CN106487744B - Shiro verification method based on Redis storage - Google Patents
Shiro verification method based on Redis storage Download PDFInfo
- Publication number
- CN106487744B CN106487744B CN201510526960.6A CN201510526960A CN106487744B CN 106487744 B CN106487744 B CN 106487744B CN 201510526960 A CN201510526960 A CN 201510526960A CN 106487744 B CN106487744 B CN 106487744B
- Authority
- CN
- China
- Prior art keywords
- login
- user
- verification
- expiration time
- redis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a Shiro verification method based on Redis storage, which can reduce memory consumption by placing a session in a Redis buffer memory so as to solve the problem of memory overflow; and an expiration time algorithm is introduced to automatically clear the cache, so that the cache efficiency and the hit rate are improved, and the data is efficiently and reliably stored. The method comprises the following steps: according to the login parameters of the user, packaging the identification information of the user to generate a unique identification; searching whether a corresponding cache exists in the Redis server according to the unique identifier; if the corresponding cache exists, obtaining the login information of the unique identifier, and packaging login success information; if the corresponding cache does not exist, calling a login verification method and an authority verification method for verification, if the verification is passed, packaging login success information, and if the verification fails, prompting that the login verification fails.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a Shiro verification method based on Redis storage.
Background
With the advent of a series of new internet products such as electronic commerce, social networks, microblogs and the like, the internet based on the Web environment is applied more and more widely. Various applications are erected on a Web platform in the enterprise informatization process, and the rapid development of Web services also draws the strong attention of hackers, which is followed by the prominent Web security threat. Hackers obtain the control authority of the Web server by using the modes of vulnerability of a website operating system, SQL injection vulnerability of a Web service program and the like, if the control authority is small, the content of the webpage is tampered, if the control authority is large, important internal data is stolen, and if the control authority is serious, malicious codes are implanted into the webpage, so that website visitors are damaged. An authoritative security framework is urgently needed for developers to develop simple and secure functions.
Apache shiro is a powerful and easy-to-use Java security framework that provides authentication, authorization, encryption, and session management functions. For any application, Shiro can provide a comprehensive security management service. And Shiro is much simpler than other safety frames.
The three core components of Shiro are Subject, SecurityManager and Realm, respectively. The Subject is an abstract concept, which represents the current operating user, and can be a person, a third-party process, a background account or the like. SecurityManager is a security manager that manages all security-related operations, and Shiro manages internal component instances through the SecurityManager and provides various services of security management through it. The real acts as a "bridge" or "connector" between the Shiro and the application security data. That is, when authentication (login) and authorization (access control) verification are performed on a user, Shiro looks up the user and its entitlement information from the real of the application configuration. In this sense, real is essentially a security-related data access object: it encapsulates the connection details of the data source and provides relevant data such as user, role, authority, etc. to Shiro when needed. When configuring Shiro, at least one real must be specified for authentication and/or authorization.
That is, the simplest one Shiro application:
1. the application code is authenticated and authorized by Subject, which in turn delegates to SecurityManager;
2. realm needs to be injected into SecurityManager of Shiro, so that the SecurityManager can obtain a legal user and the authority of the legal user to judge.
Shiro has built in a real that can connect to a large number of secure data sources (also known as directories) such as Lightweight Directory Access Protocol (LDAP) directories, relational databases (JDBC), INI-like text configuration resources, and property files. For storage of a large amount of complex data, the Shiro framework supports two real storage modes for security verification, one is security verification based on a storage mode of a relational database (as shown in fig. 1, a security verification flow chart of the Shiro framework based on real storage of the relational database), and the other is security verification based on a storage mode of EhCache (a pure Java in-process cache framework).
Taking fig. 1 as an example, a large amount of data information stored in the database according to the Shiro' S authentication rule is authenticated, and after the authentication is started (step S11), the user inputs information necessary for system login; then, a user object is generated based on the login information input by the user (step S12); acquiring a corresponding real object from a database according to the generated user object (step S13); when a real object is acquired, first, it is determined whether the real object exists (step S14); if so, verification is performed by the SecurityManager of the Shiro framework (step S15) to determine whether the entered login information is correct, otherwise, the process ends. Similarly, the security verification based on the EhCache storage method is similar to the above, except that the location where the real object is stored is different, and the corresponding step S13 is to obtain the corresponding real object from the EhCache.
However, during the use process, it is found that the existing technical scheme can only support the security verification of the data stored in the relational database and the EhCache, and has obvious defects and shortcomings.
1. Security verification based on relational database storage:
common relational databases such as Oracle and MySQL have the disadvantages of low access speed, single data structure, low concurrency capability, high clustering difficulty and the like. The data storage and reading based on the relational database not only needs to increase a large number of database tables in the database, but also has slow response speed in the storage and reading processes, thereby causing the overall performance of the service to be reduced. In a highly concurrent system, a large and frequent access to the database will result in database deadlock, resulting in a system crash.
2. Security verification based on EhCache storage:
EhCache is a pure Java in-process cache framework, which is based on JVM (Java Virtual Machine) memory for data storage. The JVM memory space is small, and when too large and too many objects need to be cached, memory overflow will be caused, resulting in unavailable services.
In conclusion, the database becomes an important factor of the performance bottleneck of the large-scale website, and many internet companies have largely used a cache technology to reduce the access pressure of the database; EhCache has many scenarios that are not available due to the limitation of the size of the memory space. Therefore, a new real storage method is needed to solve the above problems.
Disclosure of Invention
In view of the above, the invention provides a Shiro verification method based on Redis storage, data storage is performed based on Redis cache technology, the storage mode is more flexible, and by placing a session in Redis cache, memory consumption can be reduced, so as to solve the problem of memory overflow; and an expiration time algorithm is introduced to automatically clear the cache, so that the cache efficiency and the hit rate are improved, and the data is efficiently and reliably stored.
In order to achieve the above purpose, the invention provides a Shiro verification method based on Redis storage.
The Shiro verification method based on Redis storage comprises the following steps: according to the login parameters of the user, packaging the identification information of the user to generate a unique identification; searching whether a corresponding cache exists in the Redis server according to the unique identifier; if the corresponding cache exists, obtaining the login information of the unique identifier, and packaging login success information; if the corresponding cache does not exist, calling a login verification method and an authority verification method for verification, if the verification is passed, packaging login success information, and if the verification fails, prompting that the login verification fails.
Optionally, the identification information of the user includes: the user name and the domain name of the user and a specific identifier generated according to a preset rule.
Optionally, after obtaining the login information of the unique identifier, the method further includes: updating the expiration time of the unique identifier.
Optionally, updating the expiration time of the unique identifier comprises: and calculating by calling an expiration time algorithm to obtain and update the expiration time of the unique identifier.
Optionally, the expiration time algorithm includes: judging whether the access times exist in the two login verification periods; if so, judging whether the access times exceed the maximum access times; if the access times exceed the maximum access times, taking the maximum expiration time as the expiration time; otherwise, acquiring an expiration time increment value, and calculating the expiration time according to the expiration time increment value, the access times and the default expiration time; if there are no access times, the default expiration time is taken as the expiration time.
Optionally, the login verification method includes: acquiring a correct user name from Redis according to the unique identifier and verifying whether the user name input by the user is legal or not; if the user name input by the user is legal, acquiring a correct password from the Redis according to the unique identifier and verifying whether the password input by the user is legal or not; if the password input by the user is legal, prompting that the login verification is successful; otherwise, prompting that the login verification fails; and if the user name input by the user is illegal, prompting the user that the input user name is wrong.
Optionally, the method for verifying the authority includes: acquiring corresponding role information from Redis according to the unique identifier and performing role authorization; and acquiring corresponding authority information from the Redis according to the unique identifier and performing authority authorization.
According to the technical scheme of the invention, the user name is packaged as the unique identifier, so that the data access operation from the Redis server can be facilitated; the session is placed in the Redis for caching, so that the memory consumption is reduced, the problem of memory overflow is solved, and meanwhile, when the login information is verified, if the unique identifier exists in the cache of the Redis server, the login verification method and the authority verification method do not need to be called for verification, so that the verification process is simplified, and the verification efficiency is improved; the cache is automatically cleared by introducing an expiration time algorithm, so that redundancy and data deviation caused by manually clearing cache data are solved, the cache efficiency and the hit rate are improved, and the data are efficiently and reliably stored.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a prior art security verification flow diagram of a Shiro framework relational database based Realm store;
FIG. 2 is a schematic diagram of the main steps of a Shiro verification method based on Redis storage according to an embodiment of the present invention;
FIG. 3 is a flow chart of Shiro verification according to an embodiment of the present invention;
FIG. 4 is a flow chart of an implementation of a login authentication method according to an embodiment of the present invention;
FIG. 5 is a flow chart of an implementation of a method of rights verification according to an embodiment of the present invention;
FIG. 6 is a flow chart of an implementation of an expiration time algorithm according to an embodiment of the present invention;
FIG. 7 is a flowchart of an implementation of a method for obtaining a cache according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The invention relates to secondary development of a Shiro framework, which enables the Shiro framework to support real storage of Redis by modifying some core classes in an application programming interface provided by the Shiro framework.
Fig. 2 is a schematic diagram of main steps of a Shiro verification method based on Redis storage according to an embodiment of the present invention. As shown in fig. 2, a Shiro verification method based on Redis storage of the present invention mainly includes the following steps S21 to S24.
Step S21: and according to the login parameters of the user, packaging the identification information of the user to generate a unique identification. The identification information of the user may include a user name, a domain name, a specific identifier generated according to a predetermined rule, and the like of the user. The value of the specific identifier in the present invention is a constant value string (e.g., "logic"), and the value does not change. When the user performs login operation, the user name, the domain name of the user and other information can be obtained. When the user identification information is encapsulated, different methods can be selected according to needs, for example, a hash algorithm can be selected to operate the user identification information to generate a character string with a fixed length as a unique identification. By packaging the user name and the related information, the identification information such as the user name becomes a unique identification, so that the subsequent data access operation from the Redis server can be conveniently carried out.
Step S22: and searching whether a corresponding cache exists in the Redis server or not according to the unique identifier. In Redis, data is stored in a Key-Value form, and retrieval is performed by taking a unique identifier as a Key, so that corresponding other information can be obtained. Through the transformation of the CachingSessionsDAO class, the session information of the unique identification Key is placed in the Redis for caching, the session can be uniformly managed across servers, and the uniform authority management of multiple servers of the same user is realized. Meanwhile, the security problem caused by the fact that the session is stored in the cookie is avoided.
Step S23: and if the corresponding cache exists, obtaining the login information of the unique identifier, and packaging login success information. After the cache information corresponding to the unique identifier is found, obtaining login information from the cache information, for example: and the login time, the login times, the greeting displayed when the login is successful, and the like, the login information is converted into recognizable characters to be displayed to the user, and then the information of successful login is packaged and the verification is finished.
After the login information is acquired, the expiration time of the unique identifier can be updated. And calculating by calling an expiration time algorithm to obtain and update the expiration time of the unique identifier. The expiration time algorithm mainly comprises the following steps: firstly, whether the access times exist in the two login authentication periods is judged. If so, judging whether the access times exceed the maximum access times; if the access times exceed the maximum access times, taking the maximum expiration time as the expiration time; otherwise, acquiring an expiration time increment value, and calculating the expiration time according to the expiration time increment value, the access times and the default expiration time, wherein the expiration time is the default expiration time plus the expiration time increment value. If there are no access times, the default expiration time is taken as the expiration time.
By introducing the expiration time, the time of data caching can be set, the cached data is automatically cleared when the expiration time expires, and the redundancy and data deviation caused by manually clearing the cached data are solved, so that the caching efficiency and correctness are improved, and the cache hit rate is further improved.
Step S24: if the corresponding cache does not exist, calling a login verification method and an authority verification method for verification, if the verification is successful, packaging login success information, and if the verification is failed, prompting that the login verification fails. The login verification method comprises the following steps: acquiring a correct user name from Redis according to the unique identifier and verifying whether the user name input by the user is legal or not; if the user name input by the user is legal, acquiring a correct password from the Redis according to the unique identifier and verifying whether the password input by the user is legal or not; if the password input by the user is legal, prompting that the login verification is successful; otherwise, prompting that the login verification fails; and if the user name input by the user is illegal, prompting the user that the user name input by the user is wrong.
As can be seen from steps S21 to S24, by encapsulating the user name as a unique identifier, the access operation of data from the Redis server can be facilitated; the session is placed in the Redis for caching, so that the memory consumption is reduced, the problem of memory overflow is solved, and meanwhile, when the login information is verified, if the unique identifier exists in the cache of the Redis server, the login verification method and the authority verification method do not need to be called for verification, so that the verification process is simplified, and the verification efficiency is improved; the cache is automatically cleared by introducing an expiration time algorithm, so that redundancy and data deviation caused by manually clearing cache data are solved, the cache efficiency and the hit rate are improved, and the data are efficiently and reliably stored.
FIG. 3 is a flow chart of Shiro verification according to an embodiment of the present invention; FIG. 4 is a flow chart of an implementation of a login authentication method according to an embodiment of the present invention; FIG. 5 is a flow chart of an implementation of a method of rights verification according to an embodiment of the present invention; FIG. 6 is a flow chart of an implementation of an expiration time algorithm according to an embodiment of the present invention; FIG. 7 is a flowchart of an implementation of a method for obtaining a cache according to an embodiment of the present invention. The following detailed description of the embodiments of the invention will be made with reference to the accompanying drawings.
The login method provided by the Subject class of the Shiro framework is a login authentication entry, and the method transfers login parameter information of the user, such as a user name and a password. As shown in fig. 3, the user inputs login parameters (step S31), such as: after the user name (which may be a mobile phone number, a mailbox, or a user-defined name) and the password, the login method encapsulates the user name, the domain name, and the specific identifier (the value is a fixed-value string, for example, "login", and the value does not change), and performs unique identifier encapsulation (step S32), so as to perform subsequent data access operations from the Redis server. After that, the authentication is started (step S33). And (5) searching whether a cache exists from the Redis by taking the unique identifier as a query key word (step S34), if cache data exist, acquiring login information in the cache (step S36), and packaging login success information (step S37), otherwise, calling a login verification method and an authority verification method for verification (step S35), if verification is successful, executing step S37, and otherwise, prompting that verification fails. In a special case, when some relatively critical page content is accessed, even if the login success information is packaged, the login information is required to be verified, and then the process is executed again from step S33.
Fig. 4 is a specific flow of the login authentication method in step S35 as shown in fig. 3. The login verification method provided by the authizingrealm class of the Shiro framework is a dowetauthentiationinfo method, and the login service of the system is completed in the method. As shown in fig. 4, after the user inputs the login parameters (username, password) (step S41), the login method encapsulates the unique identifier, and the login authentication method obtains the correct username from the Redis according to the unique identifier (step S42), and compares the correct username with the username input by the user to determine whether the input username is legal (step S43), and if not, the login authentication fails (step S47); otherwise, continuing the verification, acquiring a correct password from the Redis according to the unique identifier (step S44), and comparing and judging whether the input password is legal (step S45), if so, the login verification is successful (step S46), otherwise, the login verification fails (step S47).
Fig. 5 is a specific flow of the authority verification method in step S35 as shown in fig. 3. The method for authority verification provided by the authizingrealm class of the Shiro framework is a method of dog etauthorizationinfo, which is to verify and authorize the authority of the user after the login verification is completed. As shown in fig. 5, after the login authentication is successful, the legal parameters (user name, password) are obtained (step S51), that is, the login parameters input before, and then the role information is obtained from the Redis according to the unique identifier (step S52), and the role authorization is performed (step S53). Then, the authority information is obtained from the Redis according to the unique identifier (step S54), authority authorization is carried out (step S55), after the authority verification and authorization of the user are completed, the user logs in successfully, and login success information is packaged.
Fig. 7 is a detailed step of acquiring the login information in the cache as in step S36 shown in fig. 3. In the embodiment of the invention, an expiration time algorithm is introduced to reform a getcache method of a CacheManager class, and a mode of managing the expiration time of a Key name Key is adopted, so that redundancy and data deviation caused by manually clearing cache data are solved, and the cache hit rate and the cache efficiency are improved. As shown in the flowchart of fig. 7, first, it is determined whether a Key name Key exists in the cache (step S71), where the Key name Key refers to a unique identifier, if not, the operation is ended, otherwise, data is obtained from the Redis according to the Key name Key (step S72), where the data refers to information that needs to be used, for example: the successful identifier, the user name, the expiration time, and the like are registered, and then the expiration time is calculated by calling an expiration time algorithm (step S73), and the expiration time of the Key name Key is updated (step S74). Thereafter, data conversion is performed (step S75), and the data acquired in step S72 is converted into information displayable to the user.
FIG. 6 is an expiration time algorithm flow of the present invention. First, it is judged whether there are access times during two login verifications (step S61), and if not, a default expiration time is acquired (step S62) as an expiration time to update the expiration time (step S67); if yes, continuing to judge whether the access times during the two-time login verification exceeds the maximum access times (step S63), if so, acquiring the maximum expiration time (step S64) as the expiration time to update the expiration time (step S67); otherwise, an expiration time increment value is obtained (step S65), and an expiration time is calculated (step S66), where the expiration time is the default expiration time + the expiration increment value. Default expiration time, maximum access times, maximum expiration time and an increment value of the expiration time in the algorithm can be preset according to the requirements of system functions. For example, assuming that the default expiration time is set to 30 minutes, the maximum access number is 50 times, the maximum expiration time is 3 hours, the expiration time increment value is 2 minutes, and there are 5 accesses during two login authentications, the corresponding expiration time is 30+2 × 5-40 minutes; if the maximum access times are exceeded by 51 accesses during the two login authentication periods, the maximum expiration time is taken as the expiration time, and at this time, the expiration time becomes 3 hours.
According to the technical scheme of the embodiment of the invention, the user name is packaged as the unique identifier, so that the data access operation from the Redis server can be facilitated; the session is placed in the Redis for caching, so that the memory consumption is reduced, the problem of memory overflow is solved, and meanwhile, when the login information is verified, if the unique identifier exists in the cache of the Redis server, the login verification method and the authority verification method do not need to be called for verification, so that the verification process is simplified, and the verification efficiency is improved; the cache is automatically cleared by introducing an expiration time algorithm, so that redundancy and data deviation caused by manually clearing cache data are solved, the cache efficiency and the hit rate are improved, and the data are efficiently and reliably stored.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (7)
1. A Shiro verification method based on Redis storage is characterized by comprising the following steps:
according to login parameters of a user, packaging identification information of the user to generate a unique identification, wherein the identification information of the user comprises a specific identification generated according to a preset rule, and the specific identification is a constant value character string;
searching whether a corresponding cache exists in the Redis server according to the unique identifier;
if the corresponding cache exists, obtaining the login information of the unique identifier, and packaging login success information;
if the corresponding cache does not exist, calling a login verification method and an authority verification method for verification, if the verification is passed, packaging login success information, and if the verification fails, prompting that the login verification fails.
2. The Shiro authentication method based on Redis storage according to claim 1, wherein the identification information of the user comprises: user name, domain name of the user.
3. The Shiro authentication method based on Redis storage according to claim 1, further comprising, after obtaining the login information of the unique identifier: updating the expiration time of the unique identifier.
4. The Redis storage based Shiro verification method as in claim 3, wherein updating the expiration time of the unique identifier comprises:
and calculating by calling an expiration time algorithm to obtain and update the expiration time of the unique identifier.
5. The Shiro verification method based on Redis storage according to claim 4, wherein the expiration time algorithm comprises:
judging whether the access times exist in the two login verification periods;
if so, judging whether the access times exceed the maximum access times;
if the access times exceed the maximum access times, taking the maximum expiration time as the expiration time;
otherwise, acquiring an expiration time increment value, and calculating the expiration time according to the expiration time increment value, the access times and the default expiration time;
if there are no access times, the default expiration time is taken as the expiration time.
6. The Shiro authentication method based on Redis storage according to claim 1, wherein the login authentication method comprises:
acquiring a correct user name from Redis according to the unique identifier and verifying whether the user name input by the user is legal or not;
if the user name input by the user is legal, acquiring a correct password from the Redis according to the unique identifier and verifying whether the password input by the user is legal or not;
if the password input by the user is legal, prompting that the login verification is successful;
otherwise, prompting that the login verification fails;
and if the user name input by the user is illegal, prompting the user that the input user name is wrong.
7. The Shiro authentication method based on Redis storage according to claim 1, wherein the privilege authentication method comprises:
acquiring corresponding role information from Redis according to the unique identifier and performing role authorization;
and acquiring corresponding authority information from the Redis according to the unique identifier and performing authority authorization.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510526960.6A CN106487744B (en) | 2015-08-25 | 2015-08-25 | Shiro verification method based on Redis storage |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510526960.6A CN106487744B (en) | 2015-08-25 | 2015-08-25 | Shiro verification method based on Redis storage |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106487744A CN106487744A (en) | 2017-03-08 |
CN106487744B true CN106487744B (en) | 2020-06-05 |
Family
ID=58233159
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510526960.6A Active CN106487744B (en) | 2015-08-25 | 2015-08-25 | Shiro verification method based on Redis storage |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106487744B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107147659A (en) * | 2017-06-01 | 2017-09-08 | 上海斐讯数据通信技术有限公司 | A kind of method and system for preventing to repeat |
CN107766708A (en) * | 2017-10-19 | 2018-03-06 | 深圳市金立通信设备有限公司 | Nullify method, terminal and the computer-readable recording medium of account Entered state |
CN108629191A (en) * | 2018-03-30 | 2018-10-09 | 四川长虹电器股份有限公司 | The method that cross-system based on shiro and redis forces user offline |
CN108615062B (en) * | 2018-04-19 | 2020-12-15 | 柳亚军 | Method for storing and verifying information of field culture position |
CN108566433A (en) * | 2018-05-03 | 2018-09-21 | 珠海横琴盛达兆业科技投资有限公司 | A method of the SSM systems realization being integrated with Shiro rights managements is locally configured |
CN108449364A (en) * | 2018-05-08 | 2018-08-24 | 北京明朝万达科技股份有限公司 | A kind of distributed identity authentication method and cloud certification node |
CN109033877A (en) * | 2018-08-02 | 2018-12-18 | 杭州启博科技有限公司 | A kind of distributed user permission processing method and system |
CN109246140B (en) * | 2018-10-26 | 2022-05-03 | 平安科技(深圳)有限公司 | Domain authority management method and device, computer equipment and storage medium |
CN109361714B (en) * | 2018-12-18 | 2021-11-16 | 中国移动通信集团江苏有限公司 | User login authentication method, device, equipment and computer storage medium |
CN110381031B (en) * | 2019-06-21 | 2023-02-14 | 中国平安财产保险股份有限公司 | Single sign-on method, device, equipment and computer readable storage medium |
CN113254893B (en) * | 2020-02-13 | 2023-09-19 | 百度在线网络技术(北京)有限公司 | Identity verification method and device, electronic equipment and storage medium |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5378606B2 (en) * | 2009-11-26 | 2013-12-25 | 中国移▲動▼通信集▲団▼公司 | Authentication system, method and equipment |
CN101976362B (en) * | 2010-09-30 | 2013-07-03 | 中兴通讯股份有限公司 | Radio frequency identification tag access method based on bitmap and device |
US20150081777A1 (en) * | 2013-09-18 | 2015-03-19 | SharpShooter/Spectrum Venture LLC | Dynamic content aggregation |
CN104580226B (en) * | 2015-01-15 | 2017-07-11 | 上海瀚之友信息技术服务有限公司 | A kind of system and method for shared session data |
-
2015
- 2015-08-25 CN CN201510526960.6A patent/CN106487744B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN106487744A (en) | 2017-03-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106487744B (en) | Shiro verification method based on Redis storage | |
US10055561B2 (en) | Identity risk score generation and implementation | |
US20200285978A1 (en) | Model training system and method, and storage medium | |
CN111488598B (en) | Access control method, device, computer equipment and storage medium | |
WO2020207233A1 (en) | Permission control method and apparatus for blockchain | |
US10484385B2 (en) | Accessing an application through application clients and web browsers | |
CN113010911B (en) | Data access control method, device and computer readable storage medium | |
EP3123692B1 (en) | Techniques to operate a service with machine generated authentication tokens | |
US10878218B2 (en) | Device fingerprinting, tracking, and management | |
JP5635978B2 (en) | Authenticated database connection for applications without human intervention | |
US20150089621A1 (en) | Secure login for subscriber devices | |
CN110944046B (en) | Control method of consensus mechanism and related equipment | |
US20150033327A1 (en) | Systems and methodologies for managing document access permissions | |
CN108632241B (en) | Unified login method and device for multiple application systems | |
CN104281794A (en) | Password storing and verifying method and password storing and verifying device | |
CN108259502A (en) | For obtaining the identification method of interface access rights, server-side and storage medium | |
CN107145531B (en) | Distributed file system and user management method of distributed file system | |
CN111818088A (en) | Authorization mode management method and device, computer equipment and readable storage medium | |
CN104243158A (en) | Authentication method, communication system, device and server | |
CN112860778A (en) | Database management method, device, equipment and medium for desktop application program | |
CN106933605A (en) | A kind of intelligent progress recognizing control method and system | |
CN110659463B (en) | Distributed operation method and device of stateless system | |
US10142344B2 (en) | Credential management system | |
KR101745919B1 (en) | User authentication method and system using software-based HSM without password exposure | |
CN113780789A (en) | Unified data access service type fine-grained authority control method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |