[go: up one dir, main page]

CN1494022A - A Method of Accessing Database Through Protocol Proxy - Google Patents

A Method of Accessing Database Through Protocol Proxy Download PDF

Info

Publication number
CN1494022A
CN1494022A CNA021376964A CN02137696A CN1494022A CN 1494022 A CN1494022 A CN 1494022A CN A021376964 A CNA021376964 A CN A021376964A CN 02137696 A CN02137696 A CN 02137696A CN 1494022 A CN1494022 A CN 1494022A
Authority
CN
China
Prior art keywords
protocol
database
database system
client computer
request message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA021376964A
Other languages
Chinese (zh)
Other versions
CN1265309C (en
Inventor
凯 李
李凯
付志强
涂晓华
刘少华
龚连阳
温兴奋
周巍
曾斌
汪大冰
邓伟
蔡利元
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN 02137696 priority Critical patent/CN1265309C/en
Publication of CN1494022A publication Critical patent/CN1494022A/en
Application granted granted Critical
Publication of CN1265309C publication Critical patent/CN1265309C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Landscapes

  • Computer And Data Communications (AREA)

Abstract

本发明提供一种通过协议代理方式访问数据库的方法,在该方法中,客户端计算机对数据库系统之间经协议代理模块通信,该协议代理模块负责管理与数据库系统之间的通信连接,对访问数据库的请求进行队列控制和超时控制,并且负责客户端计算机与数据库系统之间协议格式的转换。由于采用协议代理方式来管理客户端计算机对数据库的访问,所以提高了数据库系统的安全性能,有效地防止了非法用户的恶意攻击。此外,在协议代理模块的软件实现方式中,利用配置文件,以特定的格式描述协议代理模块与数据库系统之间的通信协议和客户端计算机与数据库之间的协议格式转换方式,因此只需修改配置文件即可修改业务,方便了系统的升级和业务扩展。

The invention provides a method for accessing a database through a protocol proxy mode. In the method, a client computer communicates with a database system through a protocol proxy module, and the protocol proxy module is responsible for managing the communication connection with the database system. Queue control and timeout control are performed on the request of the database, and it is responsible for the conversion of the protocol format between the client computer and the database system. Because the client computer's access to the database is managed by the protocol proxy mode, the security performance of the database system is improved, and malicious attacks by illegal users are effectively prevented. In addition, in the software implementation of the protocol proxy module, the configuration file is used to describe the communication protocol between the protocol proxy module and the database system and the protocol format conversion method between the client computer and the database system in a specific format, so it only needs to be modified The configuration file can modify the business, which facilitates the system upgrade and business expansion.

Description

一种通过协议代理方式访问数据库的方法A Method of Accessing Database Through Protocol Proxy

技术领域technical field

本发明涉及计算机数据库系统,特别涉及一种通过协议代理方式访问数据库的方法。The invention relates to a computer database system, in particular to a method for accessing a database through a protocol agent.

背景技术Background technique

电信、金融等服务业内的企业一般都设立客户服务系统来处理日常的客户业务,其中,与客户交互的客户服务中心作为客户端设备连接至系统数据库以根据业务要求访问数据库的数据。对于银行、金融等安全性要求很高的行业和部门,一方面必须要保证存储数据的系统数据库绝对安全可靠,确保其不受来自外部的非法攻击;另一方面,又需要向客户端提供访问数据库的权限。Enterprises in service industries such as telecommunications and finance generally set up customer service systems to handle daily customer business. Among them, the customer service center interacting with customers is connected to the system database as a client device to access data in the database according to business requirements. For industries and departments with high security requirements such as banking and finance, on the one hand, it is necessary to ensure that the system database storing data is absolutely safe and reliable, to ensure that it is not illegally attacked from the outside; on the other hand, it is necessary to provide access to the client Database permissions.

在现有系统下,客户端计算机一般通过存储过程调用方式访问数据库。在这种方式下,系统需要向访问方提供整个数据库的数据表结构并开放数据库的读写权限,由客户端计算机通过存储过程方式对数据库直接进行读写操作。显然,由于此种方式下对数据库进行的是直接操作,所以恶意用户可透过客户端计算机非常容易地从数据库获取机密数据或者对数据库存储数据进行肆意篡改,因而存在较大的安全隐患。此外,当以存储过程方式访问数据库时,访问过程与数据库格式密切相关,客户端实现程序或模块的代码将随数据格式的改变而作较大改动,从而造成业务的扩展和改动非常不便。Under the existing system, the client computer generally accesses the database by calling a stored procedure. In this way, the system needs to provide the visitor with the data table structure of the entire database and open the read and write permissions of the database, and the client computer directly performs read and write operations on the database through stored procedures. Obviously, since the database is directly operated in this way, malicious users can easily obtain confidential data from the database or tamper with the stored data in the database very easily through the client computer, so there is a greater security risk. In addition, when accessing the database in the form of stored procedures, the access process is closely related to the database format, and the code of the client implementation program or module will be greatly changed with the change of the data format, which makes business expansion and modification very inconvenient.

发明内容Contents of the invention

本发明的目的是提供一种通过协议代理方式访问数据库的方法,其可在确保数据库安全的前提下向客户端提供业务服务。The purpose of the present invention is to provide a method for accessing a database through a protocol agent, which can provide business services to the client under the premise of ensuring the security of the database.

在按照本发明的客户端计算机访问数据库系统的方法中,客户端计算机与数据库系统之间经协议代理模块通信,当客户端计算机内的应用进程访问数据库时,包含以下步骤:In the method for accessing the database system by the client computer according to the present invention, the client computer communicates with the database system through the protocol agent module, and when the application process in the client computer accesses the database, the following steps are included:

(1)客户端计算机的应用进程向协议代理模块传送访问数据库的请求报文;(1) The application process of the client computer transmits a request message for accessing the database to the protocol proxy module;

(2)协议代理模块将所述请求报文转换为被访问数据库可处理的协议格式,并控制格式转换后请求报文向数据库系统的发送;(2) The protocol proxy module converts the request message into a protocol format that can be handled by the accessed database, and controls the sending of the request message to the database system after format conversion;

(3)数据库系统根据协议代理模块发送的请求报文对数据库进行操作,并且如果需要将操作结果回送至客户端计算机的应用进程,则向协议代理模块发送包含操作结果的响应报文;以及(3) The database system operates the database according to the request message sent by the protocol agent module, and if the operation result needs to be sent back to the application process of the client computer, then a response message containing the operation result is sent to the protocol agent module; and

(4)协议代理模块将响应报文转换为客户端计算机内应用进程可处理的协议格式并传送至客户端计算机。(4) The protocol proxy module converts the response message into a protocol format that can be processed by the application process in the client computer and transmits it to the client computer.

在上述方法中,比较好的是,协议代理模块与数据库系统之间按照TCP协议建立连接和进行通信。更好的是,数据库系统可以对协议代理模块进行IP验证及登录口令验证来保证数据库系统的安全,并可以控制协议代理模块对数据库系统操作的权限。In the above method, it is better that the connection between the protocol agent module and the database system is established and communicated according to the TCP protocol. Even better, the database system can perform IP verification and login password verification on the protocol proxy module to ensure the security of the database system, and can control the authority of the protocol proxy module to operate the database system.

在上述方法中,比较好的是,在步骤(2)中,协议代理模块对格式转换后报文向数据库系统发送的控制包括报文发送队列控制和报文发送超时控制。In the above method, preferably, in step (2), the control of the protocol agent module on sending the format-converted message to the database system includes message sending queue control and message sending timeout control.

在上述方法中,比较好的是,协议代理模块包括协议代理执行单元和协议格式转换单元,其中,协议代理执行单元负责与数据库系统建立通信连接,从数据库接收操作结果和向数据库发送访问报文,并对访问数据库报文向数据库系统的发送进行队列控制和超时控制,而协议格式转换单元负责客户端计算机与数据库系统之间协议格式的转换。In the above method, preferably, the protocol proxy module includes a protocol proxy execution unit and a protocol format conversion unit, wherein the protocol proxy execution unit is responsible for establishing a communication connection with the database system, receiving operation results from the database and sending access messages to the database , and perform queue control and timeout control on the sending of the access database message to the database system, and the protocol format conversion unit is responsible for the conversion of the protocol format between the client computer and the database system.

在上述实现方式中,比较好的是,所有可以配置或改动的设置以预先设定的格式写入配置文件中,协议代理执行单元通过读取配置文件确定协议代理模块与数据库系统之间的通信协议和客户端计算机与数据库之间的协议格式转换方式并且调用协议格式转换单元完成协议格式转换。In the above implementation, it is better that all the settings that can be configured or modified are written into the configuration file in a preset format, and the protocol proxy execution unit determines the communication between the protocol proxy module and the database system by reading the configuration file The protocol and the protocol format conversion method between the client computer and the database call the protocol format conversion unit to complete the protocol format conversion.

由上可见,在本发明中采用协议代理方式来管理客户端计算机对数据库的访问,杜绝了客户端计算机对数据库的直接操作,而且协议代理模块与数据库系统之间的通信可采用安全性较高的协议,因此提高了数据库系统的安全性能,有效地防止了非法用户的恶意攻击。此外,由于采用软件方式实现协议代理模块的功能,并且利用专门的配置文件以特定的格式描述协议代理模块与数据库系统之间的通信协议和客户端计算机与数据库之间的协议格式转换方式,因此只需修改配置文件即可修改业务,方便了系统的升级和业务扩展。As can be seen from the above, in the present invention, the protocol proxy mode is adopted to manage the client computer's access to the database, which prevents the client computer from directly operating the database, and the communication between the protocol proxy module and the database system can adopt a higher security method. Therefore, it improves the security performance of the database system and effectively prevents malicious attacks by illegal users. In addition, since the function of the protocol proxy module is realized by software, and the communication protocol between the protocol proxy module and the database system and the protocol format conversion method between the client computer and the database are described in a specific format by using a special configuration file, so The service can be modified only by modifying the configuration file, which facilitates system upgrade and service expansion.

附图说明Description of drawings

图1为按照本发明的访问数据库方法的流程图。FIG. 1 is a flowchart of a method for accessing a database according to the present invention.

图2为按照本发明较佳实施例的协议代理接口模块在一个典型的应用环境下的示意图。Fig. 2 is a schematic diagram of a protocol proxy interface module in a typical application environment according to a preferred embodiment of the present invention.

具体实施方式Detailed ways

以下借助图1描述按照本发明的访问数据库方法的流程图。如图1所示,当客户端计算机的应用进程访问数据库时,首先向协议代理模块传送请求访问数据库的请求报文,该请求报文包含有对数据库的操作类型和操作参数。随后,协议代理模块将接收到的报文转换为被访问数据库可处理的协议格式,并控制格式转换后报文向数据库系统的发送方式,协议格式转换和请求报文发送可采用下述实施例中的具体方式。接着,数据库系统根据格式转换后的报文对数据库进行操作,并且如果需要将操作结果回送至客户端计算机的应用进程,则数据库系统向协议代理模块发送包含操作结果的响应报文。最后,协议代理模块将接收到的响应报文转换为客户端计算机内应用进程可处理的协议格式并传送至客户端计算机的应用进程。值得指出的是,本发明的协议代理模块应该理解为一种功能实体,它可以软件、硬件及其结合的方式实现,而且其物理位置可以位于客户端计算机内,也可以位于数据库系统,还可以独立于客户端计算机和数据库系统而分立存在。但是实施方式的上述所有变化并不会对本发明的效果产生实质性的影响。A flowchart of the method for accessing a database according to the invention is described below with reference to FIG. 1 . As shown in Figure 1, when the application process of the client computer accesses the database, it first transmits a request message requesting access to the database to the protocol agent module, and the request message includes the operation type and operation parameters for the database. Subsequently, the protocol proxy module converts the received message into a protocol format that can be processed by the accessed database, and controls the way the message is sent to the database system after format conversion. The following embodiments can be used for protocol format conversion and request message sending in the specific way. Next, the database system operates the database according to the format-converted message, and if the operation result needs to be sent back to the application process of the client computer, the database system sends a response message containing the operation result to the protocol agent module. Finally, the protocol proxy module converts the received response message into a protocol format that can be processed by the application process in the client computer and transmits it to the application process of the client computer. It is worth pointing out that the protocol proxy module of the present invention should be understood as a functional entity, which can be realized in software, hardware and a combination thereof, and its physical location can be located in the client computer, or in the database system, or in the database system. Exists independently of client computers and database systems. However, all the above-mentioned changes in the implementation manner will not have a substantial impact on the effect of the present invention.

图2为按照本发明较佳实施例的协议代理接口模块在一个典型的应用环境下的示意图。在图2中,局方系统前置机和局方系统数据库构成营帐系统,前置机用于处理对数据库的各种操作;短信计费服务器、自动语音应答(IVR)业务服务器、应用服务器、催缴业务服务器、传真服务器和语音服务器等构成客户服务系统,各种应用业务由这些服务器完成。在上述组网结构中,营帐系统可视为向提供数据访问的数据库系统,而上述客户服务系统中的各种服务器由于在提供业务时需要访问局方系统数据库存储的数据,所以可视为客户端计算机。在现有技术下,这些客户端计算机直接访问营帐系统,因此对局方系统数据库带来了较大的安全隐患,而在本发明中,如图2所示,所有这些客户端计算机都与下面将要详述的协议代理模块连接,并且必须经过该协议代理模块才能访问数据库系统。如上所述,协议代理模块应该理解为一种功能实体,因此虽然图2中的协议代理模块独立于客户服务系统和营帐系统,但是并不意味着该模块在物理位置上一定是独立的,相反,它可以位于局方系统前置机内或者客户服务系统的各种服务器内。Fig. 2 is a schematic diagram of a protocol proxy interface module in a typical application environment according to a preferred embodiment of the present invention. In Fig. 2, the bureau side system front-end machine and the bureau side system database constitute the tent system, and the front-end machine is used to handle various operations to the database; SMS billing server, automatic voice response (IVR) service server, application server, The call service server, fax server and voice server constitute the customer service system, and various application services are completed by these servers. In the above-mentioned networking structure, the tent system can be regarded as a database system that provides data access, and various servers in the above-mentioned customer service system need to access the data stored in the bureau’s system database when providing services, so they can be regarded as customer service systems. terminal computer. Under the prior art, these client computers directly access the camp account system, thus bringing a larger security risk to the bureau system database, and in the present invention, as shown in Figure 2, all these client computers are connected with the following The protocol proxy module to be described in detail is connected, and the database system must be accessed through the protocol proxy module. As mentioned above, the protocol proxy module should be understood as a functional entity, so although the protocol proxy module in Figure 2 is independent of the customer service system and the camp system, it does not mean that the module must be independent in physical location, on the contrary , which can be located in the front-end computer of the bureau system or in various servers of the customer service system.

上述协议代理模块完成的功能主要包括:The functions completed by the above-mentioned protocol proxy module mainly include:

(1)协议格式转换功能(1) Protocol format conversion function

客户服务系统中的各种服务器应用程序需要访问营帐系统以读写局方系统数据库,但是由于客户服务系统的软硬件环境与营帐系统往往存在很大差异,所以两个系统对访问数据库的方式是不统一的,例如操作数据库的报文命令字各不相同,数据格式也各不相同,因此当各种服务器向协议代理模块传送请求访问数据库的报文时,协议代理模块将报文中包含的数据库操作命令和参数转换为营帐系统可以识别的操作命令和参数,并将营帐系统访问数据库的操作结果转换为各种服务器应用程序可以处理的格式。Various server applications in the customer service system need to access the accounting system to read and write the bureau system database, but because the software and hardware environment of the customer service system is often quite different from that of the accounting system, the way the two systems access the database is Not uniform, for example, the message command words for operating the database are different, and the data format is also different. Therefore, when various servers transmit messages requesting access to the database to the protocol agent module, the protocol agent module will use the information contained in the message. The database operation commands and parameters are converted into operation commands and parameters that the camp system can recognize, and the operation results of the camp system accessing the database are converted into formats that can be processed by various server applications.

(2)通信管理功能(2) Communication management function

协议代理模块负责与数据库系统建立通信连接,将经过协议格式转换后的服务器对数据库的访问请求发送给数据库系统,以及从数据库系统接收数据库访问结果。在本发明的较佳实施例中,考虑到安全性,协议代理模块与营帐系统内的局方系统前置机采用TCP协议进行通信,在通信建立时,协议代理模块可根据预先确定的方式设定双方的连接方式、IP地址、连接端口号和监听端口号等。此外,为了进一步提高系统的安全性,可由数据库系统对协议代理模块进行IP验证及登录口令验证并控制协议代理模块操作数据库系统的权限。The protocol agent module is responsible for establishing a communication connection with the database system, sending the server's access request to the database after protocol format conversion to the database system, and receiving the database access result from the database system. In a preferred embodiment of the present invention, considering security, the protocol proxy module communicates with the front-end computer of the office system in the tent system using the TCP protocol. When the communication is established, the protocol proxy module can be set according to a predetermined method. Set the connection mode, IP address, connection port number and listening port number of both parties. In addition, in order to further improve the security of the system, the database system can verify the IP and login password of the protocol proxy module and control the authority of the protocol proxy module to operate the database system.

(3)报文控制发送功能(3) Message control sending function

协议代理模块对向数据库系统发送的请求访问报文进行控制以满足各种需要,例如可对待发送的请求访问报文进行队列控制和超时控制。具体而言,在本实施例中,当营帐系统的局方系统前置机处理忙时(即无法处理新的访问请求),协议代理模块启动队列控制处理,对请求访问报文进行队列处理以避免报文的丢失;当一项报文或请求在队列中等待时间过长而得到响应时,协议代理模块可启动超时控制处理丢弃这样的报文。The protocol proxy module controls the request access messages sent to the database system to meet various needs, for example, it can perform queue control and timeout control on the request access messages to be sent. Specifically, in this embodiment, when the central office system front-end processor of the tent system is busy (that is, cannot process new access requests), the protocol agent module starts queue control processing, and performs queue processing on request access messages to Avoid message loss; when a message or request has been waiting in the queue for too long to get a response, the protocol proxy module can start timeout control to process and discard such messages.

上述协议代理模块的功能可以软件或硬件方式实现,但是在本发明的较佳实施例中,比较好的是以软件方式实现,以下对此作进一步的描述。The functions of the above-mentioned protocol agent module can be realized by software or hardware, but in a preferred embodiment of the present invention, it is preferably realized by software, which will be further described below.

实现协议代理模块上述功能的接口程序包括协议代理执行单元和协议格式转换单元,其中,协议代理执行单元负责与数据库系统建立通信连接,从数据库接收操作结果和向数据库发送访问报文,并对访问数据库报文向数据库系统的发送进行队列控制和超时控制,而协议格式转换单元负责客户端计算机与数据库系统之间协议格式的转换。之所以将实现协议代理的接口程序分成相对独立的两部分是考虑到在客户服务系统与不同局对接时应尽量减少对程序的改动。具体而言,由于客户服务系统与局方系统之间一般只是协议格式不同,双方之间的通信管理过程是相同或相似的,因此主要负责通信管理功能的协议代理执行单元可以作为通用程序使用,而将协议格式转换单元提供给不同的局方系统。The interface program for realizing the above-mentioned functions of the protocol proxy module includes a protocol proxy execution unit and a protocol format conversion unit. The sending of database messages to the database system is subject to queue control and timeout control, and the protocol format conversion unit is responsible for the conversion of the protocol format between the client computer and the database system. The reason why the interface program for implementing the protocol agent is divided into two relatively independent parts is to consider that the modification of the program should be minimized when the customer service system is connected with different offices. Specifically, since the customer service system and the bureau system are generally only different in the protocol format, the communication management process between the two parties is the same or similar, so the protocol agent execution unit mainly responsible for the communication management function can be used as a general program. The protocol format conversion unit is provided to different office systems.

如图2所示,在本实施例中,协议代理执行单元为可执行程序DtProxy.exe而协议格式转换单元为可由DtProxy.exe调用的动态链接库DtProxyDll.dll。As shown in FIG. 2 , in this embodiment, the protocol proxy execution unit is the executable program DtProxy.exe and the protocol format conversion unit is the dynamic link library DtProxyDll.dll that can be called by DtProxy.exe.

为了灵活地配置DtProxy.exe程序与局方系统前置机之间的通信协议,在本实施例中,将所有可以配置或改动的设置以预先设定的格式写入一个配置文件DtProxy.ini中,DtProxy.exe程序通过读取该配置文件制定与前置机之间的通信协议。该配置文件内容包括:1)连接方式的设定、连接端口和监听端口的配置等;2)传送的各项报文的超时时限和所用连接的配置;3)与其它内部程序通信时的进程ID设置和数据源的配置等。In order to flexibly configure the communication protocol between the DtProxy.exe program and the front-end processor of the local system, in this embodiment, all configurable or modifiable settings are written in a configuration file DtProxy.ini in a preset format , the DtProxy.exe program formulates a communication protocol with the front-end processor by reading the configuration file. The content of the configuration file includes: 1) the setting of the connection mode, the configuration of the connection port and the listening port, etc.; 2) the timeout period of each message transmitted and the configuration of the connection used; 3) the process of communicating with other internal programs ID settings and data source configuration, etc.

通过配置文件DtProxy.ini的配置,协议代理模块可通过如下的连接方式向营帐系统内的局方系统前置机发送请求访问数据库的报文:Through the configuration of the configuration file DtProxy.ini, the protocol proxy module can send a message requesting access to the database to the front-end computer of the office system in the tent system through the following connection methods:

1、长连接、异步(非阻塞)方式1. Long connection, asynchronous (non-blocking) mode

在这种方式下,DtProxy.exe程序在接收到客户服务系统访问营帐系统的请求报文时,经过协议格式转换后如果前置机可处理,则即行发送,否则进行队列控制,即,将报文放入一个请求队列中,待前置机可处理时再发送。由于各种报文的处理速度不同,因此营帐系统回送的响应报文的顺序可能与请求报文的顺序不同。In this way, when the DtProxy.exe program receives a request message from the customer service system to access the tent system, if the front-end processor can handle it after the protocol format conversion, it will send it immediately; otherwise, it will perform queue control, that is, the report will be The text is put into a request queue and sent when the front-end processor can process it. Due to the different processing speeds of various messages, the order of the response messages returned by the camping system may be different from the order of the request messages.

2、长连接、同步(阻塞)方式2. Long connection, synchronous (blocking) mode

在这种方式下,DtProxy.exe程序将客户服务系统的一个请求报文发送给局方系统前置机后,必须等待接收到响应报文后或者在预先设定时间结束时未接收到响应报文时(即超时)才能发送下一个请求报文。如果请求报文过多,则采用这种方式可以将等待时间过长的请求报文丢弃。In this way, after the DtProxy.exe program sends a request message from the customer service system to the front-end processor of the office system, it must wait for the response message to be received or the response message is not received at the end of the preset time. The next request message can only be sent when the message time (that is, timeout) is reached. If there are too many request packets, the request packets that have been waiting for a long time can be discarded in this way.

3、短连接、同步(阻塞)方式3. Short connection, synchronous (blocking) mode

在这种方式下,DtProxy.exe程序在发送请求报文之前,先与局方系统前置机建立套接字(Socket)连接,然后发送报文,并且只有在接收到响应报文或者在预先设定时间结束时未接收到响应报文时才断开连接。In this way, before sending the request message, the DtProxy.exe program first establishes a socket (Socket) connection with the front-end processor of the office system, and then sends the message, and only when the response message is received or in advance The connection is disconnected when no response message is received at the end of the set time.

同样,为了灵活地配置协议格式转换,在本实施例中,将所有可以配置或改动的设置以预先设定的格式写入一个配置文件DtProxyDll.ini中,DtProxy.exe程序在调用DtProxyDLL.dll进行格式转换前,通过读取该配置文件确定协议格式转换方式。该配置内容包括协议格式转换时报文命令字的对应关系和转换数据的对应关系等,具体设置与具体的协议相关。Similarly, in order to flexibly configure protocol format conversion, in this embodiment, all configurable or modifiable settings are written in a configuration file DtProxyDll. Before format conversion, the protocol format conversion method is determined by reading the configuration file. The configuration content includes the corresponding relationship between the message command word and the converted data when the protocol format is converted, and the specific setting is related to the specific protocol.

此外,由于各种接口协议的实现方式不尽相同,所以可能会根据实际情况需要增加配置文件。In addition, since various interface protocols are implemented in different ways, configuration files may need to be added according to actual conditions.

Claims (9)

1.一种客户端计算机访问数据库系统的方法,其特征在于,客户端计算机与数据库系统之间经协议代理模块通信,当客户端计算机内的应用进程访问数据库时,包含以下步骤:1. A method for a client computer to access a database system, characterized in that, between the client computer and the database system, through the protocol agent module communication, when the application process in the client computer accesses the database, the following steps are included: (1)客户端计算机的应用进程向协议代理模块传送访问数据库的请求报文;(1) The application process of the client computer transmits a request message for accessing the database to the protocol proxy module; (2)协议代理模块将所述请求报文转换为被访问数据库可处理的协议格式,并控制格式转换后请求报文向数据库系统的发送;(2) The protocol proxy module converts the request message into a protocol format that can be handled by the accessed database, and controls the sending of the request message to the database system after format conversion; (3)数据库系统根据协议代理模块发送的请求报文对数据库进行操作,并且如果需要将操作结果回送至客户端计算机的应用进程,则向协议代理模块发送包含操作结果的响应报文;以及(3) The database system operates the database according to the request message sent by the protocol agent module, and if the operation result needs to be sent back to the application process of the client computer, then a response message containing the operation result is sent to the protocol agent module; and (4)协议代理模块将响应报文转换为客户端计算机内应用进程可处理的协议格式并传送至客户端计算机。(4) The protocol proxy module converts the response message into a protocol format that can be processed by the application process in the client computer and transmits it to the client computer. 2.如权利要求1所述的方法,其特征在于,所述访问数据库的请求报文包含对数据库的操作类型和操作参数。2. The method according to claim 1, wherein the request message for accessing the database includes an operation type and operation parameters for the database. 3.如权利要求2所述的方法,其特征在于,协议代理模块包括协议代理执行单元和协议格式转换单元,其中,协议代理执行单元负责与数据库系统建立通信连接,从数据库接收操作结果和向数据库发送访问报文,并对访问数据库报文向数据库系统的发送进行队列控制和超时控制,而协议格式转换单元负责客户端计算机与数据库系统之间协议格式的转换。3. The method according to claim 2, wherein the protocol proxy module comprises a protocol proxy execution unit and a protocol format conversion unit, wherein the protocol proxy execution unit is responsible for establishing a communication connection with the database system, receiving the operation result from the database and sending the data to the database system. The database sends access messages, and performs queue control and timeout control on sending the access messages to the database system, and the protocol format conversion unit is responsible for the conversion of the protocol format between the client computer and the database system. 4.如权利要求3所述的方法,其特征在于,所有可以配置或改动的设置以预先设定的格式写入配置文件中,协议代理执行单元通过读取配置文件确定协议代理模块与数据库系统之间的通信协议和客户端计算机与数据库之间的协议格式转换方式并且调用协议格式转换单元完成协议格式转换。4. The method according to claim 3, characterized in that all configurable or modifiable settings are written in the configuration file in a preset format, and the protocol proxy execution unit determines the agreement between the protocol proxy module and the database system by reading the configuration file The communication protocol between the client computer and the protocol format conversion method between the client computer and the database, and the protocol format conversion unit is called to complete the protocol format conversion. 5.如权利要求1~4中任意一项所述的方法,其特征在于,协议代理模块与数据库系统之间按照TCP协议建立连接和进行通信。5. The method according to any one of claims 1-4, characterized in that, the connection between the protocol agent module and the database system is established and communicated according to the TCP protocol. 6.如权利要求5所述的方法,其特征在于,数据库系统对协议代理模块进行IP验证及登录口令验证,并控制协议代理模块对数据库系统的操作权限。6. The method according to claim 5, wherein the database system performs IP verification and login password verification on the protocol proxy module, and controls the operation authority of the protocol proxy module to the database system. 7.如权利要求6所述的方法,其特征在于,在步骤(2)中,协议代理模块在接收到客户端计算机访问数据库系统的请求报文时,对其作协议格式转换并在数据库系统可处理时即行发送,否则进行队列控制处理。7. the method for claim 6 is characterized in that, in step (2), protocol agent module is when receiving the request message of client computer access database system, it is done protocol format conversion and in database system When it can be processed, it will be sent immediately, otherwise, it will be processed by queue control. 8.如权利要求6所述的方法,其特征在于,在步骤(2)中,协议代理模块在将客尸端计算机传送的一个请求报文发送给数据库系统后,必须等待接收到数据库系统的响应报文后或者在预先设定时间结束时未接收到响应报文时才能发送下一个请求报文。8. The method according to claim 6, wherein, in step (2), the protocol agent module must wait to receive a request message from the database system after sending a request message transmitted by the guest computer to the database system. The next request message can only be sent after the response message or when no response message is received at the end of the preset time. 9.如权利要求6所述的方法,其特征在于,在步骤(2)中,在发送请求报文之前,协议代理模块先与数据库系统建立套接字(Socket)连接,然后发送请求报文,并且只有在接收到响应报文或者在预先设定时间结束时未接收到响应报文时才断开套接字连接。9. The method according to claim 6, wherein, in step (2), before sending the request message, the protocol agent module first establishes a socket (Socket) connection with the database system, and then sends the request message , and disconnect the socket connection only when a response message is received or a response message is not received at the end of the preset time.
CN 02137696 2002-10-30 2002-10-30 Method accessing data bank through protocol agency mode Expired - Lifetime CN1265309C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 02137696 CN1265309C (en) 2002-10-30 2002-10-30 Method accessing data bank through protocol agency mode

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 02137696 CN1265309C (en) 2002-10-30 2002-10-30 Method accessing data bank through protocol agency mode

Publications (2)

Publication Number Publication Date
CN1494022A true CN1494022A (en) 2004-05-05
CN1265309C CN1265309C (en) 2006-07-19

Family

ID=34231654

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 02137696 Expired - Lifetime CN1265309C (en) 2002-10-30 2002-10-30 Method accessing data bank through protocol agency mode

Country Status (1)

Country Link
CN (1) CN1265309C (en)

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007019757A1 (en) * 2005-08-12 2007-02-22 Huawei Technologies Co., Ltd. A communication system and method based on forwarding and control element separation
CN101034411A (en) * 2007-04-09 2007-09-12 招商银行股份有限公司 Computer data processing system and processing method and application
WO2008046287A1 (en) * 2006-10-13 2008-04-24 Huawei Technologies Co., Ltd. A method and system for coordinating the services provided by different service providers
CN100595740C (en) * 2004-12-17 2010-03-24 佳能株式会社 Communication device and its configuration file information acquisition request processing method
CN101183363B (en) * 2006-11-13 2010-05-12 中兴通讯股份有限公司 A Method for Unified Configuration and Management of Memory Database Using System Table Structure
CN101150530B (en) * 2006-09-21 2011-11-16 华为技术有限公司 Forwarding system, method and forward unit agent under forward control separation architecture
CN101631019B (en) * 2008-07-18 2011-12-28 深圳市维信联合科技有限公司 Configuration control module, unidirectional transmission equipment and configuration control method
CN101227351B (en) * 2008-01-23 2012-05-23 深圳国人通信有限公司 Method and apparatus for processing multi protocol data packets in remote control
CN102801699A (en) * 2011-12-28 2012-11-28 北京安天电子设备有限公司 System, method and equipment for preventing data tampering of server
CN103744896A (en) * 2013-12-24 2014-04-23 乐视网信息技术(北京)股份有限公司 Method and device for data processing
CN104270537A (en) * 2014-08-25 2015-01-07 江苏鸿信系统集成有限公司 IVR (Interactive Voice Response) automatic dial platform
CN104462605A (en) * 2014-12-31 2015-03-25 迈普通信技术股份有限公司 Database persistent layer frame configuration and modification method and system
CN105227667A (en) * 2015-10-14 2016-01-06 深圳市金证科技股份有限公司 Message forwarding method and platform
CN107634957A (en) * 2017-09-29 2018-01-26 深圳迪贝守望信息技术有限公司 Real-time pre-save method and system for data and file operations based on protocol agent
CN108183833A (en) * 2017-11-29 2018-06-19 努比亚技术有限公司 A kind of response processing method, device and computer readable storage medium
CN108390863A (en) * 2018-01-31 2018-08-10 深圳市元征科技股份有限公司 A kind of data processing method and device
CN108769017A (en) * 2018-05-29 2018-11-06 杭州字符串科技有限公司 A kind of data communications method and device
CN109284968A (en) * 2017-07-19 2019-01-29 中航(重庆)微电子有限公司 Management method, approving system, readable storage medium storing program for executing and the server of approving system
CN109756508A (en) * 2019-01-22 2019-05-14 深圳壹账通智能科技有限公司 Message broker method and related equipment based on multi-protocol access to blockchain network
CN109815214A (en) * 2018-12-29 2019-05-28 深圳云天励飞技术有限公司 Database access method, system, device and storage medium
CN111752987A (en) * 2019-03-29 2020-10-09 北京数聚鑫云信息技术有限公司 Database access method and device, storage medium and computer equipment
CN113378233A (en) * 2021-08-16 2021-09-10 北京安华金和科技有限公司 System and method for preventing database access through direct connection
CN114787794A (en) * 2019-10-07 2022-07-22 大陆汽车有限责任公司 Computer-based apparatus for database communication
CN115062092A (en) * 2022-08-10 2022-09-16 阿里云计算有限公司 Database access method, device, system and storage medium

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100595740C (en) * 2004-12-17 2010-03-24 佳能株式会社 Communication device and its configuration file information acquisition request processing method
CN100459594C (en) * 2005-08-12 2009-02-04 华为技术有限公司 System and access method based on forwarding control separation protocol
WO2007019757A1 (en) * 2005-08-12 2007-02-22 Huawei Technologies Co., Ltd. A communication system and method based on forwarding and control element separation
CN101150530B (en) * 2006-09-21 2011-11-16 华为技术有限公司 Forwarding system, method and forward unit agent under forward control separation architecture
WO2008046287A1 (en) * 2006-10-13 2008-04-24 Huawei Technologies Co., Ltd. A method and system for coordinating the services provided by different service providers
CN101183363B (en) * 2006-11-13 2010-05-12 中兴通讯股份有限公司 A Method for Unified Configuration and Management of Memory Database Using System Table Structure
CN101034411A (en) * 2007-04-09 2007-09-12 招商银行股份有限公司 Computer data processing system and processing method and application
CN101034411B (en) * 2007-04-09 2016-05-11 招商银行股份有限公司 A kind of computer data processing system and processing method and application
CN101227351B (en) * 2008-01-23 2012-05-23 深圳国人通信有限公司 Method and apparatus for processing multi protocol data packets in remote control
CN101631019B (en) * 2008-07-18 2011-12-28 深圳市维信联合科技有限公司 Configuration control module, unidirectional transmission equipment and configuration control method
CN102801699B (en) * 2011-12-28 2015-07-29 北京安天电子设备有限公司 The system preventing server data from distorting, method and apparatus
CN102801699A (en) * 2011-12-28 2012-11-28 北京安天电子设备有限公司 System, method and equipment for preventing data tampering of server
CN103744896A (en) * 2013-12-24 2014-04-23 乐视网信息技术(北京)股份有限公司 Method and device for data processing
CN104270537B (en) * 2014-08-25 2017-12-22 江苏鸿信系统集成有限公司 A kind of IVR automatic outer calls platform
CN104270537A (en) * 2014-08-25 2015-01-07 江苏鸿信系统集成有限公司 IVR (Interactive Voice Response) automatic dial platform
CN104462605A (en) * 2014-12-31 2015-03-25 迈普通信技术股份有限公司 Database persistent layer frame configuration and modification method and system
CN105227667A (en) * 2015-10-14 2016-01-06 深圳市金证科技股份有限公司 Message forwarding method and platform
CN109284968B (en) * 2017-07-19 2022-02-01 华润微电子(重庆)有限公司 Management method of signing system, readable storage medium and server
CN109284968A (en) * 2017-07-19 2019-01-29 中航(重庆)微电子有限公司 Management method, approving system, readable storage medium storing program for executing and the server of approving system
CN107634957A (en) * 2017-09-29 2018-01-26 深圳迪贝守望信息技术有限公司 Real-time pre-save method and system for data and file operations based on protocol agent
CN107634957B (en) * 2017-09-29 2021-08-10 深圳迪贝守望信息技术有限公司 Protocol agent-based real-time data and file operation pre-saving method and system
CN108183833A (en) * 2017-11-29 2018-06-19 努比亚技术有限公司 A kind of response processing method, device and computer readable storage medium
CN108390863A (en) * 2018-01-31 2018-08-10 深圳市元征科技股份有限公司 A kind of data processing method and device
CN108769017A (en) * 2018-05-29 2018-11-06 杭州字符串科技有限公司 A kind of data communications method and device
CN109815214A (en) * 2018-12-29 2019-05-28 深圳云天励飞技术有限公司 Database access method, system, device and storage medium
CN109756508A (en) * 2019-01-22 2019-05-14 深圳壹账通智能科技有限公司 Message broker method and related equipment based on multi-protocol access to blockchain network
CN109756508B (en) * 2019-01-22 2022-11-08 深圳壹账通智能科技有限公司 Message proxy method based on multi-protocol access block chain network and related equipment
CN111752987A (en) * 2019-03-29 2020-10-09 北京数聚鑫云信息技术有限公司 Database access method and device, storage medium and computer equipment
CN111752987B (en) * 2019-03-29 2023-12-12 北京数聚鑫云信息技术有限公司 Database access method, device, storage medium and computer equipment
CN114787794A (en) * 2019-10-07 2022-07-22 大陆汽车有限责任公司 Computer-based apparatus for database communication
CN113378233B (en) * 2021-08-16 2021-11-30 北京安华金和科技有限公司 System and method for preventing database access through direct connection
CN113378233A (en) * 2021-08-16 2021-09-10 北京安华金和科技有限公司 System and method for preventing database access through direct connection
CN115062092A (en) * 2022-08-10 2022-09-16 阿里云计算有限公司 Database access method, device, system and storage medium
CN115062092B (en) * 2022-08-10 2023-02-03 阿里云计算有限公司 Database access method, device, system and storage medium

Also Published As

Publication number Publication date
CN1265309C (en) 2006-07-19

Similar Documents

Publication Publication Date Title
CN1265309C (en) Method accessing data bank through protocol agency mode
US8073954B1 (en) Method and apparatus for a secure remote access system
US7324473B2 (en) Connector gateway
US8315198B2 (en) Mobile provisioning tool system
US7200636B2 (en) Method and apparatus for applying personalized rules to e-mail messages at an e-mail server
US8275892B2 (en) Low-level remote sharing of local devices in a remote access session across a computer network
US6591304B1 (en) Dynamic, scaleable attribute filtering in a multi-protocol compatible network access environment
WO2021027600A1 (en) Single log-in method, apparatus and device, and computer-readable storage medium
US20030089675A1 (en) Authenticating resource requests in a computer system
CN111258781A (en) Calling authentication method, device, equipment and storage medium of microservice
CN1498373A (en) Method for recording events in IP networks
CN1848883A (en) Call system, proxy dial server apparatus and proxy dial method for use therewith, and program thereof
CN111988292A (en) A method, device and system for accessing the Internet by an intranet terminal
CN108512889A (en) A kind of application response method for pushing and proxy server based on HTTP
CN1939035B (en) Method and apparatus for communicating data between computer devices
CN1930850A (en) An apparatus, computer-readable memory and method for authenticating and authorizing a service request sent from a service client to a service provider
CN1197296C (en) An information switch
CN1842073A (en) A Method for Realizing External Device Mapping of Network Computer
CN104753774A (en) A Distributed Enterprise Integrated Access Gateway
WO2010096818A1 (en) Generalized method for authenticating subscribers of a service via a graphical user interface or telephone using the same user name and password
CN2867778Y (en) Device for achieving information recovery on the side of network
CN116707988A (en) Authentication method, device, computer equipment and medium based on unified gateway system
Guide Unicenter® SOLVE: CPT™
AU2002339961A1 (en) Authenticating resource requests in a computer system
HK1071249B (en) Connector gateway

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term

Granted publication date: 20060719

CX01 Expiry of patent term