CN102025633A - WEB authentication-based routing method, authentication request receiving device and authentication system - Google Patents

WEB authentication-based routing method, authentication request receiving device and authentication system Download PDF

Info

Publication number
CN102025633A
CN102025633A CN201010591474XA CN201010591474A CN102025633A CN 102025633 A CN102025633 A CN 102025633A CN 201010591474X A CN201010591474X A CN 201010591474XA CN 201010591474 A CN201010591474 A CN 201010591474A CN 102025633 A CN102025633 A CN 102025633A
Authority
CN
China
Prior art keywords
user
receiving equipment
authentication request
request receiving
web
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201010591474XA
Other languages
Chinese (zh)
Other versions
CN102025633B (en
Inventor
武卫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Ruishan Network Co., Ltd
Original Assignee
Beijing Star Net Ruijie Networks Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Star Net Ruijie Networks Co Ltd filed Critical Beijing Star Net Ruijie Networks Co Ltd
Priority to CN201010591474XA priority Critical patent/CN102025633B/en
Publication of CN102025633A publication Critical patent/CN102025633A/en
Application granted granted Critical
Publication of CN102025633B publication Critical patent/CN102025633B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention provides a WEB authentication-based routing method, an authentication request receiving device and an authentication system. The method comprises the following steps: a current WEB authentication request receiving device obtains a user request and judges whether the user sending the user request is an authenticated user; if so, the user request is redirected to the previous WEB authentication request receiving device used for authenticating the user; and if not, a target WEB authentication request receiving device is distributed to the user request and the user request is redirected to the target WEB authentication request receiving device. By adopting the WEB authentication-based routing method, the authentication request receiving device and the authentication system, the pressure-balanced, rapid and stable authentication can be realized and the network fault-tolerance is very good.

Description

Method for routing, authentication request receiving equipment and Verification System based on the WEB authentication
Technical field
The present invention relates to the network authentication technology, relate in particular to method for routing, authentication request receiving equipment and Verification System based on the WEB authentication.
Background technology
ISP (ISP) provides the access service of paying for the user, and as the basis and the foundation of chargeing, authentification of user is indispensable in the network insertion process.WEB Verification System based on the WEB authentication is to use a kind of very widely Verification System at present.
In the WEB Verification System, in the outlet of the gateway device unit of being deployed in, this gateway device possesses the ability of the outer outgoing packet of interception user.Receive certain user's outer outgoing packet when gateway device after,, then can refuse the outer outgoing packet that this goes out to ask, tackle this user if find that this user is not online; If gateway device receives the HTTP request from the user, then gateway device is understood simulated target IP main frame, and is redirected on the WEB authentication request receiving equipment.WEB authentication request receiving equipment is received redirect request rear line pushing certification page, is authenticated according to the authentication information that the user submits to by the certificate server in this WEB Verification System.After the authentification of user success, when visiting Internet once more, gateway device judges that this user is online, its outer outgoing packet of then letting pass.
In existing WEB Verification System, if owing to reasons such as network failures, cause user's success identity but when being tackled by gateway device, may cause different WEB authentication request receiving equipments and certificate server that this user is authenticated again, thereby may make this user be collected two parts of expenses, have very low network fault tolerance.
Summary of the invention
At above-mentioned defective, the invention provides method for routing, WEB authentication request receiving equipment and WEB Verification System based on the WEB authentication.
The method for routing of WEB provided by the invention authentication comprises: current WEB authentication request receiving equipment obtains user's request, and judges that whether send described user's requesting users is authenticated user;
Know that described user is authenticated user, then is redirected to the authentication request of the WEB formerly receiving equipment that authenticates described user with described user's request if judge;
If judge and know that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user, and described user's request is redirected to described target WEB authentication request receiving equipment.
WEB authentication request receiving equipment provided by the invention comprises:
Receiver module is used to obtain user's request;
Judge module is connected with described receiver module, is used for judge sending described user's requesting users and whether is authenticated user;
Distribution module is connected with described judge module, is used for knowing that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user if judge;
Redirection module is connected with described distribution module with described judge module respectively, is used for knowing that described user is authenticated user, then is redirected to the authentication request of the WEB formerly receiving equipment that authenticates described user with described user's request if judge; If judge and know that described user is unauthenticated user, then described user's request is redirected to described target WEB authentication request receiving equipment.
WEB Verification System provided by the invention comprises: WEB authentication request receiving equipment provided by the invention, be used for to described WEB authentication request receiving equipment provide gateway that the user asks and with described WEB authentication request receiving equipment certificate server that be connected, that be used to carry out authentification of user.
The present invention also provides another kind of WEB Verification System, comprise: WEB authentication request receiving equipment, be used for to described WEB authentication request receiving equipment provide gateway that the user asks, with described WEB authentication request receiving equipment certificate server that be connected, that be used to carry out authentification of user, and the authentication pressure apparatus for evaluating that is connected with described WEB authentication request receiving equipment, wherein:
Described WEB authentication request receiving equipment is sent to described authentication pressure apparatus for evaluating with the information that sends described user's requesting users after obtaining user's request;
Described authentication pressure apparatus for evaluating comprises:
The authentication determination module after being used for receiving described user's information from described WEB authentication request receiving equipment, judges that whether send described user's requesting users is authenticated user; Know that described user is authenticated user if judge, the information that then will authenticate described user's the authentication request of WEB formerly receiving equipment is sent to described WEB authentication request receiving equipment, described user's request is redirected to the described user's of authentication the authentication request of WEB formerly receiving equipment by described WEB authentication request receiving equipment; If judge and know that described user is unauthenticated user, then the information with described user is sent to evaluation module;
Described evaluation module, be used to described user to distribute target WEB authentication request receiving equipment and its information is sent to described WEB authentication request receiving equipment, described user's request is redirected to described target WEB authentication request receiving equipment by described WEB authentication request receiving equipment.
According to the method for routing based on the WEB authentication provided by the invention, WEB authentication request receiving equipment and WEB Verification System, because after obtaining user's request, directly this user is not carried out the WEB authentication, but judge that at first whether the user is authenticated user, and when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is handled, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated once more, thereby the problem that repeats to charge that causes, realize the authentication of fast and stable, had good network fault tolerance.
Description of drawings
Fig. 1 is the flow chart that the present invention is based on the method for routing of WEB authentication.
Fig. 2 the present invention is based on the flow chart that WEB authentication request receiving equipment in the method for routing of WEB authentication is safeguarded online subscriber's meter.
Fig. 3 the present invention is based on the flow chart that obtains the formation of authentication pressure index in the method for routing of WEB authentication.
Fig. 4 the present invention is based on the flow chart of asking to distribute target WEB authentication request receiving equipment in the method for routing of WEB authentication for the user.
Fig. 5 is the structural representation of WEB authentication request receiving equipment of the present invention.
Fig. 6 is the system architecture diagram of WEB Verification System of the present invention.
Fig. 7 carries out the flow chart of WEB authentication for WEB Verification System of the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer,, technical scheme of the present invention is clearly and completely described below in conjunction with accompanying drawing.
Fig. 1 is the flow chart that the present invention is based on the method for routing of WEB authentication.As shown in Figure 1, should may further comprise the steps based on the method for routing of WEB authentication:
Step S100, current WEB authentication request receiving equipment obtain user request, and judge that whether send user's requesting users is authenticated user;
Wherein, current WEB authentication request receiving equipment can be the arbitrary WEB authentication request receiving equipment in the WEB Verification System.User's request for example is the HTTP request, and this HTTP request carries User IP.Current WEB authentication request receiving equipment then judges that according to this User IP whether this user is authenticated user.
Step S200 knows that the user is authenticated user, then is redirected to user's request this user's of authentication the authentication request of WEB formerly receiving equipment if judge;
Wherein, formerly WEB authentication request receiving equipment can be the arbitrary WEB authentication request receiving equipment in the WEB Verification System, and it both can be current WEB authentication request receiving equipment, also can be other WEB authentication request receiving equipment in this WEB Verification System.Particularly, in step S200, know that the user is for after the authenticated user, for example judge this user's of authentication the authentication request of WEB formerly receiving equipment according to User IP, if through judgement know this formerly WEB authentication request receiving equipment be current WEB authentication request receiving equipment, then can directly send authentication success message; If know other certain the WEB authentication request receiving equipment in the current WEB Verification System that is that this user is authenticated through judgement, then this user's request be redirected to this WEB authentication request receiving equipment formerly.
Step S300 if judge and to know that the user is a unauthenticated user, then for the user asks to distribute target WEB authentication request receiving equipment, and asks to be redirected to target WEB authentication request receiving equipment with the user.
Method for routing according to the foregoing description based on the WEB authentication, because after obtaining user's request, directly this user is not carried out the WEB authentication, but judge that at first whether the user is authenticated user, and when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is handled, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated once more, thereby the problem that repeats to charge that causes has improved network fault tolerance.
Further, in the method for routing based on WEB authentication of the foregoing description, judge that whether send user's requesting users is that the step of authenticated user comprises: judge that according to the information of the whole current online user in the WEB Verification System whether send user's requesting users is authenticated user.
Above-mentioned steps for example can be by safeguarding that by WEB authentication request receiving equipment an online user who shows all on-line user profile shows to realize.Table 1 is the field information in online user's table.As shown in table 1, the field of this online user's table comprises: User IP, WEB authentication request receiving equipment IP and on-line time.
Table 1
Sequence number Field name
1 User IP
2 WEB authentication request receiving equipment IP
3 On-line time
Fig. 2 the present invention is based on the flow chart that WEB authentication request receiving equipment in the method for routing of WEB authentication is safeguarded online subscriber's meter.As shown in Figure 2, after WEB authentication request receiving equipment obtains user's going on line or off line message (step S101), judge whether this message is on-line message (step S102), if, then extract the User IP, WEB authentication request receiving equipment IP and the on-line time that comprise in this message, in online user's table, insert a record (step S103) corresponding to this user; If not, then search corresponding record in the online user table according to the User IP that comprises in this message, and from online user's table with its deletion (step S104).Can be implemented in the whole current online user information of record in this online user's table by above-mentioned flow process.Wherein, WEB authentication request receiving equipment can obtain user's going on line or off line message by adopting the backstage authentication and accounting system of multiple technologies from the WEB Verification System, and for example TCP/IP directly receives, or publish/subscribe mechanism etc.
WEB authentication request receiving equipment can be known all on-line user's information by safeguarding this online user's table.Therefore after WEB authentication request receiving equipment obtains user's request, whether be included in current online user's table by inquiring about the pairing User IP of this user, if, then this user is authenticated user, further can know this user's of authentication the authentication request of WEB formerly receiving equipment, and this user's request is redirected to corresponding WEB authentication request receiving equipment by the WEB authentication request receiving equipment IP of this User IP correspondence; If not, then this user is a unauthenticated user, and the step S300 that then carries out the foregoing description is to carry out subsequent treatment to this user's request.
Further, in the method for routing based on the WEB authentication of the foregoing description, for the user asks to distribute target WEB authentication request receiving equipment, and the step that the user is asked to be redirected to target WEB authentication request receiving equipment comprises: whether the load of judging current WEB authentication request receiving equipment surpasses default load maximum; If not, then push the authentification of user page to the user; If, and user request is redirected to target WEB authentication request receiving equipment then for the user asks to distribute target WEB authentication request receiving equipment.
Wherein, can adopt multiple mode to ask to distribute target WEB authentication request receiving equipment for the user, for example Random assignment or distribute by certain rule is preferably: ask to distribute target WEB authentication request receiving equipment according to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System for the user.Wherein, the load of WEB authentication request receiving equipment for example is information such as authentication pressure or online user's pressure.The load that above-mentioned basis is arranged at each the WEB authentication request receiving equipment in the WEB Verification System is preferably for the user asks to distribute the step of target WEB authentication request receiving equipment: the authentication force value of obtaining each the WEB authentication request receiving equipment in the WEB Verification System; The authentication force value that compares each WEB authentication request receiving equipment is to be dispensed to user's request the WEB authentication request receiving equipment of authentication force value minimum.
Above-mentioned for the user ask to distribute target WEB authentication request receiving equipment step can the authentication pressure index formation of WEB authentication request receiving equipments realizes by obtaining in the WEB Verification System all.The content of this authentication pressure index formation is every WEB authentication request receiving equipment and corresponding authentication rate value, this authentication rate value can be represented the current authentication force value of this equipment, and promptly this equipment is at the authentication of current n in the second number of users (n is preferably 10 to 60) of reaching the standard grade.
Fig. 3 the present invention is based on the flow chart that obtains the formation of authentication pressure index in the method for routing of WEB authentication.As shown in Figure 3, may further comprise the steps:
Step S201, the online user number of each WEB authentication request receiving equipment reaches at the reach the standard grade number of users of current n in second in the statistics WEB Verification System; This statistics can safeguard that the online user of online subscriber's meter shows to realize based on WEB authentication request receiving equipment, particularly, add up the online user that to know each WEB authentication request receiving equipment IP by each the WEB authentication request receiving equipment IP in online user's table, and whether the on-line time of further passing through each online user in second, can count the number of users of reaching the standard grade in second at current n at current n.
Step S202 calculates the authentication request processing speed of each equipment according to the number of users of reaching the standard grade of current n in second of each WEB authentication request receiving equipment, this authentication request processing speed=the reach the standard grade number of users/n of current n in second.
Step S203, according to the authentication request processing speed that in step S202, obtains, each WEB authentication request receiving equipment is arranged according to the authentication request processing speed is ascending, obtain authenticating the pressure index formation, what promptly come this formation first place is the WEB authentication request receiving equipment of current authentication force value minimum, and what come this formation last position is the WEB authentication request receiving equipment of current authentication force value maximum; Also store online user's quantity (online user's force value) in this formation corresponding to each WEB authentication request receiving equipment.
Fig. 4 the present invention is based on the flow chart of asking to distribute target WEB authentication request receiving equipment in the method for routing of WEB authentication for the user.As shown in Figure 4, for asking to distribute target WEB authentication request receiving equipment, the user specifically may further comprise the steps:
Step S301, current WEB authentication request receiving equipment obtain online user's force value of this machine from the formation of authentication pressure index;
Step S302 judges according to the value of obtaining whether online user's force value of this machine does not exceed default maximum online user's force value from step S301; If, execution in step S303 then; If not, execution in step S304 then;
Step S303 is to user's pushing certification page;
Step S304 obtains the WEB authentication request receiving equipment IP that authenticates the force value minimum from the formation of authentication pressure index, and execution in step S305;
Step S305 judges whether online user's force value of this equipment does not surpass maximum online user's force value; If, execution in step S306 then; If not, execution in step S307 then;
Step S306, with this equipment as target WEB authentication request receiving equipment, user request is redirected to this target WEB authentication request receiving equipment;
Step S307 abandons this user's request, to guarantee the stability of WEB Verification System.
Method for routing according to the foregoing description based on the WEB authentication, because when judgement knows that current device does not surpass default maximum pressure value, directly ask, and no longer this user's request is routed to miscellaneous equipment, thereby improved the authentication efficient of WEB Verification System by this user of this device processes; And, when need route to this user request other WEB authentication request receiving equipment in the WEB Verification System, select suitable equipment to handle this user's request according to the load of each WEB authentication request receiving equipment, the load balancing degrees of system be can improve, thereby the reliability and the efficiency value of system improved.
Though in the method for routing based on the WEB authentication of the foregoing description, illustrated online user's table, the formation of authentication pressure index etc. are safeguarded by WEB authentication request receiving equipment or are obtained, but it will be understood by those of skill in the art that to the maintenance of online user table and the formation of authentication pressure index obtain all can by independent setting and realize with the authentication pressure apparatus for evaluating that this WEB authentication request receiving equipment carries out information interaction.
This authentication pressure apparatus for evaluating for example comprises: be used to safeguard that the WEB authentication online user of online subscriber's meter shows maintenance module, the operating process that this WEB authentication online user shows maintenance module is identical with flow process shown in Figure 2; Be used for judging according to the request of WEB authentication request receiving equipment whether the user is that authenticated user reaches the authentication determination module that whether need distribute WEB authentication request receiving equipment; Be used to obtain the statistical module of authentication pressure index formation, the operating process of this statistical module is identical with flow process shown in Figure 3; And being used to the user to distribute the evaluation module of target WEB authentication request receiving equipment, the operating process of this evaluation module is identical with flow process shown in Figure 4.
According to a further aspect in the invention, also provide a kind of WEB authentication request receiving equipment.Fig. 5 is the structural representation of WEB authentication request receiving equipment of the present invention.As shown in Figure 5, this WEB authentication request receiving equipment comprises receiver module 10, judge module 20, distribution module 30 and redirection module 40, wherein:
Receiver module 10 is used to obtain user's request;
Judge module 20 is connected with receiver module 10, is used for judge sending user's requesting users and whether is authenticated user;
Distribution module 30 is connected with judge module 20, is used for then asking to distribute target WEB authentication request receiving equipment for the user if judgement knows that the user is a unauthenticated user;
Redirection module 40 is connected with distribution module 30 with judge module 20 respectively, is used for knowing that the user is authenticated user, then is redirected to user's request this user's of authentication the authentication request of WEB formerly receiving equipment if judge; If judge and know that the user is a unauthenticated user, then user's request is redirected to target WEB authentication request receiving equipment.
WEB authentication request receiving equipment according to the foregoing description, be used to judge that whether send user's requesting users is the judge module of authenticated user owing to be provided with, reach the redirection module of taking different routing policies according to the user for authenticated user and unverified two kinds of situations, can be when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is handled, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated once more, thereby the problem that repeats to charge that causes has improved network fault tolerance.
Further, in the WEB of the foregoing description authentication request receiving equipment, judge module comprises:
Online user's maintenance unit is used for obtaining the information of whole current online user of WEB Verification System;
First judging unit is used for judging that according to the information of whole current online user of WEB Verification System whether send user's requesting users is authenticated user.
Wherein, online user's maintenance unit is safeguarded the online user's table that has shown in the table 1, WEB authentication request receiving equipment can obtain the online user's of this system information by this online user's maintenance unit, so that first judging unit can by inquiring about in this online user table whether have the User IP corresponding with this user, can confirm that whether this user is authenticated user.
Further, in the WEB of the foregoing description authentication request receiving equipment, distribution module comprises:
First acquiring unit is used for obtaining from judge module user's request of unauthenticated user;
Second judging unit is used to judge whether the load of WEB authentication request receiving equipment surpasses default load maximum;
Allocation units are used for then pushing the authentification of user page to the user if load is no more than default load maximum; If load surpasses default load maximum, then for the user asks to distribute target WEB authentication request receiving equipment, so that redirection module is redirected to target WEB authentication request receiving equipment with user's request.
Further, in the WEB of the foregoing description authentication request receiving equipment, distribution module also comprises:
Second acquisition unit is used for obtaining the authentication force value of each the WEB authentication request receiving equipment that is arranged at the WEB Verification System;
Statistic unit is used for the authentication force value of each WEB authentication request receiving equipment of comparison, so that allocation units are dispensed to user's request the WEB authentication request receiving equipment of authentication force value minimum.
In accordance with a further aspect of the present invention, a kind of WEB Verification System also is provided, it comprise above-mentioned arbitrary embodiment WEB authentication request receiving equipment, the gateway and that be connected, that be used to the carry out authentification of user certificate server with WEB authentication request receiving equipment that provide the user to ask to WEB authentication request receiving equipment is provided.
The present invention also provides another kind of WEB Verification System.Fig. 6 is the system architecture diagram of WEB Verification System of the present invention.As shown in Figure 6, this WEB Verification System comprises WEB authentication request receiving equipment 100, the gateway 200, the certificate server 300 that be connected with WEB authentication request receiving equipment, that be used to carry out authentification of user that provide the user to ask to WEB authentication request receiving equipment is provided, and the authentication pressure apparatus for evaluating 400 that is connected with WEB authentication request receiving equipment.Below this WEB Verification System is elaborated.
Particularly, after WEB authentication request receiving equipment 100 obtains user's request, the information that sends user's requesting users is sent to authentication pressure apparatus for evaluating 400;
This authentication pressure apparatus for evaluating 400 comprises:
Authentication determination module 402 after being used for receiving user's information from WEB authentication request receiving equipment 100, judges that whether send user's requesting users is authenticated user; Know that the user is authenticated user if judge, the information that then will authenticate this user's the authentication request of WEB formerly receiving equipment is sent to WEB authentication request receiving equipment 100, described user's request is redirected to this user's of authentication the authentication request of WEB formerly receiving equipment by WEB authentication request receiving equipment 100; If judge and know that the user is a unauthenticated user, then the information with described user is sent to evaluation module 404;
Evaluation module 404 is used to the user to distribute target WEB authentication request receiving equipment and its information is sent to WEB authentication request receiving equipment 100, by WEB authentication request receiving equipment 100 user's request is redirected to target WEB authentication request receiving equipment.
WEB Verification System according to the foregoing description, because the information that WEB authentication request receiving equipment 100 obtains after the user request corresponding user is sent to authentication pressure apparatus for evaluating 100, judge that by authentication pressure apparatus for evaluating 400 whether the user is authenticated user, and when confirming this user for authenticated user, authentication pressure apparatus for evaluating 400 is to the information of WEB authentication request receiving equipment 100 these users' of return authentication the authentication request of WEB formerly receiving equipment, so that WEB authentication request receiving equipment 100 is redirected to WEB authentication request receiving equipment formerly with this user's request.So can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, thereby this user is authenticated once more the problem that repeats to charge that causes by different WEB authentication request receiving equipments, realize the authentication of fast and stable, had good network fault tolerance.
Further, in the WEB of the foregoing description Verification System, authentication pressure apparatus for evaluating 400 also comprises:
WEB authentication online user shows maintenance module 401, is used for obtaining the information of whole current online user of WEB Verification System; Correspondingly, authentication determination module 402 judges that according to the information of the whole current online user in the WEB Verification System whether send user's requesting users is authenticated user.
Further, in the WEB of the foregoing description Verification System, evaluation module 404 is used to judge whether the load of WEB authentication request receiving equipment 100 surpasses default load maximum; If load is no more than default load maximum, then the information with WEB authentication request receiving equipment 100 is sent to WEB authentication request receiving equipment 100, so that WEB authentication request receiving equipment 100 pushes the authentification of user page to the user; If load surpasses default load maximum, then distribute target WEB authentication request receiving equipment and its information is sent to WEB authentication request receiving equipment 100, user's request is redirected to target WEB authentication request receiving equipment by WEB authentication request receiving equipment for the user.
Further, in the WEB of the foregoing description Verification System, authentication pressure apparatus for evaluating 400 also comprises:
Statistical module 403 is used for obtaining the load of whole WEB authentication request receiving equipments of WEB Verification System; Correspondingly, evaluation module 404 is used for asking to distribute target WEB authentication request receiving equipment according to the load of whole WEB authentication request receiving equipments for the user.
Further, in the WEB of the foregoing description Verification System, statistical module 403 is used for obtaining the authentication force value of whole WEB authentication request receiving equipments of WEB Verification System; Correspondingly, evaluation module 404 is used for the authentication force value of each WEB authentication request receiving equipment of comparison, user's request is dispensed to the WEB authentication request receiving equipment of authentication force value minimum.
Fig. 7 carries out the flow chart of WEB authentication for WEB Verification System of the present invention.As shown in Figure 7, comprising:
Step S10, by the HTTP request of gateway device interception unauthenticated user, the directional user that lays equal stress on is to WEB authentication request receiving equipment; The user fills in submission information behind the authentication information;
After step S20, WEB authentication request receiving equipment received user's request, request authentication pressure apparatus for evaluating was handled;
Step S30, the authentication determination module of authentication pressure apparatus for evaluating judges whether the user needs the application authentication server authentication, be specially: show maintenance module according to WEB authentication online user and judge whether the user is authenticated user, if then judged result is returned WEB authentication request receiving equipment; If not, then the information with this user is sent to evaluation module, whether can handle this user's request to be judged current WEB authentication request receiving equipment by evaluation module, if can handle, then judged result is returned WEB authentication request receiving equipment, judged result is sent to statistical module if can not handle then;
Step S40, after statistical module obtains the judged result of evaluation module transmission, the online user shows the authenticated user quantity that maintenance module obtains online user's information, adds up each WEB authentication request receiving equipment from the WEB authentication, to obtain the load of the WEB authentication request receiving equipment in the WEB Verification System, form the formation of authentication pressure index;
Step S50, statistical module request evaluation module assessment is the certificate server IP of suitable authentication;
Step S60, evaluation module returns optimal certificate server IP to WEB authentication request receiving equipment;
Step S70, WEB authentication request receiving equipment is transmitted authentication request to corresponding certificate server;
Step S80, certificate server carries out the authentification of user verification; And reach the standard grade or roll off the production line message to WEB authentication request receiving equipment issue user;
Step S90, WEB authentication request receiving equipment is shown maintenance module transmission user to WEB authentication online user and is reached the standard grade, rolls off the production line message to carry out online user's information updating.
Authentication pressure apparatus for evaluating in the WEB Verification System of the foregoing description can be the independent server that is provided with, also can be in conjunction with being arranged in the WEB authentication request receiving equipment.When with this pressure apparatus for evaluating in conjunction with the WEB authentication request receiving equipment that is arranged at prior art in the time, can obtain WEB authentication request receiving equipment provided by the invention.
WEB Verification System according to the foregoing description, can guarantee to reach a kind of isostasy between the whole network WEB authentication request receiving equipment and the user is responsible for by unique WEB authentication request receiving equipment all the time, especially this effect is more obvious under burst authentication storm.The accuracy height of this WEB Verification System service propelling, professional fault-tolerance height can provide maximized stable operation and authentication processing ability and accurate Boot Server.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.

Claims (14)

1. the method for routing based on the WEB authentication is characterized in that, comprising:
Current WEB authentication request receiving equipment obtains user request, and judges that whether send described user's requesting users is authenticated user;
Know that described user is authenticated user, then is redirected to the authentication request of the WEB formerly receiving equipment that authenticates described user with described user's request if judge;
If judge and know that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user, and described user's request is redirected to described target WEB authentication request receiving equipment.
2. the method for routing based on WEB authentication according to claim 1 is characterized in that, whether described judgement sends described user's requesting users is that the step of authenticated user comprises:
Judge that according to the information of the whole current online user in the WEB Verification System whether send described user's requesting users is authenticated user.
3. the method for routing based on the WEB authentication according to claim 1 is characterized in that, for described user asks to distribute target WEB authentication request receiving equipment, and the step that described user's request is redirected to described target WEB authentication request receiving equipment comprises:
Whether the load of judging described current WEB authentication request receiving equipment surpasses default load maximum; If not, then push the authentification of user page to described user; If then ask to distribute target WEB authentication request receiving equipment, and described user's request be redirected to described target WEB authentication request receiving equipment for described user.
4. the method for routing based on the WEB authentication according to claim 3 is characterized in that, comprises for described user asks to distribute the step of target WEB authentication request receiving equipment:
According to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System is that described user asks to distribute target WEB authentication request receiving equipment.
5. the method for routing based on the WEB authentication according to claim 4 is characterized in that, is that described user asks to distribute the step of target WEB authentication request receiving equipment to comprise according to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System:
Obtain the authentication force value of each the described WEB authentication request receiving equipment in the described WEB Verification System; The authentication force value that compares each described WEB authentication request receiving equipment is to be dispensed to described user's request the WEB authentication request receiving equipment of described authentication force value minimum.
6. a WEB authentication request receiving equipment is characterized in that, comprising:
Receiver module is used to obtain user's request;
Judge module is connected with described receiver module, is used for judge sending described user's requesting users and whether is authenticated user;
Distribution module is connected with described judge module, is used for knowing that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user if judge;
Redirection module is connected with described distribution module with described judge module respectively, is used for knowing that described user is authenticated user, then is redirected to the authentication request of the WEB formerly receiving equipment that authenticates described user with described user's request if judge; If judge and know that described user is unauthenticated user, then described user's request is redirected to described target WEB authentication request receiving equipment.
7. WEB authentication request receiving equipment according to claim 6 is characterized in that described judge module comprises:
Online user's maintenance unit is used for obtaining the information of whole current online user of WEB Verification System;
First judging unit is used for judging that according to the information of whole current online user of described WEB Verification System whether send described user's requesting users is authenticated user.
8. WEB authentication request receiving equipment according to claim 6 is characterized in that described distribution module comprises:
First acquiring unit is used for obtaining from described judge module user's request of unauthenticated user;
Second judging unit is used to judge whether the load of described WEB authentication request receiving equipment surpasses default load maximum;
Allocation units are used for then pushing the authentification of user page to described user if described load is no more than default load maximum; If described load surpasses default load maximum, then ask to distribute target WEB authentication request receiving equipment, so that redirection module is redirected to described target WEB authentication request receiving equipment with described user's request for described user.
9. WEB authentication request receiving equipment according to claim 8 is characterized in that described distribution module also comprises:
Second acquisition unit is used for obtaining the authentication force value of each the WEB authentication request receiving equipment that is arranged at the WEB Verification System;
Statistic unit is used for the authentication force value of more described each WEB authentication request receiving equipment, so that described allocation units are dispensed to described user's request the WEB authentication request receiving equipment of described authentication force value minimum.
10. WEB Verification System, it is characterized in that, comprise the arbitrary described WEB authentication request receiving equipment of claim 6~9, be used for to described WEB authentication request receiving equipment provide gateway that the user asks and with described WEB authentication request receiving equipment certificate server that be connected, that be used to carry out authentification of user.
11. WEB Verification System, it is characterized in that, comprise WEB authentication request receiving equipment, be used for to described WEB authentication request receiving equipment provide gateway that the user asks, with described WEB authentication request receiving equipment certificate server that be connected, that be used to carry out authentification of user, and the authentication pressure apparatus for evaluating that is connected with described WEB authentication request receiving equipment, wherein:
Described WEB authentication request receiving equipment is sent to described authentication pressure apparatus for evaluating with the information that sends described user's requesting users after obtaining user's request;
Described authentication pressure apparatus for evaluating comprises:
The authentication determination module after being used for receiving described user's information from described WEB authentication request receiving equipment, judges that whether send described user's requesting users is authenticated user; Know that described user is authenticated user if judge, the information that then will authenticate described user's the authentication request of WEB formerly receiving equipment is sent to described WEB authentication request receiving equipment, described user's request is redirected to the described user's of authentication the authentication request of WEB formerly receiving equipment by described WEB authentication request receiving equipment; If judge and know that described user is unauthenticated user, then the information with described user is sent to evaluation module;
Described evaluation module, be used to described user to distribute target WEB authentication request receiving equipment and its information is sent to described WEB authentication request receiving equipment, described user's request is redirected to described target WEB authentication request receiving equipment by described WEB authentication request receiving equipment.
12. WEB Verification System according to claim 11 is characterized in that, described authentication pressure apparatus for evaluating also comprises:
WEB authentication online user shows maintenance module, is used for obtaining the information of whole current online user of described WEB Verification System; Correspondingly, described authentication determination module judges that according to the information of the whole current online user in the described WEB Verification System whether send described user's requesting users is authenticated user.
13. WEB Verification System according to claim 11 is characterized in that, described evaluation module is used to judge whether the load of described WEB authentication request receiving equipment surpasses default load maximum; If described load is no more than default load maximum, then the information with described WEB authentication request receiving equipment is sent to described WEB authentication request receiving equipment, so that described WEB authentication request receiving equipment pushes the authentification of user page to described user; If described load surpasses default load maximum, then distribute target WEB authentication request receiving equipment and its information is sent to described WEB authentication request receiving equipment, described user's request is redirected to described target WEB authentication request receiving equipment by described WEB authentication request receiving equipment for described user.
14. WEB Verification System according to claim 13 is characterized in that, described authentication pressure apparatus for evaluating also comprises:
Statistical module is used for obtaining the load of whole WEB authentication request receiving equipments of described WEB Verification System; Correspondingly, described evaluation module is used for asking to distribute target WEB authentication request receiving equipment according to the load of described whole WEB authentication request receiving equipments for the user.
CN201010591474XA 2010-12-16 2010-12-16 WEB authentication-based routing method, authentication request receiving device and authentication system Active CN102025633B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010591474XA CN102025633B (en) 2010-12-16 2010-12-16 WEB authentication-based routing method, authentication request receiving device and authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010591474XA CN102025633B (en) 2010-12-16 2010-12-16 WEB authentication-based routing method, authentication request receiving device and authentication system

Publications (2)

Publication Number Publication Date
CN102025633A true CN102025633A (en) 2011-04-20
CN102025633B CN102025633B (en) 2013-09-18

Family

ID=43866506

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010591474XA Active CN102025633B (en) 2010-12-16 2010-12-16 WEB authentication-based routing method, authentication request receiving device and authentication system

Country Status (1)

Country Link
CN (1) CN102025633B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546633A (en) * 2012-01-10 2012-07-04 中兴通讯股份有限公司 Selection method and device for Web authentication server
CN105450643A (en) * 2015-11-17 2016-03-30 深圳市深信服电子科技有限公司 Network access authentication method, apparatus and system
CN108900500A (en) * 2018-06-26 2018-11-27 新华三技术有限公司 login authentication method and device
CN109274657A (en) * 2018-09-04 2019-01-25 深圳市吉祥腾达科技有限公司 A kind of method and system carrying out access authentication based on WEB
CN110167028A (en) * 2019-05-30 2019-08-23 上海市共进通信技术有限公司 Realize the system and method for the WIFI roaming authentication function of decentralization

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101355550A (en) * 2007-07-27 2009-01-28 中国电信股份有限公司 Method and system for pushing wideband information combining telecom wideband AAA system
CN101656642A (en) * 2009-09-28 2010-02-24 福建星网锐捷网络有限公司 Method, device and system for testing authentication performance of network access equipment
US7769845B2 (en) * 2001-05-04 2010-08-03 Whale Communications Ltd Method and system for terminating an authentication session upon user sign-off
CN101867589A (en) * 2010-07-21 2010-10-20 深圳大学 Network identification authentication server and authentication method and system thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7769845B2 (en) * 2001-05-04 2010-08-03 Whale Communications Ltd Method and system for terminating an authentication session upon user sign-off
CN101355550A (en) * 2007-07-27 2009-01-28 中国电信股份有限公司 Method and system for pushing wideband information combining telecom wideband AAA system
CN101656642A (en) * 2009-09-28 2010-02-24 福建星网锐捷网络有限公司 Method, device and system for testing authentication performance of network access equipment
CN101867589A (en) * 2010-07-21 2010-10-20 深圳大学 Network identification authentication server and authentication method and system thereof

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546633A (en) * 2012-01-10 2012-07-04 中兴通讯股份有限公司 Selection method and device for Web authentication server
CN105450643A (en) * 2015-11-17 2016-03-30 深圳市深信服电子科技有限公司 Network access authentication method, apparatus and system
CN105450643B (en) * 2015-11-17 2019-07-02 深信服科技股份有限公司 The authentication method of network insertion, apparatus and system
CN108900500A (en) * 2018-06-26 2018-11-27 新华三技术有限公司 login authentication method and device
CN109274657A (en) * 2018-09-04 2019-01-25 深圳市吉祥腾达科技有限公司 A kind of method and system carrying out access authentication based on WEB
CN110167028A (en) * 2019-05-30 2019-08-23 上海市共进通信技术有限公司 Realize the system and method for the WIFI roaming authentication function of decentralization
CN110167028B (en) * 2019-05-30 2022-03-22 太仓市同维电子有限公司 System and method for realizing decentralized WIFI roaming authentication function

Also Published As

Publication number Publication date
CN102025633B (en) 2013-09-18

Similar Documents

Publication Publication Date Title
CN104158824B (en) Genuine cyber identification authentication method and system
CN100563248C (en) The method and system that when the user is connected to IP network, in the local management zone, is used for the leading subscriber insertion authority
CN102025633B (en) WEB authentication-based routing method, authentication request receiving device and authentication system
CN101459836B (en) Service processing method and system for content distributing network of interactive network television
WO2008072211A2 (en) Distributed network management hierarchy in a multi-station communication network
CN101227481A (en) Apparatus and method of IP access based on DHCP protocol
CN112615854B (en) Terminal access control method, device, access server and storage medium
JP2006279636A (en) Consistency guarantee management system for inter-client communication log
CN102177526A (en) Service providing system and service providing method
CN104837134B (en) A kind of web authentication user login method, equipment and system
CN106936600A (en) Charge on traffic method and system and relevant device
US20080118043A1 (en) Call Control Apparatus and Method for Controlling Call Control Apparatus
CN101309157B (en) Multicast service management method and apparatus thereof
CN110417905B (en) Contract issuing method, device, equipment and union chain system
CN106209952B (en) Service node distribution method and device, CDN management server and system
CN102647395B (en) Method, device and system for distributing number of people for online game server
CN101120537A (en) Method and equipment for controlling access to multicast IP flows
CN102546633A (en) Selection method and device for Web authentication server
CN103873585A (en) Radius authentication device and method
CN105191226B (en) For adjusting the method and arrangement of the service quality of dedicated channel based on service awareness
KR101379803B1 (en) System for distributing abnormal traffic and method of distributing abnormal traffice using the same
CN104954493A (en) Game server access method, proxy server and system
CN104980957A (en) Method and system for network registration and distribution server
CN101272259B (en) Media stream information access charging method and system
KR101518469B1 (en) Method for detecting a number of the selected devices of a plurality of client terminals from the internet request traffics sharing the public IP address and System for detecting selectively the same

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20201217

Address after: 200030 full floor, 4 / F, 190 Guyi Road, Xuhui District, Shanghai

Patentee after: Shanghai Ruishan Network Co., Ltd

Address before: 100036 Beijing Haidian District City 33 Fuxing Road Cuiwei East 1106

Patentee before: Beijing Star-Net Ruijie Networks Co.,Ltd.