CN101989910A - Multi-system authentication method, device and system - Google Patents
Multi-system authentication method, device and system Download PDFInfo
- Publication number
- CN101989910A CN101989910A CN 201010600465 CN201010600465A CN101989910A CN 101989910 A CN101989910 A CN 101989910A CN 201010600465 CN201010600465 CN 201010600465 CN 201010600465 A CN201010600465 A CN 201010600465A CN 101989910 A CN101989910 A CN 101989910A
- Authority
- CN
- China
- Prior art keywords
- client
- logging request
- application subsystem
- log
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a multi-system authentication method, device and system the method is suitable for an application system containing an authentication platform and at least one application subsystem. In the method of the invention, the application subsystem obtains a login request sent by a client and verifies the login request; if the login request passes the verification, the login is completed successfully; if not, the login request is sent to the authentication platform; the authentication platform obtains a login request sent by an application subsystem or client; the login request is verified; if the login request is correct, the application subsystem or client returns the right information and/or login information of the client sending the login request; and if the login request is not correct, the application subsystem or client returns the information of failed login of the client. By adopting the method of the invention, the problem when a large number of subsystems exist, the authentication of each application subsystem is required to be performed and the times of login are too many can be solved.
Description
Technical field
The present invention relates to field of computer technology, particularly a kind of multisystem authentication method, Apparatus and system.
Background technology
Along with the increase of various application and demand, server is generally the user multiple service is provided, but the user uses these services to need the corresponding system of login.System login, authentication and authentication method commonly used normally each system has oneself independently authentication module and permissions data, though have the function of authentication like this, but when system is too much, logining each system all needs through the once authentication of corresponding system, such authentication mode has caused login times too much, and need safeguard a cover permissions data separately for each system.
Summary of the invention
The invention provides a kind of multisystem authentication method, Apparatus and system, solved when system is too much, logining each system all will be through the authentication of corresponding system once and the too much problem of login times that causes.
A kind of multisystem authentication method is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described method comprises:
Application subsystem obtains the logging request that client sends;
Application subsystem verifies described logging request, if the verification passes, then returns the information of landing success and/or the content of application subsystem offered client to client, otherwise, send logging request to authentication platform;
If the log-on message and/or the authority information of the client of sending described logging request that the access authentication platform returns then return the successful information of login and/or the content of application subsystem are offered client to client;
If the information of the login failure that the access authentication platform returns is then returned the information of login failure to client.
In the described method, described application subsystem is verified described logging request and is comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
In the described method, described log-on message is to send the required information of client session of described logging request.
In the described method, application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends,
After nullifying login, send the cancellation logging request to authentication platform.
In the described method, after the log-on message and/or authority information of the described client that application subsystem access authentication platform returns,, then judge whether corresponding log-on message if go back the cancellation logging request that the access authentication platform sends, if have, then nullify login.
A kind of application subsystem is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described application subsystem comprises:
First obtains the unit, is used to obtain the logging request that client sends;
Authentication unit is used for first logging request that obtains the unit acquisition is verified;
First transmitting element is used for after authentication unit checking is passed through, and returns the successful information of login and/or the content of described application subsystem is offered client to client;
Second transmitting element is used for after the authentication unit authentication failed, sends logging request to authentication platform;
Second obtains the unit, is used for the access authentication platform and returns the checking result;
Wherein, if second obtains the log-on message and/or the authority information of the client of sending described logging request that unit access authentication platform returns, then first transmitting element sends the successful information of login and/or the content of application subsystem is offered client to client;
If the information of the login failure that the second acquisition unit access authentication platform returns, then first transmitting element returns the information of login failure to client.
In the described application subsystem, described authentication unit is verified described logging request, being comprised:
Authentication unit judges whether the client that sends described logging request has the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described application subsystem, described log-on message is to send the required information of client session of described logging request.
In the described application subsystem, first obtain the unit at first transmitting element after client is returned the successful information of login and/or the content of application subsystem is offered client, also obtain the cancellation log-in request of client transmission;
Described application subsystem also comprises the cancellation unit, if first obtains the cancellation log-in request that the unit obtains the client transmission, then cancellation login;
Second transmitting element sends the cancellation log-in request to authentication platform after nullifying unit cancellation login.
In the described application subsystem, after the log-on message and/or authority information of the described client that the second acquisition unit access authentication platform returns, if go back the cancellation logging request that the access authentication platform sends, then authentication unit judges whether corresponding log-on message, if have, then nullify the unit and nullify login.
A kind of multisystem authentication method is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described method comprises:
Authentication platform obtains the logging request of application subsystem or client transmission;
Authentication platform is verified described logging request, if the verification passes, then return the log-on message and/or the authority information of the client of sending described logging request to application subsystem or client, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client.
In the described method, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described method, described log-on message is that the client of sending described logging request is carried out the required information of session.
In the described method, authentication platform also comprises after application subsystem or client are returned the authority information and/or log-on message of the client of sending described logging request:
Authentication platform obtains the cancellation log-in request of application subsystem or client transmission;
After nullifying login, send the cancellation log-in request to other application subsystems.
A kind of authentication platform is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described authentication platform comprises:
Obtain the unit, be used to obtain the logging request of application subsystem or client transmission;
Authentication unit is used for the logging request that obtains the unit acquisition is verified;
First transmitting element, be used for after authentication unit verifies that described logging request is passed through, return the log-on message and/or the authority information of the client of sending described logging request to application subsystem, or after authentication unit is verified described logging request failure, return the information of the client login failure that sends described logging request to application subsystem;
Second transmitting element, be used for after authentication unit verifies that described logging request is passed through, return the log-on message and/or the authority information of described client to client, or after authentication unit is verified described logging request failure, return the information of described client login failure to client.
In the described authentication platform, authentication unit is verified described logging request, being comprised:
Authentication unit judges whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described authentication platform, described log-on message is that the client of sending described logging request is carried out the required information of session.
In the described authentication platform, obtain the unit at first transmitting element at the log-on message from the client of sending described logging request to application subsystem and/or the authority information that return, or second after transmitting element returns the log-on message and/or authority information of described client to client, also obtains the cancellation log-in request that application subsystem or client send;
Described authentication platform also comprises the cancellation unit, is used for
Obtain the cancellation log-in request that the unit obtains application subsystem or client transmission, nullify login;
First transmitting element sends the information of nullifying login to other application subsystems after nullifying unit cancellation login.
A kind of multisystem authentication application system comprises an authentication platform and at least one application subsystem;
Described authentication platform, be used to obtain the logging request of application subsystem or client transmission, and described logging request verified, if the verification passes, then application subsystem or client are returned the authority information and/or the log-on message of the client of sending described logging request, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client;
Described application subsystem is used to obtain the logging request that client sends, and described logging request is verified, if the verification passes, then return the information of landing success and/or the content of application subsystem is offered client to client, otherwise, logging request sent to authentication platform;
If the log-on message and/or the authority information of the client of sending described logging request that the access authentication platform returns then return the successful information of login and/or the content of application subsystem are offered client to client;
If the information of the login failure that the access authentication platform returns is then returned the information of login failure to client.
In the described system, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed;
Described application subsystem is verified described logging request and is comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
In the described system, described log-on message is to send the required information of client session of described logging request.
In the described system, authentication platform also comprises after application subsystem or client are returned the log-on message and/or authority information of the client of sending described logging request:
Authentication platform obtains the cancellation logging request of application subsystem or client transmission;
After nullifying login, send the information of nullifying login to other application subsystems;
Application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends, and after the cancellation login, nullifies logging request to the authentication platform transmission;
After the log-on message and/or authority information of the client of sending described logging request that application subsystem access authentication platform returns, if go back the cancellation log-in request that the access authentication platform sends, then judge whether corresponding log-on message,, then nullify login if having.
The invention provides a kind of multisystem authentication method, Apparatus and system, be applicable to the application system that comprises an authentication platform and at least one application subsystem, application subsystem obtains the logging request that client sends, and described logging request verified, if the verification passes, then login successfully, otherwise logging request is sent to authentication platform, and, return the information of landing success or login failure to client according to the checking result that authentication platform returns; Authentication platform obtains the logging request of application subsystem or client transmission, authentication platform is verified described logging request, if it is correct, then return the authority information and/or the log-on message of the client of sending described logging request to application subsystem or client, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client.By the present invention, can solve when application subsystem is too much, logining each application subsystem all will be through the authentication of corresponding system once and the too much problem of login times that causes.
Description of drawings
In order to be illustrated more clearly in the present invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, the accompanying drawing that describes below only is some embodiment that put down in writing among the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is a kind of application subsystem authentication method flow chart provided by the invention;
Fig. 2 is a kind of application subsystem structural representation provided by the invention;
Fig. 3 is a kind of authentication platform authentication method flow chart provided by the invention;
Fig. 4 is a kind of authentication platform structural representation provided by the invention;
Fig. 5 is a kind of multisystem authentication application system configuration schematic diagram provided by the invention;
Fig. 6 is provided by the invention a kind of by application subsystem login authentication method flow chart;
Fig. 7 is provided by the invention a kind of by authentication platform login authentication method flow chart.
Embodiment
In order to make those skilled in the art person understand technical scheme in the embodiment of the invention better, and above-mentioned purpose of the present invention, feature and advantage can be become apparent more, technical scheme among the present invention is described in further detail below in conjunction with accompanying drawing.
The invention provides a kind of multisystem authentication method, Apparatus and system, solved when system is too much, logining each system all will be through the authentication of corresponding system once and the too much problem of login times that causes.
A kind of multisystem authentication method is applicable to the application system that comprises an authentication platform and at least one application subsystem, and as shown in Figure 1, described method comprises:
S101: application subsystem obtains the logging request that client sends;
S102: application subsystem is verified described logging request, if the verification passes, then carries out S106, otherwise, carry out S103;
S103: send logging request to authentication platform;
S104: the checking result that the access authentication platform returns, and judge that described checking result sends the log-on message and/or the authority information of the client of described logging request, or the information of login failure;
If the log-on message and/or the authority information of the client of sending described logging request that the access authentication platform returns are then carried out S106;
If the information of the login failure that the access authentication platform returns is then carried out S105
S105: information from login failure to client that return.
S106: return the information of landing success and/or the content of application subsystem is offered client to client;
In the described method, described application subsystem is verified described logging request and is comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
In the described method, described log-on message is to send the required information of client session of described logging request.
In the described method, application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends,
After nullifying login, send the cancellation logging request to authentication platform.
In the described method, after the log-on message and/or authority information of the client of sending described logging request that application subsystem access authentication platform returns,, then judge whether corresponding log-on message if go back the cancellation logging request that the access authentication platform sends, if have, then nullify login.
The invention provides a kind of application subsystem, be applicable to the application system that comprises an authentication platform and at least one application subsystem, as shown in Figure 2, described application subsystem comprises:
First obtains unit 201, is used to obtain the logging request that client sends;
First transmitting element 203 is used for after authentication unit 202 checking is passed through, and returns the successful information of login and/or the content of described application subsystem is offered client to client;
Second transmitting element 204 is used for after authentication unit 202 authentication faileds, sends logging request to authentication platform;
Second obtains unit 205, is used for the access authentication platform and returns the checking result;
Wherein, if second obtains the log-on message and/or the authority information of the client of sending described logging request that unit 205 access authentication platforms return, then first transmitting element 203 sends the successful information of login and/or the content of application subsystem is offered client to client;
If the information of the login failure that the second acquisition unit, 205 access authentication platforms return, then first transmitting element 203 returns the information of login failure to client.
In the described application subsystem, described authentication unit is verified described logging request, being comprised:
Authentication unit judges whether the client that sends described logging request has the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described application subsystem, described log-on message is to send the required information of client session of described logging request.
In the described application subsystem, first obtain unit 201 at first transmitting element 203 after client is returned the successful information of login and/or the content of application subsystem is offered client, also obtain the cancellation log-in request of client transmission;
Described application subsystem also comprises nullifies unit 206, obtains the cancellation log-in request that unit 201 obtains the client transmission if be used for first, then nullifies login;
Second transmitting element 204 sends the cancellation log-in request to authentication platform after nullifying unit 206 cancellation logins.
In the described application subsystem, after the log-on message and/or authority information of the client of sending described logging request that the second acquisition unit, 205 access authentication platforms return, if go back the cancellation logging request that the access authentication platform sends, then authentication unit 202 judges whether corresponding log-on message, if have, then nullify unit 206 and nullify login.
The invention provides a kind of multisystem authentication method, be applicable to the application system that comprises an authentication platform and at least one application subsystem, as shown in Figure 3, described method comprises:
S301: authentication platform obtains the logging request of application subsystem or client transmission;
S302: authentication platform is verified described logging request, if the verification passes, then carries out S303, otherwise, carry out S304;
S303: the log-on message and/or the authority information that return the client of sending described logging request to application subsystem or client;
S304: the information of returning the client login failure that sends described logging request to application subsystem or client.
In the described method, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described method, described log-on message is that the client of sending described logging request is carried out the required information of session.
In the described method, authentication platform returns after the log-on message of the client of sending described logging request and/or authority information to application subsystem or client, also comprise:
Authentication platform obtains the cancellation log-in request of application subsystem or client transmission;
After nullifying login, send the cancellation log-in request to other application subsystems.
The invention provides a kind of authentication platform, be applicable to the application system that comprises an authentication platform and at least one application subsystem, as shown in Figure 4, described authentication platform comprises:
Obtain unit 401, be used to obtain the logging request of application subsystem or client transmission;
First transmitting element 403, be used for after the described logging request of authentication unit 402 checkings is passed through, return the log-on message and/or the authority information of the client of sending described logging request to application subsystem, or after the described logging request failure of authentication unit 402 checkings, return the information of the client login failure that sends described logging request to application subsystem;
Second transmitting element 404, be used for after the described logging request of authentication unit 402 checkings is passed through, return the log-on message and/or the authority information of described client to client, or after the described logging request failure of authentication unit 402 checkings, return the information of described client login failure to client.
In the described authentication platform, authentication unit is verified described logging request, being comprised:
Authentication unit judges whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
In the described authentication platform, described log-on message is that the client of sending described logging request is carried out the required information of session.
In the described authentication platform, obtain the unit at first transmitting element at the log-on message from the client of sending described logging request to application subsystem and/or the authority information that return, or second after transmitting element returns the log-on message and/or authority information of described client to client, also obtains the cancellation log-in request that application subsystem or client send;
Described authentication platform also comprises nullifies unit 405, is used for
Obtain the cancellation log-in request that unit 401 obtains application subsystem or client transmission, nullify login;
First transmitting element 403 sends the information of nullifying login to other application subsystems after nullifying unit 405 cancellation logins.
The invention provides a kind of multisystem authentication application system, as shown in Figure 5, comprise an authentication platform and at least one application subsystem;
Described authentication platform 501, be used to obtain the logging request of application subsystem or client transmission, and described logging request verified, if the verification passes, then return the authority information and/or the log-on message of the client of sending described logging request to application subsystem or client, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client;
Described application subsystem 502, be used to obtain the logging request that client sends, and described logging request verified, if the verification passes, then return the information of landing success and/or the content of application subsystem is offered client to client, otherwise, send logging request to authentication platform;
If the authority information of the client of sending described logging request that the access authentication platform returns then returns the successful information of login and/or the content of application subsystem is offered client to client;
If the information of the login failure that the access authentication platform returns is then returned the information of login failure to client.
In the described system, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed;
Described application subsystem is verified described logging request and is comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
In the described system, described log-on message is to send the required information of client session of described logging request.
In the described system, authentication platform also comprises after application subsystem or client are returned the log-on message and/or authority information of the client of sending described logging request:
Authentication platform obtains the cancellation logging request of application subsystem or client transmission;
After nullifying login, send the information of nullifying login to other application subsystems;
Application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends, and after the cancellation login, nullifies logging request to the authentication platform transmission;
After the log-on message and/or authority information of the client of sending described logging request that application subsystem access authentication platform returns, if go back the cancellation log-in request that the access authentication platform sends, then judge whether corresponding log-on message,, then nullify login if having.
Concrete application in conjunction with said method further specifies the present invention, as shown in Figure 6, provides a kind of by the application subsystem login authentication method, comprising:
S601: application subsystem obtains the logging request that client sends;
Described logging request can be information such as user name, password or Customs Assigned Number;
S602: application subsystem is verified described logging request, if the verification passes, then carries out S606, otherwise, carry out S603;
Application subsystem is verified as described logging request, and whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
S603: send logging request to authentication platform;
S604: the checking result that the access authentication platform returns, and judge that described checking result sends the log-on message and/or the authority information of the client of described logging request, or the information of login failure, if the log-on message and/or the authority information of the client of sending described logging request that the access authentication platform returns, then carry out S606, if the information of the login failure that the access authentication platform returns is then carried out S605;
S605: information from login failure to client that return;
S606: return the successful information of login and/or the content of application subsystem is offered client to client.
If login other application subsystems, then carry out S601 to S606, because client storage has all listed user profile, therefore do not need to re-enter information such as user name, password or Customs Assigned Number.
Concrete application in conjunction with said method further specifies the present invention, as shown in Figure 7, provides a kind of by the authentication platform login authentication method, comprising:
S701: authentication platform obtains the logging request of application subsystem or client transmission;
S702: authentication platform is verified described logging request, if the verification passes, then carries out S703, otherwise, carry out S704;
Authentication platform is verified as described logging request, judges whether authentication platform has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
S703: return log-on message and/or authority information to application subsystem or client;
Because authentication platform can obtain logging request by application subsystem or client respectively, therefore, the information of returning is also different;
After the logging request checking of the application subsystem transmission that authentication platform obtains is passed through, authentication platform returns the log-on message and/or the authority information of the client of sending described logging request to application subsystem, and returns log-on message to the client of sending described logging request;
After the logging request checking of the client transmission that authentication platform obtains was passed through, authentication platform returned the log-on message of the client of sending described logging request to client;
S704: the information of returning login failure to application subsystem or client.
If login other application subsystems, then carry out S601 to S606.
The invention provides a kind of multisystem authentication method, Apparatus and system, be applicable to the application system that comprises an authentication platform and at least one application subsystem, application subsystem obtains the logging request that client sends, and described logging request verified, if the verification passes, then login successfully, otherwise logging request is sent to authentication platform, and, return the information of landing success or login failure to client according to the checking result that authentication platform returns; Authentication platform obtains the logging request of application subsystem or client transmission, authentication platform is verified described logging request, if it is correct, then application subsystem or client are returned the authority information and/or the log-on message of the client of sending described logging request, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client.By the present invention, can solve when application subsystem is too much, logining each application subsystem all will be through the authentication of corresponding system once and the too much problem of login times that causes.
Though described the present invention by embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, wish that appended claim comprises these distortion and variation and do not break away from spirit of the present invention.
Claims (22)
1. a multisystem authentication method is characterized in that, is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described method comprises:
Application subsystem obtains the logging request that client sends;
Application subsystem verifies described logging request, if the verification passes, then returns the information of landing success and/or the content of application subsystem offered client to client, otherwise, send logging request to authentication platform;
If the authority information of the client of sending described logging request that the access authentication platform returns then returns the successful information of login and/or the content of application subsystem is offered client to client;
If the information of the login failure that the access authentication platform returns is then returned the information of login failure to client.
2. the method for claim 1 is characterized in that, described application subsystem is verified described logging request and comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
3. method as claimed in claim 2 is characterized in that, described log-on message is to send the required information of client session of described logging request.
4. the method for claim 1 is characterized in that, application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends,
After nullifying login, send the cancellation logging request to authentication platform.
5. the method for claim 1 is characterized in that, behind the authority information of the described client that application subsystem access authentication platform returns, if go back the cancellation logging request that the access authentication platform sends, then judge whether corresponding log-on message,, then nullify login if having.
6. an application subsystem is characterized in that, is applicable to the application system that comprises an authentication platform and at least one application subsystem, and described application subsystem comprises:
First obtains the unit, is used to obtain the logging request that client sends;
Authentication unit is used for first logging request that obtains the unit acquisition is verified;
First transmitting element is used for after authentication unit checking is passed through, and returns the successful information of login and/or the content of described application subsystem is offered client to client;
Second transmitting element is used for after the authentication unit authentication failed, sends logging request to authentication platform;
Second obtains the unit, is used for the checking result that the access authentication platform returns;
Wherein, if second obtains the log-on message and/or the authority information of the client of sending described logging request that unit access authentication platform returns, then first transmitting element sends the successful information of login and/or the content of application subsystem is offered client to client;
If the information of the login failure that the second acquisition unit access authentication platform returns, then first transmitting element returns the information of login failure to client.
7. application subsystem as claimed in claim 6 is characterized in that, described authentication unit is verified described logging request, being comprised:
Authentication unit judges whether the client that sends described logging request has the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
8. application subsystem as claimed in claim 7 is characterized in that, described log-on message is to send the required information of client session of described logging request.
9. application subsystem as claimed in claim 6, it is characterized in that, first obtain the unit at first transmitting element after client is returned the successful information of login and/or the content of application subsystem is offered client, also obtain the cancellation log-in request of client transmission;
Described application subsystem also comprises the cancellation unit, obtains the cancellation log-in request that the unit obtains the client transmission if be used for first, then nullifies login;
Second transmitting element sends the cancellation log-in request to authentication platform after nullifying unit cancellation login.
10. application subsystem as claimed in claim 9, it is characterized in that, after the log-on message and/or authority information of the described client that the second acquisition unit access authentication platform returns, if go back the cancellation logging request that the access authentication platform sends, then authentication unit judges whether corresponding log-on message, if have, then nullify the unit and nullify login.
11. a multisystem authentication method is characterized in that, is applicable to the application system that comprises an authentication platform and at least one application subsystem, described method comprises:
Authentication platform obtains the logging request of application subsystem or client transmission;
Authentication platform is verified described logging request, if the verification passes, then return the log-on message and/or the authority information of the client of sending described logging request to application subsystem or client, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client.
12. method as claimed in claim 11 is characterized in that, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
13. method as claimed in claim 12 is characterized in that, described log-on message is that the client of sending described logging request is carried out the required information of session.
14. method as claimed in claim 11 is characterized in that, authentication platform also comprises after application subsystem or client are returned the log-on message and/or authority information of the client of sending described logging request:
Authentication platform obtains the cancellation log-in request of application subsystem or client transmission;
After nullifying login, send the cancellation log-in request to other application subsystems.
15. an authentication platform is characterized in that, is applicable to the application system that comprises an authentication platform and at least one application subsystem, described authentication platform comprises:
Obtain the unit, be used to obtain the logging request of application subsystem or client transmission;
Authentication unit is used for the logging request that obtains the unit acquisition is verified;
First transmitting element, be used for after authentication unit verifies that described logging request is passed through, return the log-on message and/or the authority information of the client of sending described logging request to application subsystem, or after authentication unit is verified described logging request failure, return the information of the client login failure that sends described logging request to application subsystem;
Second transmitting element, be used for after authentication unit verifies that described logging request is passed through, return the log-on message and/or the authority information of described client to client, or after authentication unit is verified described logging request failure, return the information of described client login failure to client.
16. authentication platform as claimed in claim 15 is characterized in that, authentication unit is verified described logging request, being comprised:
Authentication unit judges whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed.
17. authentication platform as claimed in claim 16 is characterized in that, described log-on message is that the client of sending described logging request is carried out the required information of session.
18. authentication platform as claimed in claim 15, it is characterized in that, obtain the unit at first transmitting element at the log-on message from the client of sending described logging request to application subsystem and/or the authority information that return, or second after transmitting element returns the log-on message and/or authority information of described client to client, also obtains the cancellation log-in request that application subsystem or client send;
Described authentication platform also comprises the cancellation unit, is used to obtain the cancellation log-in request that the unit obtains application subsystem or client transmission, nullifies login;
First transmitting element sends the information of nullifying login to other application subsystems after nullifying unit cancellation login.
19. a multisystem authentication application system is characterized in that, comprises an authentication platform and at least one application subsystem;
Described authentication platform, be used to obtain the logging request of application subsystem or client transmission, and described logging request verified, if the verification passes, then return the authority information and/or the log-on message of the client of sending described logging request to application subsystem or client, otherwise, return the information of the client login failure that sends described logging request to application subsystem or client;
Described application subsystem is used to obtain the logging request that client sends, and described logging request is verified, if the verification passes, then return the information of landing success and/or the content of application subsystem is offered client to client, otherwise, logging request sent to authentication platform; If the log-on message and/or the authority information of the client of sending described logging request that the access authentication platform returns then return the successful information of login and/or the content of application subsystem are offered client to client; If the information of the login failure that the access authentication platform returns is then returned the information of login failure to client.
20. system as claimed in claim 19 is characterized in that, described authentication platform is verified described logging request, being comprised:
Judge whether authentication platform preserves the log-on message of described logging request, and described log-on message is not out of date, if then checking is passed through, otherwise, authentication failed;
Described application subsystem is verified described logging request and is comprised:
Whether the client that judge to send described logging request has the log-on message of described logging request and described log-on message not out of date, if then checking is passed through, otherwise, authentication failed.
21. system as claimed in claim 20 is characterized in that, described log-on message is to send the required information of client session of described logging request.
22. system as claimed in claim 19 is characterized in that, authentication platform also comprises after application subsystem or client are returned the log-on message and/or authority information of the client of sending described logging request:
Authentication platform obtains the cancellation logging request of application subsystem or client transmission;
After nullifying login, send the information of nullifying login to other application subsystems;
Application subsystem also comprises after client is returned the successful information of login and/or the content of application subsystem offered client:
Application subsystem obtains the cancellation logging request that client sends, and after the cancellation login, nullifies logging request to the authentication platform transmission;
After the log-on message and/or authority information of the described client that application subsystem access authentication platform returns,, then judge whether corresponding log-on message,, then nullify login if having if go back the cancellation log-in request that the access authentication platform sends.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010600465 CN101989910A (en) | 2010-12-22 | 2010-12-22 | Multi-system authentication method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010600465 CN101989910A (en) | 2010-12-22 | 2010-12-22 | Multi-system authentication method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101989910A true CN101989910A (en) | 2011-03-23 |
Family
ID=43746275
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010600465 Pending CN101989910A (en) | 2010-12-22 | 2010-12-22 | Multi-system authentication method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101989910A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685741A (en) * | 2013-12-03 | 2014-03-26 | 方正国际软件有限公司 | Single-point-login and single-point-logout method and single-point-login and single-point-logout system for mobile terminal |
| CN108737398A (en) * | 2018-05-09 | 2018-11-02 | 平安信托有限责任公司 | Processing method, device, computer equipment and the storage medium of trust system |
| CN111131132A (en) * | 2018-10-31 | 2020-05-08 | 北京国双科技有限公司 | Method and device for realizing multi-system login |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
| JP2009027461A (en) * | 2007-07-19 | 2009-02-05 | Ntt Docomo Inc | Information verification method, information verification apparatus and information verification system |
| CN101605030A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of uniform authentication realizing method of using towards TV station based on Active Directory |
| CN101677315A (en) * | 2008-09-16 | 2010-03-24 | 中兴通讯股份有限公司 | Method for dynamically loading application system in C/S structure |
-
2010
- 2010-12-22 CN CN 201010600465 patent/CN101989910A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1547343A (en) * | 2003-12-17 | 2004-11-17 | 上海市高级人民法院 | A Single Sign On method based on digital certificate |
| JP2009027461A (en) * | 2007-07-19 | 2009-02-05 | Ntt Docomo Inc | Information verification method, information verification apparatus and information verification system |
| CN101605030A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of uniform authentication realizing method of using towards TV station based on Active Directory |
| CN101677315A (en) * | 2008-09-16 | 2010-03-24 | 中兴通讯股份有限公司 | Method for dynamically loading application system in C/S structure |
Non-Patent Citations (2)
| Title |
|---|
| 《信息与电子工程》 20070630 张伟燕,傅昱强 身份认证集成的研究与应用 第226-227页 1-10,19-22 第5卷, 第3期 2 * |
| 《信息与电子工程》 20070630 张伟燕,傅昱强 身份认证集成的研究与应用 第226-227页 11-18 第5卷, 第3期 2 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685741A (en) * | 2013-12-03 | 2014-03-26 | 方正国际软件有限公司 | Single-point-login and single-point-logout method and single-point-login and single-point-logout system for mobile terminal |
| CN103685741B (en) * | 2013-12-03 | 2015-09-23 | 方正国际软件有限公司 | The method and system that a kind of mobile terminal single-sign-on and single-point are nullified |
| CN108737398A (en) * | 2018-05-09 | 2018-11-02 | 平安信托有限责任公司 | Processing method, device, computer equipment and the storage medium of trust system |
| CN108737398B (en) * | 2018-05-09 | 2022-04-26 | 平安信托有限责任公司 | Processing method and device of trust system, computer equipment and storage medium |
| CN111131132A (en) * | 2018-10-31 | 2020-05-08 | 北京国双科技有限公司 | Method and device for realizing multi-system login |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109598115B (en) | Method, device, equipment, system, platform and medium for realizing authorized login | |
| CN109600306B (en) | Method, device and storage medium for creating session | |
| CN108111473B (en) | Unified management method, device and system for hybrid cloud | |
| CN101677272B (en) | Center apparatus, terminal apparatus, and authentication system | |
| CN105049246B (en) | A kind of group user management service method and system | |
| CN102984169A (en) | Single sign-on method, equipment and system | |
| CN103595759B (en) | Desktop presentation method based on high in the clouds | |
| CN104036161B (en) | Manage the method and image processing system of the User logs in of the application based on cloud | |
| CN104580117A (en) | Authentication method, device and system | |
| CN109831427A (en) | A kind of internet of things equipment registers cloud platform method automatically | |
| CN108733992B (en) | Processing method and system of electronic equipment | |
| CN106936790A (en) | The method that client and server end carries out two-way authentication is realized based on digital certificate | |
| CN101321068A (en) | Method and apparatus for implementing dual-identity authentication | |
| CN106534219A (en) | Security authentication method and device for desktop cloud portal | |
| CN103929411A (en) | Information displaying method, terminal, safety server and system | |
| CN105933374A (en) | Mobile terminal data backup method, system and mobile terminal | |
| CN102984046A (en) | Processing method of instant messaging business and corresponding network equipment | |
| CN107707356B (en) | A kind of mobile device secure binding method and application system based on two dimensional code identification | |
| CN101989910A (en) | Multi-system authentication method, device and system | |
| CN111600888B (en) | Method and device for login verification and login verification system | |
| CN101364870A (en) | System and method realizing IPTV unified authentication by gateway mode | |
| CN106529297B (en) | Obtain the method and device of application state information | |
| CN103595611A (en) | A method, a system and a device for realizing instant messaging application | |
| CN103078739A (en) | Dynamic-password authenticating method, device and network system | |
| CN103501292A (en) | Method and system for achieving data safety protection by using standby mobile phone |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110323 |