refers to the ClassAnnotation annotation, and through the function identifier of the interface to which the application context belongs, the two form an association relationship. It is bound with the function implementation class to generate the application context corresponding to the tenant access service, and is identified by the tenant identification information corresponding to the tenant access service to which it belongs.
207、接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;207. Receive and analyze the access service request initiated by the tenant client to obtain tenant credential information corresponding to the tenant client;
本实施例中,以访问服务请求解析得到租户凭证信息的具体实现过程如下所示:In this embodiment, the specific implementation process of obtaining the tenant credential information by parsing the access service request is as follows:
拦截所述租户客户端发起的访问服务请求;Intercept the access service request initiated by the tenant client;
根据所述访问服务请求,确定所述租户客户端的访问服务类型;determining the access service type of the tenant client according to the access service request;
若所述访问服务类型为非登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为秘钥;If the access service type is a non-login access service, parse the access service request, and obtain the tenant credential information corresponding to the tenant client as a secret key;
若所述访问服务类型为登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为租户身份令牌。If the access service type is a login access service, the access service request is parsed, and the tenant credential information corresponding to the tenant client is obtained as a tenant identity token.
本实施例中,当用户通过租户客户端访问本虚拟应用平台时,平台服务器通过请求拦截器拦截租户客户端客户端发起的访问服务请求,该请求拦截器可过滤非本虚拟应用平台的访问请求、验证用户的登录状态、判断访问服务请求内的租户凭证信息是否失效等。In this embodiment, when the user accesses the virtual application platform through the tenant client, the platform server intercepts the access service request initiated by the tenant client client through the request interceptor, and the request interceptor can filter the access request of the non-local virtual application platform , Verify the user's login status, and determine whether the tenant credential information in the access service request is invalid, etc.
如若通过请求拦截器拦截所得的访问服务请求携带租户身份令牌,根据身份令牌,从服务器缓存中查询该令牌所对应的会话(session),从会话中获取会话有效期,若该请求接收时间在该租户身份令牌有效期时间内,则表明该租户身份令牌仍有效,正常执行访问服务请求的处理流程;若该请求接收时间超出该租户身份令牌的有效期时间,则表明该租户身份令牌已失效,请求失败,执行租户身份令牌失效的处理逻辑,如发送提示信息至租户客户端以提示用户登录超时,请重新登录。If the access service request intercepted by the request interceptor carries the tenant identity token, according to the identity token, the session corresponding to the token is queried from the server cache, and the session validity period is obtained from the session. Within the validity period of the tenant identity token, it indicates that the tenant identity token is still valid, and the processing flow of the access service request is performed normally; if the request reception time exceeds the validity period of the tenant identity token, it indicates that the tenant identity token is valid. If the token is invalid and the request fails, execute the processing logic for the invalidation of the tenant identity token. For example, if a prompt message is sent to the tenant client to remind the user that the login has timed out, please log in again.
本实施例中,通过请求拦截器拦截客户端发出的访问服务请求并从服务请求的cookie中获取当前登录令牌,根据令牌从服务器缓存中查询会话(session),从会话中获取到租户信息,并通过该租户标识信息的类型,执行相应的租户访问请求处理逻辑,这里访问服务类型可以为非登录态与登录态。In this embodiment, the request interceptor is used to intercept the access service request sent by the client, obtain the current login token from the cookie of the service request, query the session (session) from the server cache according to the token, and obtain the tenant information from the session , and execute the corresponding tenant access request processing logic according to the type of the tenant identification information, where the access service type can be non-login state or login state.
本实施例中,在非登录态的租户访问服务中,需要在访问服务请求中加入秘钥以供请求拦截器进行通过验证,并执行相应的非登录态租户访问请求处理逻辑,如在成功访问本虚拟应用平台后无法进入业务处理界面、无业务处理历史记录、无部分功能模块的调用权限等。In this embodiment, in the non-login tenant access service, a secret key needs to be added to the access service request for the request interceptor to verify, and the corresponding non-login tenant access request processing logic is executed. After the virtual application platform, the business processing interface cannot be entered, there is no business processing history record, and there is no calling authority for some functional modules.
本实施例中,在登录态的租户访问服务中,需要在访问服务请求中携带租户身份令牌以供拦截器进行验证,并执行相应的登录态租户访问服务请求处理逻辑,如进入对应的租户访问服务界面、具有调用租户访问服务对应的定制功能、与平台服务端具有功能沟通的交互权限等。In this embodiment, in the login state tenant access service, it is necessary to carry the tenant identity token in the access service request for the interceptor to verify, and execute the corresponding login state tenant access service request processing logic, such as entering the corresponding tenant Access the service interface, have the custom function corresponding to calling the tenant access service, and have the interaction authority to communicate with the platform server, etc.
208、根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;208. Obtain and parse corresponding tenant information according to the tenant credential information to obtain tenant identification information;
209、判断所述租户凭证信息是否为租户身份令牌;209. Determine whether the tenant credential information is a tenant identity token;
210、若所述租户凭证信息为租户身份令牌,基于所述租户身份令牌,创建所述租户客户端对应的会话对象;210. If the tenant credential information is a tenant identity token, create a session object corresponding to the tenant client based on the tenant identity token;
211、生成所述会话对象相应的会话标识信息并发送至租户客户端进行保存;211. Generate session identification information corresponding to the session object and send it to the tenant client for saving;
212、保存所述租户信息至所述会话对象,根据所述会话对象储存的所述租户信息以调用相应实现类。212. Save the tenant information to the session object, and invoke a corresponding implementation class according to the tenant information stored in the session object.
本实施例中,在登录态的租户访问服务中,在接受到带有租户身份令牌的租户访问请求后,需校验租户访问请求中的租户身份令牌,若检验成功,则为租户客户端创建对应的会话对象,并存入租户信息,以用于与平台服务端的功能调用交互。如用户通过租户客户端调用功能A,则通过会话对象与平台服务端沟通获取实现功能A对应的功能实现类。In this embodiment, in the tenant access service in the login state, after receiving a tenant access request with a tenant identity token, the tenant identity token in the tenant access request needs to be verified, and if the verification is successful, it is a tenant customer The client creates the corresponding session object and stores the tenant information for interacting with the function call of the platform server. If the user calls function A through the tenant client, the function implementation class corresponding to the realization function A is obtained by communicating with the platform server through the session object.
本实施例中,平台服务端为每个租户访问服务生成对应的会话标识信息,一方面由平台服务端进行存储,另一方面发送至租户客户端并作为cookie进行存储。In this embodiment, the platform server generates corresponding session identification information for each tenant access service, which is stored by the platform server on the one hand, and sent to the tenant client and stored as a cookie on the other hand.
本实施例中,对于租户客户端发起的业务处理请求中的会话标识信息,从会话对象中获取租户访问服务所属的租户信息,并将其存储至平台服务端的存储区域中,以根据租户信息调用相应实现类。In this embodiment, for the session identification information in the business processing request initiated by the tenant client, the tenant information to which the tenant access service belongs is obtained from the session object, and is stored in the storage area of the platform server, so as to call according to the tenant information The corresponding implementation class.
213、根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。213. Determine, according to the tenant identification information, an application context corresponding to the access service of the tenant client, and assign it to the thread where the access service request is located.
214、接收所述租户客户端调用定制功能时发起的带有所述会话标识信息以及所述第一标识信息或所述第二标识信息的业务处理请求;214. Receive a service processing request with the session identification information and the first identification information or the second identification information initiated when the tenant client invokes the customization function;
215、根据所述会话标识信息,确定所述租户客户端对应的会话对象;215. Determine, according to the session identification information, a session object corresponding to the tenant client;
216、根据所述第一标识信息或第二标识信息,确定所述会话对象存储的租户信息内对应的功能实现类,并通过所述功能实现类实例化客户端业务处理对应的应用上下文接口。216. Determine, according to the first identification information or the second identification information, a function implementation class corresponding to the tenant information stored in the session object, and instantiate an application context interface corresponding to client service processing through the function implementation class.
本实施例中,租户客户端调用定制功能时发起的业务处理请求头部会携带会话标识信息以供平台服务端检索对应的会话对象,亦需携带实现该定制功能对应的实现类标识信息,以供平台服务端识别所需获取的功能实现类。In this embodiment, the header of the service processing request initiated by the tenant client when invoking the customization function will carry the session identification information for the platform server to retrieve the corresponding session object, and also carry the identification information of the implementation class corresponding to the implementation of the customization function. For the platform server to identify the function implementation class that needs to be obtained.
本实施例中,用户在虚拟应用平台对定制功能的调用基于功能实现类对应用上下文接口的实例化,而应用上下文接口的实例化由动态代理实现。在用户调用定制功能时,从租户客户端登录时由租户服务端创建的会话对象中获取租户信息,并获取定制功能对应的功能实现类实例化对应的接口。In this embodiment, the user's invocation of the customized function on the virtual application platform is based on the instantiation of the application context interface by the function implementation class, and the instantiation of the application context interface is realized by a dynamic proxy. When the user invokes the custom function, the tenant information is obtained from the session object created by the tenant server when the tenant client logs in, and the interface corresponding to the instantiation of the function implementation class corresponding to the custom function is obtained.
本发明实施例中,用户点击登录客户端后,在认证授权页面显示该登录客户端的二维码,以供第二客户端扫描并对该登录客户端进行生物特征认证及用户点击授权;若该第二客户端曾授权该登录客户端,则直接登录,无需进行认证及授权;若该第二客户端未曾授权该登录客户端,则需进行初次认证及授权,后续直接登录即可,以实现第二客户端对第一客户端的免密登录。In the embodiment of the present invention, after the user clicks to log in to the client, the QR code of the login client is displayed on the authentication and authorization page for the second client to scan and perform biometric authentication and user click authorization on the login client; If the second client has authorized the login client, log in directly without authentication and authorization; if the second client has not authorized the login client, it needs to perform initial authentication and authorization, and then log in directly to achieve Password-free login of the second client to the first client.
上面对本发明实施例中多租户访问服务实现方法进行了描述,下面对本发明实施例中多租户访问服务实现装置进行描述,请参阅图3,本发明实施例中多租户访问服务实现装置一个实施例包括:The method for implementing a multi-tenant access service in the embodiment of the present invention is described above, and the device for implementing a multi-tenant access service in the embodiment of the present invention is described below. Please refer to FIG. 3 , an embodiment of the device for implementing a multi-tenant access service in the embodiment of the present invention. include:
接收模块301,用于读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;A receiving
创建模块302,用于基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;A
解析模块303,用于接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;A
分配模块304,用于根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。The
本发明实施例中,在用户登录第一客户端时,向认证服务端发起HTTP认证请求,认证服务端通过解析该认证请求生成带有第一客户端标识信息的二维码;第二客户端通过扫描该二维码向认证服务端发起认证请求,请求认证服务端判断该认证服务端是否曾授权免密登录该第一客户端;若该第二客户端曾授权过该第一客户端,则认证服务端无需再次对认证服务端对应用户进行认证,第二客户端直接授权免密登录该第一客户端;若该第二客户端未曾授权过该第一客户端,则需要认证服务端对认证服务端对用用户进行认证,认证成后再由第二客户端授权免密登录该第一客户端并储存授权记录,并通过携带用户信息获取码返回第一客户端的方式响应第一客户端发起的HTTP认证请求已通过。第一客户端亦可通过该用户信息获取码获取第二客户端对应的用户信息。通过本实施例,第二客户端可实现对第一客户端的免密登录。In this embodiment of the present invention, when the user logs in to the first client, an HTTP authentication request is initiated to the authentication server, and the authentication server generates a two-dimensional code with identification information of the first client by parsing the authentication request; the second client By scanning the QR code, an authentication request is initiated to the authentication server, and the authentication server is requested to determine whether the authentication server has authorized the first client to log in without password; if the second client has authorized the first client, Then the authentication server does not need to authenticate the user corresponding to the authentication server again, and the second client directly authorizes the password-free login to the first client; if the second client has not authorized the first client, the authentication server is required. The authentication server authenticates the user, and after the authentication is completed, the second client authorizes a password-free login to the first client and stores the authorization record, and responds to the first client by returning to the first client with the user information acquisition code. The HTTP authentication request initiated by the client has passed. The first client terminal can also obtain the user information corresponding to the second client terminal through the user information acquisition code. Through this embodiment, the second client can implement password-free login to the first client.
请参阅图4,本发明实施例中多租户访问服务实现装置的另一个实施例包括:Referring to FIG. 4 , another embodiment of an apparatus for implementing a multi-tenant access service in an embodiment of the present invention includes:
接收模块401,用于读取租户配置文件,所述租户配置文件中包含有各租户访问服务对应的定制功能实现类和/或通用功能实现类;A receiving
创建模块402,用于基于所述各租户访问服务对应的定制功能实现类和/或通用功能实现类,创建每一租户访问服务对应的应用上下文;A
解析模块403,用于接收租户客户端发起的访问服务请求并解析,得到所述租户客户端对应的租户凭证信息;根据所述租户凭证信息,获取对应的租户信息并解析,得到租户标识信息;A
分配模块404,用于根据所述租户标识信息,确定所述租户客户端访问服务对应的应用上下文并分配至所述访问服务请求所在线程。The
具体的,所述多租户访问服务实现装置还包括启动模块405,具体用于:Specifically, the device for implementing multi-tenant access services further includes a
加载预置的默认应用上下文,以供实现各租户访问服务的通用功能;Load the preset default application context to implement common functions for each tenant to access services;
判断所述默认应用上下文所需接口是否对应一个或多个通用功能实现类;Determine whether the interface required by the default application context corresponds to one or more general function implementation classes;
若对应一个通用功能实现类,则以该通用功能实现类作为所述默认应用上下文的接口对应的实现类;If it corresponds to a general function implementation class, the general function implementation class is used as the implementation class corresponding to the interface of the default application context;
若对应多个通用功能实现类,则选择其中一个预置通用功能实现类作为所述默认应用上下文所需接口对应的实现类。If it corresponds to multiple general function implementation classes, select one of the preset general function implementation classes as the implementation class corresponding to the interface required by the default application context.
具体的,所述创建模块402包括解析单元4021、筛选单元4022、匹配单元4023,其用于:Specifically, the
第一解析单元4021,用于解析租户配置文件,获得各租户访问服务对应的带有第一标识信息的定制功能实现类和/或带有第二标识信息的通用功能实现类;A
筛选单元4022,用于基于所述第一标识信息和/或所述第二标识信息、以及各租户访问服务对应应用上下文的所需接口,确定所述应用上下文与各定制功能实现类和/或各通用功能实现类之间的关联关系;A
匹配单元4023,用于基于所述关联关系,将所述所需接口与对应的定制功能实现类和/或通用功能实现类进行绑定,生成每一租户访问服务对应应用上下文并使用对应租户的租户标识信息进行标识。The
具体的,所述解析模块403包括拦截单元4031、判别单元4032、解析单元4033,其用于:Specifically, the
拦截单元4031,用于拦截所述租户客户端发起的访问服务请求;Intercepting
判别单元4032,用于根据所述访问服务请求,确定所述租户客户端的访问服务类型;A discriminating
第二解析单元4033,用于若所述访问服务类型为非登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为秘钥;若所述访问服务类型为登录态访问服务,则解析所述访问服务请求,得到所述租户客户端对应的租户凭证信息为租户身份令牌。The
具体的,所述多租户访问服务实现装置还包括记录模块406,其用于:Specifically, the multi-tenant access service implementation apparatus further includes a
若所述租户凭证信息为租户身份令牌,基于所述租户身份令牌,创建所述租户客户端对应的会话对象;If the tenant credential information is a tenant identity token, create a session object corresponding to the tenant client based on the tenant identity token;
生成所述会话对象相应的会话标识信息并发送至租户客户端进行保存;generating the session identification information corresponding to the session object and sending it to the tenant client for saving;
保存所述租户信息至所述会话对象,根据所述会话对象储存的所述租户信息以调用相应实现类。The tenant information is saved to the session object, and a corresponding implementation class is called according to the tenant information stored in the session object.
具体的,所述分配模块404还用于:Specifically, the
接收所述租户客户端调用定制功能时发起的带有所述会话标识信息以及所述第一标识信息或所述第二标识信息的业务处理请求;receiving a service processing request with the session identification information and the first identification information or the second identification information initiated when the tenant client invokes the customization function;
根据所述会话标识信息,确定所述租户客户端对应的会话对象;determining, according to the session identification information, a session object corresponding to the tenant client;
根据所述第一标识信息或第二标识信息,确定所述会话对象存储的租户信息内对应的功能实现类,并通过所述功能实现类实例化客户端业务处理对应的应用上下文接口。According to the first identification information or the second identification information, a corresponding function implementation class in the tenant information stored in the session object is determined, and an application context interface corresponding to client business processing is instantiated through the function implementation class.
本发明实施例中,用户点击登录客户端后,在认证授权页面显示该登录客户端的二维码,以供第二客户端扫描并对该登录客户端进行生物特征认证及用户点击授权;若该第二客户端曾授权该登录客户端,则直接登录,无需进行认证及授权;若该第二客户端未曾授权该登录客户端,则需进行初次认证及授权,后续直接登录即可,以实现第二客户端对第一客户端的免密登录。In the embodiment of the present invention, after the user clicks to log in to the client, the QR code of the login client is displayed on the authentication and authorization page for the second client to scan and perform biometric authentication and user click authorization on the login client; If the second client has authorized the login client, log in directly without authentication and authorization; if the second client has not authorized the login client, it needs to perform initial authentication and authorization, and then log in directly to achieve Password-free login of the second client to the first client.
上面图3和图4从模块化功能实体的角度对本发明实施例中的多租户访问服务实现装置进行详细描述,下面从硬件处理的角度对本发明实施例中多租户访问服务实现设备进行详细描述。3 and 4 above describe in detail the device for implementing multi-tenant access services in the embodiments of the present invention from the perspective of modular functional entities, and the following describes devices for implementing multi-tenant access services in embodiments of the present invention from the perspective of hardware processing.
图5是本发明实施例提供的一种多租户访问服务实现设备的结构示意图,该多租户访问服务实现设备500可因配置或性能不同而产生比较大的差异,可以包括一个或一个以上处理器(central processing units,CPU)510(例如,一个或一个以上处理器)和存储器520,一个或一个以上存储应用程序533或数据532的存储介质530(例如一个或一个以上海量存储设备)。其中,存储器520和存储介质530可以是短暂存储或持久存储。存储在存储介质530的程序可以包括一个或一个以上模块(图示没标出),每个模块可以包括对多租户访问服务实现设备500中的一系列指令操作。更进一步地,处理器510可以设置为与存储介质530通信,在多租户访问服务实现设备500上执行存储介质530中的一系列指令操作。5 is a schematic structural diagram of a device for implementing multi-tenant access services according to an embodiment of the present invention. The
多租户访问服务实现设备500还可以包括一个或一个以上电源540,一个或一个以上有线或无线网络接口550,一个或一个以上输入输出接口560,和/或,一个或一个以上操作系统531,例如Windows Serve,Mac OS X,Unix,Linux,FreeBSD等等。本领域技术人员可以理解,图5示出的多租户访问服务实现设备结构并不构成对多租户访问服务实现设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。The multi-tenant access
本发明还提供一种计算机可读存储介质,该计算机可读存储介质可以为非易失性计算机可读存储介质,该计算机可读存储介质也可以为易失性计算机可读存储介质,所述计算机可读存储介质中存储有指令,当所述指令在计算机上运行时,使得计算机执行所述多租户访问服务实现方法的步骤。The present invention also provides a computer-readable storage medium. The computer-readable storage medium may be a non-volatile computer-readable storage medium. The computer-readable storage medium may also be a volatile computer-readable storage medium. Instructions are stored in the computer-readable storage medium, and when the instructions are executed on a computer, cause the computer to execute the steps of the method for implementing the multi-tenant access service.
进一步地,所述计算机可读存储介质可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序等;存储数据区可存储根据区块链节点的使用所创建的数据等。Further, the computer-readable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function, and the like; The data created by the use of the node, etc.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the system, device and unit described above may refer to the corresponding process in the foregoing method embodiments, which will not be repeated here.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(read-only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as an independent product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, removable hard disk, read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk and other media that can store program codes .
本发明所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in the present invention is a new application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain, essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information to verify its Validity of information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
以上所述,以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。As mentioned above, the above embodiments are only used to illustrate the technical solutions of the present invention, but not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand: The technical solutions described in the embodiments are modified, or some technical features thereof are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (10)
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010350026.4A CN111641675A (en) | 2020-04-28 | 2020-04-28 | Multi-tenant access service implementation method, device, equipment and storage medium |
| PCT/CN2021/078046 WO2021218328A1 (en) | 2020-04-28 | 2021-02-26 | Multi-tenant access service implementation method, apparatus and device, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010350026.4A CN111641675A (en) | 2020-04-28 | 2020-04-28 | Multi-tenant access service implementation method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111641675A true CN111641675A (en) | 2020-09-08 |
Family
ID=72330860
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010350026.4A Pending CN111641675A (en) | 2020-04-28 | 2020-04-28 | Multi-tenant access service implementation method, device, equipment and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN111641675A (en) |
| WO (1) | WO2021218328A1 (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112182375A (en) * | 2020-09-27 | 2021-01-05 | 中国建设银行股份有限公司 | Demand response method, device, medium and platform for a comprehensive service platform |
| CN112199113A (en) * | 2020-10-28 | 2021-01-08 | 重庆撼地大数据有限公司 | Software service access control method and device |
| CN112637232A (en) * | 2020-12-29 | 2021-04-09 | 国云科技股份有限公司 | Cloud platform resource isolation framework implementation method and device supporting multiple strategies |
| CN112685719A (en) * | 2020-12-29 | 2021-04-20 | 武汉联影医疗科技有限公司 | Single sign-on method, device, system, computer equipment and storage medium |
| CN113032805A (en) * | 2021-03-23 | 2021-06-25 | 建信金融科技有限责任公司 | Data access method and device, electronic equipment and storage medium |
| WO2021218328A1 (en) * | 2020-04-28 | 2021-11-04 | 深圳壹账通智能科技有限公司 | Multi-tenant access service implementation method, apparatus and device, and storage medium |
| CN114153488A (en) * | 2021-11-10 | 2022-03-08 | 建信金融科技有限责任公司 | An application request processing method, device, system and medium |
| CN114443171A (en) * | 2022-01-29 | 2022-05-06 | 中国建设银行股份有限公司 | Configurable service platform and configurable service implementation method |
| CN114499977A (en) * | 2021-12-28 | 2022-05-13 | 天翼云科技有限公司 | An authentication method and device |
| CN114861215A (en) * | 2021-02-04 | 2022-08-05 | 株式会社日立制作所 | Multi-tenant data isolation system and multi-tenant data isolation method |
| CN114885024A (en) * | 2022-04-28 | 2022-08-09 | 远景智能国际私人投资有限公司 | Routing method, device, equipment and medium of application example |
| CN114911855A (en) * | 2022-05-12 | 2022-08-16 | 远光软件股份有限公司 | A resource service providing method, system, device and storage medium |
| CN115834378A (en) * | 2022-10-31 | 2023-03-21 | 中电金信软件有限公司 | Data processing method and configuration system |
| CN116743876A (en) * | 2023-08-14 | 2023-09-12 | 云筑信息科技(成都)有限公司 | Method for realizing multi-tenant scheduling based on xxl-job |
| CN116881429A (en) * | 2023-09-07 | 2023-10-13 | 四川蜀天信息技术有限公司 | Multi-tenant-based dialogue model interaction method, device and storage medium |
Families Citing this family (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114138435A (en) * | 2021-11-19 | 2022-03-04 | 浪潮通用软件有限公司 | Distributed scheduling method, device and medium under a microservice architecture |
| CN114826738B (en) * | 2022-04-26 | 2024-06-18 | 广州鑫景信息科技服务有限公司 | Multi-tenant implementation method, processor and device based on SSO user system |
| CN114969045B (en) * | 2022-05-31 | 2025-09-12 | 京东方科技集团股份有限公司 | Account creation method, IoT multi-tenant system, equipment, program and media |
| CN115344889B (en) * | 2022-08-19 | 2025-08-01 | 济南浪潮数据技术有限公司 | Console access method, device, equipment and medium of virtual machine |
| CN115495138B (en) * | 2022-09-01 | 2025-08-29 | 苏州德姆斯信息技术有限公司 | A terminal App customization method and customization system |
| CN115437807A (en) * | 2022-09-05 | 2022-12-06 | 多点生活(成都)科技有限公司 | Invoking method, device and electronic equipment of SAAS extended application |
| CN115495718B (en) * | 2022-09-19 | 2023-10-13 | 广东云徙智能科技有限公司 | Front-end statement-based back-end capability authorization method, device and equipment |
| CN115543611A (en) * | 2022-09-22 | 2022-12-30 | 用友网络科技股份有限公司 | Business task processing method and device, electronic equipment and storage medium |
| CN115391828A (en) * | 2022-10-31 | 2022-11-25 | 泰豪软件股份有限公司 | Data isolation method and system of multi-tenant platform based on micro-service architecture |
| CN115695017B (en) * | 2022-11-02 | 2024-04-23 | 南方电网数字平台科技(广东)有限公司 | Multi-tenant access control method suitable for cloud platform operation |
| CN115883179A (en) * | 2022-11-28 | 2023-03-31 | 明度智云(浙江)科技有限公司 | Data processing method and system and electronic equipment |
| CN115987958A (en) * | 2022-12-29 | 2023-04-18 | 东莞盟大集团有限公司 | Method, system, computer equipment and medium for implementing HTTP session |
| CN115952487A (en) * | 2023-03-14 | 2023-04-11 | 青岛安工数联信息科技有限公司 | Tenant information configuration system and method under various organizations |
| CN116401231B (en) * | 2023-03-20 | 2024-04-26 | 一临云(深圳)科技有限公司 | Data source management method, device and storage medium |
| CN116346498B (en) * | 2023-04-28 | 2025-07-08 | 济南浪潮数据技术有限公司 | Security authentication method and device, network access service equipment and storage medium |
| CN116932091B (en) * | 2023-09-15 | 2023-12-26 | 畅捷通信息技术股份有限公司 | Configuration file generation method and device during credential generation and storage medium |
| CN117807297B (en) * | 2024-01-08 | 2025-07-22 | 联通(山西)产业互联网有限公司 | Tenant data query method, system, equipment and medium for request |
| CN118233182B (en) * | 2024-03-28 | 2024-08-23 | 三峡高科信息技术有限责任公司 | A method for implementing application system API authentication in a componentized manner |
| CN118626010B (en) * | 2024-06-07 | 2025-03-28 | 北京火山引擎科技有限公司 | Data storage management method, device, electronic device and storage medium |
| CN118656851B (en) * | 2024-08-20 | 2025-01-03 | 紫金智信(厦门)科技有限公司 | Method, system and storage medium for managing system internal interface authority |
| CN119046984B (en) * | 2024-08-22 | 2025-09-02 | 重庆赛力斯凤凰智创科技有限公司 | Tenant information storage method, device, electronic device and storage medium |
| CN119449907A (en) * | 2024-11-04 | 2025-02-14 | 山东浪潮数字商业科技有限公司 | A multi-tenant data service publishing management system |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120173589A1 (en) * | 2010-12-29 | 2012-07-05 | Yong Sik Kwon | In-Memory Database For Multi-Tenancy |
| US20140280893A1 (en) * | 2013-03-15 | 2014-09-18 | Cisco Technology, Inc. | Supporting programmability for arbitrary events in a software defined networking environmnet |
| US20140359594A1 (en) * | 2013-06-04 | 2014-12-04 | Sap Ag | Repository layer strategy adaptation for software solution hosting |
| CN106201506A (en) * | 2016-07-07 | 2016-12-07 | 华南理工大学 | Functional assembly based on many tenants pattern and method for customizing |
| CN107710157A (en) * | 2015-06-23 | 2018-02-16 | 微软技术许可有限责任公司 | Multi-tenant, the specific application program of tenant |
| CN109274731A (en) * | 2018-09-04 | 2019-01-25 | 北京京东金融科技控股有限公司 | Deployment, call method and the device of web services based on multi-tenant technology |
| CN109408067A (en) * | 2018-10-22 | 2019-03-01 | 浙江明度智控科技有限公司 | A kind of data managing method and server based on monomer applications |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10491700B2 (en) * | 2016-11-18 | 2019-11-26 | Sap Se | Application managed service instances |
| CN109862051A (en) * | 2017-11-30 | 2019-06-07 | 亿阳信通股份有限公司 | The realization method and system of multi-tenant under a kind of micro services framework |
| CN110737508A (en) * | 2019-10-14 | 2020-01-31 | 浪潮云信息技术有限公司 | cloud container service network system based on wave cloud and implementation method |
| CN111641675A (en) * | 2020-04-28 | 2020-09-08 | 深圳壹账通智能科技有限公司 | Multi-tenant access service implementation method, device, equipment and storage medium |
-
2020
- 2020-04-28 CN CN202010350026.4A patent/CN111641675A/en active Pending
-
2021
- 2021-02-26 WO PCT/CN2021/078046 patent/WO2021218328A1/en not_active Ceased
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120173589A1 (en) * | 2010-12-29 | 2012-07-05 | Yong Sik Kwon | In-Memory Database For Multi-Tenancy |
| US20140280893A1 (en) * | 2013-03-15 | 2014-09-18 | Cisco Technology, Inc. | Supporting programmability for arbitrary events in a software defined networking environmnet |
| US20140359594A1 (en) * | 2013-06-04 | 2014-12-04 | Sap Ag | Repository layer strategy adaptation for software solution hosting |
| CN107710157A (en) * | 2015-06-23 | 2018-02-16 | 微软技术许可有限责任公司 | Multi-tenant, the specific application program of tenant |
| CN106201506A (en) * | 2016-07-07 | 2016-12-07 | 华南理工大学 | Functional assembly based on many tenants pattern and method for customizing |
| CN109274731A (en) * | 2018-09-04 | 2019-01-25 | 北京京东金融科技控股有限公司 | Deployment, call method and the device of web services based on multi-tenant technology |
| CN109408067A (en) * | 2018-10-22 | 2019-03-01 | 浙江明度智控科技有限公司 | A kind of data managing method and server based on monomer applications |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021218328A1 (en) * | 2020-04-28 | 2021-11-04 | 深圳壹账通智能科技有限公司 | Multi-tenant access service implementation method, apparatus and device, and storage medium |
| CN112182375A (en) * | 2020-09-27 | 2021-01-05 | 中国建设银行股份有限公司 | Demand response method, device, medium and platform for a comprehensive service platform |
| CN112199113A (en) * | 2020-10-28 | 2021-01-08 | 重庆撼地大数据有限公司 | Software service access control method and device |
| CN112637232A (en) * | 2020-12-29 | 2021-04-09 | 国云科技股份有限公司 | Cloud platform resource isolation framework implementation method and device supporting multiple strategies |
| CN112685719A (en) * | 2020-12-29 | 2021-04-20 | 武汉联影医疗科技有限公司 | Single sign-on method, device, system, computer equipment and storage medium |
| CN114861215A (en) * | 2021-02-04 | 2022-08-05 | 株式会社日立制作所 | Multi-tenant data isolation system and multi-tenant data isolation method |
| CN113032805B (en) * | 2021-03-23 | 2023-06-02 | 建信金融科技有限责任公司 | Data access method and device, electronic equipment and storage medium |
| CN113032805A (en) * | 2021-03-23 | 2021-06-25 | 建信金融科技有限责任公司 | Data access method and device, electronic equipment and storage medium |
| CN114153488A (en) * | 2021-11-10 | 2022-03-08 | 建信金融科技有限责任公司 | An application request processing method, device, system and medium |
| CN114153488B (en) * | 2021-11-10 | 2024-12-24 | 建信金融科技有限责任公司 | Application request processing method, device, system and medium |
| CN114499977A (en) * | 2021-12-28 | 2022-05-13 | 天翼云科技有限公司 | An authentication method and device |
| CN114499977B (en) * | 2021-12-28 | 2023-08-08 | 天翼云科技有限公司 | Authentication method and device |
| CN114443171A (en) * | 2022-01-29 | 2022-05-06 | 中国建设银行股份有限公司 | Configurable service platform and configurable service implementation method |
| CN114885024A (en) * | 2022-04-28 | 2022-08-09 | 远景智能国际私人投资有限公司 | Routing method, device, equipment and medium of application example |
| CN114885024B (en) * | 2022-04-28 | 2023-09-12 | 远景智能国际私人投资有限公司 | Routing method, device, equipment and medium of application instance |
| CN114911855A (en) * | 2022-05-12 | 2022-08-16 | 远光软件股份有限公司 | A resource service providing method, system, device and storage medium |
| CN115834378A (en) * | 2022-10-31 | 2023-03-21 | 中电金信软件有限公司 | Data processing method and configuration system |
| CN116743876A (en) * | 2023-08-14 | 2023-09-12 | 云筑信息科技(成都)有限公司 | Method for realizing multi-tenant scheduling based on xxl-job |
| CN116743876B (en) * | 2023-08-14 | 2023-12-08 | 云筑信息科技(成都)有限公司 | Method for realizing multi-tenant scheduling based on xxl-job |
| CN116881429A (en) * | 2023-09-07 | 2023-10-13 | 四川蜀天信息技术有限公司 | Multi-tenant-based dialogue model interaction method, device and storage medium |
| CN116881429B (en) * | 2023-09-07 | 2023-12-01 | 四川蜀天信息技术有限公司 | Multi-tenant-based dialogue model interaction method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021218328A1 (en) | 2021-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111641675A (en) | Multi-tenant access service implementation method, device, equipment and storage medium | |
| JP7316347B2 (en) | Systems and methods for providing an interface for blockchain cloud services | |
| US11611560B2 (en) | Systems, methods, and apparatuses for implementing consensus on read via a consensus on write smart contract trigger for a distributed ledger technology (DLT) platform | |
| CN111767095B (en) | Micro-service generation method, device, terminal equipment and storage medium | |
| US10027716B2 (en) | System and method for supporting web services in a multitenant application server environment | |
| JP6510568B2 (en) | System and method for supporting security in a multi-tenant application server environment | |
| US10474998B2 (en) | System and method for messaging in a multitenant application server environment | |
| US6144959A (en) | System and method for managing user accounts in a communication network | |
| EP3488584B1 (en) | Usage tracking in hybrid cloud computing systems | |
| RU2523113C1 (en) | System and method for target installation of configured software | |
| US20100132016A1 (en) | Methods and systems for securing appliances for use in a cloud computing environment | |
| US20160094498A1 (en) | System and method for jms integration in a multitenant application server environment | |
| US9866547B2 (en) | Controlling a discovery component, within a virtual environment, that sends authenticated data to a discovery engine outside the virtual environment | |
| CN110363026A (en) | File operation method, device, device, system, and computer-readable storage medium | |
| GB2405239A (en) | License control for web applications | |
| CN111737232A (en) | Database management method, system, device, device and computer storage medium | |
| US12236285B2 (en) | Application programming interface (API) automation framework | |
| WO2022212579A1 (en) | Distributed decomposition of string-automated reasoning using predicates | |
| CN110535652A (en) | A kind of system and method by each operation system data integration displaying and unified login | |
| US10326833B1 (en) | Systems and method for processing request for network resources | |
| CN114598500B (en) | Security service providing method, platform, electronic device, medium and program | |
| CN100488199C (en) | Media issuing system and method | |
| CN118520444A (en) | Verification method and device for application to be deployed to Kubernetes cluster and electronic equipment | |
| WO2024120316A1 (en) | System operation permission method and apparatus, and computer device and storage medium | |
| US11579901B1 (en) | Provisioning engine hosting solution for a cloud orchestration environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200908 |