CN109379352B - Websocket-based account security verification method - Google Patents
Websocket-based account security verification method Download PDFInfo
- Publication number
- CN109379352B CN109379352B CN201811165433.7A CN201811165433A CN109379352B CN 109379352 B CN109379352 B CN 109379352B CN 201811165433 A CN201811165433 A CN 201811165433A CN 109379352 B CN109379352 B CN 109379352B
- Authority
- CN
- China
- Prior art keywords
- user
- login
- websocket
- queue
- verification method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/50—Queue scheduling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/143—Termination or inactivation of sessions, e.g. event-controlled end of session
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses an account security verification method based on websocket, which comprises the following steps: the method comprises the following steps of (1) logging in, wherein after a user name and a password of a user are verified to be correct and logging in is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server; 1B, recording the login information of the user into a queue; 1C, after the thread is started, modifying the current login state of the user according to the data in the queue; exiting the process, 2A, when the user exits, disconnecting the websocket link; 2B, recording the login disconnection information of the user into a message queue; and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue. The invention can improve the defects of the prior art and can more stably and safely solve the problem of account login uniqueness.
Description
Technical Field
The invention relates to the technical field of industrial control networks, in particular to an account security verification method based on websocket.
Background
With the development of information technology, an industrial control system gradually realizes networking, more and more industrial control protocols run on an industrial ethernet to realize industrial network communication, and meanwhile, attacks on the industrial network are more and more common, so that it is necessary to limit the uniqueness of a login user in order to solve security problems caused by concurrency problems and security problems.
In an industrial control network, operation logs of operators are recorded, the accuracy of log recording is improved, and in order to prevent hidden dangers such as account number multiplexing and reduce unsafe hidden dangers, the uniqueness of a login user needs to be ensured and the safety is improved. Such as: the account number reuse is prevented, so that management confusion is avoided, and potential safety hazards are caused.
At present, the main method for limiting login users is to identify through an interceptor, and the interceptor is used for solving the problem that users only allow login in one place and login in other places to kick off.
The method occupies the memory of the server, can not process the quitted user in time to generate junk data, can not log in or repeatedly prompt error information, can only kick out other users, and is not suitable for an industrial control system.
Disclosure of Invention
The invention aims to provide an account security verification method based on websocket, which can solve the defects of the prior art and can more stably and safely solve the problem of account login uniqueness.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows.
A websocket-based account security verification method is characterized by comprising the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue;
and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue.
Preferably, in step 1B, the login information of the user includes a user name, a password, and a login status.
Preferably, in step 2A, the user exit includes normal exit, PC power off, and network interrupt.
Adopt the beneficial effect that above-mentioned technical scheme brought to lie in: the method utilizes a Websocket pushing mechanism to judge, is safe and stable, ensures timeliness and reduces the influence of system performance; the safety queue is used to ensure the accuracy of the data; the problem that the system cannot respond in time after the user logs in the uniqueness and quits is solved.
Drawings
FIG. 1 is a flow chart of login in accordance with an embodiment of the present invention.
FIG. 2 is an exit flow diagram of an embodiment of the present invention.
Detailed Description
Referring to fig. 1-2, an account security verification method based on websocket includes the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue; (ii) a
2C, after the thread is started, modifying the current login state of the user according to the data in the queue
In step 1B, the login information of the user includes a user name, a password, and a login state.
In step 2A, the user quitting comprises normal quitting, PC power off and network interruption.
The login process mainly processes the modification of the login state of the user through the user and the login state, ensures the thread safety, locks the user information currently under the condition of large concurrency, and ensures the accuracy and safety of data when the same user logs in more places at the same time. When the user logs in for the second time, login is not allowed, and the user is prompted to be online.
The quitting process can ensure that the system receives the quitting information of the user in time and the system responds in time. The account can safely exit the system, the account cannot exit, and thread safety is guaranteed. And when the user cannot mistakenly log off for a long time, the logic of normal log-off is executed.
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (3)
1. A websocket-based account security verification method is characterized by comprising the following steps:
the flow of the login is carried out,
1A, after a user name and a password of a user are verified to be correct and login is successful, a browser sends out a websocket connection request, then a server sends out a response, and a websocket link is established between the browser and the server;
1B, recording the login information of the user into a queue;
1C, after the thread is started, modifying the current login state of the user according to the data in the queue;
the process is exited,
2A, disconnecting the websocket link when the user exits;
2B, recording the login disconnection information of the user into a message queue;
and 2C, after the thread is started, modifying the current login state of the user according to the data in the queue.
2. The websocket-based account security verification method of claim 1, wherein: in step 1B, the login information of the user includes a user name, a password, and a login state.
3. The websocket-based account security verification method of claim 1, wherein: in step 2A, the user quitting comprises normal quitting, PC power off and network interruption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811165433.7A CN109379352B (en) | 2018-10-08 | 2018-10-08 | Websocket-based account security verification method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811165433.7A CN109379352B (en) | 2018-10-08 | 2018-10-08 | Websocket-based account security verification method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109379352A CN109379352A (en) | 2019-02-22 |
CN109379352B true CN109379352B (en) | 2021-06-04 |
Family
ID=65403630
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811165433.7A Active CN109379352B (en) | 2018-10-08 | 2018-10-08 | Websocket-based account security verification method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109379352B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115022101B (en) * | 2022-08-10 | 2022-11-15 | 深圳竹云科技股份有限公司 | Account data changing method and device, computer equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106209966A (en) * | 2016-06-15 | 2016-12-07 | 中国科学院信息工程研究所 | Management and control end updates the method for equipment state, the treating method and apparatus of service end |
CN106936698A (en) * | 2017-04-13 | 2017-07-07 | 合肥市群智科技有限公司 | A kind of pc ends instant messaging application process based on websocket |
CN107172199A (en) * | 2017-06-27 | 2017-09-15 | 青岛海信移动通信技术股份有限公司 | The state updating method and device of a kind of mobile terminal |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9992187B2 (en) * | 2015-12-21 | 2018-06-05 | Cisco Technology, Inc. | Single sign-on authentication via browser for client application |
CN105827720B (en) * | 2016-04-18 | 2019-03-29 | 宁波轩悦行电动汽车服务有限公司 | Cell phone application obtains Vehicle Information System and load-balancing method and method of hiring a car |
CN108153858B (en) * | 2017-12-22 | 2020-07-07 | 平安养老保险股份有限公司 | Information pushing method and device, storage medium and computer equipment |
-
2018
- 2018-10-08 CN CN201811165433.7A patent/CN109379352B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106209966A (en) * | 2016-06-15 | 2016-12-07 | 中国科学院信息工程研究所 | Management and control end updates the method for equipment state, the treating method and apparatus of service end |
CN106936698A (en) * | 2017-04-13 | 2017-07-07 | 合肥市群智科技有限公司 | A kind of pc ends instant messaging application process based on websocket |
CN107172199A (en) * | 2017-06-27 | 2017-09-15 | 青岛海信移动通信技术股份有限公司 | The state updating method and device of a kind of mobile terminal |
Also Published As
Publication number | Publication date |
---|---|
CN109379352A (en) | 2019-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yang et al. | Stateful intrusion detection for IEC 60870-5-104 SCADA security | |
US20130055384A1 (en) | Dealing with web attacks using cryptographically signed http cookies | |
US9596248B2 (en) | Trojan detection method and device | |
US20140208405A1 (en) | Simplified and Safe User Authentication | |
CN101707620B (en) | Method and system for detecting repeat login of Web authenticated user | |
CN105809817B (en) | A kind of ATM failure monitoring method and device | |
CN111433770B (en) | Method and apparatus for user authentication and computer readable medium | |
CN111131301A (en) | Unified authentication and authorization scheme | |
CN107919984A (en) | Possess the O&M server and its management method of automatic upgrade function | |
EP2790354B1 (en) | Security management system having multiple relay servers, and security management method | |
US20150172324A1 (en) | Authorized SIP Redirection | |
CN110958119A (en) | Identity verification method and device | |
CN109379352B (en) | Websocket-based account security verification method | |
CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
CN110290176B (en) | Point-to-point information pushing method based on MQTT | |
CN104837134A (en) | Web authentication user registration method, device and system | |
CN111404918A (en) | Cloud mobile phone distributed service emergency authentication method, device and system | |
Kwon et al. | Protocol fuzzing to find security vulnerabilities of RabbitMQ | |
CN105282107B (en) | XMPP systems access the authorization method and communication network of external data | |
CN112073963A (en) | Communication interaction data transmission method and device | |
CN112087475B (en) | Message pushing method and device for cloud platform component application and message server | |
CN104601578A (en) | Recognition method and device for attack message and core device | |
CN115941171A (en) | Network key exchange negotiation method, device and network equipment | |
CN106100929B (en) | The method and apparatus of two-way converting detection certification handoff-security | |
CN115037537A (en) | Abnormal traffic interception and abnormal domain name identification method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |