CN109379352B - Websocket-based account security verification method - Google Patents

Websocket-based account security verification method Download PDF

Info

Publication number
CN109379352B
CN109379352B CN201811165433.7A CN201811165433A CN109379352B CN 109379352 B CN109379352 B CN 109379352B CN 201811165433 A CN201811165433 A CN 201811165433A CN 109379352 B CN109379352 B CN 109379352B
Authority
CN
China
Prior art keywords
user
login
websocket
queue
verification method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811165433.7A
Other languages
Chinese (zh)
Other versions
CN109379352A (en
Inventor
王小东
李佳鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Tiandihexing Technology Co Ltd
Original Assignee
Beijing Tiandihexing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Tiandihexing Technology Co Ltd filed Critical Beijing Tiandihexing Technology Co Ltd
Priority to CN201811165433.7A priority Critical patent/CN109379352B/en
Publication of CN109379352A publication Critical patent/CN109379352A/en
Application granted granted Critical
Publication of CN109379352B publication Critical patent/CN109379352B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/50Queue scheduling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/143Termination or inactivation of sessions, e.g. event-controlled end of session

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an account security verification method based on websocket, which comprises the following steps: the method comprises the following steps of (1) logging in, wherein after a user name and a password of a user are verified to be correct and logging in is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server; 1B, recording the login information of the user into a queue; 1C, after the thread is started, modifying the current login state of the user according to the data in the queue; exiting the process, 2A, when the user exits, disconnecting the websocket link; 2B, recording the login disconnection information of the user into a message queue; and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue. The invention can improve the defects of the prior art and can more stably and safely solve the problem of account login uniqueness.

Description

Websocket-based account security verification method
Technical Field
The invention relates to the technical field of industrial control networks, in particular to an account security verification method based on websocket.
Background
With the development of information technology, an industrial control system gradually realizes networking, more and more industrial control protocols run on an industrial ethernet to realize industrial network communication, and meanwhile, attacks on the industrial network are more and more common, so that it is necessary to limit the uniqueness of a login user in order to solve security problems caused by concurrency problems and security problems.
In an industrial control network, operation logs of operators are recorded, the accuracy of log recording is improved, and in order to prevent hidden dangers such as account number multiplexing and reduce unsafe hidden dangers, the uniqueness of a login user needs to be ensured and the safety is improved. Such as: the account number reuse is prevented, so that management confusion is avoided, and potential safety hazards are caused.
At present, the main method for limiting login users is to identify through an interceptor, and the interceptor is used for solving the problem that users only allow login in one place and login in other places to kick off.
The method occupies the memory of the server, can not process the quitted user in time to generate junk data, can not log in or repeatedly prompt error information, can only kick out other users, and is not suitable for an industrial control system.
Disclosure of Invention
The invention aims to provide an account security verification method based on websocket, which can solve the defects of the prior art and can more stably and safely solve the problem of account login uniqueness.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows.
A websocket-based account security verification method is characterized by comprising the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue;
and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue.
Preferably, in step 1B, the login information of the user includes a user name, a password, and a login status.
Preferably, in step 2A, the user exit includes normal exit, PC power off, and network interrupt.
Adopt the beneficial effect that above-mentioned technical scheme brought to lie in: the method utilizes a Websocket pushing mechanism to judge, is safe and stable, ensures timeliness and reduces the influence of system performance; the safety queue is used to ensure the accuracy of the data; the problem that the system cannot respond in time after the user logs in the uniqueness and quits is solved.
Drawings
FIG. 1 is a flow chart of login in accordance with an embodiment of the present invention.
FIG. 2 is an exit flow diagram of an embodiment of the present invention.
Detailed Description
Referring to fig. 1-2, an account security verification method based on websocket includes the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue; (ii) a
2C, after the thread is started, modifying the current login state of the user according to the data in the queue
In step 1B, the login information of the user includes a user name, a password, and a login state.
In step 2A, the user quitting comprises normal quitting, PC power off and network interruption.
The login process mainly processes the modification of the login state of the user through the user and the login state, ensures the thread safety, locks the user information currently under the condition of large concurrency, and ensures the accuracy and safety of data when the same user logs in more places at the same time. When the user logs in for the second time, login is not allowed, and the user is prompted to be online.
The quitting process can ensure that the system receives the quitting information of the user in time and the system responds in time. The account can safely exit the system, the account cannot exit, and thread safety is guaranteed. And when the user cannot mistakenly log off for a long time, the logic of normal log-off is executed.
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (3)

1. A websocket-based account security verification method is characterized by comprising the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue;
and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue.
2. The websocket-based account security verification method of claim 1, wherein: in step 1B, the login information of the user includes a user name, a password, and a login state.
3. The websocket-based account security verification method of claim 1, wherein: in step 2A, the user quitting comprises normal quitting, PC power off and network interruption.
CN201811165433.7A 2018-10-08 2018-10-08 Websocket-based account security verification method Active CN109379352B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811165433.7A CN109379352B (en) 2018-10-08 2018-10-08 Websocket-based account security verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811165433.7A CN109379352B (en) 2018-10-08 2018-10-08 Websocket-based account security verification method

Publications (2)

Publication Number Publication Date
CN109379352A CN109379352A (en) 2019-02-22
CN109379352B true CN109379352B (en) 2021-06-04

Family

ID=65403630

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811165433.7A Active CN109379352B (en) 2018-10-08 2018-10-08 Websocket-based account security verification method

Country Status (1)

Country Link
CN (1) CN109379352B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115022101B (en) * 2022-08-10 2022-11-15 深圳竹云科技股份有限公司 Account data changing method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106209966A (en) * 2016-06-15 2016-12-07 中国科学院信息工程研究所 Management and control end updates the method for equipment state, the treating method and apparatus of service end
CN106936698A (en) * 2017-04-13 2017-07-07 合肥市群智科技有限公司 A kind of pc ends instant messaging application process based on websocket
CN107172199A (en) * 2017-06-27 2017-09-15 青岛海信移动通信技术股份有限公司 The state updating method and device of a kind of mobile terminal

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9992187B2 (en) * 2015-12-21 2018-06-05 Cisco Technology, Inc. Single sign-on authentication via browser for client application
CN105827720B (en) * 2016-04-18 2019-03-29 宁波轩悦行电动汽车服务有限公司 Cell phone application obtains Vehicle Information System and load-balancing method and method of hiring a car
CN108153858B (en) * 2017-12-22 2020-07-07 平安养老保险股份有限公司 Information pushing method and device, storage medium and computer equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106209966A (en) * 2016-06-15 2016-12-07 中国科学院信息工程研究所 Management and control end updates the method for equipment state, the treating method and apparatus of service end
CN106936698A (en) * 2017-04-13 2017-07-07 合肥市群智科技有限公司 A kind of pc ends instant messaging application process based on websocket
CN107172199A (en) * 2017-06-27 2017-09-15 青岛海信移动通信技术股份有限公司 The state updating method and device of a kind of mobile terminal

Also Published As

Publication number Publication date
CN109379352A (en) 2019-02-22

Similar Documents

Publication Publication Date Title
Yang et al. Stateful intrusion detection for IEC 60870-5-104 SCADA security
US20130055384A1 (en) Dealing with web attacks using cryptographically signed http cookies
US9596248B2 (en) Trojan detection method and device
US20140208405A1 (en) Simplified and Safe User Authentication
CN101707620B (en) Method and system for detecting repeat login of Web authenticated user
CN105809817B (en) A kind of ATM failure monitoring method and device
CN111433770B (en) Method and apparatus for user authentication and computer readable medium
CN111131301A (en) Unified authentication and authorization scheme
CN107919984A (en) Possess the O&M server and its management method of automatic upgrade function
EP2790354B1 (en) Security management system having multiple relay servers, and security management method
US20150172324A1 (en) Authorized SIP Redirection
CN110958119A (en) Identity verification method and device
CN109379352B (en) Websocket-based account security verification method
CN106453321A (en) Authentication server, system and method, and to-be-authenticated terminal
CN110290176B (en) Point-to-point information pushing method based on MQTT
CN104837134A (en) Web authentication user registration method, device and system
CN111404918A (en) Cloud mobile phone distributed service emergency authentication method, device and system
Kwon et al. Protocol fuzzing to find security vulnerabilities of RabbitMQ
CN105282107B (en) XMPP systems access the authorization method and communication network of external data
CN112073963A (en) Communication interaction data transmission method and device
CN112087475B (en) Message pushing method and device for cloud platform component application and message server
CN104601578A (en) Recognition method and device for attack message and core device
CN115941171A (en) Network key exchange negotiation method, device and network equipment
CN106100929B (en) The method and apparatus of two-way converting detection certification handoff-security
CN115037537A (en) Abnormal traffic interception and abnormal domain name identification method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant