[go: up one dir, main page]

TWI768307B - Open source software integration approach - Google Patents

Open source software integration approach Download PDF

Info

Publication number
TWI768307B
TWI768307B TW109108908A TW109108908A TWI768307B TW I768307 B TWI768307 B TW I768307B TW 109108908 A TW109108908 A TW 109108908A TW 109108908 A TW109108908 A TW 109108908A TW I768307 B TWI768307 B TW I768307B
Authority
TW
Taiwan
Prior art keywords
authentication
service
application
authentication token
integration platform
Prior art date
Application number
TW109108908A
Other languages
Chinese (zh)
Other versions
TW202137028A (en
Inventor
曾慶忠
Original Assignee
傑睿資訊服務股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 傑睿資訊服務股份有限公司 filed Critical 傑睿資訊服務股份有限公司
Priority to TW109108908A priority Critical patent/TWI768307B/en
Publication of TW202137028A publication Critical patent/TW202137028A/en
Application granted granted Critical
Publication of TWI768307B publication Critical patent/TWI768307B/en

Links

Images

Landscapes

  • Input Circuits Of Receivers And Coupling Of Receivers And Audio Equipment (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Stored Programmes (AREA)

Abstract

本發明關於一種開源軟體整合方法,於一整合平台登入一第一應用程序及一第二應用程序,並發送一第一認證訊息至一第一認證主機及發送一第二認證訊息至一第二認證主機;驗證後分別傳送認證符記至該整合平台並整合為一總認證符記;於該整合平台發送該總認證符記至該第一應用程序或該第二應用程序;藉由該整合平台擷取該第一應用程序之一第一服務或該第二應用程序之一第二服務並該電子裝置顯示該第一服務或該第二服務,讓使用者能夠透過同一帳號在單一平台使用多種開源軟體所提供的服務,而不需要個別登入多套軟體系統。The present invention relates to an open source software integration method. Logging in a first application program and a second application program on an integration platform, sending a first authentication message to a first authentication host and sending a second authentication message to a second authenticating the host; after verification, respectively sending the authentication token to the integration platform and integrating it into a total authentication token; sending the total authentication token to the first application or the second application on the integration platform; through the integration The platform retrieves the first service of the first application or the second service of the second application and displays the first service or the second service on the electronic device, so that the user can use the same account on a single platform Services provided by a variety of open source software without the need to log in to multiple software systems individually.

Description

開源軟體整合方法Open source software integration approach

本發明關於一種開源軟體整合方法,尤指一種利用整合平台整合不同認證符記之開源軟體整合方法。The present invention relates to an open source software integration method, especially an open source software integration method using an integration platform to integrate different authentication tokens.

隨著網絡科技的發展,電子化服務逐漸普及,越來越多的應用系統提供各式各樣的服務,使用者可以通過個人電腦或者手機進行使用。其中開源軟體(open source software,OSS)又稱開放原始碼軟體,是一種原始碼可以任意取用的電腦軟體,這種軟體的著作權持有人在軟體協定的規定之下保留一部分權利並允許用戶學習、修改以及以任何目的向任何人分發該軟體。開源協定通常符合開放原始碼的定義的要求。一些開源軟體被釋出到公有領域。開源軟體常被公開和合作地開發。With the development of network technology, electronic services are gradually popularized, and more and more application systems provide various services, which users can use through personal computers or mobile phones. Among them, open source software (OSS), also known as open source software, is a computer software whose source code can be accessed at will. The copyright holder of this software reserves some rights under the software agreement and allows users to Study, modify, and distribute the software to anyone for any purpose. Open source agreements generally meet the requirements of the definition of open source. Some open source software is released into the public domain. Open source software is often developed openly and collaboratively.

當開源軟體被開發為不同應用系統時,各個應用系統都有其各自的身份驗證機制,在切換不同應用系統使用其各自的服務時,往往需要不斷地進行身份驗證,並不斷重複進行登入的步驟才能通過其應用系統使用特定的服務。在這當中,給使用者帶來極大的干擾,其中包含頻繁使用帳密導致帳密外洩的幾率增加,使用者需要記憶不同的帳密組合或者定期更改帳密帶來的密碼疲勞,在系統內部,也增加了帳密相關呼叫服務台的次數,導致了流量的浪費。When open source software is developed into different application systems, each application system has its own authentication mechanism. When switching between different application systems to use their own services, it is often necessary to continuously authenticate and repeat the login steps. to use specific services through its application system. Among them, it brings great interference to users, including frequent use of account passwords, which increases the probability of account password leakage. Users need to memorize different account password combinations or change account passwords regularly, resulting in password fatigue. Internally, the number of calls to the service desk related to accounts and secrets has also increased, resulting in wasted traffic.

承上所述,由於上述問題的存在,單一簽入(Single Sign On,SSO)應運而生,單一簽入是一種服務於許多相互關聯的應用系統,但又各自獨立的軟體系統,並提供存取控制的屬性。利用這項屬性,能夠讓使用者登入各自應用系統時,取得所有系統的存取權限,不用針對單一應用系統逐一登入。單一簽入(Single Sign On,SSO)雖然能夠以集中的驗證伺服器提供身份驗證其他應用程式和系統,不必頻繁輸入密碼,但是,在使用上述應用程式和系統的服務時,仍然存在使用不便的問題。As mentioned above, due to the existence of the above problems, Single Sign On (SSO) came into being. Single Sign On is a software system that serves many interrelated application systems, but is independent of each other and provides storage. Get control properties. Using this property, users can obtain access permissions for all systems when they log in to their respective application systems, instead of logging in for a single application system one by one. Although Single Sign On (SSO) can provide authentication to other applications and systems with a centralized authentication server, without having to enter passwords frequently, there are still inconveniences when using the services of the above-mentioned applications and systems. question.

因此,如何將不同應用程式整合之帳密整合為一的同時,也能夠使各個應用程式可以提供服務給使用者,是本發明所要研究的方向。Therefore, how to integrate the accounts and secrets of different application programs into one, and at the same time enable each application program to provide services to users, is the research direction of the present invention.

本發明之一目的,係提供一種開源軟體整合方法,讓使用者可透過單一平台使用多種開源應用程序所提供的服務,而不需要個別登入多套應用程序。One objective of the present invention is to provide an open source software integration method, which allows users to use services provided by multiple open source application programs through a single platform without the need to individually log in to multiple sets of application programs.

為了達到上述之目的,本發明揭示了一種開源軟體整合方法,其包含步驟如下: 通過一電子裝置登入一整合平台; 於該整合平台執行一第一應用程序及一第二應用程序,該第一應用程序發送一第一認證訊息至一第一認證服務及該第二應用程序發送一第二認證訊息至一第二認證服務; 該第一認證服務驗證該第一認證訊息及該第二認證服務驗證該第二認證訊息,並分別傳送一第一認證符記及一第二認證符記至該整合平台; 該整合平台將該第一認證符記及該第二認證符記整合為一總認證符記; 於該整合平台依據該第一應用程序、該第二應用程序與該總認證符記登入該第一認證服務與該第二認證服務,以取得該第一應用程序之一第一服務與該第一應用程序之一第二服務之授權;藉由該整合平台擷取該第一服務與該第二服務並由該電子裝置整合顯示該第一服務與該第二服務,讓使用者能夠透過同一帳號在單一平台使用多種開源軟體所提供的服務,而不需要個別登入多套軟體系統。In order to achieve the above object, the present invention discloses a method for integrating open source software, which includes the following steps: logging into an integrated platform through an electronic device; executing a first application program and a second application program on the integrated platform, the first application The application sends a first authentication message to a first authentication service and the second application sends a second authentication message to a second authentication service; the first authentication service verifies the first authentication message and the second authentication service verifying the second authentication message, and respectively sending a first authentication token and a second authentication token to the integration platform; the integration platform integrates the first authentication token and the second authentication token into a total authentication a token; registering the first authentication service and the second authentication service on the integration platform according to the first application, the second application and the general authentication token, so as to obtain a first service of the first application Authorization with a second service of the first application; the first service and the second service are captured by the integration platform and the first service and the second service are integrated and displayed by the electronic device, allowing the user to You can use the services provided by a variety of open source software on a single platform through the same account, without the need to log in to multiple software systems individually.

本發明之一實施例中,其更揭露該整合平台之一資料表中輸入一第一帳密及一第二帳密,其中,該第一帳密對應該第一應用程序,該第二帳密對應該第二應用程序。In an embodiment of the present invention, it further discloses that a first account password and a second account password are input in a data table of the integration platform, wherein the first account password corresponds to the first application, the second account password The encrypted pair should be the second application.

本發明之一實施例中,其更揭露該整合平台之一通訊單元發送該第一帳密至該第一應用程序及發送該第二帳密至該第二應用程序。In an embodiment of the present invention, it further discloses that a communication unit of the integration platform sends the first account key to the first application program and sends the second account key to the second application program.

本發明之一實施例中,其更揭露該整合平台之一儲存單元儲存該第一帳密及該第二帳密。In an embodiment of the present invention, it further discloses that a storage unit of the integrated platform stores the first account secret and the second account secret.

本發明之一實施例中,其更揭露該整合平台儲存並整合該第一認證符記及該第二認證符記。In an embodiment of the present invention, it is further disclosed that the integration platform stores and integrates the first authentication token and the second authentication token.

本發明之一實施例中,其更揭露該整合平台使用單一記錄檔將該第一認證符記與該第二認證符記整合為該總認證符記。In an embodiment of the present invention, it is further disclosed that the integration platform uses a single record file to integrate the first authentication token and the second authentication token into the total authentication token.

本發明之一實施例中,其更揭露該第一認證服務為支援OpenID connect協議。In an embodiment of the present invention, it further discloses that the first authentication service supports the OpenID connect protocol.

本發明之一實施例中,其亦揭露該第二認證服務為支援SAML2.0 協議。In an embodiment of the present invention, it also discloses that the second authentication service supports the SAML2.0 protocol.

為使 貴審查委員對本發明之特徵及所達成之功效有更進一步之瞭解與認識,謹佐以實施例及配合詳細之說明,說明如後:In order to make your examiners have a further understanding and understanding of the features of the present invention and the effects achieved, I would like to assist with the detailed descriptions of examples and cooperation, and the descriptions are as follows:

本發明為一種開源軟體整合方法,藉由整合平台擷取不同應用程序之服務,並於該電子裝置顯示該第一服務或該第二服務,讓使用者能夠透過同一帳號在單一平台使用多種開源軟體所提供的服務,而不需要個別登入多套軟體系統。The present invention is an open source software integration method, which captures services of different application programs by integrating platforms, and displays the first service or the second service on the electronic device, so that users can use multiple open source software on a single platform through the same account The services provided by the software do not require individual login to multiple software systems.

以下,將進一步說明本發明之一種開源軟體整合方法:Below, a kind of open source software integration method of the present invention will be further described:

請參閱第1圖及第2圖,其係為本發明之開源軟體整合方法之流程圖一及流程圖二,如圖所示,本發明之一種開源軟體整合方法,其步驟包含:Please refer to FIG. 1 and FIG. 2, which are flowcharts 1 and 2 of the open source software integration method of the present invention. As shown in the figures, an open source software integration method of the present invention includes steps:

S10:通過電子裝置登入整合平台;S10: log in to the integrated platform through an electronic device;

S20:執行第一應用程序及第二應用程序;S20: Execute the first application program and the second application program;

S30:發送第一認證訊息及第二認證訊息;S30: Send the first authentication message and the second authentication message;

S40:驗證第一認證訊息及第二認證訊息;S40: Verify the first authentication message and the second authentication message;

S50:傳送第一認證符記及第二認證符記;S50: Send the first authentication token and the second authentication token;

S60:將第一認證符記及第二認證符記整合為總認證符記;S60: Integrate the first authentication token and the second authentication token into a total authentication token;

S70:依據第一應用程序、第二應用程序與總認證符記登入第一認證服務與第二認證服務,以取得第一應用程序之第一服務與第一應用程序之第二服務之授權;S70: Log in to the first authentication service and the second authentication service according to the first application, the second application and the general authenticator, so as to obtain the authorization of the first service of the first application and the second service of the first application;

S80:擷取第一應用程序之第一服務與該第二應用程序之第二服務;S80: Retrieve the first service of the first application and the second service of the second application;

S90:顯示第一服務與第二服務。S90: Display the first service and the second service.

接著說明為達成本發明之一種開源軟體整合方法,請繼續參閱第1圖,及一併參閱第2圖及第3圖,其係為本發明之開源軟體整合方法之示意圖及整合平台之示意圖。如圖所示,本發明之一種開源軟體整合方法包含:一電子裝置10、一整合平台20、一第一應用程序30、一第二應用程序40,該整合平台20設置一資料表22、一通訊單元24、一儲存單元26、一整合單元28,該電子裝置10用於登入該整合平台20,該整合平台20連接該第一應用程序30及該第二應用程序40。Next, in order to achieve an open source software integration method of the present invention, please continue to refer to FIG. 1, and also refer to FIGS. 2 and 3, which are schematic diagrams of the open source software integration method and a schematic diagram of the integration platform of the present invention. As shown in the figure, an open source software integration method of the present invention includes: an electronic device 10, an integration platform 20, a first application 30, and a second application 40. The integration platform 20 is provided with a data table 22, a The communication unit 24 , a storage unit 26 , and an integrated unit 28 , the electronic device 10 is used to log in the integrated platform 20 , and the integrated platform 20 is connected to the first application 30 and the second application 40 .

如步驟S10所示,通過一電子裝置10登入一整合平台20。其中,該電子裝置10為手機、平板或個人電腦等,使用者通過該電子裝置10之一顯示單元登入該整合平台20,其中該整合平台20設置一操作界面,使用者於該操作界面鍵入登入信息。於本實施例中,更包含步驟:於該整合平台20之一資料表22中輸入一第一帳密及一第二帳密,該第一帳密對應該第一應用程序,該第二帳密對應該第二應用程序。該整合平台20之一通訊單元24分別發送該第一帳密至該第一應用程序30及發送該第二帳密至該第二應用程序40。且該整合平台20之一儲存單元26分別儲存該第一帳密及該第二帳密。As shown in step S10 , an integrated platform 20 is logged in through an electronic device 10 . The electronic device 10 is a mobile phone, a tablet or a personal computer, and the user logs in to the integrated platform 20 through a display unit of the electronic device 10 , wherein the integrated platform 20 is provided with an operation interface, and the user enters a login on the operation interface. information. In this embodiment, it further includes the step of: inputting a first account password and a second account password in a data table 22 of the integration platform 20, the first account password corresponding to the first application, the second account password The encrypted pair should be the second application. A communication unit 24 of the integration platform 20 sends the first account key to the first application 30 and the second account key to the second application 40, respectively. And a storage unit 26 of the integration platform 20 stores the first account secret and the second account secret respectively.

如步驟S20所示,執行一第一應用程序30及一第二應用程序40。其中,使用者通過該電子裝置10登入該整合平台20後,於該整合平台20執行該第一應用程序30及該第二應用程序40,該第一應用程序30及該第二應用程序40為開源軟體,其中開源軟體為開放原始碼軟體,可任意取用的電腦軟體,該開源軟體保留一部分權利並允許用戶學習、修改以及以任何目的向任何人分發該軟體。例如JBPM、Pentaho等,其中JBPM(Java Business Process Management)為業務流程管理,具體為覆蓋業務流程管理、工作流、服務協作等領域的開源、靈活、易擴展的可執行流程語言框架。Pentaho為商務智能軟體,其以工作流為核心,將數據集成處理和分析工具包結合的集成平台。As shown in step S20, a first application 30 and a second application 40 are executed. Wherein, after the user logs in the integrated platform 20 through the electronic device 10, the first application 30 and the second application 40 are executed on the integrated platform 20, and the first application 30 and the second application 40 are Open source software, where open source software is open source software, freely accessible computer software that retains some rights and allows users to learn, modify, and distribute the software to anyone for any purpose. For example, JBPM, Pentaho, etc. Among them, JBPM (Java Business Process Management) is business process management, specifically an open-source, flexible and easily extensible executable process language framework covering business process management, workflow, service collaboration and other fields. Pentaho is a business intelligence software, which takes workflow as the core and integrates data integration processing and analysis toolkit.

如步驟S30所示,發送一第一認證訊息及第二認證訊息。其中,使用者於該整合平台20首次成功登入該第一應用程序30及該第二應用程序40後,該第一應用程序30發送一第一認證訊息至一第一認證服務32及該第二應用程序40發送一第二認證訊息至一第二認證服務42,其中,該第一認證服務32為支援OpenID connect協議,其為一種認證標準,其使用REST/JSON消息流並可集成,OpenID支持的帳戶例如谷歌、雅虎、PayPal等。該第二認證服務42為支援SAML2.0 協議,其為一種安全性斷言的標記語言。然該第一認證服務32與該第二認證服務42可互相轉換,並不以上述協議為限,還可選擇例如OAuth2協議等。As shown in step S30, a first authentication message and a second authentication message are sent. Wherein, after the user successfully logs in the first application 30 and the second application 40 on the integration platform 20 for the first time, the first application 30 sends a first authentication message to a first authentication service 32 and the second application The application 40 sends a second authentication message to a second authentication service 42, wherein the first authentication service 32 supports the OpenID connect protocol, which is an authentication standard, which uses REST/JSON message flow and can be integrated, and OpenID supports account such as Google, Yahoo, PayPal, etc. The second authentication service 42 supports the SAML2.0 protocol, which is a markup language for security assertions. However, the first authentication service 32 and the second authentication service 42 can be converted to each other, and the protocol is not limited to the above-mentioned protocol. For example, the OAuth2 protocol can also be selected.

如步驟S40所示,驗證該第一認證訊息及該第二認證訊息。其中,該第一認證服務32收到該第一認證訊息及該第二認證服務42收到該第二認證訊息後,分別對該第一認證訊息及該第二認證訊息進行驗證。As shown in step S40, the first authentication message and the second authentication message are verified. The first authentication service 32 and the second authentication service 42 respectively verify the first authentication message and the second authentication message after receiving the second authentication message.

如步驟S50所示,傳送一第一認證符記及一第二認證符記。其中,該第一認證服務32驗證該第一認證訊息後傳送一第一認證符記至該整合平台20,該第二認證服務42驗證該第二認證訊息後傳送一第二認證符記至該整合平台20,當該第一認證服務32及該第二認證服務42認證失敗時,分別傳送一失敗訊息至該整合平台20。其中,該第一認證符記及該第二認證符記在計算機身份認證中為令牌之含義,一般作為邀請與登錄系統時使用。As shown in step S50, a first authentication token and a second authentication token are transmitted. The first authentication service 32 transmits a first authentication token to the integration platform 20 after verifying the first authentication message, and the second authentication service 42 transmits a second authentication token to the integration platform 20 after verifying the second authentication message. The integration platform 20 sends a failure message to the integration platform 20 respectively when the first authentication service 32 and the second authentication service 42 fail to authenticate. Wherein, the first authentication token and the second authentication token have the meaning of tokens in the computer identity authentication, and are generally used when inviting and logging in to the system.

如步驟S60所示,將該第一認證符記及該第二認證符記整合為一總認證符記。其中,該整合平台20之該通訊單元22分別接收該第一認證符記及該第二認證符記後,該通訊單元22將其傳送至該整合平台20之該整合單元28,於該步驟中使用單一簽入(Single Sign On,SSO)透過身份驗證機制之集中管理,協助使用者進行多個應用系統之帳號密碼管理。在本實施例中,該整合平台20使用單一簽入將該第一認證符記與該第二認證符記整合為該總認證符記。As shown in step S60, the first authentication token and the second authentication token are integrated into a total authentication token. Wherein, after the communication unit 22 of the integration platform 20 receives the first authentication token and the second authentication token respectively, the communication unit 22 transmits them to the integration unit 28 of the integration platform 20, in this step Using a single sign-in (Single Sign On, SSO) centralized management through the authentication mechanism to help users manage the account and password of multiple application systems. In this embodiment, the integration platform 20 integrates the first authentication token and the second authentication token into the total authentication token using a single sign-in.

如步驟S70所示,發送該總認證符記至該第一應用程序與該第二應用程序對應之第一認證服務32與第二認證服務42。其中,使用者於初次登陸該第一應用程序30及該第二應用程序40,且已認證獲得該第一認證符記及該第二認證符記,並整合為該總認證符記後,使用者再次於該電子裝置10登入該整合平台20時,該整合平台20之該通訊單元24即發送該總認證符記至該第一應用程序30或該第二應用程序40對應之第一認證服務32與第二認證服務42,由於該總認證符記由該第一認證符記及該第二認證符記整合而成,因此,可直接登錄該第一應用程序30及該第二應用程序40,實現登入單一平台即可完成其他應用程序的登入,無需重複逐一登錄單一的應用程序,減少了工作時間,簡化了登入程序。As shown in step S70, the total authentication token is sent to the first authentication service 32 and the second authentication service 42 corresponding to the first application and the second application. Wherein, the user logs in the first application 30 and the second application 40 for the first time, and has obtained the first authentication token and the second authentication token after being authenticated and integrated into the total authentication token, and then uses When the electronic device 10 logs into the integrated platform 20 again, the communication unit 24 of the integrated platform 20 sends the general authentication token to the first authentication service corresponding to the first application 30 or the second application 40 32 and the second authentication service 42, since the total authentication token is formed by integrating the first authentication token and the second authentication token, the first application 30 and the second application 40 can be directly logged in , the login of other applications can be completed by logging in to a single platform, and there is no need to repeatedly log in to a single application one by one, which reduces the working time and simplifies the login procedure.

如步驟S80所示,擷取該第一應用程序之一第一服務或該第二應用程序之一第二服務。其中,於該整合平台20之該通訊單元24發送該總認證符記至該第一應用程序30及該第二應用程序40對應之第一認證服務32與第二認證服務42後,該通訊單元24擷取該第一應用程序30之一第一服務或擷取該第二應用程序40之一第二服務至該整合平台20。於本實施例中,更可包含將該第一服務及該第二服務儲存至該儲存單元26,即整合不同應用程序之不同服務至該整合平台20上。簡化了單獨登錄的步驟。As shown in step S80, a first service of the first application or a second service of the second application is retrieved. Wherein, after the communication unit 24 of the integration platform 20 sends the total authentication token to the first authentication service 32 and the second authentication service 42 corresponding to the first application 30 and the second application 40, the communication unit 24 Retrieve a first service of the first application 30 or retrieve a second service of the second application 40 to the integration platform 20 . In this embodiment, it may further include storing the first service and the second service in the storage unit 26 , that is, integrating different services of different application programs into the integration platform 20 . Simplified steps to log in individually.

如步驟S90所示,顯示該第一服務與該第二服務。其中,該整合平台20擷取該第一應用程序30之一第一服務及該第二應用程序40之一第二服務後,於該電子裝置10上顯示該第一服務或該第二服務,為使用者提供不同程序之不同服務,使用者不需要個別登入多套應用程序即可使用其提供的服務,節省了使用者的時間。As shown in step S90, the first service and the second service are displayed. The integration platform 20 displays the first service or the second service on the electronic device 10 after retrieving a first service of the first application 30 and a second service of the second application 40 , Provide users with different services for different programs. Users do not need to log in to multiple sets of applications individually to use the services provided by them, which saves users' time.

以上所述之該第一應用程序30之第一服務、該第二應用程序40之第二服務、該第一認證服務32與該第二認證服務42為執行於相同或不同雲端主機上,因而不侷限其使用方式,所以本發明之開源軟體整合方法不會受到硬體設備上的限制。The first service of the first application 30, the second service of the second application 40, the first authentication service 32 and the second authentication service 42 are executed on the same or different cloud hosts, so Its usage is not limited, so the open source software integration method of the present invention is not limited by hardware devices.

綜上所述,本發明之一種開源軟體整合方法,藉由該整合平台20整合該第一應用程序及該第二應用程序對應之該第一認證符記及該第二認證符記為該總認證符記,並儲存於該整合平台之該儲存單元26中,且使用該通訊單元提取該第一應用程序之該第一服務及該第二應用程序之該第二服務,讓使用者無需單獨登入該第一應用程序及該第二應用程序對應之第一認證服務與第二認證服務,僅登入該整合平台即可使用該第一應用程序之該第一服務及該第二應用程序之該第二服務,簡化了登入的步驟,且節省了登入時的時間,使用更加便利。To sum up, in an open source software integration method of the present invention, the first authentication token and the second authentication token corresponding to the first application and the second application are integrated by the integration platform 20 as the total The authentication token is stored in the storage unit 26 of the integrated platform, and the communication unit is used to extract the first service of the first application and the second service of the second application, so that the user does not need to separate Log in to the first authentication service and the second authentication service corresponding to the first application and the second application, and only log in to the integrated platform to use the first service of the first application and the second application The second service simplifies the login steps, saves time during login, and is more convenient to use.

故本發明實為一具有新穎性、進步性及可供產業上利用者,應符合我國專利法專利申請要件無疑,爰依法提出發明專利申請,祈  鈞局早日賜准專利,至感為禱。Therefore, the present invention is indeed novel, progressive and available for industrial use, and it should meet the requirements of patent application in my country's patent law.

惟以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍,舉凡依本發明申請專利範圍所述之形狀、構造、特徵及精神所為之均等變化與修飾,均應包括於本發明之申請專利範圍內。However, the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the scope of implementation of the present invention. All changes and modifications made in accordance with the shape, structure, features and spirit described in the scope of the patent application of the present invention are equivalent. , shall be included in the scope of the patent application of the present invention.

10:電子裝置 20:整合平台 22:資料表 24:通訊單元 26:儲存單元 28:整合單元 30:第一應用程序 32:第一認證服務 40:第二應用程序 42:第二認證服務 S10~S90:步驟10: Electronics 20: Integrate Platforms 22: Data Sheet 24: Communication unit 26: Storage unit 28: Integration Unit 30: First App 32: First Authentication Service 40: Second application 42: Second Authentication Service S10~S90: Steps

第1圖:其為本發明之開源軟體整合方法之流程圖; 第2圖:其為本發明之開源軟體整合方法之示意圖;以及 第3圖:其為本發明之開源軟體整合方法之整合平台之示意圖。Figure 1: It is a flow chart of the open source software integration method of the present invention; Figure 2: It is a schematic diagram of the open source software integration method of the present invention; and Figure 3: It is a schematic diagram of the integration platform of the open source software integration method of the present invention.

10:電子裝置10: Electronics

20:整合平台20: Integrate Platforms

30:第一應用程序30: First App

32:第一認證主機32: The first authentication host

40:第二應用程序40: Second application

42:第二認證主機42: Second authentication host

Claims (8)

一種開源軟體整合方法,其步驟包含:通過一電子裝置登入一整合平台;於該整合平台執行一第一應用程序及一第二應用程序;該第一應用程序發送一第一認證訊息至一第一認證服務及該第二應用程序發送一第二認證訊息至一第二認證服務;該第一認證服務驗證該第一認證訊息及該第二認證服務驗證該第二認證訊息,並分別傳送一第一認證符記及一第二認證符記至該整合平台;該整合平台將該第一認證符記及該第二認證符記整合為一總認證符記;於該整合平台依據該第一應用程序、該第二應用程序與該總認證符記登入該第一認證服務與該第二認證服務,以取得該第一應用程序之一第一服務與該第二應用程序之一第二服務之授權;該整合平台擷取該第一服務與該第二服務;及於該電子裝置整合顯示該第一服務與該第二服務。 An open source software integration method, the steps of which include: logging into an integration platform through an electronic device; executing a first application program and a second application program on the integration platform; the first application program sending a first authentication message to a first An authentication service and the second application send a second authentication message to a second authentication service; the first authentication service verifies the first authentication message and the second authentication service verifies the second authentication message, and respectively sends a A first authentication token and a second authentication token are sent to the integration platform; the integration platform integrates the first authentication token and the second authentication token into a total authentication token; the integration platform is based on the first authentication token The application, the second application and the master authenticator are registered to the first authentication service and the second authentication service to obtain a first service of the first application and a second service of the second application The integration platform retrieves the first service and the second service; and integrates and displays the first service and the second service on the electronic device. 如專利範圍第1項所述之開源軟體整合方法,其中,於步驟:於該整合平台執行一第一應用程序及一第二應用程序步驟中,更包含步驟:於該整合平台之一資料表中輸入一第一帳密及一第二帳密,其中,該第一帳密對應該第一應用程序,該第二帳密對應該第二應用程序。 The open source software integration method as described in item 1 of the patent scope, wherein, in the step: executing a first application program and a second application program on the integration platform, further comprising the step of: creating a data table in the integration platform Input a first account password and a second account password in the , wherein, the first account password corresponds to the first application program, and the second account password corresponds to the second application program. 如專利範圍第2項所述之開源軟體整合方法,其中,於步驟:於該整合平台之一資料表中輸入一第一帳密及一第二帳密步驟後,更包含步驟:該整合平台之一通訊單元發送該第一帳密至該第一認證服務及發送該第二帳密至該第二認證服務。 The open source software integration method as described in item 2 of the patent scope, wherein after the step of: inputting a first account password and a second account password in a data table of the integration platform, further comprising the step of: the integration platform A communication unit sends the first account key to the first authentication service and sends the second account key to the second authentication service. 如專利範圍第3項所述之開源軟體整合方法,其中,於步驟:該整合平台之一通訊單元發送該第一帳密至該第一應用程序及發送該第二帳密至該第二應用程序步驟後,更包含步驟:該整合平台之一儲存單元儲存該第一帳密及該第二帳密。 The open source software integration method as described in item 3 of the patent scope, wherein, in the step: a communication unit of the integration platform sends the first account key to the first application and sends the second account key to the second application After the program steps, it further includes the step of: a storage unit of the integration platform stores the first account secret and the second account secret. 如專利範圍第1項所述之開源軟體整合方法,其中,於步驟:傳送一第一認證符記及一第二認證符記至該整合平台步驟後,更包含步驟:該整合平台儲存並整合該第一認證符記及該第二認證符記。 The open source software integration method as described in the first item of the patent scope, wherein, after the step of: transmitting a first authentication token and a second authentication token to the integration platform, further comprising the step of: storing and integrating the integration platform The first authentication token and the second authentication token. 如專利範圍第1項所述之開源軟體整合方法,其中於該整合平台將該第一認證符記及該第二認證符記整合為一總認證符記之步驟中,該整合平台使用單一記錄檔將該第一認證符記與該第二認證符記整合為該總認證符記。 The open source software integration method as described in claim 1 of the patent scope, wherein in the step of integrating the first authentication token and the second authentication token into a total authentication token by the integration platform, the integration platform uses a single record The file integrates the first authentication token and the second authentication token into the total authentication token. 如專利範圍第1項所述之開源軟體整合方法,其中,該第一認證服務為支援OpenID connect協議。 The open source software integration method as described in item 1 of the patent scope, wherein the first authentication service supports the OpenID connect protocol. 如專利範圍第1項所述之開源軟體整合方法,其中,該第二認證服務為支援SAML2.0協議。 The open-source software integration method as described in item 1 of the patent scope, wherein the second authentication service supports the SAML2.0 protocol.
TW109108908A 2020-03-18 2020-03-18 Open source software integration approach TWI768307B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109108908A TWI768307B (en) 2020-03-18 2020-03-18 Open source software integration approach

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109108908A TWI768307B (en) 2020-03-18 2020-03-18 Open source software integration approach

Publications (2)

Publication Number Publication Date
TW202137028A TW202137028A (en) 2021-10-01
TWI768307B true TWI768307B (en) 2022-06-21

Family

ID=79601280

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109108908A TWI768307B (en) 2020-03-18 2020-03-18 Open source software integration approach

Country Status (1)

Country Link
TW (1) TWI768307B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090217366A1 (en) * 2005-05-16 2009-08-27 Lenovo (Beijing) Limited Method For Implementing Unified Authentication
TW201030637A (en) * 2009-02-10 2010-08-16 Alibaba Group Holding Ltd A method providing internet service and service integration platform system
CN104753927A (en) * 2015-03-12 2015-07-01 杭州华三通信技术有限公司 Unified verification method and device
TW201541977A (en) * 2013-04-26 2015-11-01 內數位專利控股公司 Policy federation framework for facilitating multi-factor authentication using SSO systems
US9348934B2 (en) * 2010-03-10 2016-05-24 Lockheed Martin Corporation Systems and methods for facilitating open source intelligence gathering
US20170187753A1 (en) * 2015-12-28 2017-06-29 Dell Software, Inc. Context-aware delegation engine
US20180013763A1 (en) * 2016-05-11 2018-01-11 Oracle International Corporation Multi-tenant identity and data security management cloud service
US20190166115A1 (en) * 2013-09-20 2019-05-30 Oracle International Corporation Web-based interface integration for single sign-on
TW202001640A (en) * 2018-06-22 2020-01-01 美商奧誓公司 Native single sign-on (SSO) for mobile applications

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090217366A1 (en) * 2005-05-16 2009-08-27 Lenovo (Beijing) Limited Method For Implementing Unified Authentication
TW201030637A (en) * 2009-02-10 2010-08-16 Alibaba Group Holding Ltd A method providing internet service and service integration platform system
US9348934B2 (en) * 2010-03-10 2016-05-24 Lockheed Martin Corporation Systems and methods for facilitating open source intelligence gathering
TW201541977A (en) * 2013-04-26 2015-11-01 內數位專利控股公司 Policy federation framework for facilitating multi-factor authentication using SSO systems
US20190166115A1 (en) * 2013-09-20 2019-05-30 Oracle International Corporation Web-based interface integration for single sign-on
CN104753927A (en) * 2015-03-12 2015-07-01 杭州华三通信技术有限公司 Unified verification method and device
US20170187753A1 (en) * 2015-12-28 2017-06-29 Dell Software, Inc. Context-aware delegation engine
US20180013763A1 (en) * 2016-05-11 2018-01-11 Oracle International Corporation Multi-tenant identity and data security management cloud service
TW202001640A (en) * 2018-06-22 2020-01-01 美商奧誓公司 Native single sign-on (SSO) for mobile applications

Also Published As

Publication number Publication date
TW202137028A (en) 2021-10-01

Similar Documents

Publication Publication Date Title
US12137091B2 (en) Single sign-on enabled with OAuth token
US11843611B2 (en) Framework for multi-level and multi-factor inline enrollment
US10432608B2 (en) Selectively enabling multi-factor authentication for managed devices
CN108293045B (en) Single sign-on identity management between local and remote systems
US11601412B2 (en) Securely managing digital assistants that access third-party applications
US11627129B2 (en) Method and system for contextual access control
US10805301B2 (en) Securely managing digital assistants that access third-party applications
US10187374B2 (en) Multi-factor authentication for managed applications using single sign-on technology
CN107018119B (en) Authentication system, method and platform
CN107743702B (en) Single Sign-On for Managed Mobile Devices
JP2018533141A (en) Access server authenticity check initiated by end user
CN107070667A (en) Identity identifying method, user equipment and server
CN107690792A (en) Single sign-on for unmanaged mobile devices
WO2013099065A1 (en) Authentication coordination system and id provider device
CN107770192A (en) Identity authentication method and computer-readable recording medium in multisystem
CN109428725A (en) Information processing equipment, control method and storage medium
CN110247758A (en) The method, apparatus and code management device of Password Management
CN111241523B (en) Authentication processing method, apparatus, device and storage medium
US20230077995A1 (en) Application Programming Interface (API) Automation Framework
CN105354482A (en) Single sign-on method and device
CN116170234B (en) Single sign-on method and system based on virtual account authentication
CN113506108B (en) Account management method, device, terminal and storage medium
TWI357752B (en) Network user id verification system and method
CN102546168A (en) Communication device for identity authentication
TWI768307B (en) Open source software integration approach