File access method and device, processor and electronic device

By obtaining the target object's IP address and identification information, and combining nginx's high-performance features and IP address range restrictions, the problem of poor server performance caused by file stream access was solved, achieving secure and efficient file access.

CN116185954BActive Publication Date: 2026-06-09CHINA TELECOM CORP LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM CORP LTD
Filing Date
2022-12-29
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

In existing technologies, accessing files on a server via file streams results in poor server performance, especially when a large number of files are accessed simultaneously, which incurs significant server performance overhead and poses a network security risk of unauthorized access.

Method used

By receiving requests from the target object, obtaining its IP address, retrieving the file address information based on the IP address, and using the identification information to determine the access result, combined with nginx's high-performance features and IP address range restrictions, authorized access is achieved.

Benefits of technology

It improved server performance, ensured the security and efficiency of file access, and avoided unauthorized access and network security risks.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116185954B_ABST
    Figure CN116185954B_ABST
Patent Text Reader

Abstract

The application discloses a file access method and device, a processor and an electronic device. The method comprises the following steps: receiving a target request sent by a target object through a software program, wherein the target request is used for requesting to access a target file in a server; acquiring an IP address of the target object according to the target request sent by the target object; acquiring address information of the target file based on the IP address of the target object, wherein the address information at least comprises identification information of the target object; determining an access result of the target object accessing the target file according to the identification information, and returning the access result to the target object. Through the application, the problem that the performance of the server is poor due to the form of file stream accessing the file in the server in the related art is solved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of computer technology, and more specifically, to a method and apparatus for accessing files, a processor, and an electronic device. Background Technology

[0002] In the field of internet development, nginx (an open-source software program) is used to read static files, and its high performance and high concurrency have made it a popular method for accessing files on the internet. However, with the increasing awareness of network information security, the requirements for network information security are also becoming more stringent. If the access file address is not encrypted and authorization is not verified, it will lead to unauthorized access to a user's files and the complete scraping of server files by web crawlers. Moreover, the aforementioned static files refer to audio and video files, image files, and document files, etc.

[0003] One related technology uses software to proxy file addresses, allowing access via internet paths and addresses. Its ease of use and ability to leverage Nginx's high performance have made it popular among developers. However, this technology suffers from unauthorized access issues. The file paths proxied by Nginx can be scanned by web crawlers and vulnerability scanners, allowing others to copy and distribute files via chat tools. This can lead to user privacy leaks, with files being downloaded and used by unauthorized individuals, posing a serious cybersecurity risk.

[0004] Related technology two implements authorized access through a combination of tokens (identification information) and file streams. By appending the token to the file access address, the program's file access method is called. First, the token's validity and permissions are verified, then the file stream is invoked to download the file from the server to the user. While related technology two can solve the problem of authorized file access, reading files via streams consumes a significant amount of I / O (Input and Output), making it unsuitable for large-scale simultaneous access. Furthermore, it incurs significant server performance overhead, making it unsuitable as a method for accessing static files.

[0005] There is currently no effective solution to the problem of poor server performance caused by accessing files on the server via file streams in related technologies. Summary of the Invention

[0006] The main objective of this application is to provide a file access method, apparatus, processor, and electronic device to solve the problem of poor server performance caused by accessing files on a server in the form of file streams in related technologies.

[0007] To achieve the above objectives, according to one aspect of this application, a method for accessing a file is provided. The method includes: receiving a target request sent by a target object through a software program, wherein the target request is for requesting access to a target file on a server; obtaining the IP address of the target object based on the target request sent by the target object; obtaining address information of the target file based on the IP address of the target object, wherein the address information includes at least identification information of the target object; determining the access result of the target object accessing the target file based on the identification information, and returning the access result to the target object.

[0008] Furthermore, obtaining the address information of the target file based on the IP address of the target object includes: obtaining a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and obtaining the address information of the target file based on the preset IP address range and the IP address of the target object.

[0009] Further, obtaining the address information of the target file based on the preset IP address range and the IP address of the target object includes: determining whether the IP address of the target object belongs to the preset IP address range; if the IP address of the target object does not belong to the preset IP address range, sending a reminder message to the target object to remind the target object that accessing the target file failed; if the IP address of the target object belongs to the preset IP address range, obtaining the address information of the target file.

[0010] Further, determining the access result of the target object to the target file based on the identification information includes: determining whether the identification information is correct; if the identification information is correct, obtaining the target object's permission information from the identification information; determining whether the target object has permission to access the target file based on the target object's permission information; if the target object has permission to access the target file, determining whether the identification information has expired; if the identification information has expired, sending a reminder message to the target object to remind the target object that accessing the target file failed; if the identification information has not expired, sending the address information of the target file to the target object so that the target object can access the target file according to the address information.

[0011] Further, determining whether the identification information is correct includes: parsing the identification information to obtain a parsing result; determining whether the parsing result contains the attribute information and permission information of the target object; if the parsing result contains the attribute information and permission information of the target object, then the identification information is correct; if the parsing result does not contain the attribute information and permission information of the target object, then the identification information is incorrect.

[0012] Furthermore, obtaining the IP address of the target object based on the target request sent by the target object includes: obtaining the target log corresponding to the software program based on the target request sent by the target object; and parsing the target log to obtain the IP address of the target object.

[0013] Furthermore, before obtaining the address information of the target file based on the IP address of the target object, the method further includes: obtaining the relative path of the target file, the path of the software program, and the identification information of the target object; and concatenating the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0014] To achieve the above objectives, according to another aspect of this application, a file access device is provided. The device includes: a first receiving unit, configured to receive a target request sent by a target object via a software program, wherein the target request is for requesting access to a target file on a server; a first obtaining unit, configured to obtain the IP address of the target object based on the target request sent by the target object; a second obtaining unit, configured to obtain address information of the target file based on the IP address of the target object, wherein the address information includes at least identification information of the target object; and a first determining unit, configured to determine the access result of the target object accessing the target file based on the identification information, and return the access result to the target object.

[0015] Furthermore, the second acquisition unit includes: a first acquisition module, used to acquire a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and a second acquisition module, used to acquire the address information of the target file based on the preset IP address range and the IP address of the target object.

[0016] Further, the second acquisition module includes: a first judgment submodule, used to judge whether the IP address of the target object belongs to the preset IP address range; a first sending submodule, used to send a reminder message to the target object if the IP address of the target object does not belong to the preset IP address range, so as to remind the target object that accessing the target file failed; and a first acquisition submodule, used to acquire the address information of the target file if the IP address of the target object belongs to the preset IP address range.

[0017] Further, the first determining unit includes: a first judging module, used to judge whether the identification information is correct; a third obtaining module, used to obtain the permission information of the target object from the identification information if the identification information is correct; a second judging module, used to judge whether the target object has permission to access the target file based on the permission information of the target object; a third judging module, used to judge whether the identification information has expired if the target object has permission to access the target file; a first sending module, used to send a reminder message to the target object if the identification information has expired, to remind the target object that accessing the target file failed; and a second sending module, used to send the address information of the target file to the target object if the identification information has not expired, so that the target object can access the target file according to the address information.

[0018] Further, the first judgment module includes: a first parsing submodule, used to parse the identification information to obtain a parsing result; a second judgment submodule, used to determine whether the parsing result contains the attribute information and permission information of the target object; a first determination submodule, used to indicate that the identification information is correct if the parsing result contains the attribute information and permission information of the target object; and a second determination submodule, used to indicate that the identification information is incorrect if the parsing result does not contain the attribute information and permission information of the target object.

[0019] Furthermore, the first acquisition unit includes: a fourth acquisition module, used to acquire the target log corresponding to the software program based on the target request sent by the target object; and a first parsing module, used to parse the target log and acquire the IP address of the target object.

[0020] Furthermore, the device further includes: a third acquisition unit, configured to acquire the relative path of the target file, the path of the software program, and the identification information of the target object before acquiring the address information of the target file based on the IP address of the target object; and a first processing unit, configured to concatenate the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0021] To achieve the above objectives, according to another aspect of this application, a processor is provided for running a program, wherein the program, when running, executes the file access method described in any of the above-described methods.

[0022] To achieve the above objectives, according to another aspect of this application, an electronic device is provided, the electronic device including one or more processors and a memory, the memory being used to store one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors cause the one or more processors to implement the file access method described in any of the above.

[0023] This application employs the following steps: receiving a target request sent by a target object through a software program, wherein the target request requests access to a target file on a server; obtaining the IP address of the target object based on the target request; obtaining the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identification information of the target object; determining the access result of the target object accessing the target file based on the identification information, and returning the access result to the target object. This solves the problem of poor server performance caused by accessing files on a server in the form of file streams in related technologies. By obtaining the IP address of the target object based on the request sent by the target object to access a target file on the server received by the software program, obtaining the address information of the target file based on the IP address of the target object, and determining the access result of the target object accessing the target file based on the identification information of the target object in the address information, the performance of the server is improved when accessing files on the server. Attached Figure Description

[0024] The accompanying drawings, which form part of this application, are used to provide a further understanding of this application. The illustrative embodiments and descriptions of this application are used to explain this application and do not constitute an undue limitation of this application. In the drawings:

[0025] Figure 1 This is a flowchart of a file access method provided according to an embodiment of this application;

[0026] Figure 2 This is a flowchart of an optional file access method provided according to an embodiment of this application;

[0027] Figure 3 This is a schematic diagram of a document access device provided according to an embodiment of this application;

[0028] Figure 4 This is a schematic diagram of an electronic device provided according to an embodiment of this application. Detailed Implementation

[0029] It should be noted that, unless otherwise specified, the embodiments and features described in this application can be combined with each other. This application will now be described in detail with reference to the accompanying drawings and embodiments.

[0030] To enable those skilled in the art to better understand the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present application, and not all embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative effort should fall within the scope of protection of the present application.

[0031] It should be noted that the terms "first," "second," etc., in the specification, claims, and accompanying drawings of this application are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate for the embodiments of this application described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion; for example, a process, method, system, product, or apparatus that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.

[0032] It should be noted that all information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for display, data used for analysis, etc.) involved in this disclosure are information and data authorized by the user or fully authorized by all parties. For example, this system has an interface with relevant users or organizations. Before obtaining relevant information, it is necessary to send an acquisition request to the aforementioned user or organization through the interface, and obtain the relevant information after receiving consent information from the aforementioned user or organization.

[0033] The present invention will now be described in conjunction with preferred implementation steps. Figure 1 This is a flowchart of a file access method provided according to an embodiment of this application, such as... Figure 1 As shown, the method includes the following steps:

[0034] Step S101: Receive the target request sent by the target object through the software program, wherein the target request is used to request access to the target file in the server.

[0035] For example, a user initiates a request to access a file on the server, and the nginx component (an open-source software program) can then receive the user's request to access the file.

[0036] Step S102: Obtain the IP address of the target object based on the target request sent by the target object.

[0037] For example, after receiving a request from a user to access a file, the nginx component obtains the user's exit IP address (Internet Protocol Address) for the network.

[0038] Step S103: Based on the IP address of the target object, obtain the address information of the target file, wherein the address information includes at least the identification information of the target object.

[0039] For example, the program obtains the file path based on the user's exit IP address on the network, and the file path already contains a token value used to represent the user's identity.

[0040] Step S104: Based on the identification information, determine the access result of the target object accessing the target file, and return the access result to the target object.

[0041] For example, the program verifies the token to determine whether a user can access a file, and then sends the result to the user.

[0042] Through the above steps S101 to S104, the IP address of the target object is obtained based on the request sent by the target object to access the target file on the server received by the software program. Then, based on the IP address of the target object, the address information of the target file is obtained. Based on the identification information of the target object in the address information, the access result of the target object accessing the target file is determined, thereby achieving the effect of improving the performance of the server when accessing files on the server.

[0043] To quickly and accurately obtain the address information of the target file, the file access method provided in this application embodiment can also obtain the address information of the target file through the following steps: obtaining the relative path of the target file, the path of the software program, and the identification information of the target object; concatenating the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0044] For example, when a user accesses a file, the program concatenates the file's relative path with the path proxied by the nginx and returns it to the user. Then, when the user requests the static file address, the program calls the backend method, receives the token value (the aforementioned identification information) passed from the frontend, and rewrites the file path and token parameter address.

[0045] Using the above method, the file path to be rewritten can be easily obtained based on the relative path of the file, the path of the software program, and the address of the token parameter.

[0046] To quickly and accurately obtain the IP address of the target object, the file access method provided in this application embodiment can also obtain the IP address of the target object through the following steps: obtaining the target log corresponding to the software program based on the target request sent by the target object; parsing the target log to obtain the IP address of the target object.

[0047] For example, first configure the Nginx log format, analyze the logs to identify the user's real IP address, then configure the Nginx parameters to select `http_x_forwarded_for` as the user's real IP. Then, by parsing the logs, you can obtain the user's real IP address.

[0048] In summary, by parsing pre-configured logs, the user's real IP address can be obtained quickly and accurately.

[0049] In order to quickly and accurately obtain the address information of the target file, the file access method provided in this application embodiment can also obtain the address information of the target file through the following steps: obtaining a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and obtaining the address information of the target file based on the preset IP address range and the IP address of the target object.

[0050] For example, a range of IP addresses can be pre-set, and then the file path can be obtained based on the pre-set IP address range and the user's actual IP address.

[0051] Using the above method, the file path can be obtained quickly and accurately based on the pre-set IP address range and the user's actual IP address.

[0052] To quickly and accurately obtain the address information of the target file, the file access method provided in this application embodiment can also obtain the address information of the target file through the following steps: determining whether the IP address of the target object belongs to a preset IP address range; if the IP address of the target object does not belong to the preset IP address range, then sending a reminder message to the target object to remind the target object that accessing the target file has failed; if the IP address of the target object belongs to the preset IP address range, then obtaining the address information of the target file.

[0053] For example, you can configure nginx to restrict and authorize access to IP address ranges. Specifically, if the IP address range is outside the allowed range, a message prohibiting access should be returned to the user; if the IP address range is within the allowed range, the parameter should be set to true (correct), and if true, access to the system should continue to be granted, and the file path should be obtained.

[0054] In summary, by determining whether the IP address range is within the allowed range, the file path can be obtained quickly and accurately.

[0055] To quickly and accurately determine whether the identification information is correct, the file access method provided in this application embodiment can also determine whether the identification information is correct through the following steps: parsing the identification information to obtain the parsing result; determining whether the parsing result contains the attribute information and permission information of the target object; if the parsing result contains the attribute information and permission information of the target object, it indicates that the identification information is correct; if the parsing result does not contain the attribute information and permission information of the target object, it indicates that the identification information is incorrect.

[0056] For example, first parse the token and determine whether parsing the token can obtain the user's information and permissions. If parsing the token can obtain the user's information and permissions, then the token is correct; if parsing the token cannot obtain the user's information and permissions, then the token is incorrect.

[0057] The above method can quickly and accurately determine the correctness of the token.

[0058] To quickly and accurately determine the access result of a target object accessing a target file, the file access method provided in this application embodiment can also determine the access result of a target object accessing a target file through the following steps: determining whether the identification information is correct; if the identification information is correct, obtaining the target object's permission information from the identification information; determining whether the target object has permission to access the target file based on the target object's permission information; if the target object has permission to access the target file, determining whether the identification information has expired; if the identification information has expired, sending a reminder message to the target object to remind the target object that accessing the target file failed; if the identification information has not expired, sending the address information of the target file to the target object so that the target object can access the target file according to the address information.

[0059] For example, once the token is confirmed to be correct, the system then checks whether the user has permission to access the file. If the user has permission, the system then checks whether the token is valid. If the token is invalid, the system sends an access denied message to the user. If the token is valid, the system returns the file address to the user, who can then retrieve the file using the received address.

[0060] The above method can quickly and accurately determine the results of a user's file access.

[0061] For example, Figure 2 This is a flowchart of an optional file access method provided according to an embodiment of this application, such as... Figure 2 As shown, the optional file access methods include the following steps:

[0062] 1. Install nginx and configure the server to obtain the user's real IP address:

[0063] 1. Configure the nginx log format and analyze the logs to determine which field represents the real IP address accessed by the user;

[0064] 2. Configure nginx parameters, selecting http_x_forwarded_for as the user's real IP address, and use this as the input parameter to determine user access permissions.

[0065] 2. Configure nginx to restrict and authorize access to IP address ranges. Specifically, when a user accesses a file, the nginx component obtains the user's network egress IP address and determines if it falls within the allowed IP range. If the IP address range is within the allowed range, the parameter is set to true, and access continues through the system, with the file path obtained via a program (which can be code developed by the developers). If the IP address range is not within the allowed range, a 403 (Access Denied) status is returned, prohibiting access.

[0066] Third, configure nginx. This step adds a proxy strategy to the original nginx proxy, which proxies static files and rewrites them to the access path. This access path is provided by the software program and is used to receive details of the files retrieved by the user.

[0067] IV. The software program provides authorized access verification:

[0068] (i) When a user accesses a file, the program concatenates the file's relative path with the path proxied by the nginx proxy and returns it to the user. Furthermore, the program can evaluate the nginx proxy path using the public IP address or domain name of the nginx server, and then concatenate the file's relative address.

[0069] (ii) When a user requests the static file address, the program calls the backend method and receives the token value, file name, and file type passed from the frontend. The file type is used to determine the file extension type to prevent access to other file formats.

[0070] (iii) When a user accesses a file, the program verifies the token. If the token is found to be valid after verification, the program calls the file retrieval method to retrieve the file and returns it to the user. If the token is found to be invalid, the program returns a 403 (no access) status, prohibiting access.

[0071] The above solution fully leverages the features of nginx, combining network IP restrictions and software programs to assemble a complete set of static file access authorization programs. This maintains low operational complexity, preserves nginx's high performance advantages, solves the challenges of file access authorization, and allows for individual access control of specific IP address ranges, meeting network security requirements and providing management and emergency response measures for network security hardening. Furthermore, it can be flexibly integrated with software permission systems, enabling timely IP address access authentication for security personnel through IP address restriction technology.

[0072] Furthermore, using nginx to retrieve static files can lead to unauthorized access because it lacks association with the accessing user's session and doesn't perform user authorization verification. This can result in serious user information leaks and severe network security incidents. The method provided in this application effectively solves this problem by ensuring high performance while also associating with the user session and verifying session permissions.

[0073] In summary, the file access method provided in this application receives a target request sent by a target object through a software program. The target request requests access to a target file on a server. Based on the target request, the IP address of the target object is obtained. Based on the IP address, the address information of the target file is obtained, where the address information includes at least the target object's identification information. Based on the identification information, the access result of the target object accessing the target file is determined, and the access result is returned to the target object. This solves the problem of poor server performance caused by accessing files on a server via file streams in related technologies. By obtaining the target object's IP address based on the request received by the target object from the software program, obtaining the target file's address information based on the target object's IP address, and determining the access result of the target object accessing the target file based on the target object's identification information in the address information, the method improves server performance when accessing files on a server.

[0074] It should be noted that the steps shown in the flowchart in the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and although a logical order is shown in the flowchart, in some cases the steps shown or described may be executed in a different order than that shown here.

[0075] This application also provides a file access device. It should be noted that the file access device of this application can be used to execute the file access method provided in this application. The file access device provided in this application is described below.

[0076] Figure 3 This is a schematic diagram of a document access device according to an embodiment of this application. Figure 3 As shown, the device includes: a first receiving unit 301, a first acquiring unit 302, a second acquiring unit 303, and a first determining unit 304.

[0077] Specifically, the first receiving unit 301 is used to receive a target request sent by the target object through a software program, wherein the target request is used to request access to a target file in the server;

[0078] The first acquisition unit 302 is used to acquire the IP address of the target object based on the target request sent by the target object;

[0079] The second acquisition unit 303 is used to acquire the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identification information of the target object;

[0080] The first determining unit 304 is used to determine the access result of the target object accessing the target file based on the identification information, and return the access result to the target object.

[0081] In summary, the file access device provided in this application embodiment receives a target request sent by a target object through a software program via a first receiving unit 301. The target request requests access to a target file on a server. A first obtaining unit 302 obtains the IP address of the target object based on the target request. A second obtaining unit 303 obtains the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identifier information of the target object. A first determining unit 304 determines the access result of the target object accessing the target file based on the identifier information and returns the access result to the target object. This solves the problem of poor server performance caused by accessing files on a server via file streams in related technologies. By obtaining the IP address of the target object based on the request to access a target file on the server received by the target object through the software program, obtaining the address information of the target file based on the IP address, and determining the access result of the target object accessing the target file based on the identifier information of the target object in the address information, the device improves server performance when accessing files on the server.

[0082] Optionally, in the file access device provided in the embodiments of this application, the second acquisition unit includes: a first acquisition module, used to acquire a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and a second acquisition module, used to acquire the address information of the target file based on the preset IP address range and the IP address of the target object.

[0083] Optionally, in the file access device provided in this application embodiment, the second acquisition module includes: a first judgment submodule, used to judge whether the IP address of the target object belongs to a preset IP address range; a first sending submodule, used to send a reminder message to the target object if the IP address of the target object does not belong to the preset IP address range, so as to remind the target object that access to the target file has failed; and a first acquisition submodule, used to acquire the address information of the target file if the IP address of the target object belongs to the preset IP address range.

[0084] Optionally, in the file access device provided in this application embodiment, the first determining unit includes: a first judging module, used to judge whether the identification information is correct; a third obtaining module, used to obtain the permission information of the target object from the identification information if the identification information is correct; a second judging module, used to judge whether the target object has permission to access the target file based on the permission information of the target object; a third judging module, used to judge whether the identification information has expired if the target object has permission to access the target file; a first sending module, used to send a reminder message to the target object if the identification information has expired, to remind the target object that accessing the target file has failed; and a second sending module, used to send the address information of the target file to the target object if the identification information has not expired, so that the target object can access the target file according to the address information.

[0085] Optionally, in the file access device provided in the embodiments of this application, the first judgment module includes: a first parsing submodule, used to parse the identification information to obtain a parsing result; a second judgment submodule, used to determine whether the parsing result contains the attribute information and permission information of the target object; a first determination submodule, used to indicate that the identification information is correct if the parsing result contains the attribute information and permission information of the target object; and a second determination submodule, used to indicate that the identification information is incorrect if the parsing result does not contain the attribute information and permission information of the target object.

[0086] Optionally, in the file access device provided in the embodiments of this application, the first acquisition unit includes: a fourth acquisition module, used to acquire the target log corresponding to the software program based on the target request sent by the target object; and a first parsing module, used to parse the target log and acquire the IP address of the target object.

[0087] Optionally, in the file access device provided in the embodiments of this application, the device further includes: a third acquisition unit, used to acquire the relative path of the target file, the path of the software program, and the identification information of the target object before acquiring the address information of the target file based on the IP address of the target object; and a first processing unit, used to concatenate the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0088] The file access device includes a processor and a memory. The first receiving unit 301, the first acquiring unit 302, the second acquiring unit 303, and the first determining unit 304 are all stored in the memory as program units. The processor executes the program units stored in the memory to implement the corresponding functions.

[0089] The processor contains a kernel, which retrieves the corresponding program units from memory. One or more kernels can be configured; by adjusting kernel parameters, server performance can be improved when accessing files on the server.

[0090] The memory may include non-permanent memory in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM, and the memory includes at least one memory chip.

[0091] This invention provides a computer-readable storage medium storing a program thereon, which, when executed by a processor, implements a method for accessing the file.

[0092] This invention provides a processor for running a program, wherein the program executes a file access method during runtime.

[0093] like Figure 4 As shown, this embodiment of the invention provides an electronic device, which includes a processor, a memory, and a program stored in the memory and executable on the processor. When the processor executes the program, it performs the following steps: receiving a target request sent by a target object through a software program, wherein the target request is used to request access to a target file in a server; obtaining the IP address of the target object based on the target request sent by the target object; obtaining the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identification information of the target object; determining the access result of the target object accessing the target file based on the identification information, and returning the access result to the target object.

[0094] When the processor executes the program, it also performs the following steps: obtaining the address information of the target file based on the IP address of the target object includes: obtaining a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and obtaining the address information of the target file based on the preset IP address range and the IP address of the target object.

[0095] When the processor executes the program, it also performs the following steps: obtaining the address information of the target file based on the preset IP address range and the IP address of the target object includes: determining whether the IP address of the target object belongs to the preset IP address range; if the IP address of the target object does not belong to the preset IP address range, then sending a reminder message to the target object to remind the target object that accessing the target file failed; if the IP address of the target object belongs to the preset IP address range, then obtaining the address information of the target file.

[0096] When the processor executes the program, it also performs the following steps: determining the access result of the target object to the target file based on the identification information includes: judging whether the identification information is correct; if the identification information is correct, obtaining the permission information of the target object from the identification information; judging whether the target object has permission to access the target file based on the permission information of the target object; if the target object has permission to access the target file, judging whether the identification information has expired; if the identification information has expired, sending a reminder message to the target object to remind the target object that accessing the target file failed; if the identification information has not expired, sending the address information of the target file to the target object so that the target object can access the target file according to the address information.

[0097] When the processor executes the program, it also performs the following steps: determining whether the identification information is correct includes: parsing the identification information to obtain a parsing result; determining whether the parsing result contains the attribute information and permission information of the target object; if the parsing result contains the attribute information and permission information of the target object, it indicates that the identification information is correct; if the parsing result does not contain the attribute information and permission information of the target object, it indicates that the identification information is incorrect.

[0098] When the processor executes the program, it also performs the following steps: obtaining the IP address of the target object based on the target request sent by the target object includes: obtaining the target log corresponding to the software program based on the target request sent by the target object; parsing the target log to obtain the IP address of the target object.

[0099] When the processor executes the program, it also performs the following steps: before obtaining the address information of the target file based on the IP address of the target object, the method further includes: obtaining the relative path of the target file, the path of the software program, and the identification information of the target object; concatenating the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0100] The devices mentioned in this article can be servers, PCs, tablets, mobile phones, etc.

[0101] This application also provides a computer program product, which, when executed on a data processing device, is suitable for executing an initialization program having the following method steps: receiving a target request sent by a target object through a software program, wherein the target request is used to request access to a target file in a server; obtaining the IP address of the target object based on the target request sent by the target object; obtaining the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identification information of the target object; determining the access result of the target object accessing the target file based on the identification information, and returning the access result to the target object.

[0102] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: obtaining the address information of the target file based on the IP address of the target object, including: obtaining a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and obtaining the address information of the target file based on the preset IP address range and the IP address of the target object.

[0103] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: obtaining the address information of the target file based on the preset IP address range and the IP address of the target object, including: determining whether the IP address of the target object belongs to the preset IP address range; if the IP address of the target object does not belong to the preset IP address range, sending a reminder message to the target object to remind the target object that accessing the target file has failed; if the IP address of the target object belongs to the preset IP address range, obtaining the address information of the target file.

[0104] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: determining the access result of the target object to the target file based on the identification information, including: determining whether the identification information is correct; if the identification information is correct, obtaining the permission information of the target object from the identification information; determining whether the target object has permission to access the target file based on the permission information of the target object; if the target object has permission to access the target file, determining whether the identification information has expired; if the identification information has expired, sending a reminder message to the target object to remind the target object that accessing the target file failed; if the identification information has not expired, sending the address information of the target file to the target object so that the target object can access the target file according to the address information.

[0105] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: determining whether the identification information is correct includes: parsing the identification information to obtain a parsing result; determining whether the parsing result contains the attribute information and permission information of the target object; if the parsing result contains the attribute information and permission information of the target object, it indicates that the identification information is correct; if the parsing result does not contain the attribute information and permission information of the target object, it indicates that the identification information is incorrect.

[0106] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: obtaining the IP address of the target object based on the target request sent by the target object, including: obtaining the target log corresponding to the software program based on the target request sent by the target object; parsing the target log to obtain the IP address of the target object.

[0107] When executed on a data processing device, it is also suitable to execute an initialization program with the following method steps: before obtaining the address information of the target file based on the IP address of the target object, the method further includes: obtaining the relative path of the target file, the path of the software program, and the identification information of the target object; concatenating the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file.

[0108] Those skilled in the art will understand that embodiments of this application can be provided as methods, systems, or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0109] This application is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this application. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart... Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0110] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0111] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.

[0112] In a typical configuration, a computing device includes one or more processors (CPU), input / output interfaces, network interfaces, and memory.

[0113] Memory may include non-persistent memory in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM. Memory is an example of computer-readable media.

[0114] Computer-readable media includes both permanent and non-permanent, removable and non-removable media that can store information using any method or technology. Information can be computer-readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transferable medium that can be used to store information accessible by a computing device. As defined herein, computer-readable media does not include transient computer-readable media, such as modulated data signals and carrier waves.

[0115] It should also be noted that the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such process, method, article, or apparatus. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes that element.

[0116] Those skilled in the art will understand that embodiments of this application can be provided as methods, systems, or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0117] The above are merely embodiments of this application and are not intended to limit the scope of this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the scope of the claims of this application.

Claims

1. A method for accessing a file, characterized in that, include: The software program receives a target request sent by the target object, wherein the target request is used to request access to a target file on the server; Based on the target request sent by the target object, obtain the IP address of the target object; Based on the IP address of the target object, obtain the address information of the target file, wherein the address information includes at least the identification information of the target object; The step of obtaining the address information of the target file based on the IP address of the target object includes: obtaining a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and obtaining the address information of the target file based on the preset IP address range and the IP address of the target object. The step of obtaining the address information of the target file based on the preset IP address range and the IP address of the target object includes: determining whether the IP address of the target object belongs to the preset IP address range; if the IP address of the target object does not belong to the preset IP address range, sending a reminder message to the target object to remind it that accessing the target file failed; and if the IP address of the target object belongs to the preset IP address range, obtaining the address information of the target file. Specifically, before obtaining the address information of the target file based on the IP address of the target object: the relative path of the target file, the path of the software program, and the identification information of the target object are obtained; the relative path of the target file, the path of the software program, and the identification information of the target object are concatenated to obtain the address information of the target file; Based on the identification information, determine the access result of the target object accessing the target file, and return the access result to the target object; The process of determining the access result of the target object to the target file based on the identification information includes: determining whether the identification information is correct; if the identification information is correct, obtaining the target object's permission information from the identification information; determining whether the target object has permission to access the target file based on the target object's permission information; if the target object has permission to access the target file, determining whether the identification information has expired; if the identification information has expired, sending a reminder message to the target object to indicate that the target object's access to the target file failed; if the identification information has not expired, sending the address information of the target file to the target object so that the target object can access the target file according to the address information.

2. The method according to claim 1, characterized in that, Determining whether the identification information is correct includes: The identification information is parsed to obtain the parsing result; Determine whether the parsing result contains the attribute information and permission information of the target object; If the parsing result contains the attribute information and permission information of the target object, it indicates that the identification information is correct; If the parsing result does not contain the attribute information and permission information of the target object, it indicates that the identification information is incorrect.

3. The method according to claim 1, characterized in that, Obtaining the IP address of the target object based on the target request sent by the target object includes: Based on the target request sent by the target object, obtain the target log corresponding to the software program; Parse the target logs to obtain the IP address of the target object.

4. A file access device, characterized in that, include: The first receiving unit is configured to receive a target request sent by a target object through a software program, wherein the target request is for requesting access to a target file in the server; The first acquisition unit is used to acquire the IP address of the target object based on the target request sent by the target object; The second acquisition unit is used to acquire the address information of the target file based on the IP address of the target object, wherein the address information includes at least the identification information of the target object; The second acquisition unit includes: a first acquisition module, used to acquire a preset IP address range, wherein the IP address range includes at least a sequence of IP addresses; and a second acquisition module, used to acquire the address information of the target file based on the preset IP address range and the IP address of the target object. The second acquisition module includes: a first judgment submodule, used to judge whether the IP address of the target object belongs to the preset IP address range; a first sending submodule, used to send a reminder message to the target object if the IP address of the target object does not belong to the preset IP address range, to remind the target object that accessing the target file failed; and a first acquisition submodule, used to acquire the address information of the target file if the IP address of the target object belongs to the preset IP address range. The third acquisition unit is used to acquire the relative path of the target file, the path of the software program, and the identification information of the target object before acquiring the address information of the target file based on the IP address of the target object; the first processing unit is used to concatenate the relative path of the target file, the path of the software program, and the identification information of the target object to obtain the address information of the target file. The first determining unit is configured to determine the access result of the target object accessing the target file based on the identification information, and return the access result to the target object; The first determining unit includes: a first judging module, used to judge whether the identification information is correct; a third obtaining module, used to obtain the permission information of the target object from the identification information if the identification information is correct; a second judging module, used to judge whether the target object has permission to access the target file based on the permission information of the target object; a third judging module, used to judge whether the identification information has expired if the target object has permission to access the target file; a first sending module, used to send a reminder message to the target object if the identification information has expired, to remind the target object that accessing the target file failed; and a second sending module, used to send the address information of the target file to the target object if the identification information has not expired, so that the target object can access the target file according to the address information.

5. A processor, characterized in that, The processor is used to run a program, wherein the program executes the file access method according to any one of claims 1 to 3 when it runs.

6. An electronic device, characterized in that, It includes one or more processors and a memory, the memory being used to store one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors cause the one or more processors to implement the file access method according to any one of claims 1 to 3.