Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for performing Web interface access control by using JWT

An interface access and interface technology, applied in the field of web interface access control, can solve maintenance troubles and other problems, and achieve the effect of easy maintenance

Pending Publication Date: 2022-03-25
成都安美勤信息技术股份有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] There are certain disadvantages in this type of method, mainly reflected in: 1. The permission identifier bound to the interface needs to be hard-coded. If this hard-coded rule is not well designed, it will often be difficult for people to understand. Secondly, additional 2. When designing an interface interceptor, it is necessary to pass the permission identifier into the interceptor through parameter display in order to make access control judgments; 3. It is relatively troublesome in later maintenance, for example If a permission identifier "xxx" needs to be changed to "xxxx", then it needs to be modified at the location where the identifier is defined, the place where the interface interceptor passes parameters also needs to be modified, and other referenced places also need to be modified

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for performing Web interface access control by using JWT

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] In order to make the objectives, technical solutions and advantages of the present application clearer, the present application will be further described in detail below with reference to the accompanying drawings and specific embodiments.

[0015] In the following description, references to "one embodiment," "an embodiment," "an example," "example," etc. indicate that the embodiment or example so described may include a particular feature, structure, characteristic, property, element or limitations, but not every embodiment or example necessarily includes particular features, structures, characteristics, properties, elements or limitations. Additionally, repeated use of the phrase "according to one embodiment of the present application", although possibly referring to the same embodiment, is not necessarily referring to the same embodiment.

[0016] For simplicity, certain technical features known to those skilled in the art are omitted from the following description. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for performing Web interface access control by using JWT. The method comprises the following steps: S1, connecting an endpoint name of an interface URL and an interface request method to form an interface permission identifier; s2, distributing the interface authority to the user; s3, after the user passes the login authentication, the authority identifier is stored in the JWT and returned to the user, and the user carries the JWT in a subsequent interface request; and S4, setting an interface request interceptor, judging whether an identifier formed by an endpoint name and a request method of the interface is in the JWT, if so, releasing the request, and if not, refusing the request. According to the method, interface permission identifier hard codes are reduced, permission identifiers are from endpoint names of interface URLs and interface methods, and the work that whether permission identifiers are repeated or not needs to be additionally carried out in common methods is omitted; meanwhile, the interface request interceptor does not need to explicitly transmit permission identification, so that a certain code quantity is saved; and if the permission identifier needs to be changed, only the name of the interface endpoint needs to be changed, so that the maintenance becomes easier.

Description

technical field [0001] The present invention specifically relates to a method for Web interface access control using JWT. Background technique [0002] The common method of using JWT for Web interface access control is to define an interface permission ID and bind the ID to the interface, and then assign the interface permission ID as a permission to the user. After the user passes the login authentication, the permission ID is stored in the In the JWT, and then in the interface, the authority identifies whether it exists in the JWT, so as to achieve the purpose of interface access control. [0003] This type of method has certain drawbacks, which are mainly reflected in: 1. The permission identification bound to the interface needs to be hard-coded. If the hard-coded rules are not well designed, it is often difficult to understand, and secondly, additional 2. When designing an interface interceptor, it is necessary to display the permission identifier in the form of a para...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/20
CPCG06F8/24
Inventor 李劲雄柯贤祥何志鹏范松王冠华
Owner 成都安美勤信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products