CN108664778A - Method for authenticating user identity, device and electronic equipment - Google Patents
Method for authenticating user identity, device and electronic equipment Download PDFInfo
- Publication number
- CN108664778A CN108664778A CN201810252515.9A CN201810252515A CN108664778A CN 108664778 A CN108664778 A CN 108664778A CN 201810252515 A CN201810252515 A CN 201810252515A CN 108664778 A CN108664778 A CN 108664778A
- Authority
- CN
- China
- Prior art keywords
- password
- voucher
- user
- main body
- prefix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of method for authenticating user identity, device and electronic equipments, wherein method includes:Obtain username and password input by user;It searches in preconfigured expansible markup language XML node and is identified with the presence or absence of with the matched main body of user name;When it is present, the voucher in the information of the expansible markup language XML node found is obtained;User identity is authenticated using the voucher and password that get.Pass through disposal subject mark and its corresponding voucher in expansible markup language XML node, main body mark and voucher can be directly specified in XML node, when configuring relevant main body, XML, which is saved, establishes database, and the process of dependence is established in the database, it can realize the configuration of more intuitive main body relevant information;In addition, by the relevant information of disposal subject in XML node, when for authentication, the lookup of relevant information need to be only carried out from node, authenticating user identification flexibility is higher.
Description
Technical field
The present invention relates to computer science security technology areas, and in particular to a kind of method for authenticating user identity, device and
Electronic equipment.
Background technology
In computer science, safety is an important issue always project, and big to hacker attack is taken precautions against, small arrive prevents not
Authorized user accesses shielded content.Safety is ubiquitous, in existing safe practice, has had and related peace much may be implemented
The module of all risk insurance protective function, plug-in unit.In enterprise-level application development, wherein with the Spring Security in SpringMVC frames
It is the most famous, it is also the most commonly used.Technical staff is generally by realizing that its relevant interface realizes its function.
Realize the general process of authenticating user identification as shown in Figure 1, certificate manager in Spring Security
(AuthenticationManager) it is a pluggable component based on interface, supplier's manager
(ProviderManager) it is one of certificate manager realization, it recognizes the delegate responsibility for verifying identity to one or more
Demonstrate,prove supplier (AuthenticationProvider).Wherein, DaoAuthencationProvider is one and most common recognizes
Demonstrate,prove supplier.
DaoAuthencationProvider supports to carry out the authentication of simple data base-oriented, that is, uses data
Access object (Dao) retrieves user information from relational database.Specifically, DaoAuthencationProvider passes through
UserDetailService attributes retrieve user information (UserDetails) from database.Achieving required user name
After password, DaoAuthencationProvider by comparing the username and password that is retrieved from database and
The main body and voucher being passed to by Authencation objects from certificate manager complete authentication.When above-mentioned user name and
Password matches with main body and voucher, then user is by authentication, while returning to certificate manager one and filling is completed
Good Authentication objects;Otherwise, can dish out an AuthenticationException, show that authentication is lost
It loses.
However, being limited in that in above-mentioned certification supplier DaoAuthencationProvider, is to be based on data
Library carries out user information retrieval, i.e., needs to establish database in configuration, and create role's table in lane database, establish user
Dependence between information;When carrying out authenticating user identification, needing to extract data from database, operating process is complicated,
Application flexibility is relatively low.
Invention content
In view of this, an embodiment of the present invention provides a kind of user ID authentication method, device and electronic equipment, to solve
The low problem of authenticating user identification flexibility.
First aspect present invention provides a kind of method for authenticating user identity, includes the following steps:
Obtain username and password input by user;
It searches in the preconfigured expansible markup language XML node and whether there is and the matched master of the user name
Body identifies, wherein the information of the expansible markup language XML node includes main body mark and its corresponding voucher, Mei Geke
Extension flag Language XML node corresponds to a main body mark;
When it is present, the voucher in the information of the expansible markup language XML node found is obtained;
The user identity is authenticated using the voucher and the password that get.
Pass through disposal subject mark and its corresponding voucher in expansible markup language XML node in the present invention, you can
With directly specified main body mark and voucher in XML node, when configuring relevant main body, XML is relatively easy, saves and establishes number
According to library, and the process of dependence is established in the database, can realize the configuration of more intuitive main body relevant information;This
Outside, by the relevant information of disposal subject in XML node, when for authentication, related letter need to be only carried out from node
The lookup of breath, matching speed is fast, efficient, i.e. authenticating user identification flexibility is higher.
With reference to first aspect, in first aspect first embodiment, in the expansible markup language XML node information
Voucher include first password prefix and the first Crypted password, first password prefix main body mark corresponding with the voucher
It is corresponding.
In the present invention, voucher (i.e. the password of user setting) is stored in XML node after encryption, i.e., in XML
What is stored in node is not the password of user setting, but to the first password prefix and after the password encryption of user setting
One Crypted password avoids the possibility of the extraneous password for being directly obtained user setting, can ensure in voucher in XML node
In secure storage, improve the safety of subscriber authentication;In addition, the process being encrypted in the password to user setting
In, in conjunction with user name, further improve the reliability of verification.
First embodiment with reference to first aspect, in first aspect second embodiment, using the voucher that gets and
The password is authenticated the user identity, including:
The password input by user is encrypted using predetermined encryption algorithm, the second password prefix and second is obtained and adds
Password;
Judge whether the second password prefix and the first password prefix are identical;
When differing, then authenticating user identification fails.
The present invention is during verifying password input by user, it is only necessary to the second password formed after encryption
Prefix is compared with the first password prefix in voucher, does not need to carry out complicated judgement, you can determines that user inputs
Password whether mistake, the verification method efficiency is higher.
Second embodiment with reference to first aspect, it is further comprising the steps of in first aspect third embodiment:
When the second password prefix is identical as the first password prefix, judge second Crypted password with it is described
Whether the first Crypted password is identical;
When identical, then authenticating user identification passes through.
The present invention is in the case of password prefix matching, it is also necessary to judge whether Crypted password matches, for ensureing password
The safety of verification.Specifically, in user in the case of Modify password, password prefix is identical, but Crypted password not phase
Together, if only if password comparison prefix, subscriber authentication mistake can be led to so that the user of no mandate gets shielded
Content further improves the reliability of subscriber authentication.
With reference to first aspect, in the 4th embodiment of first aspect, the information of the XML node further includes permission letter
Breath;When certification by when, according to the authority information, discharge corresponding permission to user.
Second embodiment with reference to first aspect further includes in the 5th embodiment of first aspect:
Receive the request of user's Modify password and modified password;
The modified password is encrypted using the predetermined encryption algorithm, obtains third password prefix and encryption
Password, wherein the third password prefix is identical as the first password prefix;
Update the voucher in the information of the expansible markup language XML node, wherein the Crypted password is after updating
The first Crypted password.
In the present invention, after user's Modify password, the Crypted password in the information for the XML node that timely updates ensures XML sections
The voucher stored in point information is identical as after user's change, avoids the mistake caused by the delay between modification and actual storage
Difference improves the reliability of authenticating user identification.
According to second aspect, the present invention also provides a kind of authenticating user identification devices, including:
First acquisition module, for obtaining username and password input by user;
Searching module, for search in the preconfigured expansible markup language XML node with the presence or absence of with it is described
The matched main body mark of user name, wherein the information of the expansible markup language XML node includes main body mark and its corresponds to
Voucher, each expansible markup language XML node corresponds to a main body mark;
Second acquisition module, for when exist identified with the matched main body of the user name when, obtain expanding of finding
Open up the voucher in the information of markup language XML node;
Authentication module, for being authenticated to the user identity using the voucher and the password that get.
Pass through disposal subject mark and its corresponding voucher in expansible markup language XML node in the present invention, you can
With directly specified main body mark and voucher in XML node, when configuring relevant main body, XML is relatively easy, saves and establishes number
According to library, and the process of dependence is established in the database, can realize the configuration of more intuitive main body relevant information;This
Outside, by the relevant information of disposal subject in XML node, when for authentication, related letter need to be only carried out from node
The lookup of breath, matching speed is fast, efficient, i.e. authenticating user identification flexibility is higher.
In conjunction with second aspect, in second aspect first embodiment, in the expansible markup language XML node information
Voucher include first password prefix and the first Crypted password, first password prefix main body mark corresponding with the voucher
It is corresponding.
According to the third aspect, the present invention also provides a kind of electronic equipment, including:Memory and processor, the storage
Connection is communicated between device and the processor, computer instruction is stored in the memory, the processor is by holding
The row computer instruction, to execute user's body described in any one embodiment of first aspect or first aspect
Identity authentication method.
According to fourth aspect, the present invention also provides a kind of computer readable storage medium, the computer-readable storage
Media storage has a computer instruction, and the computer instruction is used to make the computer to execute first aspect or first aspect
Method for authenticating user identity described in any one embodiment.
Description of the drawings
The features and advantages of the present invention can be more clearly understood by reference to attached drawing, attached drawing is schematically without that should manage
Solution is carries out any restrictions to the present invention, in the accompanying drawings:
Fig. 1 shows the system block diagram for realizing authenticating user identification in the prior art;
Fig. 2 shows a method flow diagrams specifically illustrated of method for authenticating user identity in the embodiment of the present invention 1;
Fig. 3 shows a method flow diagram specifically illustrated of method for authenticating user identity in the embodiment of the present invention 2;
Fig. 4 shows a method flow diagram specifically illustrated of method for authenticating user identity in the embodiment of the present invention 3;
Fig. 5 shows a system block diagram specifically illustrated of method for authenticating user identity in the embodiment of the present invention 4;
Fig. 6 shows a structural schematic diagram specifically illustrated of authenticating user identification device in the embodiment of the present invention 5;
Fig. 7 shows another structural schematic diagram specifically illustrated of authenticating user identification device in the embodiment of the present invention 5;
Fig. 8 shows a structural schematic diagram specifically illustrated of electronic equipment in the embodiment of the present invention 6.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those skilled in the art are not having
There is the every other embodiment obtained under the premise of making creative work, shall fall within the protection scope of the present invention.
Embodiment 1
The present embodiment provides a kind of method for authenticating user identity, can be used in authenticating user identification device, as shown in Fig. 2,
This approach includes the following steps:
S11 obtains username and password input by user.
User needs to input username and password before obtaining shielded content.Authenticating user identification device obtains
To the username and password, it to be used for the certification of subsequent user identity.
S12 is searched in preconfigured expansible markup language XML node and be whether there is and the matched main body mark of user name
Know, wherein the information of expansible markup language XML node includes main body mark and its corresponding voucher, each expansible mark
Language XML node corresponds to a main body mark.
Wherein, expansible markup language XML node is for being configured to the storage relevant information of user identity, i.e. a node
Information correspond to same user all identity informations.The information of node includes main body mark and its corresponding voucher, tool
Body, main body mark is matched with user name, the password match of voucher and user preset.
Optionally, voucher can be directly identical as the password of user preset, can also be in authenticating user identification device
The password of user preset formed after one or many encryptions, can also be that its elsewhere is carried out to the password of user preset
It is formed after reason.
Further, when needing to Add User, it is only necessary to which, by changing XML, the form for increasing node is realized, Neng Goushi
Now dynamic configuration.
When being verified to username and password input by user, user identity is authenticated device and is searched whether from XML
In the presence of with the matched principals credentials of user name, that is, first by user name whether match carry out user identity verification.
Wherein, when in expansible markup language XML node with the presence or absence of being identified with the matched main body of user name, step is executed
Rapid S13;Otherwise, subscriber authentication failure is indicated.
S13 obtains the voucher in the information of the expansible markup language XML node found when it is present.
It is identified with the matched main body of user name input by user when authenticating user identification device is found in XML node
When, indicate there is the corresponding identity information of the user name in xml at this time;Then, it needs to recognize password input by user
Card.Specifically, authenticating user identification device obtains voucher corresponding with main body mark from XML node.
S14 is authenticated user identity using the voucher and password that get.
Authenticating user identification device is according to the processing method for forming voucher to the password of user preset, to input by user close
Code carries out identical operation so that voucher carries out recognizing for user identity with after treated password comparison condition having the same
Card.
This method passes through disposal subject mark and its corresponding voucher in expansible markup language XML node, you can with
Directly specified main body mark and voucher in XML node, when configuring relevant main body, XML is relatively easy, saves and establishes data
Library, and the process of dependence is established in the database, it can realize the configuration of more intuitive main body relevant information;This
Outside, by the relevant information of disposal subject in XML node, when for authentication, related letter need to be only carried out from node
The lookup of breath, matching speed is fast, efficient, i.e. authenticating user identification flexibility is higher.
Embodiment 2
The present embodiment provides a kind of method for authenticating user identity, can be used in authenticating user identification device, as shown in figure 3,
This approach includes the following steps:
S21 obtains username and password input by user.
Identical as 1 step S11 of embodiment, details are not described herein.
S22 is searched in preconfigured expansible markup language XML node and be whether there is and the matched main body mark of user name
Know, wherein the information of expansible markup language XML node includes main body mark and its corresponding voucher, each expansible mark
Language XML node corresponds to a main body mark.
Voucher in expansible markup language XML node information includes first password prefix and the first Crypted password.Specifically
Ground, user identity identification device are encrypted the preset password of user using predetermined encryption algorithm, while in ciphering process
In conjunction with user name, first password prefix and the first Crypted password are formed.Wherein, first password prefix main body mark corresponding with voucher
Know and corresponds to, i.e., it is identical to the first password prefix formed after the preset password encryption of user when main body mark is identical.
For example, the password of user preset is abc, the voucher formed after encryption is 0000+sfewfwfwf, wherein 0000 is
First password prefix, sfewfwfwf are the first Crypted password.
In addition, predetermined encryption algorithm can be encryption function, it can be random number or other forms, need to only guarantee
Preset password is encrypted.
S23 obtains the voucher in the information of the expansible markup language XML node found when it is present.
Identical as 1 step S13 of embodiment, details are not described herein.
S24 is authenticated user identity using the voucher and password that get.
Wherein, voucher includes therefore first password prefix and the first Crypted password are recognized to password input by user
When card, it is also desirable to be encrypted in the same way to password, be formed and correspond to password prefix and encryption that user inputs password
Password.Specifically, include the following steps:
S241 is encrypted password input by user using predetermined encryption algorithm, obtains the second password prefix and second
Crypted password.
Authenticating user identification device adds password input by user according to the identical encryption method of preset password
It is close, obtain the second password prefix and the second Crypted password.
S242 judges whether the second password prefix and first password prefix are identical.
Authenticating user identification device compares first password prefix first and whether the second password prefix is identical, to judge user
Whether authentication fails.
When whether the second password prefix and first password prefix are identical, step S244 is executed;Otherwise, step is executed
S243。
S243, authenticating user identification failure.
Wherein, when the second password prefix and first password prefix differ, it can directly judge user identity at this time
The certification of password need not be encrypted in authentification failure again.
S244 judges whether the second Crypted password is identical as the first Crypted password.
When identical, authenticating user identification device also need to carry out again the second Crypted password and the first Crypted password whether phase
Same judgement, ensures the reliability of authenticating user identification.
S245, authenticating user identification pass through.
When the second Crypted password is identical as the first Crypted password, authenticating user identification passes through at this time, and user can obtain
Corresponding shielded content.
Optionally, further include authority information corresponding with main body mark in the information of XML node, each main body mark corresponds to
Permission may be identical, it is also possible to differ.Therefore, it is distinguished by authority information, to ensure that user can only be obtained from
Protected content in own permission further improves the safety of protected content.
As a kind of optional embodiment of the present embodiment, step S244 can be omitted, i.e., in the second password prefix and the
When one password prefix is identical, it is believed that authenticating user identification passes through at this time.
The voucher (i.e. corresponding with the password of user setting) that the present invention stores in XML node information is deposited after encryption
In XML node, i.e., what is stored in XML node is not the password of user setting for storage, but to the password of user setting
Encrypted first password prefix and the first Crypted password avoid the possibility of the extraneous password for being directly obtained user setting
Property, it can ensure the secure storage in XML node in voucher, improve the safety of subscriber authentication;In addition, to
During the password of family setting is encrypted, in conjunction with user name, the reliability of verification is further improved.
In addition, during being verified to password input by user, it is defeated to user first with predetermined encryption algorithm
The password entered is encrypted, and forms the second password prefix, need to only utilize the second password prefix and the first password prefix in voucher
Be compared, do not need to carry out complicated judgement, you can determine password input by user whether mistake, verification method effect
Rate is higher.
The step details not being described in detail in the present embodiment, please refers to embodiment 1, details are not described herein.
Embodiment 3
The present embodiment provides a kind of method for authenticating user identity, can be used in authenticating user identification device, as shown in figure 4,
This approach includes the following steps:
S31 obtains username and password input by user.
Identical as 2 step S21 of embodiment, details are not described herein.
S32 is searched in preconfigured expansible markup language XML node and be whether there is and the matched main body mark of user name
Know, wherein the information of expansible markup language XML node includes main body mark and its corresponding voucher, each expansible mark
Language XML node corresponds to a main body mark.
Identical as 2 step S22 of embodiment, details are not described herein.
S33 receives the request of user's Modify password and modified password.
User Modify password, authenticating user identification device can receive the request of user's Modify password according to actual needs,
And receive the modified password of user.
S34 is encrypted modified password using predetermined encryption algorithm, obtains third password prefix and encrypts close
Code, wherein third password prefix is identical as first password prefix.
Authenticating user identification device is encrypted modified password using identical predetermined encryption algorithm, is corresponded to
The third password prefix and Crypted password of password after modification.Wherein, due to needing to combine user name in ciphering process, because
This, the third password prefix obtained after encryption is identical as first password prefix.
S35 updates the voucher in the information of expansible markup language XML node, wherein Crypted password is updated the
One Crypted password.
After authenticating user identification device obtains third password prefix and Crypted password after the password encryption changed user,
Need to timely update expansible markup language XML node information in voucher.Specifically, the first Crypted password is replaced with and is added
Password, by the first Crypted password labeled as expired.
For example, user entitled 123, the password before modification is abc, and the voucher stored in XML node is 0000+
sfewfwfwf;Same user, modified password are bcd, and the voucher stored in XML node is 0000+122222212.
S36 obtains the voucher in the information of the expansible markup language XML node found.
Identical as 2 step S23 of embodiment, details are not described herein.
S37 is authenticated the user identity using the voucher and password that get.
Identical as 2 step S24 of embodiment, details are not described herein.
In the present invention, after user's Modify password, the Crypted password in the information for the XML node that timely updates ensures XML sections
The voucher stored in point information is identical as after user's change, avoids the mistake caused by the delay between modification and actual storage
Difference, i.e. user can not be authenticated using the password before modification to be passed through, and the reliability of authenticating user identification is further improved.
It should be noted that step S33 to S35 is not limited to after step s 32 in the present embodiment, only it need to ensure step
S33 to S35 is before step S36.
The step details not being described in detail in the present embodiment, please refers to embodiment 2, details are not described herein.
Embodiment 5
The present embodiment provides a kind of concrete application example of method for authenticating user identity, the system block diagram that this method is realized
As shown in figure 5,
1. first against AuthenticationManager, as certificate manager, Spring it verification process is entrusted
It goes to realize to AuthenticationProvider interfaces.In the prior art, this interface has one of acquiescence to realize,
DaoAuthenticationProvider, it is limited in that, obtains the UserDetails objects of User Detail
Only there are one parameters (username) by implementation method loadUserByUsername for realizing, page cryptographic parameter can not be primary
It is incoming.The present invention is mainly wherein realized by rewriteeing, and is obtained user password relevant information using the XML of dynamic and configurable, is realized
Certification.
2. seeing Fig. 5, XmlAuthenticationProvider passes through realization
The realization of retrieveUser methods is passed through user name by AbstractUserDetailsAuthenticationProvider
Password, which obtains, obtains related data in XML.
3. in these obtained XML datas, containing the essential information of user, authentication information, authority information realizes process
It is as follows:
1) user inputs user name, password
2) SpringSecurity obtains the input information of user, by information comparison in user name and XML, such as there is user
Information, acquire limit information, then verify user password whether with password prefix matching.XML has user password prefix,
When the password prefix and XML configurations match of user, certification passes through, otherwise authentification failure.
3) user password change does not influence password prefix.
4) it so realizes, user no longer creates role's table in lane database, new plus record, can be in XML directly
It specifies.
Embodiment 5
The present embodiment provides a kind of authenticating user identification device, it can be used for executing embodiment 1 to any one of embodiment 3 institute
The method for authenticating user identity stated, as shown in fig. 6, the device includes:
First acquisition module 41, for obtaining username and password input by user.
Searching module 42 whether there is and user name for searching in preconfigured expansible markup language XML node
Matched main body mark, wherein the information of expansible markup language XML node includes main body mark and its corresponding voucher, often
A expansible markup language XML node corresponds to a main body mark.
Second acquisition module 43, for when exist identified with the matched main body of user name when, obtain find it is expansible
Voucher in the information of markup language XML node.
Authentication module 44, for being authenticated to user identity using the voucher and password that get.
By disposal subject mark and its corresponding voucher in expansible markup language XML node in the present embodiment, i.e.,
Main body mark and voucher can be directly specified in XML node, when configuring relevant main body, XML is relatively easy, saves foundation
Database, and the process of dependence is established in the database, it can realize the configuration of more intuitive main body relevant information;
In addition, by the relevant information of disposal subject in XML node, when for authentication, correlation only need to be carried out from node
The lookup of information, matching speed is fast, efficient, i.e. authenticating user identification flexibility is higher.
As a kind of optional embodiment of the present embodiment, as shown in fig. 7, authentication module 44 further includes:
First encryption unit 441 obtains second for password input by user to be encrypted using predetermined encryption algorithm
Password prefix and the second Crypted password.
First judging unit 442, for judging whether the second password prefix and the first password prefix are identical.
First authentication unit 443 fails for authenticating user identification.
Optionally, which further includes:
Second judgment unit 444, for judging whether the second Crypted password is identical as the first Crypted password.
Second authentication unit 445 fails for authenticating user identification.
As another optional embodiment of the present embodiment, as shown in fig. 7, authenticating user identification device further includes:
Receiving module 45, the request for receiving user's Modify password and modified password.
It is close to obtain third for modified password to be encrypted using predetermined encryption algorithm for second encrypting module 46
Code prefix and Crypted password, wherein third password prefix is identical as first password prefix.
Update module 47, the voucher in information for updating expansible markup language XML node, wherein Crypted password
For updated first Crypted password.
Embodiment 6
The embodiment of the present invention additionally provides a kind of electronic equipment, as shown in figure 8, the electronic equipment may include processor 51
With memory 52, wherein processor 51 can be connected with memory 52 by bus or other modes, to pass through bus in Fig. 8
For connection.
Processor 51 can be central processing unit (Central Processing Unit, CPU).Processor 51 can be with
For other general processors, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.
Memory 52 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non-
Transient computer executable program and module, as the corresponding program of method for authenticating user identity in the embodiment of the present invention refers to
Order/module (for example, the first acquisition module 41 shown in fig. 6, searching module 42, the second acquisition module 43 and authentication module 44).
Processor 51 is stored in non-transient software program, instruction and module in memory 52 by operation, to execute processor
Various function application and data processing, that is, realize above method embodiment in method for authenticating user identity.
Memory 52 may include storing program area and storage data field, wherein storing program area can storage program area,
At least one required application program of function;Storage data field can store the data etc. that processor 51 is created.In addition, storage
Device 52 may include high-speed random access memory, can also include non-transient memory, for example, at least a magnetic disk storage
Part, flush memory device or other non-transient solid-state memories.In some embodiments, it includes relative to place that memory 52 is optional
The remotely located memory of device 51 is managed, these remote memories can pass through network connection to processor 51.The reality of above-mentioned network
Example includes but not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.
One or more of modules are stored in the memory 52, when being executed by the processor 51, are executed
Method for authenticating user identity in embodiment as in Figure 2-4.
Above-mentioned electronic equipment detail can be corresponded to refering to corresponding associated description in Fig. 2 to embodiment shown in Fig. 4
Understood with effect, details are not described herein again.
It is that can lead to it will be understood by those skilled in the art that realizing all or part of flow in above-described embodiment method
It crosses computer program and is completed to instruct relevant hardware, the program can be stored in a computer read/write memory medium
In, the program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (ROM) or random access memory (RAM) etc..
Although being described in conjunction with the accompanying the embodiment of the present invention, those skilled in the art can not depart from the present invention
Spirit and scope in the case of various modifications and variations can be made, such modifications and variations are each fallen within by appended claims institute
Within the scope of restriction.
Claims (10)
1. a kind of method for authenticating user identity, which is characterized in that include the following steps:
Obtain username and password input by user;
It searches in the preconfigured expansible markup language XML node and whether there is and the matched main body mark of the user name
Know, wherein the information of the expansible markup language XML node includes main body mark and its corresponding voucher, each expansible
Markup language XML node corresponds to a main body mark;
When it is present, the voucher in the information of the expansible markup language XML node found is obtained;
The user identity is authenticated using the voucher and the password that get.
2. method for authenticating user identity according to claim 1, which is characterized in that the expansible markup language XML sections
Voucher in point information includes first password prefix and the first Crypted password, and the first password prefix is corresponding with the voucher
Main body mark corresponds to.
3. method for authenticating user identity according to claim 2, which is characterized in that utilize the voucher that gets and described close
Code is authenticated the user identity, including:
The password input by user is encrypted using predetermined encryption algorithm, the second password prefix is obtained and the second encryption is close
Code;
Judge whether the second password prefix and the first password prefix are identical;
When differing, then authenticating user identification fails.
4. method for authenticating user identity according to claim 3, which is characterized in that further comprising the steps of:
When the second password prefix is identical as the first password prefix, second Crypted password and described first is judged
Whether Crypted password is identical;
When identical, then authenticating user identification passes through.
5. method for authenticating user identity according to claim 1, which is characterized in that the information of the XML node further includes
Authority information;When certification by when, according to the authority information, discharge corresponding permission to user.
6. method for authenticating user identity according to claim 3, which is characterized in that further include:
Receive the request of user's Modify password and modified password;
The modified password is encrypted using the predetermined encryption algorithm, obtain third password prefix and is encrypted close
Code, wherein the third password prefix is identical as the first password prefix;
Update the voucher in the information of the expansible markup language XML node, wherein the Crypted password is updated the
One Crypted password.
7. a kind of authenticating user identification device, which is characterized in that including:
First acquisition module, for obtaining username and password input by user;
Searching module whether there is and the user for searching in the preconfigured expansible markup language XML node
Name matched main body mark, wherein the information of the expansible markup language XML node include main body mark and its it is corresponding with
Card, each expansible markup language XML node correspond to a main body mark;
Second acquisition module, for when there is main body mark matched with the user name, obtaining the expansible mark found
Voucher in the information of will Language XML node;
Authentication module, for being authenticated to the user identity using the voucher and the password that get.
8. authenticating user identification device according to claim 7, which is characterized in that the expansible markup language XML sections
Voucher in point information includes first password prefix and the first Crypted password, and the first password prefix is corresponding with the voucher
Main body mark corresponds to.
9. a kind of electronic equipment, which is characterized in that including:Memory and processor, between the memory and the processor
Communicate connection, be stored with computer instruction in the memory, the processor by executing the computer instruction, from
And perform claim requires the method for authenticating user identity described in 1-6.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer to refer to
It enables, the method for authenticating user identity that the computer instruction is used to that the computer perform claim to be made to require described in 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810252515.9A CN108664778B (en) | 2018-03-26 | 2018-03-26 | User identity authentication method and device and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810252515.9A CN108664778B (en) | 2018-03-26 | 2018-03-26 | User identity authentication method and device and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108664778A true CN108664778A (en) | 2018-10-16 |
CN108664778B CN108664778B (en) | 2021-03-30 |
Family
ID=63782507
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810252515.9A Active CN108664778B (en) | 2018-03-26 | 2018-03-26 | User identity authentication method and device and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108664778B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108664778B (en) * | 2018-03-26 | 2021-03-30 | 苏州科达科技股份有限公司 | User identity authentication method and device and electronic equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
CN102404349A (en) * | 2011-12-31 | 2012-04-04 | 山东中创软件工程股份有限公司 | Single sign-on method |
CN102655494A (en) * | 2011-03-01 | 2012-09-05 | 广州从兴电子开发有限公司 | SAML (Security Assertion Markup Language)-based authentication platform designed in single log-in mode |
CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
CN106790308A (en) * | 2017-03-28 | 2017-05-31 | 北京中电普华信息技术有限公司 | A kind of user authen method, apparatus and system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108664778B (en) * | 2018-03-26 | 2021-03-30 | 苏州科达科技股份有限公司 | User identity authentication method and device and electronic equipment |
-
2018
- 2018-03-26 CN CN201810252515.9A patent/CN108664778B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
CN102655494A (en) * | 2011-03-01 | 2012-09-05 | 广州从兴电子开发有限公司 | SAML (Security Assertion Markup Language)-based authentication platform designed in single log-in mode |
CN102404349A (en) * | 2011-12-31 | 2012-04-04 | 山东中创软件工程股份有限公司 | Single sign-on method |
CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
CN106790308A (en) * | 2017-03-28 | 2017-05-31 | 北京中电普华信息技术有限公司 | A kind of user authen method, apparatus and system |
Non-Patent Citations (4)
Title |
---|
戴勇: "《基于Liferay Portal技术的校园信息门户研究与实现》", 《中国优秀硕士学位论文全文数据库》 * |
申爱冬: "《基于IOS平台的呼叫中心运营管理系统的设计与实现》", 《中国优秀硕士学位论文全文数据库》 * |
贺国睿: "《废水排放监测设备数据采集与远程信息管理系统设计》", 《中国优秀硕士学位论文全文数据库》 * |
门永生: "《公共场所火灾应急预案管理信息系统的研究与开发》", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108664778B (en) * | 2018-03-26 | 2021-03-30 | 苏州科达科技股份有限公司 | User identity authentication method and device and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN108664778B (en) | 2021-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10691793B2 (en) | Performance of distributed system functions using a trusted execution environment | |
EP2731045B1 (en) | Client computer for querying a database stored on a server via a network | |
US20150281227A1 (en) | System and method for two factor user authentication using a smartphone and nfc token and for the automatic generation as well as storing and inputting of logins for websites and web applications | |
CN109344631B (en) | Data modification and block verification method, device, equipment and medium for block chain | |
CN106487744B (en) | Shiro verification method based on Redis storage | |
JP2007257405A (en) | Document management device, document managing method, storage medium, and program | |
EP3552131B1 (en) | Password security | |
CN107040520B (en) | Cloud computing data sharing system and method | |
US11665198B2 (en) | Managing third party URL distribution | |
US20150339467A1 (en) | Apparatus, method for controlling apparatus, and program | |
CN112118269A (en) | Identity authentication method, system, computing equipment and readable storage medium | |
WO2016070611A1 (en) | Method for processing data, server and terminal | |
EP2801925A1 (en) | Methods and devices for detecting unauthorized access to credentials of a credential store | |
CN102202057B (en) | System and method for safely dumping data of mobile memory | |
CN111988262B (en) | Authentication method, authentication device, server and storage medium | |
US11316663B2 (en) | One-time password with unpredictable moving factor | |
US20170270287A1 (en) | Methods and apparatus for using credentials to access computing resources | |
CN113678131A (en) | Protecting online applications and web pages using blockchains | |
CN111382422A (en) | System and method for changing password of account record under threat of illegal access to user data | |
CN113591121A (en) | Resource access authority configuration method, device, equipment and storage medium | |
CN108664778A (en) | Method for authenticating user identity, device and electronic equipment | |
JP6344170B2 (en) | Device, management module, program, and control method | |
KR102350718B1 (en) | Password encryption method using variable salt, apparatus and server therefor | |
CN113658709A (en) | Method, device, computer equipment and storage medium for medical data information query | |
CN112291058A (en) | Communication method of management system and management system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |