METHOD, DEVICE AND SYSTEM FOR LOGGING IN UNIX-LIKE VIRTUAL CONTAINER

US 20150244811A1
Filed: 09/16/2013
Published: 08/27/2015
Est. Priority Date: 09/17/2012
Status: Active Grant

First Claim

Patent Images

1. A method for logging in a Unix-like virtual container, comprising:

establishing a corresponding relationship between a Unix-like virtual container and a port on a host running the Unix-like virtual container;

establishing a transparent pipe between the Unix-like virtual container and the host port based on the corresponding relationship, and establishing a first connection between the Unix-like virtual container and the host port based on the transparent pipe; and

receiving a script command through the host port, and sending the script command to the Unix-like virtual container according to the first connection;

wherein after receiving the script command through the host port and before sending the script command to the Unix-like virtual container, the method further comprises;

partitioning the script command according to a preset marker and performing symbol extension to the partitioned script command to obtain a symbol-extended script command;

determining whether the symbol-extended script command is included in a preset script command whitelist; and

in response to determining that the symbol-extended script command is included in the preset script command whitelist, sending the symbol-extended script command to the Unix-like virtual container according to the first connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the present disclosure describe a method, apparatus and system for logging in a Unix-like virtual container. The method include establishing a corresponding relationship between a Unix-like virtual container and a port on a host running the Unix-like virtual container; establishing a transparent pipe between the Unix-like virtual container and the host port based on the corresponding relationship, establishing a first connection between the Unix-like virtual container and the host port based on the transparent pipe; receiving a script command through the host port, and sending the script command to the Unix-like virtual container according to the first connection. Employing embodiments of the present disclosure, the Unix-like virtual container can be logged in through the connection between the host port and the Unix-like virtual container, the information security of the Unix-like virtual container can be ensured, and the access efficiency can be improved through asynchronous access.

Citations

16 Claims

1. A method for logging in a Unix-like virtual container, comprising:
- establishing a corresponding relationship between a Unix-like virtual container and a port on a host running the Unix-like virtual container;
  
  establishing a transparent pipe between the Unix-like virtual container and the host port based on the corresponding relationship, and establishing a first connection between the Unix-like virtual container and the host port based on the transparent pipe; and
  
  receiving a script command through the host port, and sending the script command to the Unix-like virtual container according to the first connection;
  
  wherein after receiving the script command through the host port and before sending the script command to the Unix-like virtual container, the method further comprises;
  
  partitioning the script command according to a preset marker and performing symbol extension to the partitioned script command to obtain a symbol-extended script command;
  
  determining whether the symbol-extended script command is included in a preset script command whitelist; and
  
  in response to determining that the symbol-extended script command is included in the preset script command whitelist, sending the symbol-extended script command to the Unix-like virtual container according to the first connection.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. The method of claim 1, wherein the operation of receiving the script command through the host port comprises:
    - establishing a hypertext transfer protocol (HTTP) connection between the host port and a browser through a hypertext transfer protocol and receiving the script command through the HTTP connection;
      
      the method further comprising;
      
      preconfiguring a connection time threshold;
      
      determining whether the HTTP connection between the host port and the browser exceeds the connection time threshold;
      
      in response to determining that the HTTP connection between the host port and the browser exceeds the connection time threshold, disconnecting the HTTP connection; and
      
      in response to determining that the HTTP connection between the host port and the browser does not exceed the connection time threshold, keeping the HTTP connection.
  - 4. The method of claim 1, further comprising:
    - establishing a first HTTP connection and a second HTTP connection between the host port and a browser through a hypertext transfer protocol;
      
      receiving, through the second HTTP connection, an operation terminating request sent from the browser, wherein an identifier (ID) of the first HTTP connection is carried in the request; and
      
      upon receiving the operation terminating request sent from the browser, finding the first HTTP connection according to the ID of the first HTTP connection carried in the request and sending an operation terminating script command to the Unix-like virtual container through the first connection between the Unix-like virtual container and the host port, so that the Unix-like virtual container executes the operation terminating script command and terminates operations associated with the first HTTP connection.
  - 5. The method of claim 1, wherein the operation of receiving the script command through the host port comprises:
    - establishing an HTTP connection between the host port and a browser through a hypertext transfer protocol and receiving the script command through the HTTP connection;
      
      the method further comprising;
      
      determining whether the HTTP connection between the host port and the browser is disconnected; and
      
      in response to determining that the HTTP connection between the host port and the browser is disconnected, sending an operation terminating script command to the Unix-like virtual container through the first connection, so that the Unix-like virtual container executes the operation terminating script command and terminates operations associated with the HTTP connection.
  - 6. The method of claim 1, further comprising:
    - generating a command display interface;
      
      capturing a user keyboard operating character associated with the script command received by the host port; and
      
      displaying the user keyboard operating character on the command display interface.
  - 7. The method of claim 1, further comprising:
    - the Unix-like virtual container responding to the script command and returning a script command response to the host port in a manner of data chunking; and
      
      sending, by the host port, chunked data to an interface of a browser for synchronized displaying.

2. (canceled)

8. An apparatus for logging in a Unix-like virtual container, comprising:
- a transparent pipe establishing module, configured toestablish a corresponding relationship between a Unix-like virtual container and a port on a host running the Unix-like virtual container, and establish a transparent pipe between the Unix-like virtual container and the host port based on the corresponding relationship;
  
  a connection establishing module, configured toestablish a first connection between the Unix-like virtual container and the host port based on the transparent pipe; and
  
  a script command sending module, configured toreceive a script command through the host port and send the script command to the Unix-like virtual container according to the first connection;
  
  a script command preprocessing module, configured topartition the script command according to a preset marker,perform symbol extension to the partitioned script command to obtain a symbol-extended script command,determine whether the symbol-extended script command is included in a preset script command whitelist, andin response to determining that the symbol-extended script command is included in the preset script command whitelist, enable the script command sending module to send the symbol-extended script command to the Unix-like virtual container according to the first connection.
- View Dependent Claims (10, 11, 12)
- - 10. The apparatus of claim 8, wherein the script command sending module is configured to establish a hypertext transfer protocol (HTTP) connection between the host port and a browser through a hypertext transfer protocol and receive the script command through the HTTP connection;
    - the apparatus further comprising;
      
      a connection time keeping module, configured topreconfigure a connection time threshold,determine whether the HTTP connection between the host port and the browser exceeds the connection time threshold,in response to determining that the HTTP connection exceeds the connection time threshold, disconnect the HTTP connection, andin response to determining that the HTTP connection does not exceed the connection time threshold, keep the HTTP connection.
  - 11. The apparatus of claim 8, wherein the script command sending module is configured to establish a first HTTP connection and a second HTTP connection between a browser and the host port through a hypertext transfer protocol;
    - the apparatus further comprising;
      
      a connection disconnecting module, configured toreceive, through the second HTTP connection, an operation terminating request sent from the browser, wherein an identifier (ID) of the first HTTP connection is carried in the request, andupon receiving the operation terminating request sent from the browser, find the first HTTP connection according to the ID of the first HTTP connection carried in the request and send an operation terminating script command to the Unix-like virtual container through the first connection between the Unix-like virtual container and the host port, so that the Unix-like virtual container executes the operation terminating script command and terminates operations associated with the first HTTP connection.
  - 12. The apparatus of claim 8, wherein the script command sending module is configured to establish an HTTP connection between a browser and the host port through a hypertext transfer protocol and receive the script command through the HTTP connection;
    - the apparatus further comprising;
      
      an HTTP connection determining module, configured todetermine whether the HTTP connection between the host port and the browser is disconnected, andin response to determining that the HTTP connection between the host port and the browser is disconnected, send an operation terminating script command to the Unix-like virtual container through the first connection, so that the Unix-like virtual container executes the operation terminating script command and terminates operations associated with the HTTP connection.

9. (canceled)

13. A system for logging in a Unix-like virtual container, comprising a Web browser, a Unix-like virtual container login apparatus, and a host;
- wherein the host runs a Unix-like virtual container and there is a hypertext transfer protocol (HTTP) connection between the Web browser and the Unix-like virtual container login apparatus;
  
  whereinthe Web browser is configured toreceive a script command and send the script command to the Unix-like virtual container login apparatus through the HTTP connection; and
  
  the Unix-like virtual container login apparatus is configured toestablish a corresponding relationship between the Unix-like virtual container and a port on the host, and establish a transparent pipe between the Unix-like virtual container and the host port based on the corresponding relationship,establish a first connection between the Unix-like virtual container and the host port based on the transparent pipe,receive the script command sent from the Web browser through the host port, andsend the script command to the Unix-like virtual container according to the first connection;
  
  wherein the Unix-like virtual container login apparatus is further configured topartition the script command according to a preset marker,perform symbol extension to the partitioned script command to obtain a symbol-extended script command,determine whether the symbol-extended script command is included in a preset script command whitelist, andin response to determining that the symbol-extended script command is included in the preset script command whitelist, send the symbol-extended script command to the Unix-like virtual container according to the first connection.
- View Dependent Claims (15, 16)
- - 15. The system of claim 13, wherein the Unix-like virtual container login apparatus is further configured togenerate a command display interface,capture a user keyboard operating character associated with the script command received by the host port, anddisplay the user keyboard operating character on the command display interface.
  - 16. The system of claim 13, wherein the Unix-like virtual container login apparatus is further configured to establish the first connection between the Unix-like virtual container and the host port through the transparent pipe and based on a Secure Shell protocol (SSH) or a Secure Shell protocol 2 (SSH2).

14. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tencent Technology Shenzhen Company Limited (Tencent Holdings Limited)
Original Assignee
Tencent Technology Shenzhen Company Limited (Tencent Holdings Limited)
Inventors
Zhu, Baiwan, Huang, Jie, Lu, Ke, Zeng, Lifeng

Granted Patent

US 9,609,063 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

G06F 2209/549   Remote execution

G06F 2221/2101   Auditing as a secondary aspect

G06F 9/00   Arrangements for program co...

G06F 9/544   Buffers; Shared memory; Pipes

G06F 9/547   Remote procedure calls [RPC...

H04L 67/02   based on web technology, e....

H04L 67/141   Setup of application sessio...

METHOD, DEVICE AND SYSTEM FOR LOGGING IN UNIX-LIKE VIRTUAL CONTAINER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD, DEVICE AND SYSTEM FOR LOGGING IN UNIX-LIKE VIRTUAL CONTAINER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links