CN102739678A - Single sign-on processing system and single sign-on processing method - Google Patents

Single sign-on processing system and single sign-on processing method Download PDF

Info

Publication number
CN102739678A
CN102739678A CN2012102226874A CN201210222687A CN102739678A CN 102739678 A CN102739678 A CN 102739678A CN 2012102226874 A CN2012102226874 A CN 2012102226874A CN 201210222687 A CN201210222687 A CN 201210222687A CN 102739678 A CN102739678 A CN 102739678A
Authority
CN
China
Prior art keywords
user
sign
name
user profile
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012102226874A
Other languages
Chinese (zh)
Other versions
CN102739678B (en
Inventor
王国伟
黄雄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yonyou Network Technology Co Ltd
Original Assignee
Yonyou Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yonyou Software Co Ltd filed Critical Yonyou Software Co Ltd
Priority to CN201210222687.4A priority Critical patent/CN102739678B/en
Publication of CN102739678A publication Critical patent/CN102739678A/en
Application granted granted Critical
Publication of CN102739678B publication Critical patent/CN102739678B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention provides a single sign-on processing system which comprises a client side processing module and a server side processing module, wherein the client side processing module acquires a sign-on request sent by a user and provides the sign-on request to the server side processing module, the server side processing module acquires a related information record text from a browser and accordingly judges whether the user signs on, and informs the client side processing module, if so, the client side processing module acquires a username from the server side processing module so as to further acquire the complete user information of the user so as to realize sign-on. Accordingly, the invention further provides a single sign-on processing method. Through the technical scheme, the single sign-on can be realized on the existing clients written in any language, the coupling of systems can be reduced, the integration cost can be lowered, and flexible plugging can be realized.

Description

Single-sign-on treatment system and single-sign-on processing method
Technical field
The present invention relates to single-sign-on integrated technology field, in particular to a kind of single-sign-on treatment system and a kind of single-sign-on processing method.
Background technology
The single-sign-on technology has a lot of solutions now on the market, and is typical in CAS.
CAS (Central Authentication Service) is the project of increasing income that Yale university initiates, and being intended to provides a kind of reliable single-point logging method for the Web application system.
See that from structural system CAS comprises two parts: CAS Server and CAS Client, as shown in Figure 1.
CAS Server is responsible for accomplishing the certification work to the user, vouchers (Credentials) such as meeting process user name/password, and it may arrive usersaccount information of database retrieval; Also maybe be in the XML file retrieval user password, to this mode, the mode that CAS all provides a kind of flexible but same interface/realization to separate; Which kind of authentication mode CAS uses; Separate with the CAS agreement, just, the realization details of this authentication can oneself customize and expansion.
CAS Client is responsible for being deployed in client; In principle; The deployment of CAS Client means, as the access request of the locked resource that local Web is used, and need carry out authentication to the requesting party time; Web uses similar Credentials such as no longer accepting any user name password, carries out authentication but be redirected to CAS Server.
At present, CAS Client supports (some is in improving) very many clients, comprises clients such as Java .Net, ISAPI, Php, Perl, uPortal, Acegi, Ruby, VBS cript.
The much auxiliary bag of the such single-sign-on Technology Need of the CAS third party system integration is to the corresponding different client side program of the system of different language exploitation.There is following defective in this Integrated Solution based on client-side program: 1) can not solve language difference property by the good use current techique; 2) the adding client-side program is bigger to the intrusion of original system; 3) can't make different reactions according to user's logging status flexibly.
Therefore, need a kind of new technical scheme, can on the client of existing any language, realize single-sign-on, reduce coupling, reduction integrated cost between system simultaneously, realize plug flexibly.
Summary of the invention
Technical problem to be solved by this invention is, a kind of new technical scheme is provided, and can on the client of existing any language, realize single-sign-on, reduces coupling, reduction integrated cost between system simultaneously, realizes plug flexibly.
In view of this; The invention provides a kind of single-sign-on treatment system; Comprise client process module that is positioned at Authentication Client and the server-side processes module that is positioned at the certificate server end, said client process module is obtained the user and is sent the request of registering service system through browser, and offers said server-side processes module; Said server-side processes module is obtained from said browser and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said client process module, said information recording text comprises said user's user's name; Said client process module is when said user has logined; Obtain said user's name from said server-side processes module, and obtain the complete user profile of said user, login said operation system through said user profile according to said user's name.
In the present technique scheme; The cookies that said information recording text is in the art to be said; Said server-side processes module is directly obtained relevant cookies information from said browser, and then judges associated user's login situation, and this just makes said single-sign-on treatment system when judges login situation; Can not depend on certain main business system; But each operation system is handled as square one, so just improved the degree of flexibility that the single-sign-on operation realizes, improved user experience.
In technique scheme; Preferably; Said server-side processes module generates unique identifier according to said user's name, and offers said client process module when said user has logined; Said client process module is obtained said user's name according to said unique identifier from said server-side processes module.Through said server-side processes module when said user has logined; Generate said unique identifier according to said user's name; This identification code becomes said client process module at the passage when said server-side processes module is obtained said user's name each time; Like this, just make said client process module can get access to correspondingly user's name quickly and accurately, and then guarantee the reliability that said each time single-sign-on operation realizes.
In technique scheme, preferably, said client process module is at first obtained said user profile from the data of said operation system, in the time of can't getting access to said user profile, obtains said user profile from said server-side processes module again.In the present technique scheme; Said user profile possibly just be present in after the user logined among the said operation system; If so; Said client process module is directly obtained this information from said operation system, will be higher than obtaining efficient from the said server-side processes module that records this information, help improving user's operating experience.But; If do not write down said user profile in the said operation system; Then said client process module can only be obtained this information from said server-side processes module, can also accomplish the initialization generating run to said user profile to said operation system simultaneously.
In technique scheme, preferably, said client process module is not logined maybe can't obtain said unique identifier the time said user, receives the said user profile of said user's input, and realizes logining through said user profile.That is to say; In the present technique scheme, when said certificate server can't operate as normal, said single-sign-on treatment system also can directly point out the user to carry out register again by independent operating; And then reduced the coupling between related system, realized flexible plug.
In technique scheme, preferably, said server-side processes module generates dynamic java script file, writes down said unique identifier, and said client process module is extracted said unique identifier from said java script file.
In the present technique scheme; Can utilize said java script file to write down said unique identifier; Versatility and flexibility based on java script script height; Make said single-sign-on treatment system can be adapted to client, strengthened the flexibility of this system greatly with any language.
Correspondingly, the present invention also provides a kind of single-sign-on processing method, comprising: step 302, and obtain the user at Authentication Client and send the request of registering service system, and offer the certificate server end through browser; Step 304; At said certificate server end; From said browser, obtain and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said Authentication Client, said information recording text comprises said user's user's name; Step 306 at said Authentication Client, when said user has logined, is obtained said user's name from said certificate server end, and is obtained the complete user profile of said user according to said user's name, logins said operation system through said user profile.
In the present technique scheme; The cookies that said information recording text is in the art to be said; Directly from said browser, obtain relevant cookies information at said certificate server end, and then judge associated user's login situation, this just makes uses said single-sign-on processing method when judges login situation; Can not depend on certain main business system; But each operation system is handled as square one, so just improved the degree of flexibility that the single-sign-on operation realizes, improved user experience.
In technique scheme, preferably, said step 304 also comprises: when said user has logined, generate unique identifier according to said user's name, and offer said Authentication Client; Said step 306 comprises: according to said unique identifier, obtain said user's name from said certificate server end.Through when said user has logined; Generate said unique identifier according to said user's name; This identification code becomes each time the passage when said certificate server end obtains said user's name; Like this, just can get access to correspondingly user's name quickly and accurately, and then guarantee the reliability that said each time single-sign-on operation realizes.
In technique scheme, preferably, said step 306 comprises: at first from the data of said operation system, obtain said user profile, in the time of can't getting access to said user profile, obtain said user profile from said certificate server end again.In the present technique scheme; Said user profile possibly just be present in after the user logined among the said operation system; If so; Can directly from said operation system, obtain this information, will be higher than obtaining efficient from the said certificate server end that records this information, help improving user's operating experience.But, if do not write down said user profile in the said operation system, then can only bring in this information of obtaining from said certificate server, can also accomplish initialization generating run to said operation system simultaneously to said user profile.
In technique scheme, preferably, said step 306 also comprises: do not login maybe can't obtain said unique identifier the time said user, receive the said user profile of said user's input, and realize logining through said user profile.That is to say; In the present technique scheme, when said certificate server can't operate as normal, use said single-sign-on processing method and also can login again and accomplish correlation function through direct prompting user; And then reduced the coupling between related system, realized flexible plug.
In technique scheme, preferably, said step 302 also comprises: generate dynamic java script file, write down said unique identifier; Said step 304 also comprises: from said java script file, extract said unique identifier.
In the present technique scheme; Can utilize said java script file to write down said unique identifier; Versatility and flexibility based on java script script height; Make said single-sign-on processing method can be adapted to client, increased the scope of application of this method with any language.
Through above technical scheme, can on the client of existing any language, realize single-sign-on, reduce coupling, reduction integrated cost between system simultaneously, realize plug flexibly.
Description of drawings
Fig. 1 shows the structure diagram of the CAS in the correlation technique;
Fig. 2 shows the block diagram of single-sign-on treatment system according to an embodiment of the invention;
Fig. 3 shows the flow chart of single-sign-on processing method according to an embodiment of the invention;
Fig. 4 shows the sketch map of CAS Server end DYNAMIC J S generative process according to an embodiment of the invention;
Fig. 5 shows the sketch map of CAS Client end DYNAMIC J S proof procedure according to an embodiment of the invention;
Fig. 6 shows the flow chart that single-sign-on processing method according to an embodiment of the invention utilizes the JS technology to realize.
Embodiment
In order more to be expressly understood above-mentioned purpose of the present invention, feature and advantage, the present invention is further described in detail below in conjunction with accompanying drawing and embodiment.
Set forth a lot of details in the following description so that make much of the present invention, still, the present invention can also adopt other to be different from other modes described here and implement, and therefore, the present invention is not limited to the restriction of following disclosed specific embodiment.
Fig. 2 shows the block diagram of single-sign-on treatment system according to an embodiment of the invention.
As shown in Figure 2; The single-sign-on treatment system 200 according to an embodiment of the invention; Comprise client process module 202 that is positioned at Authentication Client and the server-side processes module 204 that is positioned at the certificate server end, said client process module 202 is obtained the user and is sent the request of registering service system through browser, and offers said server-side processes module 204; Said server-side processes module 204 is obtained from said browser and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said client process module 202, said information recording text comprises said user's user's name; Said client process module 202 is when said user has logined; Obtain said user's name from said server-side processes module 204, and obtain the complete user profile of said user, login said operation system through said user profile according to said user's name.
In the present technique scheme; The cookies that said information recording text is in the art to be said; Said server-side processes module 204 is directly obtained relevant cookies information from said browser, and then judges associated user's login situation, and this just makes said single-sign-on treatment system 200 when judges login situation; Can not depend on certain main business system; But each operation system is handled as square one, so just improved the degree of flexibility that the single-sign-on operation realizes, improved user experience.
In technique scheme; Preferably; Said server-side processes module 204 generates unique identifier according to said user's name, and offers said client process module 202 when said user has logined; Said client process module 202 is obtained said user's name according to said unique identifier from said server-side processes module 204.Through said server-side processes module 204 when said user has logined; Generate said unique identifier according to said user's name; This identification code becomes said client process module 202 at the passage when said server-side processes module 204 is obtained said user's name each time; Like this, just make said client process module 202 can get access to correspondingly user's name quickly and accurately, and then guarantee the reliability that said each time single-sign-on operation realizes.
In technique scheme, preferably, said client process module 202 is at first obtained said user profile from the data of said operation system, in the time of can't getting access to said user profile, obtains said user profile from said server-side processes module 204 again.In the present technique scheme; Said user profile possibly just be present in after the user logined among the said operation system; If so; Said client process module 202 is directly obtained this information from said operation system, will be higher than obtaining efficient from the said server-side processes module 204 that records this information, help improving user's operating experience.But; If do not write down said user profile in the said operation system; Then said client process module 202 can only be obtained this information from said server-side processes module 204, can also accomplish the initialization generating run to said user profile to said operation system simultaneously.
In technique scheme, preferably, said client process module 202 is not logined maybe can't obtain said unique identifier the time said user, receives the said user profile of said user's input, and realizes logining through said user profile.That is to say; In the present technique scheme, when said certificate server can't operate as normal, said single-sign-on treatment system 200 also can directly point out the user to carry out register again by independent operating; And then reduced the coupling between related system, realized flexible plug.
In technique scheme, preferably, said server-side processes module 204 generates dynamic java script file, writes down said unique identifier, and said client process module 202 is extracted said unique identifier from said java script file.
In the present technique scheme; Can utilize said java script file to write down said unique identifier; Versatility and flexibility based on java script script height; Make said single-sign-on treatment system 200 can be adapted to client, strengthened the flexibility of this system greatly with any language.
Fig. 3 shows the flow chart of single-sign-on processing method according to an embodiment of the invention.
As shown in Figure 3, single-sign-on processing method according to an embodiment of the invention comprises: step 302, and obtain the user at Authentication Client and send the request of registering service system, and offer the certificate server end through browser; Step 304; At said certificate server end; From said browser, obtain and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said Authentication Client, said information recording text comprises said user's user's name; Step 306 at said Authentication Client, when said user has logined, is obtained said user's name from said certificate server end, and is obtained the complete user profile of said user according to said user's name, logins said operation system through said user profile.
In the present technique scheme; The cookies that said information recording text is in the art to be said; Directly from said browser, obtain relevant cookies information at said certificate server end, and then judge associated user's login situation, this just makes uses said single-sign-on processing method when judges login situation; Can not depend on certain main business system; But each operation system is handled as square one, so just improved the degree of flexibility that the single-sign-on operation realizes, improved user experience.
In technique scheme, preferably, said step 304 also comprises: when said user has logined, generate unique identifier according to said user's name, and offer said Authentication Client; Said step 306 comprises: according to said unique identifier, obtain said user's name from said certificate server end.Through when said user has logined; Generate said unique identifier according to said user's name; This identification code becomes each time the passage when said certificate server end obtains said user's name; Like this, just can get access to correspondingly user's name quickly and accurately, and then guarantee the reliability that said each time single-sign-on operation realizes.
In technique scheme, preferably, said step 306 comprises: at first from the data of said operation system, obtain said user profile, in the time of can't getting access to said user profile, obtain said user profile from said certificate server end again.In the present technique scheme; Said user profile possibly just be present in after the user logined among the said operation system; If so; Can directly from said operation system, obtain this information, will be higher than obtaining efficient from the said certificate server end that records this information, help improving user's operating experience.But, if do not write down said user profile in the said operation system, then can only bring in this information of obtaining from said certificate server, can also accomplish initialization generating run to said operation system simultaneously to said user profile.
In technique scheme, preferably, said step 306 also comprises: do not login maybe can't obtain said unique identifier the time said user, receive the said user profile of said user's input, and realize logining through said user profile.That is to say; In the present technique scheme, when said certificate server can't operate as normal, use said single-sign-on processing method and also can login again and accomplish correlation function through direct prompting user; And then reduced the coupling between related system, realized flexible plug.
In technique scheme, preferably, said step 302 also comprises: generate dynamic java script file, write down said unique identifier; Said step 304 also comprises: from said java script file, extract said unique identifier.
In the present technique scheme; Can utilize said java script file to write down said unique identifier; Versatility and flexibility based on java script script height; Make said single-sign-on processing method can be adapted to client, increased the scope of application of this method with any language.
Fig. 4 shows the sketch map of CAS Server end DYNAMIC J S generative process according to an embodiment of the invention.
As shown in Figure 4, CAS Server (being said certificate server) end DYNAMIC J S generative process is following according to an embodiment of the invention:
Step 402, said certificate server end gets access to the request of browser.The user increases interface newly at CAS Server server, such as Http:// uop.yonyou.com/home/loginstat.jsp random=34323453432, said certificate server end to the visit of this request, gets access in the browser cookies information about login user through browser.
Step 404, the correctness and the time validity of said certificate server end verification cookies value in internal memory particularly, comprise third party system domain name legitimacy, third party's system request time legitimacy, third party's system key legitimacy etc.
Step 406, according to the check results of said step 404, whether judges had logined said CAS Server, and generated feedback DYNAMIC J S code according to this result: if the user did not login, then the JS code content of feedback is: var_loginstat=false; If the user logined, then the JS code content of feedback is:
var_lo?ginstat=true;
var_isExpired=false;
var_uuid=550E8400E29B11D4A716446655440000。
Fig. 4 is merely the sketch map of above-mentioned flow process, and arrow wherein only is used for signal, is not the flow direction of data in absolute order or the said step of the said step of expression.
Fig. 5 shows the sketch map of CAS Client end DYNAMIC J S proof procedure according to an embodiment of the invention.
As shown in Figure 5, CAS Client end (being said client) DYNAMIC J S proof procedure is following according to an embodiment of the invention:
Step 502, the user logins said CAS Server, and through verification (such as cryptographic check, identifying code verification etc.), whether judges logins success: if not, then return the information of login failure; If then change the internal storage state of browser, the cookies that generation is relevant, and return the information that login is accomplished.
Step 504, for the CAS Client of any language end program, such as the jsp program end, through code below third party's system home page increases:
<script?type=" />textjavascript"
src=" http://uop.yonyou.com/home/loginstat.jsp?random=34323453432”>
</script>
Explain: parameter random is a random parameter, prevents the browse request buffer memory, and is nonsensical to asking itself.
Quote the JS that in above-mentioned steps 406, generates.When said user logins third party's operation system, according to the feedback result of this JS, carry out the JS authentication at the page, determine the strategy that turns to of said third party system by this DYNAMIC J S content, its logic is following:
Figure BDA00001825834000101
Afterwards; CAS Client end is through filtering said JS feedack; Obtain the uuid (Universally Unique Identifier, promptly general unique identification sign indicating number) that wherein said user logins generation, and initiate verification said uuid to said CAS Server end.
Step 506, after the verification completion for said uuid, said CAS Client end carries out user's verification according to said uuid, to obtain corresponding said user's name.
Fig. 6 shows the flow chart that single-sign-on processing method according to an embodiment of the invention utilizes the JS technology to realize.
As shown in Figure 6, the single-sign-on processing method utilizes the flow process of JS technology realization following according to an embodiment of the invention:
Step 602, the javascript of embedding single-sign-on certificate server in each operation system.
Step 604, through analyzing the javascript file that obtains, whether judges is logined, if not login then points out the user to login, if login, then can obtain the unique identifier of this login of active user.
Step 606, as parameter, the invoking web page service gets access to the actual user title of current login user according to unique sign of logged-in user.
Step 608; Load complete user profile in this operation system according to said user's name; If said user's name does not exist in this operation system, then can obtain complete user profile as the parameter of said web service from said certificate server and accomplish initialization operation through said user's name.
More than be described with reference to the accompanying drawings technical scheme of the present invention.Through the application of present technique scheme, can on the client of existing any language, realize single-sign-on, reduce coupling, reduction integrated cost between system simultaneously, realize plug flexibly.
The above is merely the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (10)

1. single-sign-on treatment system; It is characterized in that; Comprise client process module that is positioned at Authentication Client and the server-side processes module that is positioned at the certificate server end, said client process module is obtained the user and is sent the request of registering service system through browser, and offers said server-side processes module; Said server-side processes module is obtained from said browser and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said client process module, said information recording text comprises said user's user's name; Said client process module is when said user has logined; Obtain said user's name from said server-side processes module, and obtain the complete user profile of said user, login said operation system through said user profile according to said user's name.
2. single-sign-on treatment system according to claim 1; It is characterized in that; Said server-side processes module generates unique identifier according to said user's name, and offers said client process module when said user has logined; Said client process module is obtained said user's name according to said unique identifier from said server-side processes module.
3. single-sign-on treatment system according to claim 1; It is characterized in that; Said client process module is at first obtained said user profile from the data of said operation system, in the time of can't getting access to said user profile, obtain said user profile from said server-side processes module again.
4. single-sign-on treatment system according to claim 1; It is characterized in that; Said client process module is not logined maybe can't obtain said unique identifier the time said user, receives the said user profile of said user's input, and realizes logining through said user profile.
5. according to each described single-sign-on treatment system in the claim 1 to 4; It is characterized in that; Said server-side processes module generates dynamic java script file; Write down said unique identifier, said client process module is extracted said unique mark code from said java script file.
6. a single-sign-on processing method is characterized in that, comprising:
Step 302 is obtained the user at Authentication Client and is sent the request of registering service system through browser, and offers the certificate server end;
Step 304; At said certificate server end; From said browser, obtain and said user-dependent information recording text; And judge according to said information recording text whether said user logins, and notify said Authentication Client, said information recording text comprises said user's user's name;
Step 306 at said Authentication Client, when said user has logined, is obtained said user's name from said certificate server end, and is obtained the complete user profile of said user according to said user's name, logins said operation system through said user profile.
7. single-sign-on processing method according to claim 6 is characterized in that, said step 304 also comprises: when said user has logined, generate unique identifier according to said user's name, and offer said Authentication Client;
Said step 306 comprises: according to said unique identifier, obtain said user's name from said certificate server end.
8. single-sign-on processing method according to claim 6 is characterized in that, said step 306 comprises:
At first from the data of said operation system, obtain said user profile, in the time of can't getting access to said user profile, obtain said user profile from said certificate server end again.
9. single-sign-on processing method according to claim 6 is characterized in that, said step 306 also comprises:
Do not login maybe can't obtain said unique identifier the time said user, receive the said user profile of said user's input, and realize logining through said user profile.
10. according to each described single-sign-on processing method in the claim 6 to 9, it is characterized in that said step 302 also comprises: generate dynamic java script file, write down said unique identifier;
Said step 304 also comprises: from said java script file, extract said unique mark code.
CN201210222687.4A 2012-06-28 2012-06-28 Single-sign-on treatment system and single-sign-on processing method Active CN102739678B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210222687.4A CN102739678B (en) 2012-06-28 2012-06-28 Single-sign-on treatment system and single-sign-on processing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210222687.4A CN102739678B (en) 2012-06-28 2012-06-28 Single-sign-on treatment system and single-sign-on processing method

Publications (2)

Publication Number Publication Date
CN102739678A true CN102739678A (en) 2012-10-17
CN102739678B CN102739678B (en) 2015-09-02

Family

ID=46994461

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210222687.4A Active CN102739678B (en) 2012-06-28 2012-06-28 Single-sign-on treatment system and single-sign-on processing method

Country Status (1)

Country Link
CN (1) CN102739678B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103036993A (en) * 2012-12-18 2013-04-10 北京奇虎科技有限公司 Browser client-side and method of achieving website logging
CN103036887A (en) * 2012-12-18 2013-04-10 北京奇虎科技有限公司 System and method of achieving website logging
CN103124260A (en) * 2012-12-14 2013-05-29 北京新媒传信科技有限公司 Method and device for logging in Web page
CN103209168A (en) * 2013-01-30 2013-07-17 广东欧珀移动通信有限公司 Method and system for achieving single sign-on
CN104717228A (en) * 2015-03-31 2015-06-17 北京羽乐创新科技有限公司 Method and device for authorizing account number
CN104753855A (en) * 2013-12-25 2015-07-01 中国移动通信集团公司 Single sign on method, application client side, browser, terminal and server
CN105592035A (en) * 2015-04-03 2016-05-18 中国银联股份有限公司 Single sign on method used for multiple application systems
CN107786552A (en) * 2017-10-19 2018-03-09 用友网络科技股份有限公司 Single-point logging method, system and computer equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127603A (en) * 2007-08-16 2008-02-20 中兴通讯股份有限公司 A method for single point login of portal website and IMS client
CN101605030A (en) * 2008-06-13 2009-12-16 新奥特(北京)视频技术有限公司 A kind of uniform authentication realizing method of using towards TV station based on Active Directory
CN101651666A (en) * 2008-08-14 2010-02-17 中兴通讯股份有限公司 Method and device for identity authentication and single sign-on based on virtual private network
US20100306547A1 (en) * 2009-05-28 2010-12-02 Fallows John R System and methods for providing stateless security management for web applications using non-http communications protocols

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127603A (en) * 2007-08-16 2008-02-20 中兴通讯股份有限公司 A method for single point login of portal website and IMS client
CN101605030A (en) * 2008-06-13 2009-12-16 新奥特(北京)视频技术有限公司 A kind of uniform authentication realizing method of using towards TV station based on Active Directory
CN101651666A (en) * 2008-08-14 2010-02-17 中兴通讯股份有限公司 Method and device for identity authentication and single sign-on based on virtual private network
US20100306547A1 (en) * 2009-05-28 2010-12-02 Fallows John R System and methods for providing stateless security management for web applications using non-http communications protocols

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103124260A (en) * 2012-12-14 2013-05-29 北京新媒传信科技有限公司 Method and device for logging in Web page
CN103124260B (en) * 2012-12-14 2016-06-29 北京新媒传信科技有限公司 The login method of a kind of Web page and device
CN103036887B (en) * 2012-12-18 2015-11-25 北京奇虎科技有限公司 Realize the system and method for website log
CN103036993A (en) * 2012-12-18 2013-04-10 北京奇虎科技有限公司 Browser client-side and method of achieving website logging
CN103036993B (en) * 2012-12-18 2015-11-25 北京奇虎科技有限公司 Realize browser client and the method for website log
CN103036887A (en) * 2012-12-18 2013-04-10 北京奇虎科技有限公司 System and method of achieving website logging
CN103209168A (en) * 2013-01-30 2013-07-17 广东欧珀移动通信有限公司 Method and system for achieving single sign-on
CN103209168B (en) * 2013-01-30 2017-03-08 广东欧珀移动通信有限公司 A kind of method and system for realizing single-sign-on
CN104753855A (en) * 2013-12-25 2015-07-01 中国移动通信集团公司 Single sign on method, application client side, browser, terminal and server
CN104753855B (en) * 2013-12-25 2019-01-04 中国移动通信集团公司 Single-point logging method, applications client, browser, terminal and server
CN104717228A (en) * 2015-03-31 2015-06-17 北京羽乐创新科技有限公司 Method and device for authorizing account number
CN105592035A (en) * 2015-04-03 2016-05-18 中国银联股份有限公司 Single sign on method used for multiple application systems
CN107786552A (en) * 2017-10-19 2018-03-09 用友网络科技股份有限公司 Single-point logging method, system and computer equipment

Also Published As

Publication number Publication date
CN102739678B (en) 2015-09-02

Similar Documents

Publication Publication Date Title
CN102739678B (en) Single-sign-on treatment system and single-sign-on processing method
US10785201B2 (en) Synchronizing authentication sessions between applications
US9825943B2 (en) Location determination for user authentication
CN104113551B (en) A kind of platform authorization method, platform service end and applications client and system
JP6533871B2 (en) System and method for controlling sign-on to web applications
CN104320377B (en) The anti-stealing link method and equipment of a kind of files in stream media
US8910256B2 (en) Form filling with digital identities, and automatic password generation
WO2017028804A1 (en) Web real-time communication platform authentication and access method and device
CN105472052B (en) Cross-domain server login method and system
EP3210107B1 (en) Method and apparatus for facilitating the login of an account
US20130014243A1 (en) Cross Domain Single Sign On
JP6044299B2 (en) Data reference system and application authentication method
CN104378376A (en) SOA-based single-point login method, authentication server and browser
CN104113552A (en) Platform authorization method, platform server side, application client side and system
CN104158802A (en) Platform authorization method, platform service side, application client side and system
CN115021991A (en) Single sign-on for unmanaged mobile devices
CN104065616A (en) Single sign-on method and system
CN101588348A (en) System logging method and system logging device based on Web
CN105072123B (en) A kind of single sign-on under cluster environment exits method and system
CN108632291A (en) A kind of third party authorizes login method and system
WO2016191376A1 (en) Initial provisioning through shared proofs of knowledge and crowdsourced identification
CN101656609A (en) Single sign-on method, system and device thereof
CN103220261A (en) Proxy method, device and system of open authentication application program interface
CN115102744A (en) Data access method and device
CN106470186B (en) A method of accessing third party&#39;s resource in a manner of jumping

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee
CP03 Change of name, title or address

Address after: 100094 Haidian District North Road, Beijing, No. 68

Patentee after: Yonyou Network Technology Co., Ltd.

Address before: 100094 Beijing city Haidian District North Road No. 68, UFIDA Software Park

Patentee before: UFIDA Software Co., Ltd.