CN112039889A - Password-free login method, device, equipment and storage medium - Google Patents
Password-free login method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112039889A CN112039889A CN202010897865.8A CN202010897865A CN112039889A CN 112039889 A CN112039889 A CN 112039889A CN 202010897865 A CN202010897865 A CN 202010897865A CN 112039889 A CN112039889 A CN 112039889A
- Authority
- CN
- China
- Prior art keywords
- authentication
- token
- login
- page
- free
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Abstract
The invention relates to the field of network security, and discloses a password-free login method, a device, equipment and a storage medium, which are used for realizing password-free login between enterprises, and the method comprises the following steps: obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server; receiving an authentication token fed back by a provider server, calling a preset login-free intermediate page according to the received authentication token, and splicing the authentication token and the login-free intermediate page to obtain a provider page; authenticating the authentication token based on the provider page to obtain an authentication result; and if the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page. And (4) passing. In addition, the invention also relates to a block chain technology, and the webpage link of the login-free intermediate page can be stored in the block chain.
Description
Technical Field
The present invention relates to the field of network security, and in particular, to a password-free login method, apparatus, device, and storage medium.
Background
With the rapid development of the mobility of the communication industry, when enterprises deeply cooperate with a plurality of external enterprises, the frequency of network access between the enterprises through the mobile terminal is higher and higher, account names and passwords are required to be manually input when logging in a server, and if the account names and the passwords are input during each login, the probability of leakage of the account names and the passwords can be greatly increased by the mechanism of repeated input.
The password-free login of two parties or three parties is supported among part of enterprises, only H5 is embedded into apps of other multiple enterprises, part of development platforms support all enterprises to configure and develop combined login on the platforms according to protocol flows, but authorization tokens are issued by the platform side and developed according to the standards of the platform side, if the enterprises need to cooperate with enterprises of other platforms, multiple sets of combined login functions need to be developed, each enterprise connected into one cooperation needs to develop, design and test all flows and then can be on-line, with the development of company services, more and more cooperation partners are provided, so that the password-free login of combined authorization has low access efficiency and high development cost.
Disclosure of Invention
The invention mainly aims to solve the technical problems of low access efficiency and high development cost of the existing joint authorization password-free login.
The invention provides a password-free login method in a first aspect, which comprises the following steps:
obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server;
receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
authenticating the first authentication token based on the first provider page to obtain an authentication result;
and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page.
Optionally, in a first implementation manner of the first aspect of the present invention, after the obtaining a token application request initiated by a user and obtaining a user unique identifier according to the token application request, the method further includes:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, executing the step of calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
Optionally, in a second implementation manner of the first aspect of the present invention, the splicing the first authentication token and the login-free intermediate page to obtain a first provider page includes:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
Optionally, in a third implementation manner of the first aspect of the present invention, before the authenticating the first authentication token based on the first provider page and obtaining an authentication result, the method further includes:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
Optionally, in a fourth implementation manner of the first aspect of the present invention, the authenticating the first authentication token based on the first provider page, and obtaining an authentication result includes:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
Optionally, in a fifth implementation manner of the first aspect of the present invention, before the returning the login-free intermediate page and jumping from the login-free intermediate page to the function page that the user requests to access, the method further includes:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
The second aspect of the present invention provides a password-free login device, including:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a token application request initiated by a user and acquiring a unique user identifier according to the token application request;
the token application module is used for calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
the receiving module is used for receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module is used for calling a preset login-free intermediate page according to the received first authentication token and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
the authentication module is used for authenticating the first authentication token based on the first provider page to obtain an authentication result;
and the skipping module is used for returning the login-free intermediate page and skipping from the login-free intermediate page to the functional page requested to be accessed by the user when the authentication result is that the authentication is successful.
Optionally, in a first implementation manner of the second aspect of the present invention, the password-free login apparatus further includes an identity authentication module, where the identity authentication module is specifically configured to:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, executing the step of calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
Optionally, in a second implementation manner of the second aspect of the present invention, the splicing module is specifically configured to:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
Optionally, in a third implementation manner of the second aspect of the present invention, the password-free login apparatus further includes a validity period identification module, where the validity period identification module is specifically configured to:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
Optionally, in a fourth implementation manner of the second aspect of the present invention, the authentication module is specifically configured to:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
Optionally, in a fifth implementation manner of the second aspect of the present invention, the password-free login apparatus further includes an access party authentication module, where the access party authentication module is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
A third aspect of the present invention provides a password-free login device, including: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line; the at least one processor invokes the instructions in the memory to cause the password-login-free device to perform the password-login-free method described above.
A fourth aspect of the present invention provides a computer-readable storage medium having stored therein instructions, which, when run on a computer, cause the computer to execute the above-mentioned password-free login method.
According to the technical scheme, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced. Furthermore, the invention also relates to a blockchain technique, and the login-free intermediate page can be stored in a blockchain.
Drawings
FIG. 1 is a diagram of a password-free login method according to a first embodiment of the present invention;
FIG. 2 is a diagram of a password-free login method according to a second embodiment of the present invention;
FIG. 3 is a diagram of a password-free login method according to a third embodiment of the present invention;
FIG. 4 is a diagram of a password-free login method according to a fourth embodiment of the present invention;
FIG. 5 is a diagram of a fifth embodiment of a password-free login method in an embodiment of the present invention;
FIG. 6 is a diagram of an embodiment of a password-free login apparatus according to the embodiment of the present invention;
FIG. 7 is a diagram of another embodiment of a password-free login apparatus according to an embodiment of the present invention;
fig. 8 is a schematic diagram of an embodiment of a password-free login device in the embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a password-free login method, a password-free login device and a password-free login storage medium, wherein in the technical scheme of the invention, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," or "having," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of understanding, a specific flow of the embodiment of the present invention is described below, and with reference to fig. 1, a first embodiment of a password-free login method in the embodiment of the present invention includes:
101. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
it is to be understood that the execution subject of the present invention may be a password login-free device, and may also be a terminal or a server, which is not limited herein. The embodiment of the present invention is described by taking a server as an execution subject.
It is emphasized that, in order to ensure the privacy and security of the login-free intermediate page, the web page link of the login-free intermediate page can be stored in a node of a block chain.
In this embodiment, the access party is a party with a service requirement and needing to access another enterprise to obtain the requirement, and the provider is a service provider providing services to the access party, in practical application, before a user of the access party applies for password-free login, an enterprise of the access party allocates a user id to the user, where the user id is a user unique identifier, and after obtaining the user unique identifier input by the front end, the user unique identifier can be sent to the authentication center server for identity verification to determine whether the user unique identifier is correct, and when the user unique identifier is determined to be correct, the current process is ended when the user unique identifier is wrong.
In this embodiment, the user unique identifier is obtained mainly after the token application request, so that the user unique identifier can be obtained according to the token application request.
102. Calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
in this embodiment, the token application request includes a destination address of an acquisition service that a user wants to log in, and the destination address can be used to acquire a server address of a provider and perform a token application, specifically, the token application request may be http (s)// host address/ask token? url ═ the address of the provider to log in, e.g., http(s):// the host address of the provider server/ask? url ═ target address.
In this embodiment, after obtaining the token application request, the provider generates an authentication token according to the token application request, specifically, may generate a string of a UUID (universal Unique Identifier) formula, and use the string as the token, in practical applications, the UUID is a random string fixed to 32 bytes in length, and call the UUID. 144d8a99a42447379ac37f78bf0ef608, and the token may be signed by an algorithm, such as a hash algorithm, based on the user's token application request and the user's unique id, and then a key is added, and the data and the signature are used together as the token.
103. Receiving a first authentication token fed back by the provider server;
in practical applications, there are 4 ways for issuing a token, that is, a user obtains an authentication token through authorization, which are an authorization code mode (authorization code), a simplified mode (instrumentation), a password mode (resource owner password), and a client mode (client hierarchy), in this embodiment, the authorization token may be obtained through the authorization code mode, the authorization code mode is the most complete and strict authorization mode, an access party interacts with an authentication server of a provider through a background server of the client, and the specific steps may be issuing a token application request when the user accesses, an access party server accessed by the user leads to the authentication server of the provider and asks the user whether the user dares to authorize the access party server, and if the user gives the authorization server a redirection URI that is specified in advance by the user leading to the access party server, and attaching an authorization code, the access party server receives the authorization code and the redirection URI and applies for a token from the authentication server, and the authentication server checks the authorization code and the redirection URI and confirms that the authorization code and the redirection URI are correct, and then sends an access token and an update token to the front end of the access party.
In this embodiment, after the provider server issues the authentication token, the authentication token needs to be stored in a cache at the back end of the access party, and the access party stores the authentication token authorized by the authentication platform in an external cache of the access party; the external cache can be memcached or Ehcache, the efficiency of the authentication center for verifying the validity of the authentication TOKEN can be improved by means of the characteristics of high performance, high availability and distribution of the memcached and the Ehcache, for example, the Ehcache is added to each access party registered on the authentication platform in a jar packet mode, and each access party stores the authentication TOKEN TOKEN authorized by the authentication platform into the Ehcache of the access party. The Ehcache is the most popular pure java open source cache frame at present, and has the characteristics of quickness, light weight, simple configuration, clear structure, powerful function and the like. Because the Ehcache can be added into the APP (Application) only by a small jar packet (Ehcache2.2.3 only needs 668kbjar packets), and the APP is easily deployed, online and operated by the thread mechanism of the Ehcache, various access parties on the authentication platform can be ensured to successfully add the Ehcache cache frame. In addition, the threads of the Ehcache adopt the design concept of Douglea, can obtain higher performance under the condition of ensuring thread safety, and can achieve throughput of hundreds of G under the environment of large memory. Therefore, the present embodiment preferably uses an Ehcache cache framework to store the authentication token authorized by the authentication platform.
104. Calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
in this embodiment, the preset middle page may be: https:// www.jk.cn/mapping _ unollogin? and (3) the appId is 9224622 and token is $ (universal unique identification code of token).
In this embodiment, the generated authentication token is 144d8a99a42447379ac37f78bf0ef608, and the middle page is: https:// www.jk.cn/mapping _ unollogin? and (3) 9224622& token $ { the universal unique identifier of the token }, placing the universal unique identifier of the authentication token in a corresponding position of the login-free intermediate page, and splicing the generated addresses of the provider pages, namely:
https:// www.jk.cn/mapping _ unollogin? and (3) the appId is 9224622& token $ {144d8a99a42447379ac37f78bf0ef608}, and the provider page is jumped to through the address.
105. Authenticating the first authentication token based on the first provider page to obtain an authentication result;
in this embodiment, the jump to the provider page is mainly to connect to the provider server, and the provider server extracts the authentication token therein for authentication through the web link of the provider page, for example, the web link of the provider page: https:// www.jk.cn/mapping _ unollogin? The appId 9224622& token 144d8a99a42447379ac37f78bf0ef608 from which the authentication token 144d8a99a42447379ac37f78bf0ef608 is extracted for authentication.
106. And if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
In this embodiment, after the authentication is successful, the authentication result and the login status are returned to the login-free intermediate page, after the login-free authentication is completed, the login status of the user is written into the cookie of the browser, and then the user jumps to the specific function page, in practical application, after the user logs in the specific function page provided by the provider, the user can set a time period without applying a token each time, in the first login-free process, a session space can be opened to store user data, and simultaneously a cookie character string is generated and returned to the foreground by the background, after the cookie character string is received by the foreground, the cookie character string is stored in the cookie space of the browser, the cookie is equivalent to a key, a lock for storing corresponding user information can be opened, when the user requests next time, the client automatically carries the cookie to request the background server, after the server identifies, the user information in the session is read, so that the user can directly access the session without inputting a username and a password to verify the identity.
In this embodiment, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced. Furthermore, the invention also relates to a blockchain technique, and the login-free intermediate page can be stored in a blockchain.
Referring to fig. 2, a second embodiment of the password-free login method in the embodiment of the present invention includes:
201. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
step 201 in this embodiment is similar to step 101 in the first embodiment, and is not described here again.
202. Performing identity authentication on the user according to the unique user identifier;
203. when the user fails the identity authentication, sending the information of the authentication failure to the front end;
204. when the user passes the identity authentication, calling a token application interface according to the token application request and the unique user identifier, and applying for the token to a provider server;
in this embodiment, the unique user identifier may be a user id allocated by the access enterprise to the user, or a unique identifier in another form, which is not limited in the present invention.
In this embodiment, an account management service, a user verification service, and a token management service may be provided by an authentication center server of a provider, where the authentication center server may manage an account of a user based on the account management service, may set an authentication manner that needs to be adopted for the user, and based on the user verification service, the authentication center server may perform identity authentication for the user, and mainly searches whether a user id is legal or not in a legal user id stored in the authentication center server in a manner that the user id is excessively allocated to the user.
205. Receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
206. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
207. and authenticating the first authentication token based on the first provider page to obtain an authentication result.
208. And if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
Steps 205-208 in this embodiment are similar to steps 103-106 in the first embodiment, and are not described herein again.
In this embodiment, on the basis of the previous embodiment, a process of performing identity authentication on a user is added, before password-free login, an enterprise allocates a user ID or a unique identifier in another form to each employee as a user unique identifier for a user to log in a system, and when the user logs in the system, the system automatically acquires the user unique identifier of the user, compares the user unique identifier with the user unique identifier stored in the database, and judges whether the user unique identifier is legal.
Referring to fig. 3, a third embodiment of the password-free login method in the embodiment of the present invention includes:
301. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
302. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
303. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
the steps 301-303 in the present embodiment are similar to the steps 101-103 in the first embodiment, and are not described herein again.
304. Calling a preset login-free intermediate page according to the received first authentication token, and identifying a preset character string filling position in a webpage link of the login-free intermediate page;
in this embodiment, the login-free intermediate page is a preset web page link, and a position of a character string for filling the authentication token is preset in the web page link, for example, https:// www.jk.cn/language _ uniiongin? The appId is 9224622& token $ { the token's universal unique identifier }, where $ { the token's universal unique identifier } is the string fill location, by identifying the character $, identifying the string fill location,
305. filling the identifier of the first authentication token in the character string filling position to obtain a first provider page;
in this embodiment, after identifying the location of the string padding by $ identifies, the identification of the authentication token, i.e., the string replaces $ and all the following $ characters, e.g., https:// www.jk.cn/mapping _ unoppogin? and (7) appId 9224622 and token $ (universal unique identifier of token), and the authentication token 144d8a99a42447379ac37f78bf0ef608, then https:// www.jk.cn/mapping _ univariation? appId 9224622& token 144d8a99a42447379ac37f78bf0ef608 is the provider page.
306. Authenticating the first authentication token based on the first provider page to obtain an authentication result;
307. and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
Steps 306-307 in the present embodiment are similar to steps 105-106 in the first embodiment, and are not described herein again.
The present embodiment describes in detail a process of splicing the first authentication token and the login-free intermediate page to obtain a provider page on the basis of the previous embodiment, and identifies a character string filling position preset in a web page link of the login-free intermediate page; and filling the identifier of the first authentication token in the character string filling position to obtain a provider page, so that the user can quickly enter the provider page, and the login efficiency is improved.
Referring to fig. 4, a fourth embodiment of the password-free login method in the embodiment of the present invention includes:
401. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
402. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
403. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
404. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
the steps 401 and 404 in this embodiment are similar to the steps 101 and 104 in the first embodiment, and are not described herein again.
405. Judging whether the effective time of the first authentication token exceeds a preset validity period or not;
406. if the validation time of the first authentication token exceeds the preset validity period, refusing the login of the user, and returning a login failure result to the front end;
407. if the validation time of the first authentication token does not exceed the preset validity period, the first authentication token is sent to an authentication center of a provider through a first provider page;
in this embodiment, the validity period of the authentication token may be preset by the authentication center server, the validity period may be set by the number of times of use of the authentication token, for example, if it is desired that the token needs to be reapplied every time the user logs in without a password, the validity period of use of the token is set to be destroyed once, if it is desired that the user reapplies the token after a certain number of times of login without a password, or a timing manner may be set, when the authentication token is issued, the issuance time of the authentication token is determined, and meanwhile, a calculation is performed, when the time of the user applying for obtaining the token exceeds a preset validity period threshold, it is determined that the token is invalid, and the token needs to be reapplied for subsequent login.
408. Judging whether the global unique identifier of the first authentication token is stored in a storage space of the authentication center or not;
409. and if the globally unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
In this embodiment, after issuing an authentication token, the authentication center stores a character string of the authentication token in a storage space, where the authentication token is a globally unique identifier and is a character string, for example, 144d8a99a42447379ac37f78bf0ef608, and after issuing a token by the authentication center in the token authentication phase, the authentication token is valid for a certain time, for example, 5 minutes, and in order to prevent others from accessing the issued token, it is necessary to perform authentication again in the authentication center subsequently.
410. And returning to the login-free intermediate page and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
On the basis of the previous embodiment, the process of judging the validity period of the authentication token is added, meanwhile, the process of authenticating the authentication token is described in detail, whether the authentication token is legal or not is determined by judging whether the validation time of the authentication token is within the preset validity period or not, other users are prevented from accessing the server by using an expired token, whether the authentication token is legal or not is determined by determining whether the authentication token is stored in the database or not, the authentication token can be authenticated quickly, and the password login-free efficiency is improved.
Referring to fig. 5, a fifth embodiment of the password-free login method in the embodiment of the present invention includes:
501. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
502. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
503. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
504. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
505. authenticating the first authentication token based on the first provider page to obtain an authentication result;
506. if the authentication result is successful, applying a second authentication token to the access party server according to the token application request;
507. skipping to the login-free intermediate page through the front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
508. connecting the provider server through a second provider page, and sending a second authentication token to the access server through the provider server;
509. judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
510. if so, the second authentication token is successfully authenticated, the login-free intermediate page is returned, and the function page which is requested to be accessed by the user is jumped from the login-free intermediate page.
In this embodiment, a user does not need to apply for a token application request through a unique user identifier, because this embodiment issues a token through an access party, a user that can enter an access party server is a correct user by default, the difference between the user and the access party server is whether the user has previously logged in a function page provided by a provider, if the user is a new user who logs in, a user identifier returned by the access party server does not exist on the provider server, a user access function is opened for the user, the user identifier is associated with the user, if the user is an old user, user data is acquired, the user is helped to jump to a required function page, and if the returned user identifier is not the user identifier, it is indicated that an authentication token is illegal or expired, and the application needs to be performed again.
The embodiment provides a scheme for issuing a token through an access party server, which is combined with a scheme for a provider to perform a token method in the previous embodiment, security authentication is performed through two party trust tokens, password-free login security authentication between an enterprise and an enterprise is centrally managed, so that association access of users of two parties is realized, two processes of authenticating an authorization token and authorizing the token through the provider method are realized, a login-free security authentication function between the two parties and other enterprises can be conveniently and quickly added, user association access is realized, meanwhile, each service does not need to care about the user and login related events, and external security authentication modes and user sensitive information are uniformly and normatively managed through the password-free login authentication of the enterprise server.
With reference to fig. 6, the password-free login method in the embodiment of the present invention is described above, and a password-free login device in the embodiment of the present invention is described below, where an embodiment of the password-free login device in the embodiment of the present invention includes:
an obtaining module 601, configured to obtain a token application request initiated by a user, and obtain a unique user identifier according to the token application request;
a token application module 602, configured to invoke a token application interface according to the token application request and the unique user identifier, and apply a token to a provider server;
a receiving module 603, configured to receive a first authentication token fed back by the provider server, where the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module 604 is configured to invoke a preset login-free intermediate page according to the received first authentication token, and splice the first authentication token and the login-free intermediate page to obtain a first provider page;
an authentication module 605, configured to authenticate the first authentication token based on the first provider page to obtain an authentication result;
and a skipping module 606, configured to, when the authentication result is that the authentication is successful, return to the login-free intermediate page, and skip from the login-free intermediate page to the function page requested to be accessed by the user.
It is emphasized that, in order to ensure the privacy and security of the login-free intermediate page, the web page link of the login-free intermediate page can be stored in a node of a block chain.
In an embodiment of the present invention, the password-free login apparatus operates the password-free login method, and the password-free login method includes: obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced.
Referring to fig. 7, a second embodiment of the password-free login device in the embodiment of the present invention includes:
an obtaining module 601, configured to obtain a token application request initiated by a user, and obtain a unique user identifier according to the token application request;
a token application module 602, configured to invoke a token application interface according to the token application request and the unique user identifier, and apply a token to a provider server;
a receiving module 603, configured to receive a first authentication token fed back by the provider server, where the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module 604 is configured to invoke a preset login-free intermediate page according to the received first authentication token, and splice the first authentication token and the login-free intermediate page to obtain a first provider page;
an authentication module 605, configured to authenticate the first authentication token based on the first provider page to obtain an authentication result;
and a skipping module 606, configured to, when the authentication result is that the authentication is successful, return to the login-free intermediate page, and skip from the login-free intermediate page to the function page requested to be accessed by the user.
The password-free login device further includes an identity authentication module 607, and the identity authentication module 607 is specifically configured to:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, executing the step of calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
Optionally, the splicing module 604 is specifically configured to:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
The password-free login device further includes a validity period identification module 608, where the validity period identification module 608 is specifically configured to:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
Optionally, the authentication module 605 is specifically configured to:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
The password-free login device further includes an access party authentication module 609, where the access party authentication module 609 is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
The embodiment describes the specific functions of each module in detail on the basis of the previous embodiment, and the identity authentication module can prevent an illegal user from entering the system, the illegal acquisition service, the splicing module can splice the login-free intermediate page and the authentication token to obtain a provider page, can quickly pass through the preset intermediate page and the applied token to reach the provider page, improves the login efficiency, the validity period identification module judges whether the validation time of the authentication token exceeds the preset validity period or not, the authentication token is identified with the validity period, other illegal users are prevented from accessing the server by using the previously applied token, the safety of the system is improved, the password-free login security authentication between enterprises is managed in a centralized way by the security authentication mode of the tokens which are trusted by both parties, therefore, the association of the users of the two parties is communicated, the access efficiency between enterprises is improved, and the development cost of authorized password-free login is reduced.
Fig. 6 and fig. 7 describe the password-exempt login apparatus in the embodiment of the present invention in detail from the perspective of the modular functional entity, and the password-exempt login apparatus in the embodiment of the present invention is described in detail from the perspective of hardware processing.
Fig. 8 is a schematic structural diagram of a password-login-free device according to an embodiment of the present invention, where the password-login-free device 800 may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPUs) 810 (e.g., one or more processors) and a memory 820, and one or more storage media 830 (e.g., one or more mass storage devices) storing an application 833 or data 832. Memory 820 and storage medium 830 may be, among other things, transient or persistent storage. The program stored on the storage medium 830 may include one or more modules (not shown), each of which may include a sequence of instructions for operating the password-login-exempt device 800. Further, the processor 810 may be configured to communicate with the storage medium 830, and execute a series of instruction operations in the storage medium 830 on the password-free login device 800 to implement the steps of the password-free login method.
Password-free login device 800 may also include one or more power supplies 840, one or more wired or wireless network interfaces 850, one or more input-output interfaces 860, and/or one or more operating systems 831, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, and the like. Those skilled in the art will appreciate that the configuration of the password-exempt login device shown in fig. 8 does not constitute a limitation of the password-exempt login device provided herein, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components may be used.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The present invention also provides a computer-readable storage medium, which may be a non-volatile computer-readable storage medium, and which may also be a volatile computer-readable storage medium, having stored therein instructions, which, when run on a computer, cause the computer to perform the steps of the password-exempt login method.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses, and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A password-free login method is characterized by comprising the following steps:
obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server;
receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
authenticating the first authentication token based on the first provider page to obtain an authentication result;
and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page.
2. The password-free login method of claim 1, wherein after the obtaining a token application request initiated by a user and obtaining a user unique identifier according to the token application request, the method further comprises:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, executing the step of calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
3. The password-free login method of claim 1, wherein the splicing the first authentication token and the login-free intermediate page to obtain a first provider page comprises:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
4. The password-free login method of claim 1, wherein before the authenticating the first authentication token based on the first provider page to obtain an authentication result, further comprising:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
5. The password-free login method of claim 4, wherein the authenticating the first authentication token based on the first provider page, and obtaining the authentication result comprises:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
6. The password-free login method of claim 1, further comprising, before the returning to the login-free intermediate page and jumping from the login-free intermediate page to the functional page to which the user requests access:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
7. A password-free login device, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a token application request initiated by a user and acquiring a unique user identifier according to the token application request;
the token application module is used for calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
the receiving module is used for receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module is used for calling a preset login-free intermediate page according to the received first authentication token and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
the authentication module is used for authenticating the first authentication token based on the first provider page to obtain an authentication result;
and the skipping module is used for returning the login-free intermediate page and skipping from the login-free intermediate page to the functional page requested to be accessed by the user when the authentication result is that the authentication is successful.
8. The password-free login device of claim 7, further comprising an access party authentication module, wherein the access party authentication module is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
9. A password-free login device, comprising: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line;
the at least one processor invokes the instructions in the memory to cause the password-exempt login device to perform the password-exempt login method of any of claims 1-6.
10. A computer-readable storage medium, having stored thereon a computer program, wherein the computer program, when executed by a processor, implements a password-free login method as claimed in any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010897865.8A CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010897865.8A CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112039889A true CN112039889A (en) | 2020-12-04 |
| CN112039889B CN112039889B (en) | 2022-11-29 |
Family
ID=73587414
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010897865.8A Active CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112039889B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112565293A (en) * | 2020-12-23 | 2021-03-26 | 平安养老保险股份有限公司 | Information security management method and device, computer equipment and readable storage medium |
| CN112650954A (en) * | 2020-12-30 | 2021-04-13 | 杭州趣链科技有限公司 | Block chain data sharing method, device, equipment and storage medium |
| CN112769754A (en) * | 2020-12-18 | 2021-05-07 | 中国平安财产保险股份有限公司 | Client access method, device, equipment and storage medium |
| CN113987392A (en) * | 2021-09-29 | 2022-01-28 | 深圳融安网络科技有限公司 | Webpage page control method and device and computer readable storage medium |
| CN115297346A (en) * | 2022-06-30 | 2022-11-04 | 贵阳朗玛视讯科技有限公司 | Multi-application authentication method and device based on EPG system |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9191381B1 (en) * | 2011-08-25 | 2015-11-17 | Symantec Corporation | Strong authentication via a federated identity protocol |
| CN108712372A (en) * | 2018-04-03 | 2018-10-26 | 福建天泉教育科技有限公司 | A kind of method and system of client access WEB third party logins |
| US10243945B1 (en) * | 2013-10-28 | 2019-03-26 | Amazon Technologies, Inc. | Managed identity federation |
| CN110069909A (en) * | 2019-04-29 | 2019-07-30 | 上海上湖信息技术有限公司 | It is a kind of to exempt from the close method and device for logging in third party system |
| CN110086822A (en) * | 2019-05-07 | 2019-08-02 | 北京智芯微电子科技有限公司 | The realization method and system of unified identity authentication strategy towards micro services framework |
| CN111147453A (en) * | 2019-12-11 | 2020-05-12 | 东软集团股份有限公司 | System login method and integrated login system |
| CN111181977A (en) * | 2019-12-31 | 2020-05-19 | 瑞庭网络技术(上海)有限公司 | Login method, device, electronic equipment and medium |
-
2020
- 2020-08-31 CN CN202010897865.8A patent/CN112039889B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9191381B1 (en) * | 2011-08-25 | 2015-11-17 | Symantec Corporation | Strong authentication via a federated identity protocol |
| US10243945B1 (en) * | 2013-10-28 | 2019-03-26 | Amazon Technologies, Inc. | Managed identity federation |
| CN108712372A (en) * | 2018-04-03 | 2018-10-26 | 福建天泉教育科技有限公司 | A kind of method and system of client access WEB third party logins |
| CN110069909A (en) * | 2019-04-29 | 2019-07-30 | 上海上湖信息技术有限公司 | It is a kind of to exempt from the close method and device for logging in third party system |
| CN110086822A (en) * | 2019-05-07 | 2019-08-02 | 北京智芯微电子科技有限公司 | The realization method and system of unified identity authentication strategy towards micro services framework |
| CN111147453A (en) * | 2019-12-11 | 2020-05-12 | 东软集团股份有限公司 | System login method and integrated login system |
| CN111181977A (en) * | 2019-12-31 | 2020-05-19 | 瑞庭网络技术(上海)有限公司 | Login method, device, electronic equipment and medium |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112769754A (en) * | 2020-12-18 | 2021-05-07 | 中国平安财产保险股份有限公司 | Client access method, device, equipment and storage medium |
| CN112769754B (en) * | 2020-12-18 | 2023-10-24 | 中国平安财产保险股份有限公司 | Client access method, device, equipment and storage medium |
| CN112565293A (en) * | 2020-12-23 | 2021-03-26 | 平安养老保险股份有限公司 | Information security management method and device, computer equipment and readable storage medium |
| CN112650954A (en) * | 2020-12-30 | 2021-04-13 | 杭州趣链科技有限公司 | Block chain data sharing method, device, equipment and storage medium |
| CN112650954B (en) * | 2020-12-30 | 2023-09-22 | 杭州趣链科技有限公司 | Block chain data sharing method, device, equipment and storage medium |
| CN113987392A (en) * | 2021-09-29 | 2022-01-28 | 深圳融安网络科技有限公司 | Webpage page control method and device and computer readable storage medium |
| CN115297346A (en) * | 2022-06-30 | 2022-11-04 | 贵阳朗玛视讯科技有限公司 | Multi-application authentication method and device based on EPG system |
| CN115297346B (en) * | 2022-06-30 | 2023-08-25 | 贵阳朗玛视讯科技有限公司 | EPG system-based multi-application authentication method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112039889B (en) | 2022-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112039889B (en) | Password-free login method, device, equipment and storage medium | |
| CN111131242B (en) | Authority control method, device and system | |
| CN107172054B (en) | Authority authentication method, device and system based on CAS | |
| US9787659B2 (en) | Techniques for secure access management in virtual environments | |
| US8990911B2 (en) | System and method for single sign-on to resources across a network | |
| CN110582768B (en) | Apparatus and method for providing secure database access | |
| US9529993B2 (en) | Policy-driven approach to managing privileged/shared identity in an enterprise | |
| KR100946110B1 (en) | Method and system for stepping up to certificate-based authentication without breaking an existing ssl session | |
| US10541991B2 (en) | Method for OAuth service through blockchain network, and terminal and server using the same | |
| CN112597472B (en) | Single sign-on method, device and storage medium | |
| CN109547458B (en) | Login verification method and device, computer equipment and storage medium | |
| CN110730174B (en) | Network access control method, device, equipment and medium | |
| WO2001055819A1 (en) | A method and system for implementing a common user logon to multiple applications | |
| JP7318108B2 (en) | Method and system for authenticating secure credential transfer to a device | |
| CN111447220B (en) | Authentication information management method, server of application system and computer storage medium | |
| CN105162775A (en) | Logging method and device of virtual machine | |
| CN103986734B (en) | Authentication management method and authentication management system applicable to high-security service system | |
| CN100512107C (en) | Security identification method | |
| CN109962892A (en) | A kind of authentication method and client, server logging in application | |
| CN105162774A (en) | Virtual machine login method and device used for terminal | |
| CN112929388B (en) | Network identity cross-device application rapid authentication method and system, and user agent device | |
| CN111404946B (en) | Account authentication method based on browser and server | |
| CN113660284B (en) | Distributed authentication method based on bill | |
| CN111062023B (en) | Method and device for realizing single sign-on of multi-application system | |
| KR100406292B1 (en) | Password Transmission system and method in Terminal Communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |