CN105592035A - Single sign on method used for multiple application systems - Google Patents
Single sign on method used for multiple application systems Download PDFInfo
- Publication number
- CN105592035A CN105592035A CN201510156420.3A CN201510156420A CN105592035A CN 105592035 A CN105592035 A CN 105592035A CN 201510156420 A CN201510156420 A CN 201510156420A CN 105592035 A CN105592035 A CN 105592035A
- Authority
- CN
- China
- Prior art keywords
- client
- user
- login
- sub
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention relates to a single sign on method which can be used for multiple application systems. The single sign on method comprises the steps of serializing user sign on information of the multiple application systems into a uniform format, saving the user sign on information in cache and returning the user sign on information to a client. The single sign on method further comprises a sign on information authentication step of authenticating whether the user sign on information is stored in the cache or the client when receiving an access request from the client in the application systems, indicating the sign on is successful when the authentication passes, otherwise, requiring a user to sign on again, and saving the user sign on information in the cache and returning the user sign on information to the client after sign on. The single sign on method can be used for single sign on under the conditions of WEB application, CAS mode, C/S service, REST service and the like.
Description
Technical field
The present invention relates to Internet technology, relate in particular to the login method of system single-sign-on under a kind of heterogeneous applications.
Background technology
In the prior art, along with developing rapidly of internet, the development of enterprise, need to be brought together user's login and user account management in all territories of enterprises, accomplishes single-sign-on, the whole network roaming. Single-sign-on (SingleSignOn, SSO) is one of solution of at present popular unified identity authentication, and single-sign-on refers in multiple application systems, and user only need login the application system that once just can access all mutual trusts. Single-point step under the environment that coexists a multisystem simply exactly, user, after place login, just not be used in other system and logins, namely user's once login can obtain other systematic trusts.
CAS (CentralAuthenticationService, central authentication service) is the current most widely used solution for WebSSO.
Fig. 1 is the schematic diagram that represents existing CAS scheme.
As shown in Figure 1, step 1: access CAS client 20 from single-sign-on services end 10;
Step 2:CAS client 20 is analyzed from whether comprising TICKET in the request of single-sign-on services end 10, if it's not true, illustrate that this user is not through what authenticate, asks single-sign-on services end 10 so CAS client 20 can redirect user;
Step 3: carry out user authentication process between single-sign-on services end 10 and CAS server end 30, CAS server end 30 is returned to single-sign-on services end 10 after producing a random TICKET buffer memory;
Step 4: this TICKET is turned back to CAS client 20 by single-sign-on services end 10;
Between step 5, step 6:CAS client 20 and CAS server end 30, complete examining user identity.
Although CAS can solve the single-sign-on of multiple Web application easily, also exposes its limitation simultaneously:
(1) adopt at present the single-sign-on realizing based on CAS, as shown in Figure 1, need to provide client and service end simultaneously, for integrating multiple existing systems, exist retrofit work amount large;
(2) CAS need to, through the checking of page jump repeatedly active user's logging status, for the higher system of load, certainly will cause single-sign-on module pressure excessive, affects the normal operation of regular traffic system;
(3) can not ensure the independence that original Web applies, if Web application provides single-sign-on, need to carry out the amendment of authentication module;
(4) CAS single-sign-on can only solve the single-sign-on of multiple Web application, in the time of service that client-access system provides, client is existing is redirected to single-sign-on services end by request, after being verified, can produce a random ServiceTicket and send client to, then the legitimacy of server meeting verification ServiceTicket, after being verified, the service of subscription client access system. So for different application, all need the client that provides corresponding to mate, server just does the checking work of bill, and can not solve compatibling problem.
Summary of the invention
In view of the above problems, the present invention aim to provide a kind of can compatible original system single-sign-on mechanism and reduce the login method of system single-sign-on under the heterogeneous applications that the transformation amount of connecting system just can realize and realize the system of the method.
Single-point logging method for multiple application systems of the present invention, is characterized in that, comprises the steps:
Login authentication information is first preserved step, the user login information sequence of multiple application systems is changed into consolidation form and be kept in buffer memory and turn back to client; And
Log-on message verification step, in each application system, when receive from client request access time, whether authentication of users log-on message has been stored in above-mentioned buffer memory or client, words if the verification passes, login successfully, otherwise require user again to login and user login information be stored in above-mentioned buffer memory after login completes and turn back to client.
Preferably, adopt distributed caching as described buffer memory.
Preferably, preserve in step and described log-on message verification step at described authentication information first, store information exchange in described buffer memory into and cross asynchronous system and be saved in standby host.
Preferably, in the situation that described application system is WEB application,
Described authentication information is first preserved step and is comprised following sub-step:
Sub-step 10: user logins WEB application from client, logging request is sent to SSOWEB service by WEB application;
Sub-step 20:SSOWEB calls SSOWEB service;
Sub-step 30:SSOSOCKET service is verified and notifies SSOWEB by the result user login information;
Sub-step 40: if be proved to be successful, SSOWEB is saved in user login information in buffer memory, returns to SESSIONID to client simultaneously; And
Sub-step 50: SESSIONID is saved in local cookie at client browser.
Wherein, preferably, described sub-step 30 comprises:
Described SSOSOCKET service judges whether current LDAP can use;
If LDAP can use, complete checking work by LDAP, otherwise complete checking work by database.
Preferably, described log-on message verification step is as follows:
When receive from client request access time, at client validation SESSIONID, if the verification passes, login successfully and return user login information, otherwise require user again to login and after login completes, user login information be stored in above-mentioned buffer memory and by SESSIONID and turn back to client.
Preferably, be under CAS service scenario in described application system, described user login information is TICKET,
Preferably, the described preservation of authentication information first step comprises following sub-step:
Sub-step 11: user is from client login CAS service;
Sub-step 21: be stored in buffer memory and by TICKET and return to client TICKET as user login information after logining successfully;
Sub-step 31: client redirects and authentication of users log-on message according to described TICKET;
Sub-step 41: return to the user login information of storing in described buffer memory after user login information is verified, return to SESSIONID to client simultaneously.
Preferably, described log-on message verification step is as follows:
When receive from client request access time, whether there is TICKET in client validation, if TICKET exists, login successfully and return user login information, otherwise require user again to login and after login completes, user login information be stored in above-mentioned buffer memory and by TICKET and turn back to client.
Preferably, in the situation that described application system is C/S service,
Described authentication information is first preserved step and is comprised following sub-step:
Sub-step 12: user is from client login system,
Sub-step 22: if logined successfully, SSOSOCKET is saved in user login information in buffer memory, returns to SESSIONID to client simultaneously.
Preferably, described log-on message verification step is as follows:
When receive from client request access time, whether there is SESSIONID in client validation, if SESSIONID exists, login successfully and return user login information, otherwise require user again to login and logined again after user login information is stored in above-mentioned buffer memory and by SESSIONID and turns back to client.
As mentioned above, according to the single-point logging method for multiple application systems of the present invention, can obtain following technique effect: (1) is by splitting into SSO module SSOWeb service and SSOSocket service two parts, can compatible multiple single-sign-on solution, ensure taking over seamlessly of existing system, reduced the workload that system is switched, reduced the risk that system combination brings, and, not only compatible web application, the client terminal application of also can holding concurrently simultaneously. (2) token information is the check information that has comprised relative client in above-mentioned SESSIONID, TICKET, can prevent thus that token from intercepting and the leakage of information that causes and distorting. (3) integrated distributed cache client, can support distributed caching, and caching realize active and standby between automated back-up, initiatively switch, reduce to greatest extent the impact of hardware problem on each application.
Brief description of the drawings
Fig. 1 is the schematic diagram that represents existing CAS scheme.
Fig. 2 is the particular flow sheet that represents the login method of system single-sign-on under heterogeneous applications of the present invention.
Detailed description of the invention
What introduce below is some in multiple embodiment of the present invention, aims to provide basic understanding of the present invention. Be not intended to confirm key of the present invention or conclusive key element or limit claimed scope.
Single-point logging method for multiple application systems of the present invention mainly can be divided into following two large steps:
Login authentication information is first preserved step: the user login information sequence of multiple application systems is changed into consolidation form and be kept in buffer memory and turn back to client; And
Log-on message verification step: in each application system, when receive from client request access time, whether authentication of users log-on message has been stored in above-mentioned buffer memory or client, words if the verification passes, login successfully, otherwise require user again to login and user login information be stored in above-mentioned buffer memory after login completes and turn back to client.
By user login information consolidation form is kept in buffer memory, even if login by different application systems like this, can go calling and obtaining user log-on message in buffer memory, therefore, just can compatible various application system, such as WEB application, CAS pattern, C/S service and REST service etc.
Distribute below and describe for adopting under heterogeneous applications of the present invention system single-sign-on to carry out login process in WEB application, CAS pattern, C/S service.
Fig. 2 is the particular flow sheet that represents the login method of system single-sign-on under heterogeneous applications of the present invention.
Describe for the idiographic flow of the login method of system single-sign-on under heterogeneous applications of the present invention below with reference to Fig. 2.
As shown in Figure 2:
Step S100: user logs in web application from client.
Step S101: transmit a request to SSOWEB from WEB application.
Step S102:SSOWEB receives after request, by calling SSOSOCKET service, wherein, can act on behalf of by AGENT() service calls SSOSOCKET and serves.
Step S103:SSOSOCKET judges whether current LDAP can use.
Step S104: when the result of determination of step S103 is that LDAP can use, complete certification work by LDAP. Wherein, LDAP is the abbreviation of English " LightweightDirectoryAccessProtocol ", refers to LDAP. It is the access protocal on a kind of internet, is mainly used in retrieving information from server. Ldap server is used for preservation information. In addition, due to the frame mode difference of LDAP, therefore LDAP has a particularity, and the speed that is exactly data query is fast especially, and the speed of still writing data is slower. Because the inquiry velocity of LDAP is faster than database, therefore through being usually used in the field of a large amount of inquiries such as such as address book, user account number storage, institutional framework information, domain name analysis system needs.
Step 105: when the result of determination of step S103 is that LDAP is unavailable, otherwise by DB(database) complete checking.
The result is notified SSOWEB by step S106:SSOSOCKET.
Step S107: if be proved to be successful, SSOWEB, by store user profile in buffer memory, returns to SESSIONID(simultaneously and talks with ID) give and apply.
Step S108: browser is saved in SESSIONID in local cookie, the cross-domain login interface of Web application call, is saved in this locality by SESSIONID. When the follow-up behaviour of user, server first can verification SESSIONID, is verified, and returns to user profile.
Above step S100~step S109 is for the process of carrying out single-sign-on from client by WEB application.
Then, be specifically described (not shown) for the step that adopts CAS pattern to login. The process that adopts CAS pattern to login comprises the steps:
Step S200: (the SSO module is here to be made up of the SSOWEB above-mentioned Fig. 2 and SSOSocket) initiates logging request from CAS client to SSO module.
Step S201:SSO module judges whether TICKET exists, if TICKET does not exist, jump to login page, after logging in successfully, SSO module is returned to TICKET to CAS client, on the other hand, if TICKET exists, after being verified, directly the user profile of the storage in return cache is to CAS client.
Step S202:CAS client is taken TICKET, is redirected to SSO module verification logon information and stores in buffer memory, is proved to be successful the user profile in rear return cache.
Then the concrete steps while, adopting C/S service login system with reference to Fig. 2 for user describe. Wherein, C/S service is to be realized by client-server. Task is reasonably allocated to client-side for it and server is brought in realization. The process that user adopts C/S service login system to login comprises the steps: as shown in Figure 2
Step S300: when client is served login system by C/S, client can be got the SESSIONID returning in above-mentioned steps 107.
SESSIONID is sent to SSOSOCKET service by step S301:C/S service.
Step S302:SSOSOCKET can go to read in buffer memory user profile according to SESSIONID, if there is no, require user again to log in, after having logged in, return to user SESSIONID to client, client call, user calls the cross-domain request that logs in again, SESSIONID is saved in to this locality, and user profile is saved in buffer memory; If get session information according to SESSIONID, whether the IP address of verification active user request is consistent with the IP address logging in buffer memory, unanimously returns to user profile. Otherwise prompting user logs in again.
According to the single-point logging method that can be used in multiple application systems of the present invention, can obtain following technique effect:
(1) by SSO module being split into SSOWeb service and SSOSocket service two parts, can compatible multiple single-sign-on solution, ensure taking over seamlessly of existing system, reduce the workload that system is switched, reduced the risk that system combination brings, and, not only compatible web application, the client terminal application of also can holding concurrently simultaneously.
(2) token information is the check information that has comprised relative client in above-mentioned SESSIONID, TICKET, can prevent thus that token from intercepting and the leakage of information that causes and distorting.
(3) integrated distributed cache client, can support distributed caching, and caching realize active and standby between automated back-up, initiatively switch, reduce to greatest extent the impact of hardware problem on each application.
Above example has mainly illustrated that the present invention is the single-point logging method for multiple application systems. Although only some of them the specific embodiment of the present invention is described, those of ordinary skill in the art should understand, and the present invention can implement not departing from its purport and scope with many other forms. Therefore, the example of showing and embodiment are regarded as illustrative and not restrictive, and in the situation that not departing from spirit of the present invention as defined in appended each claim and scope, the present invention may be contained various amendments and replacement.
Claims (11)
1. for a single-point logging method for multiple application systems, it is characterized in that, comprise the steps:
Login authentication information is first preserved step, the user login information sequence of multiple application systems is changed into consolidation form and be kept in buffer memory and turn back to client; And
Log-on message verification step, in each application system, when receive from client request access time, whether authentication of users log-on message has been stored in client, words if the verification passes, login successfully, otherwise require user again to login and user login information be stored in above-mentioned buffer memory after login completes and turn back to client.
2. the single-point logging method for multiple application systems as claimed in claim 1, is characterized in that,
Adopt distributed caching as described buffer memory.
3. the single-point logging method for multiple application systems as claimed in claim 1, is characterized in that,
Preserve in step and the described verification step of log-on message first at described authentication information, store information exchange in described buffer memory into and cross asynchronous system and be saved in standby host.
4. the single-point logging method for multiple application systems as described in claim 1~3 any one, is characterized in that,
In the situation that described application system is WEB application,
Described authentication information is first preserved step and is comprised following sub-step:
Sub-step 10: user logins WEB application from client, logging request is sent to SSOWEB service by WEB application;
Sub-step 20:SSOWEB calls SSOWEB service;
Sub-step 30:SSOSOCKET service is verified and notifies SSOWEB by the result user login information;
Sub-step 40: if be proved to be successful, SSOWEB is saved in user login information in buffer memory, returns to SESSIONID to client simultaneously.
5. want the single-point logging method for multiple application systems as described in 4 as right, it is characterized in that,
After described sub-step 40, also comprise:
Sub-step 50: SESSIONID is saved in local cookie at client browser.
6. want the single-point logging method for multiple application systems as described in 4 as right, it is characterized in that,
Described sub-step 30 comprises:
Described SSOSOCKET service judges whether current LDAP can use;
If LDAP can use, complete checking work by LDAP, otherwise complete checking work by database.
7. want the single-point logging method for multiple application systems as described in 4 as right, it is characterized in that,
Described log-on message verification step is as follows:
When receive from client request access time, at client validation SESSIONID, if the verification passes, login successfully and return user login information, otherwise require user again to login and after login completes, user login information be stored in above-mentioned buffer memory and by SESSIONID and turn back to client.
8. the single-point logging method for multiple application systems as described in claim 1~3 any one, is characterized in that,
Be under CAS service scenario in described application system, described user login information is TICKET,
Described authentication information is first preserved step and is comprised following sub-step:
Sub-step 11: user is from client login CAS service;
Sub-step 21: be stored in buffer memory and by TICKET and return to client TICKET as user login information after logining successfully;
Sub-step 31: client redirects and authentication of users log-on message according to described TICKET;
Sub-step 41: return to the user login information of storing in described buffer memory after user login information is verified, return to SESSIONID to client simultaneously.
9. the single-point logging method for multiple application systems as claimed in claim 8, is characterized in that,
Described log-on message verification step is as follows:
When receive from client request access time, whether there is TICKET in client validation, if TICKET exists, login successfully and return user login information, otherwise require user again to login and after login completes, user login information be stored in above-mentioned buffer memory and by TICKET and turn back to client.
10. the single-point logging method for multiple application systems as described in claim 1~3 any one, is characterized in that,
In the situation that described application system is C/S service,
Described authentication information is first preserved step and is comprised following sub-step:
Sub-step 12: user is from client login system,
Sub-step 22: if logined successfully, SSOSOCKET is saved in user login information in buffer memory, returns to SESSIONID to client simultaneously.
11. single-point logging methods for multiple application systems as claimed in claim 9, is characterized in that,
Described log-on message verification step is as follows:
When receive from client request access time, whether there is SESSIONID in client validation, if SESSIONID exists, login successfully and return user login information, otherwise require user again to login and logined again after user login information is stored in above-mentioned buffer memory and by SESSIONID and turns back to client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510156420.3A CN105592035A (en) | 2015-04-03 | 2015-04-03 | Single sign on method used for multiple application systems |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510156420.3A CN105592035A (en) | 2015-04-03 | 2015-04-03 | Single sign on method used for multiple application systems |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105592035A true CN105592035A (en) | 2016-05-18 |
Family
ID=55931253
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510156420.3A Pending CN105592035A (en) | 2015-04-03 | 2015-04-03 | Single sign on method used for multiple application systems |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105592035A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978682A (en) * | 2016-06-27 | 2016-09-28 | 武汉斗鱼网络科技有限公司 | Mobile terminal token generation system and method thereof for judging identity of login user |
| CN106357684A (en) * | 2016-10-26 | 2017-01-25 | 北京奇虎科技有限公司 | Login method and device of game application |
| CN106652571A (en) * | 2017-02-24 | 2017-05-10 | 四川九洲空管科技有限责任公司 | Blocking device and method for onboard collision avoidance system |
| CN107911357A (en) * | 2017-11-09 | 2018-04-13 | 北京锐安科技有限公司 | A kind of method, apparatus of single-sign-on, server and storage medium |
| CN107948167A (en) * | 2017-11-29 | 2018-04-20 | 浙江数链科技有限公司 | A kind of method and apparatus of single-sign-on |
| CN108040072A (en) * | 2018-01-22 | 2018-05-15 | 公安部交通管理科学研究所 | The system and method for mobile Internet APP single-sign-ons under distributed network |
| CN109165500A (en) * | 2018-09-04 | 2019-01-08 | 山东浪潮云投信息科技有限公司 | A kind of single sign-on authentication system and method based on cross-domain technology |
| CN109472123A (en) * | 2018-11-05 | 2019-03-15 | 用友网络科技股份有限公司 | A kind of cloud service integrates the method and system of third party's single-sign-on customer center |
| CN109547458A (en) * | 2018-12-10 | 2019-03-29 | 平安科技(深圳)有限公司 | Login validation method, device, computer equipment and storage medium |
| CN110278179A (en) * | 2018-03-15 | 2019-09-24 | 阿里巴巴集团控股有限公司 | Single-point logging method, device and system and electronic equipment |
| CN110753044A (en) * | 2019-10-12 | 2020-02-04 | 山东英信计算机技术有限公司 | Identity authentication method, system, electronic equipment and storage medium |
| CN111047287A (en) * | 2019-12-04 | 2020-04-21 | 国网河南省电力公司检修公司 | Electric power ultra-high voltage operation and maintenance cooperation system based on single sign-on |
| CN111274569A (en) * | 2019-12-24 | 2020-06-12 | 中国科学院电子学研究所苏州研究院 | Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof |
| CN112688937A (en) * | 2020-12-22 | 2021-04-20 | 武汉烽火众智数字技术有限责任公司 | Login method for system single sign-on under cross-application heterogeneous application |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102739678A (en) * | 2012-06-28 | 2012-10-17 | 用友软件股份有限公司 | Single sign-on processing system and single sign-on processing method |
| CN103179089A (en) * | 2011-12-21 | 2013-06-26 | 富泰华工业(深圳)有限公司 | System and method for identity authentication for accessing of different software development platforms |
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
| CN104052746A (en) * | 2014-06-18 | 2014-09-17 | 华为技术有限公司 | Heterogeneous application single sign-on system and method |
| CN104134113A (en) * | 2013-12-23 | 2014-11-05 | 国云科技股份有限公司 | Informatization system based on cloud computing SaaS service mode and integrating method |
| US20140337953A1 (en) * | 2013-05-08 | 2014-11-13 | International Business Machines Corporation | Cross-platform authentication from within a rich client |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
-
2015
- 2015-04-03 CN CN201510156420.3A patent/CN105592035A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179089A (en) * | 2011-12-21 | 2013-06-26 | 富泰华工业(深圳)有限公司 | System and method for identity authentication for accessing of different software development platforms |
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
| CN102739678A (en) * | 2012-06-28 | 2012-10-17 | 用友软件股份有限公司 | Single sign-on processing system and single sign-on processing method |
| US20140337953A1 (en) * | 2013-05-08 | 2014-11-13 | International Business Machines Corporation | Cross-platform authentication from within a rich client |
| CN104134113A (en) * | 2013-12-23 | 2014-11-05 | 国云科技股份有限公司 | Informatization system based on cloud computing SaaS service mode and integrating method |
| CN104052746A (en) * | 2014-06-18 | 2014-09-17 | 华为技术有限公司 | Heterogeneous application single sign-on system and method |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978682A (en) * | 2016-06-27 | 2016-09-28 | 武汉斗鱼网络科技有限公司 | Mobile terminal token generation system and method thereof for judging identity of login user |
| CN106357684A (en) * | 2016-10-26 | 2017-01-25 | 北京奇虎科技有限公司 | Login method and device of game application |
| CN106652571A (en) * | 2017-02-24 | 2017-05-10 | 四川九洲空管科技有限责任公司 | Blocking device and method for onboard collision avoidance system |
| CN106652571B (en) * | 2017-02-24 | 2023-03-31 | 四川九洲空管科技有限责任公司 | Locking device and method for airborne collision avoidance system |
| CN107911357A (en) * | 2017-11-09 | 2018-04-13 | 北京锐安科技有限公司 | A kind of method, apparatus of single-sign-on, server and storage medium |
| CN107948167B (en) * | 2017-11-29 | 2020-11-06 | 浙江数链科技有限公司 | Single sign-on method and device |
| CN107948167A (en) * | 2017-11-29 | 2018-04-20 | 浙江数链科技有限公司 | A kind of method and apparatus of single-sign-on |
| CN108040072B (en) * | 2018-01-22 | 2021-04-20 | 公安部交通管理科学研究所 | System and method for mobile internet APP single sign-on under distributed network |
| CN108040072A (en) * | 2018-01-22 | 2018-05-15 | 公安部交通管理科学研究所 | The system and method for mobile Internet APP single-sign-ons under distributed network |
| CN110278179A (en) * | 2018-03-15 | 2019-09-24 | 阿里巴巴集团控股有限公司 | Single-point logging method, device and system and electronic equipment |
| CN110278179B (en) * | 2018-03-15 | 2021-08-10 | 阿里巴巴集团控股有限公司 | Single sign-on method, device and system and electronic equipment |
| CN109165500B (en) * | 2018-09-04 | 2020-10-23 | 浪潮云信息技术股份公司 | Single sign-on authentication system and method based on cross-domain technology |
| CN109165500A (en) * | 2018-09-04 | 2019-01-08 | 山东浪潮云投信息科技有限公司 | A kind of single sign-on authentication system and method based on cross-domain technology |
| CN109472123A (en) * | 2018-11-05 | 2019-03-15 | 用友网络科技股份有限公司 | A kind of cloud service integrates the method and system of third party's single-sign-on customer center |
| CN109547458A (en) * | 2018-12-10 | 2019-03-29 | 平安科技(深圳)有限公司 | Login validation method, device, computer equipment and storage medium |
| CN109547458B (en) * | 2018-12-10 | 2023-01-13 | 平安科技(深圳)有限公司 | Login verification method and device, computer equipment and storage medium |
| CN110753044A (en) * | 2019-10-12 | 2020-02-04 | 山东英信计算机技术有限公司 | Identity authentication method, system, electronic equipment and storage medium |
| CN111047287A (en) * | 2019-12-04 | 2020-04-21 | 国网河南省电力公司检修公司 | Electric power ultra-high voltage operation and maintenance cooperation system based on single sign-on |
| CN111274569A (en) * | 2019-12-24 | 2020-06-12 | 中国科学院电子学研究所苏州研究院 | Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof |
| CN112688937A (en) * | 2020-12-22 | 2021-04-20 | 武汉烽火众智数字技术有限责任公司 | Login method for system single sign-on under cross-application heterogeneous application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105592035A (en) | Single sign on method used for multiple application systems | |
| CN106685998B (en) | SSO authentication method based on CAS unified authentication service middleware | |
| CN111147453A (en) | System login method and integrated login system | |
| US7860883B2 (en) | Method and system for distributed retrieval of data objects within multi-protocol profiles in federated environments | |
| CN102098158B (en) | Cross-domain name single sign on and off method and system as well as corresponding equipment | |
| EP3316544B1 (en) | Token generation and authentication method, and authentication server | |
| US9554276B2 (en) | System and method for on the fly protocol conversion in obtaining policy enforcement information | |
| US8423650B2 (en) | Transferring session data between network applications | |
| US20080010287A1 (en) | Method and system for distributed retrieval of data objects using tagged artifacts within federated protocol operations | |
| US20060031592A1 (en) | System and method for user enrollment in an e-community | |
| CN104158818B (en) | A kind of single-point logging method and system | |
| CN102984169A (en) | Single sign-on method, equipment and system | |
| CN110032842B (en) | Method and system for simultaneously supporting single sign-on and third party sign-on | |
| KR102232763B1 (en) | Single-sign-on method and system for multi-domain services | |
| CN111444495B (en) | System and method for realizing single sign-on based on container | |
| CN105531979A (en) | Messaging api over http protocol to establish context for data exchange | |
| CN104660409A (en) | System login method in cluster environment and authentication server cluster | |
| US9100277B2 (en) | Client credentials data structure and method of employing the same | |
| CN115486044A (en) | Load balancing connection establishment among connector server groups | |
| CN111108736A (en) | Automatic address failover for receivers and browsers using cloud services | |
| CN107872492B (en) | Method and device for supporting multi-user editing of data object at server | |
| US9948648B1 (en) | System and method for enforcing access control to publicly-accessible web applications | |
| CN103069741A (en) | Credential authentication method and single sign-on server | |
| CN103107976A (en) | Content provider/service provider (CP/SP) user identification authentication method and system and authentication support device | |
| WO2017185934A1 (en) | Management device and method for managing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160518 |
|
| RJ01 | Rejection of invention patent application after publication |