CN110019444B - Operation request processing method, device, equipment and system - Google Patents
Operation request processing method, device, equipment and system Download PDFInfo
- Publication number
- CN110019444B CN110019444B CN201710807827.7A CN201710807827A CN110019444B CN 110019444 B CN110019444 B CN 110019444B CN 201710807827 A CN201710807827 A CN 201710807827A CN 110019444 B CN110019444 B CN 110019444B
- Authority
- CN
- China
- Prior art keywords
- operation request
- database
- analysis
- analysis result
- middleware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title abstract description 7
- 238000004458 analytical method Methods 0.000 claims abstract description 177
- 238000012545 processing Methods 0.000 claims abstract description 56
- 238000000034 method Methods 0.000 claims abstract description 50
- 238000000926 separation method Methods 0.000 claims abstract description 33
- 238000002347 injection Methods 0.000 claims abstract description 26
- 239000007924 injection Substances 0.000 claims abstract description 26
- 230000008569 process Effects 0.000 claims description 27
- 239000000523 sample Substances 0.000 claims 1
- 239000000758 substrate Substances 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000006399 behavior Effects 0.000 description 3
- 239000000243 solution Substances 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application provides an operation request processing method, device, equipment and system, wherein the method comprises the following steps: generating a designated type message carrying the operation request according to the received operation request; the appointed type information is sent to an analysis database, and the appointed type information is used for indicating the analysis database to analyze the operation request and returning an analysis result; receiving an analysis result returned by the analysis database and aiming at the operation request; and processing the operation request according to the analysis result. Through the technical scheme of the application, the middleware can realize the analysis of the operation request and can provide customized services (such as read-write separation service, database and table separation service, injection analysis service and the like) for the application server.
Description
Technical Field
The application relates to the technical field of internet, in particular to a method, a device, equipment and a system for processing an operation request.
Background
With the rapid development of the internet, middleware technology of databases is widely applied in distributed database systems. The middleware is a transfer device located between the application server and the database, and can be respectively connected with the application server and the database. When the application server needs to access the database, the application server needs to establish a communication connection 1 with the middleware and the middleware needs to establish a communication connection 2 with the database.
When the application server needs to use SQL (Structured Query Language ) statements to operate on data in the database, the SQL statements are sent to the middleware through the communication connection 1, and the middleware sends the SQL statements to the database through the communication connection 2. The database executes the received SQL sentence and returns the execution result of the SQL sentence to the application server through the middleware.
However, after receiving the SQL statement, the middleware only sends the SQL statement to the database, and the middleware cannot analyze the SQL statement, so that customized service cannot be provided for the application server.
Disclosure of Invention
The application provides an operation request processing method, which is applied to middleware and comprises the following steps:
generating a designated type message carrying the operation request according to the received operation request;
the appointed type information is sent to an analysis database, and the appointed type information is used for indicating the analysis database to analyze the operation request and returning an analysis result;
receiving an analysis result returned by the analysis database and aiming at the operation request;
and processing the operation request according to the analysis result.
The application provides an operation request processing device, which is applied to middleware and comprises:
the generation module is used for generating a designated type message carrying the operation request according to the received operation request;
the sending module is used for sending the appointed type message to an analysis database, and the appointed type message is used for indicating the analysis database to analyze the operation request and returning an analysis result;
the receiving module is used for receiving an analysis result returned by the analysis database and aiming at the operation request;
and the processing module is used for processing the operation request according to the analysis result.
The application provides a middleware device, the middleware device includes:
the processor is used for generating a designated type message carrying the operation request according to the received operation request;
the transmitter is used for transmitting the appointed type message to an analysis database, and the appointed type message is used for indicating the analysis database to analyze the operation request and returning an analysis result;
the receiver is used for receiving an analysis result which is returned by the analysis database and is aimed at the operation request;
and the processor is also used for processing the operation request according to the analysis result.
The present application provides an operation request processing system, the system comprising:
the middleware is used for generating a specified type message carrying the operation request according to the received operation request and sending the specified type message to the analysis database;
the analysis database is used for analyzing the operation request carried in the appointed type message to obtain an analysis result aiming at the operation request, and sending the analysis result to the middleware;
the middleware is further configured to receive an analysis result returned by the analysis database and directed against the operation request, and process the operation request according to the analysis result.
Based on the above technical solution, in the embodiment of the present application, after receiving an operation request, the middleware does not directly send the operation request to the database, but generates a specified type message carrying the operation request, and sends the specified type message to the parsing database, where the parsing database may parse the operation request after receiving the operation request, and return a parsing result to the middleware, but the parsing database does not execute the operation request (i.e. does not perform an operation on data in the database according to the operation request). After receiving the analysis result, the middleware can process the operation request according to the analysis result. In summary, the middleware can analyze the operation request and provide customized services (such as read-write separation service, database and table separation service, injection analysis service, etc.) for the application server on the premise of not affecting the user behavior.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the following description will briefly describe the drawings that are required to be used in the embodiments of the present application or the description in the prior art, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings may also be obtained according to these drawings of the embodiments of the present application for a person having ordinary skill in the art.
FIG. 1 is a schematic view of an application scenario in one embodiment of the present application;
FIG. 2 is a flow chart of a method of handling an operation request in one embodiment of the present application;
fig. 3 is a block diagram of an operation request processing apparatus in one embodiment of the present application.
Detailed Description
The terminology used in the embodiments of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to any or all possible combinations including one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in embodiments of the present application to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, a first message may also be referred to as a second message, and similarly, a second message may also be referred to as a first message, without departing from the scope of the present application. Depending on the context, furthermore, the word "if" used may be interpreted as "at … …" or "at … …" or "in response to a determination".
The embodiment of the application provides an operation request processing method, which can be applied to a system comprising an application server, middleware and a database, wherein the middleware is transfer equipment positioned between the application server and the database and can be called as middleware equipment, and the middleware can be respectively connected with the application server and the database. The application server may be a client for accessing a database, which may also be a database server.
In one example, the application server, middleware, and database may be deployed on the same device. In another example, the application server, middleware, and database may be deployed on different devices, such as on separate devices. Referring to fig. 1, for an application scenario schematic diagram of the embodiment of the present application, the number of application servers may be one or more, the number of middleware may be one or more, and the number of databases may be one or more, which is not limited.
In one example, the middleware may be a transit device located between the application server and the database, where the middleware encapsulates processing methods related to an operating system, a communication protocol, and the like of the application server, so that a unified interface may be provided for the database, so that the application server does not need to change program codes of the database after replacing an underlying configuration such as the operating system and the communication protocol, and portability of the database is enhanced.
The middleware can also manage the connection of the database, and the burden of the database is reduced. Specifically, if middleware is not used, an application server needs to establish a connection with the database every time the application server accesses the database, and when a large number of application servers access the database in parallel, a large number of connections need to be established with the database at the same time. The middleware can pre-establish a plurality of idle connections with the database, and maintain and manage the connections, when the application server requests to access the database through the middleware, the application server establishes the connection with the middleware, then the middleware selects the idle connection from the connections established with the database, distributes the idle connection to the application server for use, and after the application server finishes use, the middleware recovers the connection, thereby improving the access efficiency of the application server to the database.
Wherein the database includes, but is not limited to, mySQL (My Structured Query Language, relational database management system) database, and the connection between the middleware and the database may include, but is not limited to, JDBC (Java Database Connectivity, java database connection). Of course, mySQL and JDBC are just one example of the present application, and neither the database nor the connection is limited.
Based on the application scenario, in the conventional manner, after receiving the operation request, the middleware directly sends the operation request to the database, and the database executes the operation request, but the middleware does not analyze the operation request and cannot provide customized service for the application server. For the discovery, in the embodiment of the present application, in order to provide customized services for an application server and improve user experience, the following manner is adopted:
in the first mode, the SQL parser is configured in the middleware. After the middleware receives the operation request, the SQL parser can parse the operation request and provide customized service for the application server according to the parsing result. However, the SQL parser may not be able to correctly identify 100% of all operation requests, and the SQL parser needs to be additionally configured in the middleware, which results in waste of resources and increases the use cost.
The second mode is that after the middleware receives the operation request, the middleware generates a designated type message carrying the operation request and sends the designated type message to the analysis database, the analysis database can analyze the operation request after receiving the operation request and returns an analysis result to the middleware, and after receiving the analysis result, the middleware can provide customized service for the application server according to the analysis result. According to the method, the SQL parser does not need to be configured in the middleware, so that the problem of the first mode is solved, the middleware can analyze the operation request on the premise that the user behavior is not influenced, customized service is provided for the application server, and user experience is improved.
For the second mode, referring to fig. 2, a flowchart of the operation request processing method in the present embodiment is shown.
In step 201, the middleware generates a message of a specified type carrying the operation request according to the received operation request.
When the application server needs to operate on the data in the database, an operation request is sent to the middleware, and after the middleware receives the operation request, the middleware does not directly send the operation request to the database for executing the operation request, but generates a specified type message carrying the operation request.
In one example, the operation request may include, but is not limited to, an SQL statement. The SQL statement may be a data query language statement, a data manipulation language statement, a data definition language statement, a data control language statement, a transaction language statement, a pointer control language statement, or the like, which is not limited thereto.
In one example, after receiving the operation request, the middleware first determines whether the operation request carries an SQL sentence, if so, generates a specified type message carrying the operation request, and if not, directly sends the operation request to a database for executing the operation request.
Step 202, the middleware sends the specified type message to the parsing database, where the specified type message is used to instruct the parsing database to parse the operation request and return a parsing result. After receiving the message of the specified type, the parsing database parses the operation request carried by the message of the specified type and returns a parsing result for the operation request to the middleware, but the parsing database does not execute the operation request.
In one example, the parsing database is any database connected to the middleware, and may be a database for providing services to the application server (i.e., a database in a conventional manner), or may be a database that does not provide services to the application server (i.e., a new database provided in the present embodiment, and is only used to implement the parsing function of the operation request in the present embodiment), and the type of the database is not limited. For convenience of description, the middleware will take the parsing database as an example from the database 1, the database 2 and the database 3 in fig. 1.
When the middleware selects the analysis database, the middleware can select the same database or different databases for all operation requests. For example, for all operation requests, the middleware selects database 1 as the resolution database. For another example, the middleware may select database 1 as the resolution database when receiving the first operation request, select database 2 as the resolution database when receiving the second operation request, select database 3 as the resolution database when receiving the third operation request, select database 1 as the resolution database when receiving the fourth operation request, and so on.
In one example, the specified type of message is a message agreed by the middleware and the parsing database, and the format of the specified type of message is not limited. For example, the message type is carried in a specified type message and is a preset flag a, and this preset flag a indicates that the current message is a specified type message.
Based on this, when the middleware generates a specified type message carrying an operation request, the specified type message carries a message type, and the message type is a preset flag a. The middleware then sends the specified type of message to the resolution database. After receiving the message, the parsing database parses the message type from the message, and if the message type is found to be a preset mark A, the parsing database determines that the currently received message is a message of a specified type.
Further, after receiving the message of the specified type, the parsing database parses the operation request carried by the message of the specified type, and returns a parsing result for the operation request to the middleware, but the parsing database does not execute the operation request. For example, the operation request is used for writing the data a, the parsing database returns the parsing result for the operation request to the middleware, but the parsing database does not write the data a in the parsing database according to the operation request, i.e. the parsing database does not execute the operation request.
Step 203, the middleware receives the analysis result for the operation request returned by the analysis database.
And 204, the middleware processes the operation request according to the analysis result.
In one example, the middleware may also determine whether the middleware is to be used to provide a specified type of service before generating a specified type of message carrying an operation request. If it is used to provide a specified type of service, the middleware generates a specified type message carrying an operation request from the received operation request and performs steps 202-204. If not for providing the specified type of service, the middleware may directly send the operation request to a database for executing the operation request, which is executed by the database.
Wherein the specified type of service may include, but is not limited to, one or any combination of the following: read-write separation service, database and table separation service, injection analysis service (such as SQL injection analysis service), etc.
Wherein, for the process of judging whether the middleware is used for providing the specified type of service, the method can comprise the following steps: querying whether the middleware is configured to provide a specified type of service (e.g., the middleware is configured to provide a read-write separation service, and/or injection analysis service, etc.), if so, determining that the middleware is used to provide the specified type of service; if not, it may be determined that the middleware is not used to provide the specified type of service.
Wherein, when the middleware is used for providing the specified type of service, the process of processing the operation request according to the analysis result by the middleware can include: and the middleware processes the operation request corresponding to the specified type of service according to the analysis result. For example, the middleware performs processing corresponding to the read-write separation service on the operation request according to the analysis result; and/or processing the operation request corresponding to the database and table dividing service; and/or processing the operation request corresponding to the injection analysis service.
The specified type information can also carry information of the specified type service, and the specified type information is also used for indicating the analysis database to return an analysis result corresponding to the specified type service. Thus, for the process of "the middleware processes the operation request according to the analysis result", the middleware can process the operation request according to the analysis result corresponding to the specified type of service.
For example, the specified type message may also carry information of the read-write separation service (such as the identifier 1 for indicating the read-write separation service), and after the specified type message is received by the parsing database, the parsing result returned by the parsing database to the middleware may be a parsing result corresponding to the read-write separation service because the specified type message carries information of the read-write separation service. Further, the middleware may perform processing corresponding to the read-write separation service on the operation request according to the analysis result corresponding to the read-write separation service.
For another example, the specified type message may also carry information of the sub-library sub-table service (e.g. the identifier 2 for indicating the sub-library sub-table service), and after the parsing database receives the specified type message, since the specified type message carries information of the sub-library sub-table service, the parsing result returned by the parsing database to the middleware may be a parsing result corresponding to the sub-library sub-table service. Further, the middleware may perform processing corresponding to the sub-library sub-table service on the operation request according to the analysis result corresponding to the sub-library sub-table service.
For another example, the specified type message may also carry information of the injection analysis service (for example, the identifier 3 for indicating the injection analysis service), and after the specified type message is received by the analysis database, the analysis result returned by the analysis database to the middleware may be an analysis result corresponding to the injection analysis service because the specified type message carries information of the injection analysis service. Further, the middleware may perform processing corresponding to the injection analysis service on the operation request according to the analysis result corresponding to the injection analysis service.
Of course, the above-mentioned read-write separation service, the database-division table service, and the injection analysis service are only examples of the specified type service, and in practical application, other types of specified type services are also possible, which is not limited. For convenience of description, the following processes of "middleware processes the operation request according to the analysis result" are described in detail in combination with a read-write separation service, a database and table separation service, and an injection analysis service.
In the first case, when the specified type service includes a read-write separation service, the analysis result corresponding to the read-write separation service includes a read type or a write type. Further, when the analysis result is the read type, the middleware selects a database for processing the read service and sends an operation request to the selected database so that the database executes the operation request. When the analysis result is the writing type, the middleware selects a database for processing writing service and sends an operation request to the selected database so that the database executes the operation request.
After receiving the specified type message, the parsing database obtains a parsing result related to the operation type (read type or write type) when parsing the operation request, namely the parsing result comprises the read type or the write type, because the specified type message carries information of the read-write separation service.
For example, when the operation requests for writing data to the database, then the parsing result may be a write type; when the operation request is used for deleting the data in the database, the analysis result can be a writing type; when the operation request is used for modifying data in the database, the analysis result can be a writing type; when the operation request is for querying data in a database, then the parsing result may be of a read type. Of course, the above is only given as a few examples of parsing the operation request by the parsing database, and the parsing process is not limited.
In the read-write separation service, a database for processing the write service (hereinafter referred to as a write database) may be disposed in the database system, and a database for processing the read service (hereinafter referred to as a read database) may be disposed in the database system, the data in the write database being identical to the data in the read database.
Based on the above, after receiving the analysis result returned by the analysis database, if the analysis result is a read type, the middleware selects one read database for processing the read service from all the read databases, and sends the operation request to the selected read database, so that the read database executes the operation request. If the analysis result is the writing type, the middleware selects one writing database for processing the writing service from all writing databases, and sends the operation request to the selected writing database so that the writing database executes the operation request.
And in the second case, when the specified type service comprises a database and table dividing service, the analysis result corresponding to the database and table dividing service comprises the corresponding relation between the statement and the database table information. Further, the middleware stores the sentences in the operation request into the data table of the database corresponding to the database table information according to the corresponding relation between the sentences and the database table information.
After receiving the specified type of message, the parsing database obtains a parsing result related to the sub-library sub-table service when parsing the operation request, i.e. the parsing result may include a corresponding relationship between a statement and library table information, because the specified type of message carries information of the sub-library sub-table service.
For example, when the operation request includes the statement a, the statement B, and the statement C, if the statement a, the statement B, and the statement C are used to operate the data in the data table 1, in order to implement the database splitting service, the analysis database determines that the statement a, the statement B, and the statement C correspond to different databases, and therefore, the analysis database may determine that the database table information corresponding to the statement a is the database 1 and the data table 1, determine that the database table information corresponding to the statement B is the database 2 and the data table 1, and determine that the database table information corresponding to the statement C is the database 3 and the data table 1. In summary, the analysis result may include: the corresponding relation among the statement A, the database 1 and the data table 1; statement B, database 2, and table 1 correspondence; statement C, database 3, and table 1. Of course, the above is merely an example of resolving the operation request by the resolving database, and the resolving process is not limited.
Further, after receiving the analysis result returned by the analysis database, the middleware may store the statement in the operation request into the data table of the database corresponding to the database table information based on the corresponding relationship between the statement and the database table information. For example, based on the correspondence of statement a, database 1, and data table 1, the middleware may store statement a into data table 1 of database 1, and execute statement a from the data in data table 1 by database 1. Based on the correspondence of statement B, database 2, and data table 1, the middleware may store statement B into data table 1 of database 2, and execute statement B from the data in data table 1 by database 2. Based on the correspondence of statement C, database 3 and data table 1, the middleware may store statement C into data table 1 of database 3, and execute statement C from the data in data table 1 by database 3.
In the third case, when the specified type of service includes the injection analysis service, the analysis result corresponding to the injection analysis service includes an attack statement or no attack statement. Further, if the analysis result is that the attack statement exists, the middleware discards the operation request and refuses to send the operation request to the database; if the analysis result is that the attack statement does not exist, the middleware sends the operation request to a database for executing the operation request.
After receiving the specified type of message, the parsing database obtains a parsing result related to the injection parsing service when parsing the operation request, i.e. the parsing result may include an attack statement or no attack statement, because the specified type of message carries information of the injection parsing service. For example, the parsing database may parse the sentences included in the operation request, and parse whether the sentences have attack sentences, if so, the parsing result may be that the sentences have attack sentences, and if not, the parsing result may be that the sentences have no attack sentences. Of course, the above procedure is only given as an example of resolving the operation request by the resolving database, and the resolving procedure is not limited.
Further, after receiving the analysis result returned by the analysis database, if the analysis result is that the analysis result has an attack statement, the middleware discards the operation request and refuses to send the operation request to the database, so that the injection attack to the database can be prevented, and the safety of the database is ensured. If the analysis result is that the attack statement does not exist, the middleware sends the operation request to a database for executing the operation request.
In the above embodiment, after receiving the operation request, the database has two processing manners, where one processing manner is: the database analyzes the operation request and sends the analysis result to the middleware, and the processing manner is already described in the above process and will not be described herein. Another processing mode is as follows: the database executes the operation request, such as data writing operation, data modifying operation, data inquiring operation, data deleting operation, etc., and the process of executing the operation request will not be described in detail.
That is, after the specified type message is sent to the parsing database, the parsing database parses the operation request carried by the specified type message, returns a parsing result to the middleware, and refuses to execute the operation request. In addition, after sending the operation request to the selected database, the database executes the operation request.
Based on the above technical solution, in the embodiment of the present application, after receiving an operation request, the middleware does not directly send the operation request to the database, but generates a specified type message carrying the operation request, and sends the specified type message to the parsing database, where the parsing database may parse the operation request after receiving the operation request, and return a parsing result to the middleware, but the parsing database does not execute the operation request (i.e. does not perform an operation on data in the database according to the operation request). After receiving the analysis result, the middleware can process the operation request according to the analysis result. In summary, the middleware can analyze the operation request and provide customized services (such as read-write separation service, database and table separation service, injection analysis service, etc.) for the application server on the premise of not affecting the user behavior.
Based on the same application concept as the above method, the embodiment of the present application further provides an operation request processing apparatus, which may be applied to a middleware (also referred to as a middleware device), as shown in fig. 3, which is a structural diagram of the operation request processing apparatus, and includes:
a generating module 301, configured to generate a message of a specified type carrying the operation request according to the received operation request;
the sending module 302 is configured to send the specified type message to an parsing database, where the specified type message is used to instruct the parsing database to parse the operation request and return a parsing result;
the receiving module 303 is configured to receive an analysis result for the operation request returned by the analysis database;
and the processing module 304 is configured to process the operation request according to the analysis result.
In one example, the generating module 301 is specifically configured to, in a process of generating, according to the received operation request, a specific type message carrying the operation request, if the middleware is configured to provide a specific type service, generate, according to the received operation request, the specific type message carrying the operation request.
In an example, the processing module 304 is specifically configured to, in a process of processing the operation request according to the parsing result, if the middleware is configured to provide a specified type of service, perform a process corresponding to the specified type of service on the operation request according to the parsing result.
The specified type information is also used for indicating the analysis database to return an analysis result corresponding to the specified type service;
wherein the specified type of service includes one or any combination of the following: reading and writing separation service, library and table separation service and injection analysis service; the analysis result corresponding to the read-write separation service includes: a read type or a write type; the analysis results corresponding to the database and table separation service comprise: the corresponding relation between the sentences and the library table information; the parsing result corresponding to the injection parsing service includes: with or without attack statements.
In one example, the processing module 304 is specifically configured to, when the middleware provides a read-write separation service in a process of processing the operation request according to the analysis result, select a database for processing the read service if the analysis result is a read type, and send the operation request to the selected database, so that the database executes the operation request; if the analysis result is the writing type, selecting a database for processing writing service, and sending the operation request to the selected database so that the database executes the operation request; when the middleware provides the database and table dividing service, according to the corresponding relation between the sentences and the database table information, storing the sentences in the operation request into the data table of the database corresponding to the database table information; when the middleware provides injection analysis service, if the analysis result is that the analysis result has attack sentences, discarding the operation request, and refusing to send the operation request to a database; and if the analysis result is that the attack statement does not exist, the operation request is sent to a database for executing the operation request.
In one example, the operation request includes: structured query language SQL statements.
Based on the same application concept as the method, the embodiment of the application also provides a middleware device, which may include: a receiver, a processor, and a transmitter; the processor is used for generating a designated type message carrying the operation request according to the received operation request; the transmitter is used for transmitting the specified type information to an analysis database, and the specified type information is used for indicating the analysis database to analyze the operation request and returning an analysis result; the receiver is used for receiving an analysis result which is returned by the analysis database and is aimed at the operation request; and the processor is also used for processing the operation request according to the analysis result.
Based on the same application concept as the above method, there is further provided in an embodiment of the present application a machine-readable storage medium, where the machine-readable storage medium may be applied to a middleware device, and the machine-readable storage medium stores a number of computer instructions, where the computer instructions when executed perform the following processing:
generating a designated type message carrying the operation request according to the received operation request;
the appointed type information is sent to an analysis database, and the appointed type information is used for indicating the analysis database to analyze the operation request and returning an analysis result;
receiving an analysis result returned by the analysis database and aiming at the operation request;
and processing the operation request according to the analysis result.
Based on the same application concept as the above method, an operation request processing system is further provided in the embodiments of the present application, where the operation request processing system may include:
the middleware is used for generating a specified type message carrying the operation request according to the received operation request and sending the specified type message to the analysis database;
the analysis database is used for analyzing the operation request carried in the appointed type message to obtain an analysis result aiming at the operation request, and sending the analysis result to the middleware;
the middleware is further configured to receive an analysis result returned by the analysis database and directed against the operation request, and process the operation request according to the analysis result.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present application.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Moreover, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.
Claims (11)
1. A method of processing an operation request, applied to middleware, the method comprising:
generating a designated type message carrying the operation request according to the received operation request;
the appointed type information is sent to an analysis database, and the appointed type information is used for indicating the analysis database to analyze the operation request and returning an analysis result; the message type is a preset mark, and the preset mark indicates that the current message is a message of the specified type;
receiving an analysis result returned by the analysis database and aiming at the operation request;
and processing the operation request according to the analysis result.
2. The method according to claim 1, wherein the process of generating a message of a specified type carrying the operation request according to the received operation request comprises:
and if the middleware is used for providing the specified type service, generating a specified type message carrying the operation request according to the received operation request.
3. The method of claim 1, wherein the step of determining the position of the substrate comprises,
the process for processing the operation request according to the analysis result specifically includes:
and if the middleware is used for providing the specified type of service, processing the operation request corresponding to the specified type of service according to the analysis result.
4. The method of claim 3, wherein the step of,
the specified type information also carries information of the specified type service, and the specified type information is also used for indicating the analysis database to return an analysis result corresponding to the specified type service.
5. The method of claim 3 or 4, wherein the specified type of service comprises one or any combination of the following: reading and writing separation service, library and table separation service and injection analysis service;
the analysis result corresponding to the read-write separation service comprises the following steps: a read type or a write type;
the analysis results corresponding to the database and table separation service comprise: the corresponding relation between the sentences and the library table information;
the parsing result corresponding to the injection parsing service includes: with or without attack statements.
6. The method of claim 5, wherein the step of determining the position of the probe is performed,
the process for processing the operation request according to the analysis result specifically includes:
when the middleware provides read-write separation service, if the analysis result is a read type, selecting a database for processing the read service, and sending the operation request to the selected database so as to enable the database to execute the operation request; if the analysis result is the writing type, selecting a database for processing writing service, and sending the operation request to the selected database so that the database executes the operation request;
when the middleware provides the database and table dividing service, according to the corresponding relation between the sentences and the database table information, storing the sentences in the operation request into the data table of the database corresponding to the database table information;
when the middleware provides injection analysis service, if the analysis result is that the analysis result has attack sentences, discarding the operation request, and refusing to send the operation request to a database; and if the analysis result is that the attack statement does not exist, the operation request is sent to a database for executing the operation request.
7. The method of claim 6, wherein the method further comprises:
after the specified type message is sent to an analysis database, the analysis database analyzes the operation request, returns an analysis result to the middleware and refuses to execute the operation request;
after sending the operation request to the selected database, the database executes the operation request.
8. The method according to any one of claim 1 to 4, wherein,
the operation request includes: structured query language SQL statements.
9. An operation request processing apparatus, characterized by being applied to middleware, comprising:
the generation module is used for generating a designated type message carrying the operation request according to the received operation request;
the sending module is used for sending the appointed type message to an analysis database, and the appointed type message is used for indicating the analysis database to analyze the operation request and returning an analysis result; the message type is a preset mark, and the preset mark indicates that the current message is a message of the specified type;
the receiving module is used for receiving an analysis result returned by the analysis database and aiming at the operation request;
and the processing module is used for processing the operation request according to the analysis result.
10. A middleware device, the middleware device comprising:
the processor is used for generating a designated type message carrying the operation request according to the received operation request;
the transmitter is used for transmitting the appointed type message to an analysis database, and the appointed type message is used for indicating the analysis database to analyze the operation request and returning an analysis result; the message type is a preset mark, and the preset mark indicates that the current message is a message of the specified type;
the receiver is used for receiving an analysis result which is returned by the analysis database and is aimed at the operation request;
and the processor is also used for processing the operation request according to the analysis result.
11. An operation request processing system, the system comprising:
the middleware is used for generating a specified type message carrying the operation request according to the received operation request and sending the specified type message to the analysis database; the message type is a preset mark, and the preset mark indicates that the current message is a message of the specified type;
the analysis database is used for analyzing the operation request carried in the appointed type message to obtain an analysis result aiming at the operation request, and sending the analysis result to the middleware;
the middleware is further configured to receive an analysis result returned by the analysis database and directed against the operation request, and process the operation request according to the analysis result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710807827.7A CN110019444B (en) | 2017-09-08 | 2017-09-08 | Operation request processing method, device, equipment and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710807827.7A CN110019444B (en) | 2017-09-08 | 2017-09-08 | Operation request processing method, device, equipment and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110019444A CN110019444A (en) | 2019-07-16 |
| CN110019444B true CN110019444B (en) | 2023-07-25 |
Family
ID=67186223
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710807827.7A Active CN110019444B (en) | 2017-09-08 | 2017-09-08 | Operation request processing method, device, equipment and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110019444B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111190898B (en) * | 2019-11-25 | 2023-07-14 | 泰康保险集团股份有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN111400285B (en) * | 2020-03-25 | 2023-06-20 | 杭州浮云网络科技有限公司 | mySQL data fragment processing method, device, computer equipment and readable storage medium |
| CN111597160A (en) * | 2020-04-21 | 2020-08-28 | 中国人民财产保险股份有限公司 | Distributed database system, distributed data processing method and device |
| CN112015469B (en) * | 2020-07-14 | 2023-11-14 | 北京淇瑀信息科技有限公司 | System reconstruction method and device and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103020196A (en) * | 2012-12-03 | 2013-04-03 | 北京奇虎科技有限公司 | System for processing database operation request |
| CN106484824A (en) * | 2016-09-28 | 2017-03-08 | 华东师范大学 | Knowledge mapping isomery storing framework middleware based on multivariate data storehouse supporting assembly |
| CN106503087A (en) * | 2016-10-12 | 2017-03-15 | 郑州云海信息技术有限公司 | A kind of database middleware for Distributed Data Visits |
| CN106647586A (en) * | 2017-01-20 | 2017-05-10 | 重庆邮电大学 | Virtual machine room visualization monitoring management system based on B/S architecture and realization method |
-
2017
- 2017-09-08 CN CN201710807827.7A patent/CN110019444B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103020196A (en) * | 2012-12-03 | 2013-04-03 | 北京奇虎科技有限公司 | System for processing database operation request |
| CN106484824A (en) * | 2016-09-28 | 2017-03-08 | 华东师范大学 | Knowledge mapping isomery storing framework middleware based on multivariate data storehouse supporting assembly |
| CN106503087A (en) * | 2016-10-12 | 2017-03-15 | 郑州云海信息技术有限公司 | A kind of database middleware for Distributed Data Visits |
| CN106647586A (en) * | 2017-01-20 | 2017-05-10 | 重庆邮电大学 | Virtual machine room visualization monitoring management system based on B/S architecture and realization method |
Non-Patent Citations (1)
| Title |
|---|
| 中间件;徐洁磐等;《数据库技术实用教程[》;20080930;第168-173页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110019444A (en) | 2019-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20170364697A1 (en) | Data interworking method and data interworking device | |
| CN107798108B (en) | Asynchronous task query method and device | |
| CN104657140B (en) | Code generating method and device | |
| CN110019444B (en) | Operation request processing method, device, equipment and system | |
| CN111797073B (en) | Database management method, electronic device, and computer-readable storage medium | |
| CN108399175B (en) | Data storage and query method and device | |
| CN113839977A (en) | Message pushing method and device, computer equipment and storage medium | |
| CN112491943B (en) | Data request method, device, storage medium and electronic equipment | |
| CN111737564A (en) | Information query method, device, equipment and medium | |
| CN111225018A (en) | Request message processing method and device and electronic equipment | |
| CN112434037A (en) | Data processing method, processing device, data processing apparatus, and storage medium | |
| CN110619204A (en) | Invitation code generation method and device, terminal equipment and storage medium | |
| CN110580212B (en) | Data export method and device of application program, electronic equipment and storage medium | |
| CN113467823A (en) | Configuration information acquisition method, device, system and storage medium | |
| CN112311593A (en) | A cloud platform-based webhook notification method, device, device and storage medium | |
| CN110928895B (en) | Data query and data table establishment method, device and equipment | |
| CN109271224B (en) | Method and apparatus for determining location | |
| CN112445790A (en) | Report data storage method, device, equipment and medium | |
| US11023479B2 (en) | Managing asynchronous analytics operation based on communication exchange | |
| HK40010848A (en) | Operation request processing method, apparatus, device and system | |
| CN110471708B (en) | Method and device for acquiring configuration items based on reusable components | |
| CN110418020B (en) | List state information processing method and device, electronic terminal and storage medium | |
| CN114449031A (en) | Information acquisition method, device, equipment and storage medium | |
| CN113687881A (en) | Metadata calling method and device, electronic equipment and storage medium | |
| CN112948219A (en) | Link tracking method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40010848 Country of ref document: HK |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210907 Address after: Room 508, floor 5, building 4, No. 699, Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Applicant after: Alibaba (China) Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: ALIBABA GROUP HOLDING Ltd. |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211117 Address after: No.12 Zhuantang science and technology economic block, Xihu District, Hangzhou City, Zhejiang Province Applicant after: Aliyun Computing Co.,Ltd. Address before: 310052 room 508, 5th floor, building 4, No. 699 Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Applicant before: Alibaba (China) Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |