Field of Invention
The present invention relates to a technical field of software, and more particularly to a service-based message access layer frame and an implementation method thereof.
Description of Related Arts
With the expansion in the application scale of the cloud computing, for the various types of clients, the various types of front ends are connected to the back end. According to the different requirements, the front ends adopt different protocols for communicating, such as the common Http protocol, the compressed Http protocol for the mobile equipment communication, the various online video communication protocol, the conventional SOAP protocol and the RPC protocol, and even the customized communication protocol. When the front ends are connected to the back end, all of the front ends are required to be handled with the login management, the rights management and the behavior auditing. The above handlings are collectively called the access layer. Conventionally, the cloud computing application requires the independent development of the access layer, which has the following problems.
Firstly, all of the front ends are connected to the back end independently. It is failed to balance the access frequency of each front end. The sporadic large access amount of some front end leads to the excessive pressure on the back end, which influences the access speed of the other front ends.
Secondly, the independent account authentication is required for each front end; all of the front ends are connected to the same authentication database, posing the high security threat to the authentication database.
Thirdly, the access layer is developed for each front end, mostly in the repeated manner, which increases the workload of the developer.
An object of the present invention is to provide a service-based message access layer frame to solve problems of different protocols, low security and high development workload of conventional application front ends.
Another object of the present invention is to provide a method for implementing the service-based message access layer frame to solve the problems of the different protocols, the low security and the high development workload of the conventional application front ends.
Accordingly, the present invention adopts the following technical solutions.
A service-based message access layer frame comprises a controller, a receiver, an account password checker, a session processor and a repeater, wherein:
the controller comprises a configuration file parser and a database access service; the controller is for initiating, initializing and coordinating the receiver, the account password checker, the session processor and the repeater;
the receiver is for receiving a request of an application front end in various forms; after receiving data in different formats, the receiver translates the received data in the different formats into data in a consistent format and then sends the data in the consistent format to the session processor;
the account password checker is for controlling and validating an access of the request of the application front end and thereafter sending the request to the repeater;
the session processor, serving as a main handling module of the whole service-based message access layer frame, is for handling the request of the application front end with a login management, a rights management, a behavior auditing, a log, a single sign-on and interface exposing; and
the repeater is for translating the handled data in the consistent format into data acceptable to an application back end, and then sending the data acceptable to the application back end to the application back end to be handled by cloud.
The request of the application front end comes from a web front end or a client of a customized application layer protocol.
A method for implementing the service-based message access layer frame comprises steps of:
(1) after initiating a system, parsing a configuration file, initiating a database access service, and initializing and initiating a receiver, an account password checker, a session processor and a repeater of the service-based message access layer frame by a controller;
(2) after an application front end sends a request, receiving the request of the application front end, translating the request of the application front end into data in a consistent format and sending the data in the consistent format to the session processor by the receiver;
(3) handling a client request and sending the handled client request to the repeater, by the account password checker and the session processor which serve as main information handling modules of the frame; and
(4) translating the handled data in the consistent format into data acceptable to an application back end, and then sending the data acceptable to the application back end to the application back end for a data handling by cloud, by the repeater.
A working process of the controller comprises steps of:
(a) reading and parsing the configuration file; initiating the receiver according to the configuration file, wherein the receiver is different in accordance with the different application front ends and depends on a communication protocol of the application front end;
(b) initiating the repeater, wherein the repeater is different in accordance with the different application back ends and depends on a communication manner of the application back end;
(c) initiating the database access service; initiating the account password checker with a connection provided by the database access service; and obtaining validation information of an account from a database; and
(d) finally initiating the session processor which has no session therein initially.
A handling logic of the controller is describes as follows.
A strategy assigned by the configuration file determines which modules the request passes through and how the request is handled. Once a problem occurs, a handling chain is stopped and the request is returned to the controller in advance. The controller, according to returned abnormal information, returns a response to the client request in advance through the receiver and finishes a request response.
The receiver, as a server, continually receives the request of the application front end and, after receiving, assigns a unique ID to each the request.
The session processor contains connection information from the different application front ends, wherein the connection information is called sessions.
Each session is distinguished by a unique ID, sessionId. Each application front end is assigned the sessionId after connecting to the message access layer frame for a first time and being checked by the account password checker. Subsequent connections of the application front end must contain the sessionId in the request.
A complete process of handling the request comprises steps of:
extracting the session ID from each request and checking whether the session ID already exists by the session processor;
if the session ID exists, namely that the session already exists, sending the session to the repeater;
if the session ID does not exist, namely that the session is a new session, sending the session to the account password checker for an authentication;
if the authentication is failed, directly returning an error code to the application front end without continuing sending the session;
if the authentication is passed, registering the session and returning success authentication information to the application front end; and
after sending response information, destroying corresponding connection information by the receiver, wherein the receiver is merely responsible for receiving and returning the request; each request is independent; and, once handling of the request is finished, the receiver readily eliminates the corresponding connection information and waits for a next request.
The present invention has following benefits.
Firstly, the present invention is able to balance a load among the different application front ends and reduce a pressure of the application back end.
Secondly, the service-based message access layer frame serves as a sole access of each application, which improves security; moreover, the service-based message access layer frame combines management with accessing, isolates the application front ends from the application back end, and simplifies program logics of the application front ends and the application back end.
Thirdly, the present invention is able to reuse codes and reduce a workload of developing the access layer.
These and other objectives, features, and advantages of the present invention will become apparent from the following detailed description, the accompanying drawings, and the appended claims.
The present invention is further illustrated with the accompanying drawing.
The FIGURE is a flow chart of a method for implementing a service-based message access layer frame according to a preferred embodiment of the present invention.
Referring to the FIGURE, according to a preferred embodiment of the present invention, a method for implementing a service-based message access layer frame is illustrated. After initiating a system, a controller invokes a configuration file to load initialization information. The initialization information is described with an xml file in the preferred embodiment as follows.
The controller initializes other components.
The controller initiates a receiver according to the configuration file, described as follows:
Similarly, the controller initiates a repeater, wherein the repeater is different in accordance with different application back ends and depends on a communication manner of the application back end.
The controller positions a target background according to a type of the request of the application front end, so as to know to choose which repeater to transmit data.
The controller initiates a session processor as follows, wherein the session processor is empty initially.
The controller initiates an account password checker, described as follows:
Different access layers receive original data requests in different formats. Thereafter, the access layers generate a data structure in a consistent format based on original data. The data structure flows in each module. The data structure is universal and recognizable. For example, when receiving a rest request of:
The receiver destroys corresponding connection information after the recvList sends response information. The session has already been maintained by the session processor, wherein the receiver is not involved. The receiver is merely responsible for receiving and returning the request. Each request is independent and mutually unrelated. Thus, once the request is finished, the receiver eliminates the corresponding connection information and waits for a next request.
The receiver accepts information of various protocols and thus a plurality of implementation methods exist. An Http REST protocol is taken as an example to illustrate the implementation. The Http REST protocol has a main handling logic of:
After income.push( ), the incomeList creates a read-write thread according to the incoming new_client, and reads and writes data on the application front end. The read-write thread is identified by a requestID, because each request is a socket connection which is disconnected after sending the response, and each request has a unique ID. If the protocol is a long connection or other connection manners, situations are accordingly different. What described above is only suggested.
The read-write thread works as follows.
An account manager is a query database for checking whether an account and a password are correct or not.
The session processor has the sessionId which is for supporting the session or a single sign-on. An interior of the session processor supports a plurality of service types, such as supporting both a gcloud access and the computer room management. Different service types connect different function modules according to an instruction of the configuration file, so as to handle the request of the application front end. For example, a security auditing is required for an operation to the gcloud, but not required for the computer room management.
The returned organizedData is sent to the controller of the access layer by the session processor and then handled in accordance with a judgment. If the session processor fails in handling the organizedData, the organizedData is sent to the receiver and an error response is returned to the client from the Listener. If the session processor succeeds in handling the organizedData, the organizedData is sent to the repeater for transmitting.
One skilled in the art will understand that the embodiment of the present invention as shown in the drawings and described above is exemplary only and not intended to be limiting.
It will thus be seen that the objects of the present invention have been fully and effectively accomplished. Its embodiments have been shown and described for the purposes of illustrating the functional and structural principles of the present invention and is subject to change without departure from such principles. Therefore, this invention includes all modifications encompassed within the spirit and scope of the following claims.
Number | Date | Country | Kind |
---|---|---|---|
201410195515.1 | May 2014 | CN | national |
This is a U.S. National Stage under 35 U.S.C 371 of the International Application PCT/CN2014/094335, filed Dec. 19, 2014, which claims priority under 35 U.S.C. 119(a-d) to CN 201410195515.1, filed May 9, 2014.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/CN2014/094335 | 12/19/2014 | WO | 00 |