CN112039889B - Password-free login method, device, equipment and storage medium - Google Patents
Password-free login method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112039889B CN112039889B CN202010897865.8A CN202010897865A CN112039889B CN 112039889 B CN112039889 B CN 112039889B CN 202010897865 A CN202010897865 A CN 202010897865A CN 112039889 B CN112039889 B CN 112039889B
- Authority
- CN
- China
- Prior art keywords
- authentication
- token
- login
- page
- free
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Abstract
The invention relates to the field of network security, and discloses a password-free login method, a device, equipment and a storage medium, which are used for realizing password-free login between enterprises, and the method comprises the following steps: obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server; receiving an authentication token fed back by a provider server, calling a preset login-free intermediate page according to the received authentication token, and splicing the authentication token and the login-free intermediate page to obtain a provider page; authenticating the authentication token based on the provider page to obtain an authentication result; and if the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page. And (4) passing. In addition, the invention also relates to a block chain technology, and the webpage link of the login-free intermediate page can be stored in the block chain.
Description
Technical Field
The present invention relates to the field of network security, and in particular, to a password-free login method, apparatus, device, and storage medium.
Background
With the rapid development of the mobility of the communication industry, when enterprises deeply cooperate with a plurality of external enterprises, the frequency of network access between the enterprises through the mobile terminal is higher and higher, account names and passwords are required to be manually input when logging in a server, and if the account names and the passwords are input during each login, the probability of leakage of the account names and the passwords can be greatly increased by the mechanism of repeated input.
The password-free login of two parties or three parties is supported among part of enterprises, only H5 is embedded into apps of other multiple enterprises, although part of development platforms support all enterprises to configure and develop combined login on the platforms according to protocol flows, authorization tokens are issued by the platform side and developed according to the standards of the platform side, if the enterprises need to cooperate with enterprises of other platforms, multiple sets of combined login functions need to be developed, each enterprise connected into one cooperation needs to develop, design and test all flows and then can be on-line, with the development of company services, more and more cooperation partners are provided, so that the password-free login of combined authorization has low access efficiency and high development cost.
Disclosure of Invention
The invention mainly aims to solve the technical problems of low access efficiency and high development cost of the existing joint authorization password-free login.
The invention provides a password-free login method in a first aspect, which comprises the following steps:
obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server;
receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
authenticating the first authentication token based on the first provider page to obtain an authentication result;
and if the authentication result is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page.
Optionally, in a first implementation manner of the first aspect of the present invention, after the obtaining a token application request initiated by a user and obtaining a user unique identifier according to the token application request, the method further includes:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, the step of summing the unique user identifier according to the token Shen Qingqing, calling a token application interface and applying a token to a provider server is executed;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
Optionally, in a second implementation manner of the first aspect of the present invention, the splicing the first authentication token and the login-free intermediate page to obtain a first provider page includes:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
Optionally, in a third implementation manner of the first aspect of the present invention, before the authenticating the first authentication token based on the first provider page and obtaining an authentication result, the method further includes:
judging whether the effective time of the first authentication token exceeds a preset effective period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
Optionally, in a fourth implementation manner of the first aspect of the present invention, the authenticating the first authentication token based on the first provider page, and obtaining an authentication result includes:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
Optionally, in a fifth implementation manner of the first aspect of the present invention, before the returning the login-free intermediate page and jumping from the login-free intermediate page to the function page that the user requests to access, the method further includes:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
The second aspect of the present invention provides a password-free login device, including:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a token application request initiated by a user and acquiring a unique user identifier according to the token application request;
the token application module is used for calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
the receiving module is used for receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module is used for calling a preset login-free intermediate page according to the received first authentication token and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
the authentication module is used for authenticating the first authentication token based on the first provider page to obtain an authentication result;
and the skipping module is used for returning the login-free intermediate page and skipping from the login-free intermediate page to the functional page requested to be accessed by the user when the authentication result is that the authentication is successful.
Optionally, in a first implementation manner of the second aspect of the present invention, the password-free login apparatus further includes an identity authentication module, where the identity authentication module is specifically configured to:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, the step of summing the unique user identifier according to the token Shen Qingqing, calling a token application interface and applying a token to a provider server is executed;
and when the user does not pass the identity authentication, sending the information of authentication failure to the front end.
Optionally, in a second implementation manner of the second aspect of the present invention, the splicing module is specifically configured to:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
Optionally, in a third implementation manner of the second aspect of the present invention, the password-free login apparatus further includes a validity period identification module, where the validity period identification module is specifically configured to:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the effective time of the first authentication token does not exceed the preset effective period, performing authentication on the first authentication token.
Optionally, in a fourth implementation manner of the second aspect of the present invention, the authentication module is specifically configured to:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
Optionally, in a fifth implementation manner of the second aspect of the present invention, the password-free login apparatus further includes an access party authentication module, where the access party authentication module is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if yes, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are carried out.
A third aspect of the present invention provides a password-free login device, including: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line; the at least one processor invokes the instructions in the memory to cause the password-login-free device to perform the password-login-free method described above.
A fourth aspect of the present invention provides a computer-readable storage medium having stored therein instructions, which, when run on a computer, cause the computer to execute the above-mentioned password-free login method.
According to the technical scheme, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced. Furthermore, the invention also relates to a blockchain technique, and the login-free intermediate page can be stored in a blockchain.
Drawings
FIG. 1 is a diagram of a password-free login method according to a first embodiment of the present invention;
FIG. 2 is a diagram of a password-free login method according to a second embodiment of the present invention;
FIG. 3 is a diagram of a password-free login method according to a third embodiment of the present invention;
FIG. 4 is a diagram of a password-free login method according to a fourth embodiment of the present invention;
FIG. 5 is a diagram of a fifth embodiment of a password-free login method in an embodiment of the present invention;
FIG. 6 is a diagram of an embodiment of a password-free login apparatus according to the embodiment of the present invention;
FIG. 7 is a diagram of another embodiment of a password-free login apparatus in an embodiment of the present invention;
fig. 8 is a schematic diagram of an embodiment of a password-free login device in the embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a password-free login method, a password-free login device and a password-free login storage medium, wherein in the technical scheme of the invention, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be implemented in other sequences than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," or "having," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of understanding, a specific flow of the embodiment of the present invention is described below, and with reference to fig. 1, a first embodiment of a password-free login method in the embodiment of the present invention includes:
101. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
it is to be understood that the execution subject of the present invention may be a password login-free device, and may also be a terminal or a server, which is not limited herein. The embodiment of the present invention is described by taking a server as an execution subject.
It is emphasized that, in order to ensure the privacy and security of the login-free intermediate page, the web page link of the login-free intermediate page can be stored in a node of a block chain.
In this embodiment, the access party is a party with a service requirement and needing to access another enterprise to obtain the requirement, and the provider is a service provider providing services to the access party, in practical application, before a user of the access party applies for password-free login, an enterprise of the access party allocates a user id to the user, where the user id is a user unique identifier, and after obtaining the user unique identifier input by the front end, the user unique identifier can be sent to the authentication center server for identity verification to determine whether the user unique identifier is correct, and when the user unique identifier is determined to be correct, the current process is ended when the user unique identifier is wrong.
In this embodiment, the user unique identifier is obtained mainly after the token application request, so that the user unique identifier can be obtained according to the token application request.
102. Calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
in this embodiment, the token application request includes a target address of an acquisition service that the user wants to log in, and the server address of the provider can be acquired through the target address, and a token application is performed, specifically, the token application request may be http (s)// host address/ask token of the provider server = an address of the provider to be logged in, for example, http (s)// host address/ask token of the provider server = the target address.
In this embodiment, after obtaining the token application request, the provider generates an authentication token according to the token application request, specifically, may generate a string of a UUID (universal Unique Identifier) formula, and use the string as the token, in practical applications, the UUID is a random string fixed to 32 bytes in length, and call the UUID. 144d8a99a42447379ac37f78bf0ef608, and the token may be signed by some algorithm, such as a hash algorithm, and then a key according to the user's token application request and the user's unique id, and the data and the signature are used as the token.
103. Receiving a first authentication token fed back by the provider server;
in practical applications, there are 4 ways for issuing a token, that is, a user obtains an authentication token through authorization, which are an authorization code mode (authorization code), a simplified mode (instrumentation), a password mode (resource owner password), and a client mode (client hierarchy), in this embodiment, the authorization token may be obtained through the authorization code mode, the authorization code mode is the most complete and strict authorization mode, an access party interacts with an authentication server of a provider through a background server of the client, and the specific steps may be issuing a token application request when the user accesses, an access party server accessed by the user leads to the authentication server of the provider, and asks the user whether the user dares to authorize the access party server, and if the user gives the authorization server to lead the user to a pre-specified URI of the access party server, attaching an authorization code, and the access party server receives the authorization code and the redirect URI and applies for the token, and after the authorization code and the authentication server check the authorization code and determine that the access party accesses the token and updates the URI before the access party accesses the token.
In this embodiment, after the provider server issues the authentication token, the authentication token needs to be stored in a cache at the back end of the access party, and the access party stores the authentication token authorized by the authentication platform in an external cache of the access party; the external cache can be memcached or Ehcache, the efficiency of the authentication center for verifying the validity of the authentication TOKEN can be improved by means of the characteristics of high performance, high availability and distribution of the memcached and the Ehcache, for example, the Ehcache is added to each access party registered on the authentication platform in a jar packet mode, and each access party stores the authentication TOKEN TOKEN authorized by the authentication platform into the Ehcache of the access party. The Ehcache is the most popular pure java open source cache frame at present, and has the characteristics of quickness, light weight, simple configuration, clear structure, powerful function and the like. Because the Ehcache can be added into the APP (Application) only by a small jar packet (Ehcache 2.2.3 only needs 668kbjar packets), and the APP is easily deployed, online and operated by the thread mechanism of the Ehcache, various access parties on the authentication platform can be ensured to successfully add the Ehcache cache frame. In addition, the threads of the Ehcache adopt the design concept of Douglea, can obtain higher performance under the condition of ensuring thread safety, and can achieve throughput of hundreds of G under the environment of large memory. Therefore, the present embodiment preferably uses an Ehcache cache framework to store the authentication token authorized by the authentication platform.
104. Calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
in this embodiment, the preset middle page may be: https:// www.jk.cn/mapping _ univocal applied id =9224622&token = $ { universal unique identification code of token }.
In this embodiment, the generated authentication token is 144d8a99a42447379ac37f78bf0ef608, and the middle page is: https:// www.jk.cn/mapping _ unidentional regional app id =9224622&token = $ (token universal unique identification code), then by placing the universal unique identification code of the authentication token on the corresponding position of the login-free middle page, the address of the generated provider page is spliced:
https:// www.jk.cn/mapping _ univocal _ unalignappid =9224622&token = $ {144d8a99a42447379ac37f78bf0ef608}, by which address a jump to the provider page.
105. Authenticating the first authentication token based on the first provider page to obtain an authentication result;
in this embodiment, the jumping to the provider page is mainly to connect the provider server, and the provider server extracts an authentication token from the web link of the provider page for authentication, for example, the web link of the provider page: https:// www.jk.cn/mapping _ unologically applied id =9224622&token =144d8a99a42447379a 37f78bf0ef608 from which the authentication token 144d8a99a42447379ac37f78bf0ef608 is extracted for authentication.
106. And if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
In the embodiment, after authentication is successful, an authentication result and a login state are returned to a login-free intermediate page, after login-free authentication is completed, a user login state is written into a cookie of a browser, and then the user jumps to a specific function page.
In this embodiment, a token application request initiated by a user is obtained, and a unique user identifier is obtained according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced. Furthermore, the invention also relates to a blockchain technique, and the login-free intermediate page can be stored in a blockchain.
Referring to fig. 2, a second embodiment of the password-free login method in the embodiment of the present invention includes:
201. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
step 201 in this embodiment is similar to step 101 in the first embodiment, and is not described again here.
202. Performing identity authentication on the user according to the unique user identifier;
203. when the user does not pass the identity authentication, sending the information of the authentication failure to the front end;
204. when the user passes the identity authentication, calling a token application interface according to the token application request and the unique user identifier, and applying for the token to a provider server;
in this embodiment, the unique user identifier may be a user id allocated by the access enterprise to the user, or a unique identifier in another form, which is not limited in the present invention.
In this embodiment, an account management service, a user verification service, and a token management service may be provided by an authentication center server of a provider, where the authentication center server may manage an account of a user based on the account management service, may set an authentication manner that needs to be adopted for the user, and based on the user verification service, the authentication center server may perform identity authentication for the user, and mainly searches whether a user id is legal or not in a legal user id stored in the authentication center server in a manner that the user id is excessively allocated to the user.
205. Receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
206. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
207. and authenticating the first authentication token based on the first provider page to obtain an authentication result.
208. And if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
Steps 205-208 in this embodiment are similar to steps 103-106 in the first embodiment, and are not repeated here.
In this embodiment, on the basis of the previous embodiment, a process of performing identity authentication on a user is added, before password-free login, an enterprise allocates a user ID or a unique identifier in another form to each employee as a user unique identifier for a user to log in a system, and when the user logs in the system, the system automatically acquires the user unique identifier of the user, compares the user unique identifier with the user unique identifier stored in the database, and judges whether the user unique identifier is legal.
Referring to fig. 3, a third embodiment of the password-free login method in the embodiment of the present invention includes:
301. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
302. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
303. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
steps 301-303 in this embodiment are similar to steps 101-103 in the first embodiment, and are not repeated here.
304. Calling a preset login-free intermediate page according to the received first authentication token, and identifying a preset character string filling position in a webpage link of the login-free intermediate page;
in this embodiment, the login-free intermediate page is a preset web page link, and a position for filling a character string of the authentication token is preset in the web page link, for example, the login-free intermediate page is https:// www.jk.cn/mapping _ unorganipppid =9224622&token = $ { universal unique identification code of token }, where $ { universal unique identification code of token } is the character string filling position, and the character string filling position is identified by identifying a character $,
305. filling the identifier of the first authentication token in the character string filling position to obtain a first provider page;
in this embodiment, after identifying the filling position of the character string by $, the identification of the authentication token, that is, the character string is replaced by $ and all the characters behind $, for example, the login-free intermediate page is https:// www.jk.cn/mapping _ unorganopappid =9224622&token = $ { token universal unique identification code }, and the authentication token is 144d8a99a42447379ac37f78bf0ef608, then https:// www.jk.cn/mapping _ unorganon?is obtained after replacement? appId =9224622 and token = 144d8a99a42447379ac37f78b0ef608 as a provider page.
306. Authenticating the first authentication token based on the first provider page to obtain an authentication result;
307. and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
Steps 306-307 in this embodiment are similar to steps 105-106 in the first embodiment, and are not repeated here.
The present embodiment describes in detail a process of splicing the first authentication token and the login-free intermediate page to obtain a provider page on the basis of the previous embodiment, and identifies a character string filling position preset in a web page link of the login-free intermediate page; and filling the identifier of the first authentication token in the character string filling position to obtain a provider page, so that the user can quickly enter the provider page, and the login efficiency is improved.
Referring to fig. 4, a fourth embodiment of the password-free login method in the embodiments of the present invention includes:
401. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
402. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
403. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
404. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
405. Judging whether the effective time of the first authentication token exceeds a preset validity period or not;
406. if the validation time of the first authentication token exceeds the preset validity period, refusing the login of the user, and returning a login failure result to the front end;
407. if the validation time of the first authentication token does not exceed the preset validity period, the first authentication token is sent to an authentication center of a provider through a first provider page;
in this embodiment, the validity period of the authentication token may be set in advance by the authentication center server, and the validity period may be set by the number of times of use of the authentication token, for example, if it is desired that the token needs to be reapplied every time the user logs in without a password, the validity period of use of the token is set to be destroyed once, if it is desired that the user reapplies after a certain number of times of login without a password, the time of issuance of the authentication token may be determined by setting a timing manner, and meanwhile, calculation is performed, when the time of the user applying for obtaining the token exceeds a preset validity period threshold, it is determined that the token is invalid, and the token needs to be reapplied for subsequent login.
408. Judging whether the global unique identifier of the first authentication token is stored in a storage space of the authentication center or not;
409. and if the global unique identification of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
In this embodiment, after issuing an authentication token, the authentication center stores a character string of the authentication token in a storage space, where the authentication token is a globally unique identifier and is a character string, for example, 144d8a99a42447379ac37f78bf0ef608, and after issuing a token, the authentication token is valid for a certain time, for example, 5 minutes, in a token authentication phase, and in order to prevent other people from accessing the issued token, it is necessary to perform authentication again in the authentication center subsequently.
410. And returning to the login-free intermediate page and jumping to the functional page which is requested to be accessed by the user from the login-free intermediate page.
On the basis of the previous embodiment, the process of judging the validity period of the authentication token is added, meanwhile, the process of authenticating the authentication token is described in detail, whether the authentication token is legal or not is determined by judging whether the validation time of the authentication token is within the preset validity period or not, other users are prevented from accessing the server by using an expired token, whether the authentication token is legal or not is determined by determining whether the authentication token is stored in the database or not, the authentication token can be authenticated quickly, and the password login-free efficiency is improved.
Referring to fig. 5, a fifth embodiment of the password-free login method in the embodiment of the present invention includes:
501. obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
502. calling a token application interface according to the token application request and the unique user identifier, and applying for the token from a provider server;
503. receiving a first authentication token fed back by a provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
504. calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
505. authenticating the first authentication token based on the first provider page to obtain an authentication result;
506. if the authentication result is successful, applying a second authentication token to the access party server according to the token application request;
507. skipping to the login-free intermediate page through the front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
508. connecting the provider server through a second provider page, and sending a second authentication token to the access server through the provider server;
509. judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
510. if so, the second authentication token is successfully authenticated, the login-free intermediate page is returned, and the function page which is requested to be accessed by the user is jumped from the login-free intermediate page.
In this embodiment, a user does not need to apply for a token application request through a unique user identifier, because this embodiment issues a token through an access party, a user that can enter an access party server is a correct user by default, the difference between the user and the access party server is whether the user has previously logged in a function page provided by a provider, if the user is a new user who logs in, a user identifier returned by the access party server does not exist on the provider server, a user access function is opened for the user, the user identifier is associated with the user, if the user is an old user, user data is acquired, the user is helped to jump to a required function page, and if the returned user identifier is not the user identifier, it is indicated that an authentication token is illegal or expired, and the application needs to be performed again.
The embodiment provides a scheme for issuing a token through an access party server, which is combined with a scheme for a provider to perform a token method in the previous embodiment, security authentication is performed through two party trust tokens, password-free login security authentication between an enterprise and an enterprise is centrally managed, so that association access of users of two parties is realized, two processes of authenticating an authorization token and authorizing the token through the provider method are realized, a login-free security authentication function between the two parties and other enterprises can be conveniently and quickly added, user association access is realized, meanwhile, each service does not need to care about the user and login related events, and external security authentication modes and user sensitive information are uniformly and normatively managed through the password-free login authentication of the enterprise server.
With reference to fig. 6, the password-free login method in the embodiment of the present invention is described above, and a password-free login device in the embodiment of the present invention is described below, where an embodiment of the password-free login device in the embodiment of the present invention includes:
an obtaining module 601, configured to obtain a token application request initiated by a user, and obtain a unique user identifier according to the token application request;
a token application module 602, configured to invoke a token application interface according to the token application request and the unique user identifier, and apply a token to a provider server;
a receiving module 603, configured to receive a first authentication token fed back by the provider server, where the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module 604 is configured to invoke a preset login-free intermediate page according to the received first authentication token, and splice the first authentication token and the login-free intermediate page to obtain a first provider page;
an authentication module 605, configured to authenticate the first authentication token based on the first provider page to obtain an authentication result;
and a skipping module 606, configured to, when the authentication result is that the authentication is successful, return to the login-free intermediate page, and skip from the login-free intermediate page to the function page requested to be accessed by the user.
It is emphasized that, in order to ensure the privacy and security of the login-free intermediate page, the web page link of the login-free intermediate page can be stored in a node of a block chain.
In an embodiment of the present invention, the password-free login apparatus operates the password-free login method, and the password-free login method includes: obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request; calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server; receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server; calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page; authenticating the first authentication token based on the first provider page to obtain an authentication result; and if the authentication result is that the authentication is successful, returning to the login-free intermediate page, and jumping to the functional page requested to be accessed by the user from the login-free intermediate page. According to the proposal, a security authentication mode is carried out through the token, and password-free login security authentication between enterprises is managed in a centralized manner, so that the association between users of both parties is realized, the access efficiency between the enterprises is improved, and the development cost of authorized password-free login is reduced.
Referring to fig. 7, a second embodiment of the password-free login device in the embodiment of the present invention includes:
an obtaining module 601, configured to obtain a token application request initiated by a user, and obtain a unique user identifier according to the token application request;
a token application module 602, configured to invoke a token application interface according to the token application request and the unique user identifier, and apply a token to a provider server;
a receiving module 603, configured to receive a first authentication token fed back by the provider server, where the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module 604 is configured to invoke a preset login-free intermediate page according to the received first authentication token, and splice the first authentication token and the login-free intermediate page to obtain a first provider page;
an authentication module 605, configured to authenticate the first authentication token based on the first provider page to obtain an authentication result;
and a skipping module 606, configured to, when the authentication result is that the authentication is successful, return to the login-free intermediate page, and skip from the login-free intermediate page to the function page requested to be accessed by the user.
The password-free login device further includes an identity authentication module 607, where the identity authentication module 607 is specifically configured to:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, the step of summing the unique user identifier according to the token Shen Qingqing, calling a token application interface and applying a token to a provider server is executed;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
Optionally, the splicing module 604 is specifically configured to:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
The password-free login device further includes a validity period identification module 608, where the validity period identification module 608 is specifically configured to:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
Optionally, the authentication module 605 is specifically configured to:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identifier of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
The password-free login device further includes an access party authentication module 609, where the access party authentication module 609 is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
On the basis of the previous embodiment, specific functions of each module are described in detail, an identity authentication module can prevent an illegal user from entering a system and illegally obtaining a service, a splicing module can splice a login-free middle page and an authentication token to obtain a provider page, and can quickly reach the provider page through a preset middle page and an applied token, so that login efficiency is improved, a validity period identification module identifies the validity period of the authentication token by judging whether the validation time of the authentication token exceeds the preset validity period, so that other illegal users are prevented from accessing a server by using the previously applied token, the safety of the system is improved, a security authentication mode is performed through tokens granted by two parties, password-free login security authentication between an enterprise and an enterprise is managed in a centralized manner, and accordingly, the association between the two parties is communicated, access efficiency between the enterprises is improved, and development cost of authorizing password-free login is reduced.
Fig. 6 and fig. 7 describe the password-exempt login apparatus in the embodiment of the present invention in detail from the perspective of the modular functional entity, and the password-exempt login apparatus in the embodiment of the present invention is described in detail from the perspective of hardware processing.
Fig. 8 is a schematic structural diagram of a password-login-free device according to an embodiment of the present invention, where the password-login-free device 800 may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPUs) 810 (e.g., one or more processors) and a memory 820, and one or more storage media 830 (e.g., one or more mass storage devices) storing an application 833 or data 832. Memory 820 and storage medium 830 may be, among other things, transient or persistent storage. The program stored on the storage medium 830 may include one or more modules (not shown), each of which may include a sequence of instructions for operating the password-login-exempt device 800. Still further, the processor 810 may be configured to communicate with the storage medium 830, and execute a series of instruction operations in the storage medium 830 on the password-entry-free device 800 to implement the steps of the password-entry-free method described above.
Password-free login device 800 may also include one or more power supplies 840, one or more wired or wireless network interfaces 850, one or more input-output interfaces 860, and/or one or more operating systems 831, such as Windows Server, mac OS X, unix, linux, freeBSD, and the like. Those skilled in the art will appreciate that the configuration of the password-exempt login device shown in fig. 8 does not constitute a limitation of the password-exempt login device provided herein, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components may be used.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The present invention also provides a computer-readable storage medium, which may be a non-volatile computer-readable storage medium, and which may also be a volatile computer-readable storage medium, having stored therein instructions, which, when run on a computer, cause the computer to perform the steps of the password-exempt login method.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses, and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a portable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, an optical disk, or other various media capable of storing program codes.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A password-free login method is characterized by comprising the following steps:
obtaining a token application request initiated by a user, and obtaining a unique user identifier according to the token application request;
calling a token application interface according to the token application request and the unique user identifier, and applying for a token to a provider server;
receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
calling a preset login-free intermediate page according to the received first authentication token, and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
authenticating the first authentication token based on the first provider page to obtain an authentication result;
and if the authentication result is successful, returning the login-free intermediate page, writing the user login state into a cookie of the browser, jumping to the functional page requested to be accessed by the user from the login-free intermediate page, and directly jumping to the functional page according to the cookie of the browser when the user requests to access the functional page again.
2. The password-free login method according to claim 1, wherein after the obtaining a token application request initiated by a user and obtaining a user unique identifier according to the token application request, the method further comprises:
performing identity authentication on the user according to the unique user identifier;
when the user passes the identity authentication, the step of summing the unique user identifier according to the token Shen Qingqing, calling a token application interface and applying a token to a provider server is executed;
and when the user fails the identity authentication, sending the information of authentication failure to the front end.
3. The password-free login method of claim 1, wherein the splicing the first authentication token and the login-free intermediate page to obtain a first provider page comprises:
identifying a preset character string filling position in a webpage link of the login-free intermediate page;
and filling the identifier of the first authentication token in the character string filling position to obtain a first provider page.
4. The password-free login method of claim 1, wherein before the authenticating the first authentication token based on the first provider page to obtain an authentication result, further comprising:
judging whether the effective time of the first authentication token exceeds a preset validity period or not;
if the effective time of the first authentication token exceeds a preset effective period, refusing the login of the user, and returning a login failure result to the front end;
and if the validation time of the first authentication token does not exceed the preset validity period, performing authentication on the first authentication token.
5. The password-free login method of claim 4, wherein the authenticating the first authentication token based on the first provider page, and obtaining the authentication result comprises:
sending the first authentication token to an authentication center of the provider through the first provider page;
judging whether the global unique identification of the first authentication token is stored in a storage space of the authentication center or not;
and if the global unique identification of the first authentication token is stored in the storage space of the authentication center, determining that the authentication is successful.
6. The password-free login method of claim 1, further comprising, before the returning to the login-free intermediate page and jumping from the login-free intermediate page to the functional page to which the user requests access:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
7. A password-free login device, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a token application request initiated by a user and acquiring a unique user identifier according to the token application request;
the token application module is used for calling a token application interface according to the token application request and the unique user identifier and applying a token to a provider server;
the receiving module is used for receiving a first authentication token fed back by the provider server, wherein the authentication token is a globally unique identifier randomly generated by the provider server;
the splicing module is used for calling a preset login-free intermediate page according to the received first authentication token and splicing the first authentication token and the login-free intermediate page to obtain a first provider page;
the authentication module is used for authenticating the first authentication token based on the first provider page to obtain an authentication result;
and the skipping module is used for returning the login-free intermediate page when the authentication result is that the authentication is successful, writing the user login state into the cookie of the browser, skipping from the login-free intermediate page to the functional page which the user requests to access, and directly skipping to the functional page according to the cookie of the browser when the user requests to access the functional page again.
8. The password-free login device of claim 7, further comprising an access party authentication module, wherein the access party authentication module is specifically configured to:
applying a second authentication token to an access party server according to the token application request;
skipping to the login-free intermediate page through a front-end interface, and splicing the second authentication token and the webpage link of the login-free intermediate page to obtain a second provider page;
connecting a provider server through the second provider page, and sending the second authentication token to the access server through the provider server;
judging whether the data returned by the access party server after receiving the second authentication token is the unique user identifier or not;
if so, the authentication of the second authentication token is successful, and the steps of returning the login-free intermediate page and jumping to the function page requested to be accessed by the user from the login-free intermediate page are entered.
9. A password-free login device, comprising: a memory having instructions stored therein and at least one processor, the memory and the at least one processor interconnected by a line;
the at least one processor invokes the instructions in the memory to cause the password-exempt login device to perform the password-exempt login method of any of claims 1-6.
10. A computer-readable storage medium, having stored thereon a computer program, wherein the computer program, when executed by a processor, implements a password-free login method as claimed in any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010897865.8A CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010897865.8A CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112039889A CN112039889A (en) | 2020-12-04 |
| CN112039889B true CN112039889B (en) | 2022-11-29 |
Family
ID=73587414
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010897865.8A Active CN112039889B (en) | 2020-08-31 | 2020-08-31 | Password-free login method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112039889B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112769754B (en) * | 2020-12-18 | 2023-10-24 | 中国平安财产保险股份有限公司 | Client access method, device, equipment and storage medium |
| CN112565293A (en) * | 2020-12-23 | 2021-03-26 | 平安养老保险股份有限公司 | Information security management method and device, computer equipment and readable storage medium |
| CN112650954B (en) * | 2020-12-30 | 2023-09-22 | 杭州趣链科技有限公司 | Block chain data sharing method, device, equipment and storage medium |
| CN113987392A (en) * | 2021-09-29 | 2022-01-28 | 深圳融安网络科技有限公司 | Webpage page control method and device and computer readable storage medium |
| CN115297346B (en) * | 2022-06-30 | 2023-08-25 | 贵阳朗玛视讯科技有限公司 | EPG system-based multi-application authentication method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9191381B1 (en) * | 2011-08-25 | 2015-11-17 | Symantec Corporation | Strong authentication via a federated identity protocol |
| CN108712372A (en) * | 2018-04-03 | 2018-10-26 | 福建天泉教育科技有限公司 | A kind of method and system of client access WEB third party logins |
| US10243945B1 (en) * | 2013-10-28 | 2019-03-26 | Amazon Technologies, Inc. | Managed identity federation |
| CN110069909A (en) * | 2019-04-29 | 2019-07-30 | 上海上湖信息技术有限公司 | It is a kind of to exempt from the close method and device for logging in third party system |
| CN111147453A (en) * | 2019-12-11 | 2020-05-12 | 东软集团股份有限公司 | System login method and integrated login system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110086822B (en) * | 2019-05-07 | 2021-07-27 | 北京智芯微电子科技有限公司 | Method and system for implementing micro-service architecture-oriented unified identity authentication strategy |
| CN111181977B (en) * | 2019-12-31 | 2021-06-04 | 瑞庭网络技术(上海)有限公司 | Login method, device, electronic equipment and medium |
-
2020
- 2020-08-31 CN CN202010897865.8A patent/CN112039889B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9191381B1 (en) * | 2011-08-25 | 2015-11-17 | Symantec Corporation | Strong authentication via a federated identity protocol |
| US10243945B1 (en) * | 2013-10-28 | 2019-03-26 | Amazon Technologies, Inc. | Managed identity federation |
| CN108712372A (en) * | 2018-04-03 | 2018-10-26 | 福建天泉教育科技有限公司 | A kind of method and system of client access WEB third party logins |
| CN110069909A (en) * | 2019-04-29 | 2019-07-30 | 上海上湖信息技术有限公司 | It is a kind of to exempt from the close method and device for logging in third party system |
| CN111147453A (en) * | 2019-12-11 | 2020-05-12 | 东软集团股份有限公司 | System login method and integrated login system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112039889A (en) | 2020-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112039889B (en) | Password-free login method, device, equipment and storage medium | |
| CN112039909B (en) | Authentication method, device, equipment and storage medium based on unified gateway | |
| CN111131242B (en) | Authority control method, device and system | |
| US10541991B2 (en) | Method for OAuth service through blockchain network, and terminal and server using the same | |
| US8990911B2 (en) | System and method for single sign-on to resources across a network | |
| US9529993B2 (en) | Policy-driven approach to managing privileged/shared identity in an enterprise | |
| CN112597472B (en) | Single sign-on method, device and storage medium | |
| CN111614673A (en) | Operation method of authority authentication system based on CAS | |
| JP7318108B2 (en) | Method and system for authenticating secure credential transfer to a device | |
| CN110730174B (en) | Network access control method, device, equipment and medium | |
| CN102281286A (en) | Flexible end-point compliance and strong authentication for distributed hybrid enterprises | |
| CN111447220B (en) | Authentication information management method, server of application system and computer storage medium | |
| CN105162775A (en) | Logging method and device of virtual machine | |
| CN112580006A (en) | Access right control method and device of multi-cloud system and authentication server | |
| CN100512107C (en) | Security identification method | |
| CN103986734B (en) | Authentication management method and authentication management system applicable to high-security service system | |
| KR20210095093A (en) | Method for providing authentification service by using decentralized identity and server using the same | |
| CN105162774A (en) | Virtual machine login method and device used for terminal | |
| KR102372503B1 (en) | Method for providing authentification service by using decentralized identity and server using the same | |
| CN112929388B (en) | Network identity cross-device application rapid authentication method and system, and user agent device | |
| CN111404946B (en) | Account authentication method based on browser and server | |
| KR101545897B1 (en) | A server access control system by periodic authentification of the smart card | |
| CN111723347A (en) | Identity authentication method and device, electronic equipment and storage medium | |
| CN114500074B (en) | Single-point system security access method and device and related equipment | |
| CN111062023B (en) | Method and device for realizing single sign-on of multi-application system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |