CN106844489A - A kind of file operation method, device and system - Google Patents
A kind of file operation method, device and system Download PDFInfo
- Publication number
- CN106844489A CN106844489A CN201611211436.0A CN201611211436A CN106844489A CN 106844489 A CN106844489 A CN 106844489A CN 201611211436 A CN201611211436 A CN 201611211436A CN 106844489 A CN106844489 A CN 106844489A
- Authority
- CN
- China
- Prior art keywords
- file
- target container
- request
- file operation
- requests
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
- G06F16/168—Details of user interfaces specifically adapted to file systems, e.g. browsing and visualisation, 2d or 3d GUIs
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/188—Virtual file systems
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Human Computer Interaction (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a kind of file operation method, device and system, the file operation method includes:The logging request that client sends is received, the logging request includes authentication information and target container information;The logging request is verified according to the authentication information, and confirms to login successfully when the logging request is verified;The client is received by the connection request that calls default file operation interface to send;Obtain operation information and the network site of the target container;File operation requests are initiated to main frame where the target container according to the connection request, and receives the operating result that main frame where the target container is returned, the operating result is returned into the client.The present invention can realize that the file on container is checked or copied from client, it is to avoid cumbersome configuration process, save server resource, improve allocative efficiency.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of file operation method, device and system.
Background technology
At this stage, container due to establishment, destroys low cost as a kind of virtual machine technique of lightweight;System, process phase
Mutually isolation, increasing system and framework are disposed using container, using also increasingly extensive.
When needing to check container file or copied, generally using the scp based on ssh agreements in current techniques
Order, and when using extensive container technique, often there is problems with:1st, because container technique is usually one process,
The extra corresponding sshd processes of ssh agreements of running can waste substantial amounts of resource;2nd, it is each independent container configuration user name, close
Code, very cumbersome, O&M is less efficient;3rd, for each container provides access path can be according to the waste into Internet resources;4th, scq lives
Order does not provide the lock operation of file-level, and the problem of change covering occurs when many people operate identical file simultaneously.Therefore,
Fileview and copy function when extensive container is disposed in current techniques, it would be highly desirable to further to improve and solve.
The content of the invention
The present invention provides a kind of file operation method, device and system, can be used in file when extensive container is disposed
Copy and check, without running extra process or user name, password and access path being separately configured, efficiency is higher.
First aspect present invention provides a kind of file operation method, including:
The logging request that client sends is received, the logging request includes authentication information and target container information;
The logging request is verified according to the authentication information, and confirms to log in into when the logging request is verified
Work(;
The client is received by the connection request that calls default file operation interface to send;
Obtain operation information and the network site of the target container;
File operation requests are initiated to main frame where the target container according to the connection request, and receives the target
The operating result that main frame where container is returned, the client is returned to by the operating result.
Optionally, it is described that the logging request is verified according to the authentication information, including:
The authentication information that the logging request includes is parsed, the authentication information includes user account and password;
Verify whether the user account and password match;
The corresponding logon rights of the user account are obtained, judges whether the user account has to the target container
Logon rights and file operation authority;
If the user account and password match, and the user account have to the target container logon rights with
And file operation authority, then confirm as the logging request and be verified.
Optionally, the operation information and network location information for obtaining the target container, including:
According to the target container information, inquiry request is sent to default relevant database;
The return information of the relevant database is received, the operation of the target container is obtained according to the return information
Information and network location information,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The target
The IP address of internal network of main frame where container.
Optionally, the file operation requests are additionally operable to the file destination of locking request, described according to the connection request
File operation requests are initiated to main frame where the target container, including:
The connection request is parsed, file request path is obtained;
Mark and the file request path according to the target container send to main frame where the target container
Long-range rest http requests;
Wherein, the file request path includes:Files passe request path and file download request path.
Second aspect present invention provides a kind of file operation device, including:
First receiver module, for receive client transmission logging request, the logging request include authentication information with
And target container information;
Authentication module, it is for verifying the logging request according to the authentication information and logical in logging request checking
Out-of-date confirmation is logined successfully;
Second receiver module, please for receiving connection of the client by calling default file operation interface to send
Ask;
Acquisition module, operation information and network site for obtaining the target container;
Request module, for initiating file operation requests to main frame where the target container according to the connection request,
And the operating result that main frame where the target container is returned is received, the operating result is returned into the client.
Optionally, the authentication module includes:
Resolution unit, for parsing the authentication information that the logging request includes, the authentication information includes user account
And password;
First authentication unit, for verifying whether the user account and password match;
Second authentication unit, for obtaining the corresponding logon rights of the user account, judges the user account to institute
State whether target container has logon rights and file operation authority;
Determining unit, for when the user account and password match, and the user account is to the target container
With logon rights and during file operation authority, confirm as the logging request and be verified.
Optionally, the acquisition module includes:
Query unit, for according to the target container information, inquiry request being sent to default relevant database;
Acquiring unit, the return information for receiving the relevant database, according to the return information is obtained
The operation information and network location information of target container,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The target
The IP address of internal network of main frame where container.
Optionally, the file operation requests are additionally operable to the file destination of locking request, and the request module includes:
Path acquiring unit, for parsing the connection request, obtains file request path;
Request unit, for the mark according to the target container and the file request path to the target container
Place main frame sends long-range rest http requests;
Wherein, the file request path includes:Files passe request path and file download request path.
Third aspect present invention provides a kind of file operation method, including:
Receive the file operation requests that login service device sends;
The file operation requests are parsed, the corresponding target container mark of the file operation requests is obtained and file please
Ask path;
According to target container mark and file request path, the corresponding operation knot of the file operation requests is obtained
Really;
The operating result is sent to the login service device, to cause the login service device by the operating result
Return to corresponding client.
Optionally, the file operation requests are additionally operable to the file destination of locking request, described according to the target container
Mark and file request path, obtain the corresponding operating result of the file operation requests, including:
Nsenter orders are called to enter the mount NameSpaces of the target container according to target container mark;
In the mount NameSpaces file opening interface service, the file interface service is used to hold in the target
Start webdav service processes on device, the webdav service processes are used to monitor webdav requests;
Reverse proxy is opened, the file operation requests webdav requests is encapsulated as, and act on behalf of to the reverse proxy;
The operating result that the target container is returned is received, wherein, the webdav service processes on the target container ring
Answer the webdav to ask, and corresponding operating result is returned to according to webdav requests.
Fourth aspect present invention provides a kind of file operation device, including:
Request receiving module, the file operation requests for receiving the transmission of login service device;
Parsing module, for parsing the file operation requests, obtains the corresponding target container of the file operation requests
Mark and file request path;
As a result acquisition module, for being identified and file request path according to the target container, obtains the file behaviour
Make the corresponding operating result of request;
Sending module, for the operating result to be sent into the login service device, to cause the login service device
The operating result is returned into corresponding client.
Optionally, the file operation requests are additionally operable to the file destination of locking request, and the result acquisition module includes:
Access unit, for calling nsenter orders to enter the target container according to target container mark
Mount NameSpaces;
Start unit, in the mount NameSpaces file opening interface service, the file interface service to be used for
Start webdav service processes on the target container, the webdav service processes are used to monitor webdav requests;
The file operation requests, for opening reverse proxy, are encapsulated as webdav requests by encapsulation unit, and agency arrives
The reverse proxy;
Receiving unit, for receiving the operating result that the target container is returned, wherein, on the target container
Webdav service processes respond the webdav requests, and return to corresponding operating result according to webdav requests.
Fifth aspect present invention provides a kind of file operating system, including:Client, login service device and main frame,
At least one container is provided with the main frame;
The client, for sending logging request to the login service device, the logging request includes authentication information
And target container information;
The login service device, for verifying the logging request according to the authentication information, and in the logging request
Confirm to login successfully when being verified;
The login service device is additionally operable to receive the client by the company of calling default file operation interface to send
Connect request;
The login service device is additionally operable to obtain operation information and the network site of the target container;
The login service device is additionally operable to initiate file operation requests to the main frame according to the connection request;
The main frame, for receiving and parsing through the file operation requests, obtains the corresponding mesh of the file operation requests
Mark container identification and file request path;
The main frame is additionally operable to according to target container mark and file request path, and obtaining the file operation please
Corresponding operating result is sought, and the operating result is sent to the login service device;
The login service device is additionally operable to for the operating result to return to the client.
Optionally, the file operating system also includes:Authentication server;
The login service device sends authentication request to the authentication server, and the authentication request includes the authentication letter
Breath and target container information, the authentication information include user account and password;
The authentication server, for verifying whether the user account and password match and the user account pair
Whether the target container has logon rights and file operation authority.
Optionally, the file operating system also includes:Relevant database;
The login service device sends inquiry request according to the target container information to relevant database;
The relational data, for returning to corresponding Query Information, the Query Information bag according to the inquiry request
The operation information and network location information of the target container are included,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The main frame
IP address of internal network.
Optionally, the file operation requests are additionally operable to the file destination of locking request, and the login service device is according to institute
State connection request and initiate file operation requests to the main frame, including:
The login service device parses the connection request, obtains file request path;
The login service device holds according to the mark of the target container and the file request path to the target
Main frame sends long-range rest http requests where device;
Wherein, the file request path includes:Files passe request path and file download request path.
Optionally, the main frame is identified and file request path according to the target container, obtains the file operation
Corresponding operating result is asked, including:
The main frame calls the mount that nsenter orders enter the target container to order according to target container mark
The name space;
The main frame is used in institute in the mount NameSpaces file opening interface service, the file interface service
Startup webdav service processes on target container are stated, the webdav service processes are used to monitor webdav requests;
The main frame opens reverse proxy, the file operation requests is encapsulated as into webdav requests, and act on behalf of described in
Reverse proxy;
The main frame receives the operating result that the target container is returned, wherein, the webdav clothes on the target container
Business process responds the webdav requests, and returns to corresponding operating result according to webdav requests.
Implement the present invention, have the advantages that:
The present invention is verified by the logging request according to client, and client is received when being verified by text
The connection request that part operate interface sends, file operation requests are initiated according to connection request to main frame where target container, and will
Corresponding operating result returns to client, so that without running correlation sshd processes on container, without for individually
Container configuration user name, password and network access path, it is possible to achieve the text on container is checked or copied from client
Part, it is to avoid cumbersome configuration process, saves server resource, improves allocative efficiency.
Brief description of the drawings
In order to illustrate more clearly of technical scheme, embodiment will be described below needed for the accompanying drawing to be used
It is briefly described, it should be apparent that, drawings in the following description are some embodiments of the present invention, for the common skill in this area
For art personnel, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of flow chart of file operation method first embodiment provided in an embodiment of the present invention.
Fig. 2 is a kind of flow chart of file operation method second embodiment provided in an embodiment of the present invention.
Fig. 3 is a kind of flow chart of file operation method 3rd embodiment provided in an embodiment of the present invention.
Fig. 4 is a kind of flow chart of file operation method fourth embodiment provided in an embodiment of the present invention.
Fig. 5 is a kind of flow chart of embodiment of file operation mode the 5th provided in an embodiment of the present invention.
Fig. 6 is a kind of flow chart of file operation mode sixth embodiment provided in an embodiment of the present invention.
Fig. 7 is a kind of structural representation of file operation device first embodiment provided in an embodiment of the present invention.
Fig. 8 is a kind of structural representation of file operation device second embodiment provided in an embodiment of the present invention.
Fig. 9 is a kind of structural representation of file operating system first embodiment provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Based in the present invention
Embodiment, the every other embodiment that those of ordinary skill in the art are obtained under the premise of creative work is not made, all
Belong to the scope of protection of the invention.
Term " first ", " second " and " the 3rd " in description and claims of this specification and above-mentioned accompanying drawing etc. is
For distinguishing different objects, not for description particular order.Additionally, term " including " and their any deformations, it is intended that
Non-exclusive included in covering.Process, method, system, product or the equipment for for example containing series of steps or unit do not have
The step of having listed or unit are defined in, but alternatively also include the step of not listing or unit, or alternatively also included
For these processes, method, product or other intrinsic steps of equipment or unit.
Fig. 1 show a kind of flow chart of file operation method first embodiment provided in an embodiment of the present invention.In this reality
Apply in mode, this document operating method is applied to login service device, the login service device is used to receive the access of client, and
Corresponding container is searched in access according to client so that client can be realized on target container by the login service device
The operation of file.Alternatively, the login service device can also realize the functions such as authentication, when client sends access request, sentence
Whether the access request of breaking is legal effectively.In the present embodiment, this document operating method comprises the following steps S101-S104.
In step S101, the logging request that client sends is received, the logging request includes authentication information and mesh
Mark information of container.
Specifically, when the desired login cell therefor of user checks file or copied files, user passes through client
Send corresponding logging request.Wherein, the logging request includes authentication information and target container information.Optionally, log in
Server can provide corresponding login interface, client by accessing the login interface, be input into corresponding authentication information and
Target container information.The authentication information includes user name and encrypted message, and the target container information is wanted including user
The identification information of the target container of login.
In step s 102, the logging request is verified according to the authentication information, and it is logical in logging request checking
Out-of-date confirmation is logined successfully.
Specifically, after the logging request is got, in addition it is also necessary to verify whether the logging request is effective.This reality
Apply in example, can be verified by special authentication server, corresponding authentication information is preserved on the authentication server
And authority information;Can also voluntarily be verified by login service device.The verification process mainly include checking user name with
And whether password matches, and whether the user name has access rights of target container of the team member etc..When being verified,
Confirmation is logined successfully.
In step s 103, the client is received by the connection request that calls default file operation interface to send.
Specifically, after logining successfully, the client sends corresponding by calling default file operation interface
Connection request.Wherein, the file operation interface can be corresponding API (Application Programming
Interface), the client after the file operation interface can be used for for login provides container file operation related interface;
Specific file operation requests are may include in the connection request, such as can be files passe request, or file under
Carry request.
In step S104, operation information and the network site of the target container are obtained.
Specifically, the login service device also need to the operation information of the acquisition of information target container according to target container with
And network site.Wherein, the operation information includes:Run, suspend and exit;The network location information includes:It is described
The IP address of internal network of main frame where target container.
In step S105, file operation requests are initiated to main frame where the target container according to the connection request,
And the operating result that main frame where the target container is returned is received, the operating result is returned into the client.
Specifically, after target container is determined, initiating file operation requests to the main frame of target container, and receive mesh
The operating result that main frame where mark container is returned.In the present embodiment, the file operation requests are additionally operable to locking request
File destination.After in lock onto target file, within the default time period, a process or a user will be only allowed
The file destination is accessed, so as to ensure that the safety of file, the file integrality while when using is also ensure that in multi-user.Can
To understand, when connection request is asked for files passe, operating result can be uploaded successfully or fail;When connection please
Ask during for download request, operating result can be the specific fileinfo downloaded.
Above-mentioned to understand, the file operation method in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, so that without holding
Correlation sshd processes are run on device, without being that single container configures user name, password and network access path, Ke Yishi
Now check or copy the file on container from client, it is to avoid cumbersome configuration process, save server resource, improve
Allocative efficiency.
Fig. 2 show a kind of flow chart of file operation method second embodiment provided in an embodiment of the present invention.Comparison diagram 1
Shown first embodiment, in the present embodiment, further comprises the step of verifying logging request, this document operating method
Comprise the following steps S201-S209.
In step s 201, the logging request that client sends is received, the logging request includes authentication information and mesh
Mark information of container.
In step S202, the authentication information that the logging request includes is parsed, the authentication information includes user account
And password.
Specifically, after logging request is got, parsing authentication information therein, the authentication information includes user's account
Number and password.Wherein, the user account and password are used to perform follow-up register.In the present embodiment, may be used
Verify whether it being effective logging request with according to user account and password.
In step S203, verify whether the user account and password match.
Specifically, can verify whether the user account and password match by way of inquiring about database.
In step S204, the corresponding logon rights of the user account are obtained, judge the user account to the mesh
Whether mark container has logon rights and file operation authority.
Specifically, in user account and password match, the corresponding logon rights of user account are further obtained, and
Judge whether user account has logon rights and file operation authority to the target container.Wherein, by verifying file
Operating right may insure the security to file access.It is understood that different user accounts correspond to different vessels
Logon rights, and the file operation authority that correspond to different vessels.
In step S205, if the user account and password match, and the user account is to the target container
With logon rights and file operation authority, then confirm as the logging request and be verified.
Specifically, when user account and password match, and user account have corresponding authority, confirming as logging in and asking
Ask and be verified.
In step S206, confirm to login successfully when the logging request is verified.
In step S207, the client is received by the connection request that calls default file operation interface to send.
In step S208, operation information and the network site of the target container are obtained.
In step S209, file operation requests are initiated to main frame where the target container according to the connection request,
And the operating result that main frame where the target container is returned is received, the operating result is returned into the client.
It is above-mentioned to understand, the file operation method in the embodiment of the present invention, by receiving the logging request of client, to described
The authentication information and authority information that logging request includes are verified, and client is received when being verified by file behaviour
As the connection request that interface sends, file operation requests are initiated to main frame where target container according to connection request, and will correspondence
Operating result return to client, the security of file access process can not only be ensured, so that without in container
Upper operation correlation sshd processes, without being that single container configures user name, password and network access path, it is possible to achieve
Check or copy the file on container from client, it is to avoid cumbersome configuration process, save server resource, improve
Allocative efficiency.
Fig. 3 show a kind of flow chart of file operation method 3rd embodiment provided in an embodiment of the present invention.Comparison diagram 1
Shown first embodiment, in the present embodiment, further comprises the step of obtaining target container relevant information.Can manage
Solution, in the second embodiment that can also apply to shown in Fig. 2 the step of obtain target container relevant information in the present embodiment,
The embodiment of the present invention is not limited thereto.This document operating method comprises the following steps S301-S306.
In step S301, the logging request that client sends is received, the logging request includes authentication information and mesh
Mark information of container.
In step s 302, the logging request is verified according to the authentication information, and it is logical in logging request checking
Out-of-date confirmation is logined successfully.
In step S303, the client is received by the connection request that calls default file operation interface to send.
In step s 304, according to the target container information, inquiry request is sent to default relevant database.
Specifically, when authentication information checking effectively passes through, the target container information in logging request is further entered
Row inquiry.In the present embodiment, inquiry request is sent by default relevant database.Preserved in the relevant database
The relevant information of current all containers.Relevant database can return to corresponding information after inquiry request is received.
The database of correlation itself is preset with other embodiment, or on login service device.
In step S305, the return information of the relevant database is received, according to the return information is obtained
The operation information and network location information of target container.
Specifically, receiving the return information of relevant database, the operation information of target container is obtained according to return information
And network location information.Wherein, the operation information includes:Run, suspend and exit;The network location information bag
Include:The IP address of internal network of main frame where the target container.
In step S306, file operation requests are initiated to main frame where the target container according to the connection request,
And the operating result that main frame where the target container is returned is received, the operating result is returned into the client.
Above-mentioned to understand, the file operation method in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, can not only ensure file
The security of access process, so that without running correlation sshd processes on container, matching somebody with somebody without for single container
Put user name, password and network access path, it is possible to achieve the file on container is checked or copied from client, it is to avoid
Cumbersome configuration process, saves server resource, improves allocative efficiency.
Fig. 4 show a kind of flow chart of file operation method fourth embodiment provided in an embodiment of the present invention.Comparison diagram 1
Shown first embodiment, in the present embodiment, also including according to the step of connection request initiation file operation requests.Can be with
Understand, can also be applied to shown in Fig. 2 or Fig. 3 according to the step of connection request initiation file operation requests in the present embodiment
Second, third embodiment in, the embodiment of the present invention is not limited thereto.This document operating method comprises the following steps S401-
S407。
In step S401, the logging request that client sends is received, the logging request includes authentication information and mesh
Mark information of container.
In step S402, the logging request is verified according to the authentication information, and it is logical in logging request checking
Out-of-date confirmation is logined successfully.
In step S403, the client is received by the connection request that calls default file operation interface to send.
In step s 404, operation information and the network site of the target container are obtained.
In step S405, the connection request is parsed, obtain file request path.
Specifically, after the connection request that client is sent by default file operation interface is received, parsing institute
Connection request is stated, corresponding file request path is obtained.In the present embodiment, the file request path includes:On file
Pass request path and file download request path.When client request downloads file from target container, now connection request
File download request path is included, corresponding, main frame where succeeding target container can return to respective file download request path
Corresponding file is used as operating result;When client request is from client upload file to target container, now connection please
Ask and include files passe request path, the files passe path can be file content to be uploaded in itself, or
The corresponding network linking address of file content to be uploaded.
In step S406, the mark and the file request path according to the target container are to the target container
Place main frame sends long-range rest http requests.
Specifically, further obtain the mark of target container, mark and file request path according to target container to
Main frame sends rest http requests where the target container, to cause main frame described in response of host where the target container.
In step S 407, the operating result that main frame where the target container is returned is received, the operating result is returned
Back to the client.
Above-mentioned to understand, the file operation method in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, can not only ensure file
The security of access process, so that without running correlation sshd processes on container, matching somebody with somebody without for single container
Put user name, password and network access path, it is possible to achieve the file on container is checked or copied from client, it is to avoid
Cumbersome configuration process, saves server resource, improves allocative efficiency.
Embodiment described in Fig. 1 to Fig. 4 is all based on login service device to state the file operation side in the embodiment of the present invention
Method, the file operation method in the embodiment of the present invention is further illustrated below based on main frame where container.
Fig. 5 show a kind of flow chart of embodiment of file operation mode the 5th provided in an embodiment of the present invention.In this reality
Apply in mode, this document mode of operation is applied to container place main frame, and at least one container is provided with the main frame.Work as reception
During the file operation requests sent to login service device, the main frame responds institute by connection corresponding with target container foundation
File operation requests are stated, corresponding operating result is returned.In the present embodiment, this document mode of operation is comprised the following steps
S501-S504。
In step S501, the file operation requests that login service device sends are received.
Specifically, client can be sent accordingly by calling corresponding file operation interface by login service device
File operation requests, main frame receives this document operation requests.
In step S502, the file operation requests are parsed, obtain the corresponding target container of the file operation requests
Mark and file request path.
Specifically, parsing this document operation requests, obtain this document operation requests for target container mark and text
Part request path.Wherein, the file request path includes:Files passe request path and file download request path.When
Client request from target container download file when, now connection request includes file download request path, corresponding, subsequently
Main frame where target container can return to file corresponding to respective file download request path as operating result;When client please
Ask during from client upload file to target container, now connection request includes files passe request path, on the file
Pass path can be file content to be uploaded in itself, or the corresponding network linking address of file content to be uploaded.
In the present embodiment, the file operation requests are additionally operable to the file destination of locking request.After in lock onto target file,
Within the default time period, a process or a user will be only allowed to access the file destination, so as to ensure that file
Safety, also ensure that in multi-user the file integrality while when using.
In step S503, according to target container mark and file request path, obtaining the file operation please
Seek corresponding operating result.
Specifically, main frame is by the NameSpace into target container, start corresponding file interface service, obtain file
The corresponding operating result of operation requests.In the present embodiment, can be by webdav protocol realizations.In other embodiments,
Other modes, the embodiment of the present invention can also be used to be not limited thereto.
In step S504, the operating result is sent to the login service device, to cause the login service device
The operating result is returned into corresponding client.
Specifically, after the operating result is got, operating result is sent into login service device, the login clothes
The operating result is returned to corresponding client by business device.It is understood that when file operation requests are upper transmitting file,
The operating result can upload failure or upload to fail;When file operation requests are to download file, the operation knot
Fruit can be the specific file content downloaded.
Above-mentioned to understand, the file operation method in the embodiment of the present invention, by receiving file operation requests, is grasped according to file
Target container and file request path that work is asked, obtain corresponding operating result and return to login service device, so that
Client directly can be checked or copied etc. and operated by login service device to the file on target container, without
Correlation sshd processes are run on container, without being that single container configures user name, password and network access path, can be with
Realize checking from client or copy the file on container, it is to avoid cumbersome configuration process, save server resource, carry
Allocative efficiency high.
Fig. 6 show a kind of flow chart of file operation mode sixth embodiment provided in an embodiment of the present invention.Comparison diagram 5
The 5th shown embodiment, in the present embodiment, further comprises the step of obtaining file operation requests operating result.This article
Part operating method comprises the following steps S601-S607.
In step s 601, the file operation requests that login service device sends are received.
In step S602, the file operation requests are parsed, obtain the corresponding target container of the file operation requests
Mark and file request path.
In step S603, nsenter orders are called to enter the target container according to target container mark
Mount NameSpaces.
Specifically, after target container mark is obtained, the mount for calling nsenter orders to enter target container is ordered
The name space.Under same mount NameSpaces, main frame can share the file system specified with container.
In step s 604, in the mount NameSpaces file opening interface service, the file interface service is used for
Start webdav service processes on the target container, the webdav service processes are used to monitor webdav requests.
Specifically, after the mount NameSpaces for entering target container, opening the file interface clothes on target container
Business, this document interface service can be opened in the form of process.This document interface service starts a webdav service, is used in combination
In local unix socket are monitored, webdav requests are waited.
In step s 605, reverse proxy is opened, the file operation requests is encapsulated as webdav requests, and agency arrives
The reverse proxy.
Specifically, main frame opens reverse proxy, local unix socket are connected, and sent according to login service device
This document operation requests are encapsulated as webdav requests by file operation requests, and in the present embodiment, this document operation requests can be with
It is rest http requests.Further, by the reverse proxy of webdav requests agency to the unlatching.
In step S606, the operating result that the target container is returned is received, wherein, on the target container
Webdav service processes respond the webdav requests, and return to corresponding operating result according to webdav requests.
Specifically, the webdav that the local unix socket of file interface service response on target container are received
Request, returns to corresponding operating result.Further, main frame is additionally operable to after the operating result is received, and is closed described
File interface service on target container.
In step S607, the operating result is sent to the login service device, to cause the login service device
The operating result is returned into corresponding client.
Above-mentioned to understand, the file operation method in the embodiment of the present invention, by receiving file operation requests, is grasped according to file
Target container and file request path that work is asked, corresponding operating result is obtained by webdav agreements from target container
And login service device is returned to, so that client can be carried out directly by login service device to the file on target container
The operation such as check or copy, without running correlation sshd processes on container, without for single container configure user name,
Password and network access path, it is possible to achieve the file on container is checked or copied from client, it is to avoid cumbersome matching somebody with somebody
Process is put, server resource is saved, allocative efficiency is improve.
For ease of preferably implementing the such scheme of the embodiment of the present invention, it is also provided below for coordinating implementation such scheme
Relevant apparatus.
Fig. 7 show a kind of structural representation of file operation device first embodiment provided in an embodiment of the present invention.
In present embodiment, this document operation device is applied to login service device, and the login service device is used to receive the visit of client
Ask, and corresponding container is searched according to the access of client so that client can be realized to target by the login service device
The operation of file on container.Alternatively, the login service device can also realize the functions such as authentication, and access request is sent in client
When, judge whether the access request is legal effectively.In the present embodiment, this document operation device includes:First receiver module 701,
Authentication module 702, the second receiver module 703, acquisition module 704 and request module 705.Modules are described in detail below
Function.
First receiver module 701, the logging request for receiving client transmission, the logging request includes authentication information
And target container information.
Specifically, when the desired login cell therefor of user checks file or copied files, user passes through client
Corresponding logging request is sent, the first receiver module 701 receives the logging request.Wherein, the logging request includes that authentication is believed
Breath and target container information.Optionally, login service device can provide corresponding login interface, and client is stepped on by accessing this
Record interface, is input into corresponding authentication information and target container information.The authentication information includes user name and encrypted message,
The identification information of the target container that the target container information is wanted to log in including user.
Authentication module 702, for verifying the logging request according to the authentication information, and in logging request checking
By when confirm login successfully.
Specifically, after the logging request is got, authentication module 702 verifies whether the logging request has
Effect.In the present embodiment, can be verified by special authentication server, corresponding mirror is preserved on the authentication server
Power information and authority information;Can also voluntarily be verified by login service device.The verification process mainly includes that checking is used
Whether name in an account book and password match, and whether the user name has access rights of target container of the team member etc..Work as checking
By when, confirm to login successfully.
Second receiver module 703, for receiving the client by the company of calling default file operation interface to send
Connect request.
Specifically, after logining successfully, the client sends corresponding by calling default file operation interface
Connection request, the second receiver module 703 receives the connection request.Wherein, the file operation interface can be corresponding API
(Application Programming Interface), the client after the file operation interface can be used for for login is carried
For the related interface of container file operation;Specific file operation requests are may include in the connection request, such as can be text
Part upload request, or file download are asked.
Acquisition module 704, operation information and network site for obtaining the target container.
Specifically, acquisition module 704 also need to the acquisition of information target container according to target container operation information and
Network site.Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The mesh
The IP address of internal network of main frame where mark container.
Request module 705, please for initiating file operation to main frame where the target container according to the connection request
Ask, and receive the operating result that main frame where the target container is returned, the operating result is returned into the client.
Specifically, after target container is determined, request module 705 initiates file operation to the main frame of target container please
Ask, and receive the operating result that main frame where target container is returned.In the present embodiment, the file operation requests are additionally operable to
The file destination of locking request.After in lock onto target file, within the default time period, will only allow a process or
One user of person accesses the file destination, so as to ensure that the safety of file, also ensure that in multi-user the text while when using
Part integrality.It is understood that when connection request is asked for files passe, operating result can be uploaded successfully or lose
Lose;When connection request is download request, operating result can be the specific fileinfo downloaded.
Above-mentioned to understand, the file operation device in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, so that without holding
Correlation sshd processes are run on device, without being that single container configures user name, password and network access path, Ke Yishi
Now check or copy the file on container from client, it is to avoid cumbersome configuration process, save server resource, improve
Allocative efficiency.
In other embodiments, the authentication module 702 is further included:
Resolution unit, for parsing the authentication information that the logging request includes, the authentication information includes user account
And password;
First authentication unit, for verifying whether the user account and password match;
Second authentication unit, for obtaining the corresponding logon rights of the user account, judges the user account to institute
State whether target container has logon rights and file operation authority;
Determining unit, for when the user account and password match, and the user account is to the target container
With logon rights and during file operation authority, confirm as the logging request and be verified.
In other embodiments, the acquisition module 704 is further included:
Query unit, for according to the target container information, inquiry request being sent to default relevant database;
Acquiring unit, the return information for receiving the relevant database, according to the return information is obtained
The operation information and network location information of target container,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The target
The IP address of internal network of main frame where container.
In other embodiments, the request module 705 is further included:
Path acquiring unit, for parsing the connection request, obtains file request path;
Request unit, for the mark according to the target container and the file request path to the target container
Place main frame sends long-range rest http requests;
Wherein, the file request path includes:Files passe request path and file download request path.
Above-mentioned to understand, the file operation device in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, so that without holding
Correlation sshd processes are run on device, without being that single container configures user name, password and network access path, Ke Yishi
Now check or copy the file on container from client, it is to avoid cumbersome configuration process, save server resource, improve
Allocative efficiency.
Fig. 8 show a kind of structural representation of file operation device second embodiment provided in an embodiment of the present invention.
In present embodiment, this document operation device is applied to container place main frame, and at least one container is provided with the main frame.When
When receiving the file operation requests that login service device sends, the main frame is rung by connection corresponding with target container foundation
The file operation requests are answered, corresponding operating result is returned.In the present embodiment, this document operation device includes:Request
Receiver module 801, parsing module 802, result acquisition module 803 and sending module 804.Modules work(is described in detail below
Energy.
Request receiving module 801, the file operation requests for receiving the transmission of login service device.
Specifically, client can be sent accordingly by calling corresponding file operation interface by login service device
File operation requests, request receiving module 801 receives this document operation requests.
Parsing module 802, for parsing the file operation requests, obtains the corresponding target of the file operation requests and holds
Device is identified and file request path.
Specifically, parsing module 802 parsing this document operation requests, obtain this document operation requests for target container
Mark and file request path.Wherein, the file request path includes:Files passe request path and file download please
Ask path.When client request downloads file from target container, now connection request includes file download request path, right
Answer, main frame where succeeding target container can return to file corresponding to respective file download request path as operating result;
When client request is from client upload file to target container, now connection request includes files passe request path,
The files passe path can be file content to be uploaded in itself, or the corresponding network of file content to be uploaded
Chained address.In the present embodiment, the file operation requests are additionally operable to the file destination of locking request.In lock onto target text
After part, within the default time period, a process or a user will be only allowed to access the file destination, so as to protect
The safety of file has been demonstrate,proved, the file integrality while when using has been also ensure that in multi-user.
As a result acquisition module 803, for being identified and file request path according to the target container, obtain the file
The corresponding operating result of operation requests.
Specifically, result acquisition module 803 is by the NameSpace into target container, start corresponding file interface clothes
Business, obtains the corresponding operating result of file operation requests.In the present embodiment, can be by webdav protocol realizations.At other
In implementation method, it would however also be possible to employ other modes, the embodiment of the present invention is not limited thereto.
Sending module 804, for the operating result to be sent into the login service device, to cause the login service
The operating result is returned to corresponding client by device.
Specifically, after the operating result is got, operating result is sent to login service by sending module 804
The operating result is returned to corresponding client by device, the login service device.It is understood that working as file operation requests
During for upper transmitting file, the operating result can upload failure or upload to fail;When file operation requests are download file
When, the operating result can be the specific file content downloaded.
Above-mentioned to understand, the file operation device in the embodiment of the present invention, by receiving file operation requests, is grasped according to file
Target container and file request path that work is asked, obtain corresponding operating result and return to login service device, so that
Client directly can be checked or copied etc. and operated by login service device to the file on target container, without
Correlation sshd processes are run on container, without being that single container configures user name, password and network access path, can be with
Realize checking from client or copy the file on container, it is to avoid cumbersome configuration process, save server resource, carry
Allocative efficiency high.
In other embodiments, the result acquisition module 803 is further included:
Access unit, for calling nsenter orders to enter the target container according to target container mark
Mount NameSpaces;
Start unit, in the mount NameSpaces file opening interface service, the file interface service to be used for
Start webdav service processes on the target container, the webdav service processes are used to monitor webdav requests;
The file operation requests, for opening reverse proxy, are encapsulated as webdav requests by encapsulation unit, and agency arrives
The reverse proxy;
Receiving unit, for receiving the operating result that the target container is returned, wherein, on the target container
Webdav service processes respond the webdav requests, and return to corresponding operating result according to webdav requests.
Above-mentioned to understand, the file operation device in the embodiment of the present invention, by receiving file operation requests, is grasped according to file
Target container and file request path that work is asked, corresponding operating result is obtained by webdav agreements from target container
And login service device is returned to, so that client can be carried out directly by login service device to the file on target container
The operation such as check or copy, without running correlation sshd processes on container, without for single container configure user name,
Password and network access path, it is possible to achieve the file on container is checked or copied from client, it is to avoid cumbersome matching somebody with somebody
Process is put, server resource is saved, allocative efficiency is improve.
Fig. 9 show a kind of structural representation of file operating system first embodiment provided in an embodiment of the present invention.Such as
Shown in figure, the file operating system 900 includes:Client 901, login service device 902 and main frame 903.Wherein, the master
At least one container is provided with machine.
The client 901, for sending logging request to the login service device 902, the logging request includes mirror
Power information and target container information;
The login service device 902, for verifying the logging request according to the authentication information, and please in the login
To ask confirm when being verified and login successfully;
The login service device 902 is additionally operable to receive the client 901 by calling default file operation interface hair
The connection request for going out;
The login service device 902 is additionally operable to obtain operation information and the network site of the target container;
The login service device 902 is additionally operable to initiate file operation requests to the main frame 903 according to the connection request;
The main frame 903, for receiving and parsing through the file operation requests, obtains the file operation requests corresponding
Target container is identified and file request path;
The main frame 903 is additionally operable to according to target container mark and file request path, obtains the file behaviour
Make the corresponding operating result of request, and the operating result is sent to the login service device 902;
The login service device 902 is additionally operable to for the operating result to return to the client 901.
Above-mentioned to understand, the file operating system in the embodiment of the present invention is tested by the logging request according to client
Card, and the connection request that client is sent by file operation interface is received when being verified, according to connection request to target
Main frame initiates file operation requests where container, and corresponding operating result is returned into client, so that without holding
Correlation sshd processes are run on device, without being that single container configures user name, password and network access path, Ke Yishi
Now check or copy the file on container from client, it is to avoid cumbersome configuration process, save server resource, improve
Allocative efficiency.
In other embodiments, the file operating system also includes:Authentication server 904;
The login service device 902 sends authentication request to the authentication server 904, and the authentication request includes described
Authentication information and target container information, the authentication information include user account and password;
The authentication server 904, for verifying whether the user account and password match and user's account
Number to the target container whether have logon rights and file operation authority.
In other embodiments, the file operating system also includes:Relevant database 905;
The login service device 902 sends inquiry request according to the target container information to relevant database 905;
The relational data 905, for returning to corresponding Query Information, the Query Information according to the inquiry request
Operation information and network location information including the target container,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The main frame
IP address of internal network.
In other embodiments, the login service device 902 initiates file according to the connection request to the main frame
Operation requests, including:
The login service device 902 parses the connection request, obtains file request path;
The login service device 902 is according to the mark of the target container and the file request path to the target
Main frame sends long-range rest http requests where container;
Wherein, the file request path includes:Files passe request path and file download request path.
In other embodiments, the main frame 903 is identified and file request path according to the target container, is obtained
The corresponding operating result of the file operation requests, including:
The main frame 903 calls nsenter orders to enter the mount of the target container according to target container mark
NameSpace;
The main frame 903 is used in the mount NameSpaces file opening interface service, the file interface service
Start webdav service processes on the target container, the webdav service processes are used to monitor webdav requests;
The main frame 903 opens reverse proxy, the file operation requests is encapsulated as into webdav requests, and act on behalf of to institute
State reverse proxy;
The main frame 903 receives the operating result that the target container is returned, wherein, the webdav on the target container
Service processes respond the webdav requests, and return to corresponding operating result according to webdav requests.
Above-mentioned to understand, the file operating system in the embodiment of the present invention, by receiving file operation requests, is grasped according to file
Target container and file request path that work is asked, corresponding operating result is obtained by webdav agreements from target container
And login service device is returned to, so that client can be carried out directly by login service device to the file on target container
The operation such as check or copy, without running correlation sshd processes on container, without for single container configure user name,
Password and network access path, it is possible to achieve the file on container is checked or copied from client, it is to avoid cumbersome matching somebody with somebody
Process is put, server resource is saved, allocative efficiency is improve.
It should be noted that for foregoing each method embodiment, in order to be briefly described, therefore it is all expressed as a series of
Combination of actions, but those skilled in the art should know, the present invention not by described by sequence of movement limited because
According to the present invention, some steps can sequentially or simultaneously be carried out using other.Secondly, those skilled in the art should also know
Know, embodiment described in this description belongs to preferred embodiment, involved action and module is not necessarily of the invention
It is necessary.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not have the portion described in detail in certain embodiment
Point, may refer to the associated description of other embodiment.
Step in present invention method can according to actual needs carry out order adjustment, merge and delete.
Module, unit in embodiment of the present invention device can according to actual needs be merged, divide and deleted.Ability
Can be combined the feature of the different embodiments described in this specification and different embodiments or group by the technical staff in domain
Close.
Through the above description of the embodiments, it is apparent to those skilled in the art that the present invention can be with
Realized with hardware, or firmware is realized, or combinations thereof mode is realized.When implemented in software, can be by above-mentioned functions
Storage is transmitted in computer-readable medium or as one or more instructions on computer-readable medium or code.Meter
Calculation machine computer-readable recording medium includes computer-readable storage medium and communication media, and wherein communication media includes being easy to from a place to another
Any medium of individual place transmission computer program.Storage medium can be any usable medium that computer can be accessed.With
As a example by this but it is not limited to:Computer-readable medium can include random access memory (Random Access Memory,
RAM), read-only storage (Read-Only Memory, ROM), EEPROM (Electrically
Erasable Programmable Read-Only Memory, EEPROM), read-only optical disc (Compact Disc Read-
Only Memory, CD-ROM) or other optical disc storages, magnetic disk storage medium or other magnetic storage apparatus or can be used in
Carry or storage have instruction or data structure form desired program code and can by computer access any other
Medium.In addition.Any connection can be appropriate as computer-readable medium.If for example, software is to use coaxial cable, light
Fine optical cable, twisted-pair feeder, Digital Subscriber Line (Digital Subscriber Line, DSL) or such as infrared ray, radio and
The wireless technology of microwave etc is transmitted from website, server or other remote sources, then coaxial cable, optical fiber cable, double
The wireless technology of twisted wire, DSL or such as infrared ray, wireless and microwave etc be included in affiliated medium it is fixing in.Such as this hair
It is bright used, disk (Disk) and dish (disc) include compression laser disc (CD), laser disc, laser disc, Digital Versatile Disc (DVD),
Floppy disk and Blu-ray Disc, the replicate data of the usual magnetic of which disk, and dish is then with laser come optical replicate data.Group above
Conjunction should also be as being included within the protection domain of computer-readable medium.
In a word, the preferred embodiment of technical solution of the present invention is the foregoing is only, is not intended to limit of the invention
Protection domain.All any modification, equivalent substitution and improvements within the spirit and principles in the present invention, made etc., should be included in
Within protection scope of the present invention.
Claims (17)
1. a kind of file operation method, it is characterised in that including:
The logging request that client sends is received, the logging request includes authentication information and target container information;
The logging request is verified according to the authentication information, and confirms to login successfully when the logging request is verified;
The client is received by the connection request that calls default file operation interface to send;
Obtain operation information and the network site of the target container;
File operation requests are initiated to main frame where the target container according to the connection request, and receives the target container
The operating result that place main frame is returned, the client is returned to by the operating result.
2. file operation method as claimed in claim 1, it is characterised in that described to be stepped on according to authentication information checking
Record request, including:
The authentication information that the logging request includes is parsed, the authentication information includes user account and password;
Verify whether the user account and password match;
The corresponding logon rights of the user account are obtained, judges the user account is logged in whether the target container has
Authority and file operation authority;
If the user account and password match, and the user account has logon rights and text to the target container
Part operating right, then confirm as the logging request and be verified.
3. file operation method as claimed in claim 1, it is characterised in that the operation information of the acquisition target container
And network location information, including:
According to the target container information, inquiry request is sent to default relevant database;
The return information of the relevant database is received, the operation information of the target container is obtained according to the return information
And network location information,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The target container
The IP address of internal network of place main frame.
4. the file operation method as described in claim any one of 1-3, it is characterised in that the file operation requests are additionally operable to
The file destination of locking request, it is described to be asked to main frame initiation file operation where the target container according to the connection request
Ask, including:
The connection request is parsed, file request path is obtained;
Mark and the file request path according to the target container send long-range to main frame where the target container
Rest http requests;
Wherein, the file request path includes:Files passe request path and file download request path.
5. a kind of file operation device, it is characterised in that including:
First receiver module, the logging request for receiving client transmission, the logging request includes authentication information and mesh
Mark information of container;
Authentication module, for verifying the logging request according to the authentication information, and when the logging request is verified
Confirmation is logined successfully;
Second receiver module, for receiving the client by the connection request that calls default file operation interface to send;
Acquisition module, operation information and network site for obtaining the target container;
Request module, for initiating file operation requests to main frame where the target container according to the connection request, and connects
The operating result that main frame where the target container is returned is received, the operating result is returned into the client.
6. file operation device as claimed in claim 5, it is characterised in that the authentication module includes:
Resolution unit, for parsing the authentication information that the logging request includes, the authentication information include user account and
Password;
First authentication unit, for verifying whether the user account and password match;
Second authentication unit, for obtaining the corresponding logon rights of the user account, judges the user account to the mesh
Whether mark container has logon rights and file operation authority;
Determining unit, for having to the target container when the user account and password match, and the user account
When logon rights and file operation authority, confirm as the logging request and be verified.
7. file operation device as claimed in claim 5, it is characterised in that the acquisition module includes:
Query unit, for according to the target container information, inquiry request being sent to default relevant database;
Acquiring unit, the return information for receiving the relevant database obtains the target according to the return information
The operation information and network location information of container,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The target container
The IP address of internal network of place main frame.
8. the file operation device as described in claim 5-7, it is characterised in that the file operation requests are additionally operable to locking please
The file destination asked, the request module includes:
Path acquiring unit, for parsing the connection request, obtains file request path;
Request unit, for the mark according to the target container and the file request path to where the target container
Main frame sends long-range rest http requests;
Wherein, the file request path includes:Files passe request path and file download request path.
9. a kind of file operation method, it is characterised in that including:
Receive the file operation requests that login service device sends;
The file operation requests are parsed, the corresponding target container mark of the file operation requests and file request road is obtained
Footpath;
According to target container mark and file request path, the corresponding operating result of the file operation requests is obtained;
The operating result is sent to the login service device, to cause that the login service device returns to the operating result
To corresponding client.
10. file operation method as claimed in claim 9, it is characterised in that the file operation requests are additionally operable to locking please
The file destination asked, it is described according to target container mark and file request path, obtain the file operation requests pair
The operating result answered, including:
Nsenter orders are called to enter the mount NameSpaces of the target container according to target container mark;
In the mount NameSpaces file opening interface service, the file interface service is used in the target container
Start webdav service processes, the webdav service processes are used to monitor webdav requests;
Reverse proxy is opened, the file operation requests webdav requests is encapsulated as, and act on behalf of to the reverse proxy;
The operating result that the target container is returned is received, wherein, the webdav service processes response institute on the target container
Webdav requests are stated, and corresponding operating result is returned to according to webdav requests.
A kind of 11. file operation devices, it is characterised in that including:
Request receiving module, the file operation requests for receiving the transmission of login service device;
Parsing module, for parsing the file operation requests, obtains the corresponding target container mark of the file operation requests
And file request path;
As a result acquisition module, for being identified and file request path according to the target container, obtains the file operation and asks
Seek corresponding operating result;
Sending module, for the operating result to be sent into the login service device, to cause the login service device by institute
State operating result and return to corresponding client.
12. file operation devices as claimed in claim 9, it is characterised in that the file operation requests are additionally operable to locking please
The file destination asked, the result acquisition module includes:
Access unit, for calling the mount that nsenter orders enter the target container to order according to target container mark
The name space;
Start unit, in the mount NameSpaces file opening interface service, the file interface service to be used in institute
Startup webdav service processes on target container are stated, the webdav service processes are used to monitor webdav requests;
The file operation requests, for opening reverse proxy, are encapsulated as webdav requests, and act on behalf of described in by encapsulation unit
Reverse proxy;
Receiving unit, for receiving the operating result that the target container is returned, wherein, the webdav clothes on the target container
Business process responds the webdav requests, and returns to corresponding operating result according to webdav requests.
A kind of 13. file operating systems, it is characterised in that including:Client, login service device and main frame, on the main frame
It is provided with least one container;
The client, for the login service device send logging request, the logging request include authentication information and
Target container information;
The login service device, for verifying the logging request according to the authentication information, and in logging request checking
By when confirm login successfully;
The login service device is additionally operable to receive connection of the client by calling default file operation interface to send please
Ask;
The login service device is additionally operable to obtain operation information and the network site of the target container;
The login service device is additionally operable to initiate file operation requests to the main frame according to the connection request;
The main frame, for receiving and parsing through the file operation requests, obtains the corresponding target of the file operation requests and holds
Device is identified and file request path;
The main frame is additionally operable to, according to target container mark and file request path, obtain the file operation requests pair
The operating result answered, and the operating result is sent to the login service device;
The login service device is additionally operable to for the operating result to return to the client.
14. file operating systems as claimed in claim 13, it is characterised in that also include:Authentication server;
The login service device to the authentication server send authentication request, the authentication request include the authentication information with
And target container information, the authentication information include user account and password;
The authentication server, for verifying whether the user account and password match and the user account is to described
Whether target container has logon rights and file operation authority.
15. file operating systems as claimed in claim 13, it is characterised in that also include:Relevant database;
The login service device sends inquiry request according to the target container information to relevant database;
The relational data, for returning to corresponding Query Information according to the inquiry request, the Query Information includes institute
The operation information and network location information of target container are stated,
Wherein, the operation information includes:Run, suspend and exit;The network location information includes:The main frame it is interior
Net IP address.
16. file operating system as described in claim any one of 13-15, it is characterised in that the file operation requests are also
For the file destination of locking request, the login service device initiates file operation according to the connection request to the main frame please
Ask, including:
The login service device parses the connection request, obtains file request path;
The login service device is according to the mark of the target container and the file request path to the target container institute
Long-range rest http requests are sent in main frame;
Wherein, the file request path includes:Files passe request path and file download request path.
17. file operating system as described in claim any one of 13-15, it is characterised in that the main frame is according to the mesh
Mark container identification and file request path, obtain the corresponding operating result of the file operation requests, including:
It is empty that the main frame calls the mount that nsenter orders enter the target container to name according to target container mark
Between;
The main frame is used in the mesh in the mount NameSpaces file opening interface service, the file interface service
Start webdav service processes on mark container, the webdav service processes are used to monitor webdav requests;
The main frame opens reverse proxy, and the file operation requests are encapsulated as into webdav requests, and agency arrives described reverse
Agency;
The main frame receives the operating result that the target container is returned, wherein, the webdav on the target container service into
Journey responds the webdav requests, and returns to corresponding operating result according to webdav requests.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611211436.0A CN106844489A (en) | 2016-12-24 | 2016-12-24 | A kind of file operation method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611211436.0A CN106844489A (en) | 2016-12-24 | 2016-12-24 | A kind of file operation method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106844489A true CN106844489A (en) | 2017-06-13 |
Family
ID=59136207
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611211436.0A Pending CN106844489A (en) | 2016-12-24 | 2016-12-24 | A kind of file operation method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106844489A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107480509A (en) * | 2017-09-22 | 2017-12-15 | 携程旅游网络技术(上海)有限公司 | O&M safety auditing system logs in vessel process, system, equipment and storage medium |
| CN108549821A (en) * | 2018-04-02 | 2018-09-18 | 北京云知声信息技术有限公司 | Data permission management method and system |
| CN109600380A (en) * | 2018-12-19 | 2019-04-09 | 北京创鑫旅程网络技术有限公司 | Data transmission method and device |
| CN109743179A (en) * | 2018-12-29 | 2019-05-10 | 广州市中智软件开发有限公司 | A kind of electronics license signs and issues method on demand |
| CN110333914A (en) * | 2019-04-12 | 2019-10-15 | 上海连尚网络科技有限公司 | A method and device for performing target operations |
| CN110443054A (en) * | 2019-08-07 | 2019-11-12 | 中国建设银行股份有限公司 | A kind of system and method for online transmission data file |
| CN111131497A (en) * | 2019-12-31 | 2020-05-08 | 五八有限公司 | File transmission method and device, electronic equipment and storage medium |
| CN114710477A (en) * | 2022-03-23 | 2022-07-05 | 中国工商银行股份有限公司 | Method and device for executing command |
| CN114866537A (en) * | 2022-05-31 | 2022-08-05 | 山东省计算中心(国家超级计算济南中心) | Cross-host and cross-network file transmission method and system |
| CN115729675A (en) * | 2022-11-24 | 2023-03-03 | 支付宝(杭州)信息技术有限公司 | A terminal remote login processing method and system |
| CN119697177A (en) * | 2024-12-24 | 2025-03-25 | 中国民航信息网络股份有限公司 | Container file download method, device, electronic device and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050273787A1 (en) * | 2004-05-24 | 2005-12-08 | Kovachka-Dimitrova Monika M | Deploy callback system |
| CN103065100A (en) * | 2012-12-26 | 2013-04-24 | 中国人民解放军总参谋部第六十一研究所 | Container-based method of users to protect private data |
| CN105160269A (en) * | 2015-08-13 | 2015-12-16 | 浪潮电子信息产业股份有限公司 | Method and apparatus for accessing data in Docker container |
| CN105245373A (en) * | 2015-10-12 | 2016-01-13 | 天津市普迅电力信息技术有限公司 | Construction and operation method of container cloud platform system |
| CN105872019A (en) * | 2016-03-23 | 2016-08-17 | 北京搜狐新媒体信息技术有限公司 | Method and device for logging in Docker container by Web end |
-
2016
- 2016-12-24 CN CN201611211436.0A patent/CN106844489A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050273787A1 (en) * | 2004-05-24 | 2005-12-08 | Kovachka-Dimitrova Monika M | Deploy callback system |
| CN103065100A (en) * | 2012-12-26 | 2013-04-24 | 中国人民解放军总参谋部第六十一研究所 | Container-based method of users to protect private data |
| CN105160269A (en) * | 2015-08-13 | 2015-12-16 | 浪潮电子信息产业股份有限公司 | Method and apparatus for accessing data in Docker container |
| CN105245373A (en) * | 2015-10-12 | 2016-01-13 | 天津市普迅电力信息技术有限公司 | Construction and operation method of container cloud platform system |
| CN105872019A (en) * | 2016-03-23 | 2016-08-17 | 北京搜狐新媒体信息技术有限公司 | Method and device for logging in Docker container by Web end |
Non-Patent Citations (1)
| Title |
|---|
| 白渐: "一种新的进入容器的方式:WebSocket + Docker Remote API", 《HTTP://DOCKONE.IO/ARTICLE/1920》 * |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107480509A (en) * | 2017-09-22 | 2017-12-15 | 携程旅游网络技术(上海)有限公司 | O&M safety auditing system logs in vessel process, system, equipment and storage medium |
| CN108549821A (en) * | 2018-04-02 | 2018-09-18 | 北京云知声信息技术有限公司 | Data permission management method and system |
| CN108549821B (en) * | 2018-04-02 | 2021-08-17 | 云知声智能科技股份有限公司 | Data authority management method and system |
| CN109600380B (en) * | 2018-12-19 | 2020-11-10 | 北京创鑫旅程网络技术有限公司 | Data transmission method and device |
| CN109600380A (en) * | 2018-12-19 | 2019-04-09 | 北京创鑫旅程网络技术有限公司 | Data transmission method and device |
| CN109743179A (en) * | 2018-12-29 | 2019-05-10 | 广州市中智软件开发有限公司 | A kind of electronics license signs and issues method on demand |
| CN109743179B (en) * | 2018-12-29 | 2022-04-05 | 广州市中智软件开发有限公司 | Electronic certificate issuing method according to requirements |
| CN110333914A (en) * | 2019-04-12 | 2019-10-15 | 上海连尚网络科技有限公司 | A method and device for performing target operations |
| CN110333914B (en) * | 2019-04-12 | 2023-09-15 | 上海连尚网络科技有限公司 | A method and device for performing target operations |
| CN110443054A (en) * | 2019-08-07 | 2019-11-12 | 中国建设银行股份有限公司 | A kind of system and method for online transmission data file |
| CN111131497A (en) * | 2019-12-31 | 2020-05-08 | 五八有限公司 | File transmission method and device, electronic equipment and storage medium |
| CN111131497B (en) * | 2019-12-31 | 2022-08-26 | 五八有限公司 | File transmission method and device, electronic equipment and storage medium |
| CN114710477A (en) * | 2022-03-23 | 2022-07-05 | 中国工商银行股份有限公司 | Method and device for executing command |
| CN114710477B (en) * | 2022-03-23 | 2024-04-30 | 中国工商银行股份有限公司 | Method and device for executing command |
| CN114866537A (en) * | 2022-05-31 | 2022-08-05 | 山东省计算中心(国家超级计算济南中心) | Cross-host and cross-network file transmission method and system |
| CN114866537B (en) * | 2022-05-31 | 2023-08-04 | 山东省计算中心(国家超级计算济南中心) | A cross-host and cross-network file transfer method and system |
| CN115729675A (en) * | 2022-11-24 | 2023-03-03 | 支付宝(杭州)信息技术有限公司 | A terminal remote login processing method and system |
| CN119697177A (en) * | 2024-12-24 | 2025-03-25 | 中国民航信息网络股份有限公司 | Container file download method, device, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106844489A (en) | A kind of file operation method, device and system | |
| CN110830463B (en) | Third party authorized login method and device | |
| US11088903B2 (en) | Hybrid cloud network configuration management | |
| CN104506510B (en) | Method and device for equipment authentication and authentication service system | |
| CN115189897B (en) | Access processing method and device of zero trust network, electronic equipment and storage medium | |
| CN1605181B (en) | Method and system for providing secure access to resources on a private network | |
| CN106685949A (en) | Container access method, container access device and container access system | |
| CN112261172B (en) | Service addressing access method, device, system, equipment and medium | |
| CN115118705A (en) | Industrial edge management and control platform based on micro-service | |
| CN108881308B (en) | User terminal and authentication method, system and medium thereof | |
| CN108289098B (en) | Authority management method and device of distributed file system, server and medium | |
| CN107528865A (en) | The method for down loading and system of file | |
| US12095741B1 (en) | Secure proxy service | |
| CN111191200B (en) | A three-party linkage authentication page display method, device and electronic equipment | |
| CN105871794A (en) | Distributed file system date storage method and system, client and server | |
| CN110099129A (en) | A kind of data transmission method and equipment | |
| CN1601954B (en) | Moving principals across security boundaries without service interruption | |
| CN111935260A (en) | Account synchronization method and device, electronic equipment and storage medium | |
| US12587504B2 (en) | Connectionless-virtual private network for secure cloud to user communication over the internet using a plurality of servers | |
| KR101395830B1 (en) | Session checking system via proxy and checkhing method thereof | |
| CN109672744A (en) | A kind of image fort machine method and system of user's unaware | |
| WO2025050947A1 (en) | Method, apparatus and system for accessing identity data | |
| CN118283110A (en) | Gateway request message conversion method, device, equipment and medium | |
| CN116962341A (en) | A mail delivery method, device, equipment and storage medium | |
| CN116366272B (en) | Resource processing method, device, server and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170613 |
|
| RJ01 | Rejection of invention patent application after publication |