CN102739628A - System for application-side login and authentication, and method thereof - Google Patents
System for application-side login and authentication, and method thereof Download PDFInfo
- Publication number
- CN102739628A CN102739628A CN2011100975760A CN201110097576A CN102739628A CN 102739628 A CN102739628 A CN 102739628A CN 2011100975760 A CN2011100975760 A CN 2011100975760A CN 201110097576 A CN201110097576 A CN 201110097576A CN 102739628 A CN102739628 A CN 102739628A
- Authority
- CN
- China
- Prior art keywords
- application program
- service
- identity
- information
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a system for application-side login and authentication, and a method thereof. A server-side verifies authentication information received by an information input window of the application-side, and the server-side provides corresponding service functions and identity information to the application-side. The application-side can provide the identity information to another server-side to be verified and to obtain corresponding service functions, so that technical effect of convenient application login and authentication is achieved.
Description
Technical field
The present invention relates to a kind of application program end login authentication system and method thereof, refer in particular to a kind of application program simulation webpage is logined under SOA login authentication system and method thereof.
Background technology
Fast development along with the network technology; Network has become the indispensable part of modern; The user opens after the webpage through browser, can carry out the inquiry of data, the purchase of article, the download of data, the statistical analysis of data through network ... etc. function.
And use for the function of webpage; Generally can wait and realize through Java (JAVA), ASP.NET, PHP...; Wherein ASP.NET is built in the class library that the exploitation web application is provided in the .NET Framework framework, three kinds of different login authentication patterns is provided: Windows Authentication, Form authentication and Passport authentication.
Windows Authentication provides integrated with traditional Windows number of the account (or Active Directory number of the account or local number of the account), and needed number of the account is specific AD (Active Directory) number of the account or local number of the account; The Form authentication allows the developer to generate the login page of themselves standard; The general member management and Role Management and some login control items of cooperating uses; User's number of the account is kept in the database, and this situation has limited the license that the user visits some page; Passport authentication meeting prompting user login also is redirected to the Passport website with this user, in good authentication behind the authority, will the user be redirected back website.
And to Windows Authentication and the Form authentication of ASP.NET, Windows Authentication is because client might not have the identity in net territory, and promptly client can not receive specific AD number of the account management, so can't carry out the authentication of client; And the advanced row of Form authentication user's registration; And log-on message is stored in the database; And need be through the management of manager's number of the account; But the Form authentication is applied to webpage, needs the particular webpage of client connecting to website to carry out the login authentication of client exactly, when client is how simple application program is carried out login authentication and then can be produced corresponding problem.
In sum; Can know when prior art has existed existing login authentication mode to be applied on the application program always since the midium or long term; Can produce the problem that to carry out login authentication or need carry out login authentication through webpage; Therefore be necessary to propose improved technological means, solve this problem.
Summary of the invention
When existing existing login authentication mode to be applied on the application program in view of prior art; Can produce the problem that to carry out login authentication or need carry out login authentication through webpage; The present invention is in providing a kind of application program end login authentication system and method thereof, wherein:
Application program end login authentication provided by the present invention system; Application program end login authentication system is applicable to SOA (Service-Oriented Architecture; SOA); Application program end login authentication system comprises: first service end, second service end and application program end, and first service end more comprises: first receiver module, authentication module, identity module, generation module, first delivery module and first service module; Second service end more comprises: second receiver module and second service module; The application program end more comprises: receiver module and link module.
Wherein, first receiver module of first service end is in order to Receipt Validation information; The authentication module of first service end is that authorization information is verified; The identity module of first service end is when authorization information is passed through checking, gives the identity of authorization information according to tables of data; First delivery module of first service end is in order to transmit identity information; First service module of first service end is according to identity information at least one first service function to be provided.
Second receiver module of second service end is in order to receive identity information; Second service module of second service end is according to identity information at least one second service function to be provided.
The receiver module of application program end is in order to receive the authorization information in the information input window; The link module of application program end is in order to the line of foundation with first service end and second service end; And authorization information to the first receiver module is provided; And identity information to the second receiver module is provided; And obtain identity information from first delivery module, and obtain at least one first service function/at least one second service function from first service module/second service module.
Application program end login validation method provided by the present invention, application program end login validation method be applicable to SOA (Service-Oriented Architecture, SOA), application program end login validation method comprises the following step:
At first, the application program termination is collected mail and is ceased the authorization information in the input window; Then, the line between the foundation of application program end and first service end, and authorization information to the first service end is provided; Then, first service end is verified authorization information; Then, when authorization information was passed through checking, first service end was given the identity of authorization information according to tables of data; Then, first service end generates identity information according to identity; Then, first service end provides identity information to application program end, and provides at least one first service function to the application program end according to identity information; Then, the line between the foundation of application program end and second service end, and identity information to the second service end is provided; At last, second service end provides at least one second service function to the application program end according to identity information.
System and method for provided by the present invention as above; And the difference between the prior art is that the present invention provides information input window at the application program end; And in information input window Receipt Validation information and authorization information to the first service end is provided; First service end promptly this authorization information is verified and when authorization information through when checking; First service end is given the identity of authorization information and is generated identity information according to tables of data, and according to identity information at least one first service function and identity information to application program end is provided, and the application program end can be through obtaining at least one second service function in identity information to the second client.
Through above-mentioned technological means, the present invention can reach the application program login authentication technology effect of convenience.
Description of drawings
Fig. 1 illustrates the system block diagrams into application program end login authentication of the present invention system.
Fig. 2 illustrates the method flow diagram into application program end login validation method of the present invention.
Fig. 3 illustrates the system architecture sketch map into application program end login authentication of the present invention.
Fig. 4 illustrates the information input window sketch map into application program end login authentication of the present invention.
Fig. 5 illustrates the data representation intention into application program end login authentication of the present invention.
[primary clustering symbol description]
10 first service ends
11 first receiver modules
12 authentication modules
13 identity modules
14 generation modules
15 first delivery modules
16 first service modules
20 second service ends
21 second receiver modules
22 second service modules
30 application program ends
31 receiver modules
32 link module
41 first service functions
42 second service functions
51 information input windows
61 authorization informations
62 tables of data
63 identity informations
Embodiment
Below will cooperate graphic and embodiment specifies execution mode of the present invention, whereby to the present invention how the application technology means implementation procedure that solves technical problem and reach technological effect can make much of and implement according to this.
The present invention is based on SOA (Service-Oriented Architecture; SOA); And so-called SOA is the framework of structure APPLICATION OF A DISTRIBUTED SYSTEM program, and being to provide function of application to Another application program or other service functions as service function.SOA has following properties: the interface of decentralized architecture (distributed), loose interconnectivity (loosely coupled), open standard (open standard) and with flow process angle set out (process centric).SOA be believed to help enterprise rapidly with the market condition of response change efficiently, and improved reusability, and the interconnection of simplification and legacy system and use.
Application program end login authentication provided by the present invention system to be described at first below, and please refer to shown in " Fig. 1 " that " Fig. 1 " illustrates the system block diagrams into application program end login authentication of the present invention system.
Application program end login authentication provided by the present invention system; Comprise: first service end 10, second service end 20 more comprise with application program end 30, the first service ends 10: first receiver module 11, authentication module 12, identity module 13, generation module 14, first delivery module 15 and first service module 16; Second service end 20 more comprises: second receiver module 21 and second service module 22; Application program end 30 more comprises: receiver module 31 and link module 32.
The user in the process of using application program end 30 in the time need using first service function of first service end 10; Application program end 30 at first can provide user's information input window; In general information input window is the form that presents dialog box; But the present invention is not as restriction, and information input window promptly needs user's input validation information, and authorization information includes user's title to be user's password; The information that authorization information comprised is merely at this and illustrates it, does not limit to application category of the present invention with this.
The user imports the completion authorization information in information input window after; The receiver module 31 of application program end 30 promptly can receive the authorization information that the user is imported in information input window, and through the line of link module 32 foundation with first service end 10.The application program end 30 and first service end 10 set up line can through cable network or wireless network (blue bud, WIFI ... etc.) mode; Be merely at this and illustrate it; Do not limit to application category of the present invention, and first service end 10 can be interior service end of LAN or the service end on the internet with this.
Then; Link module 32 can provide first receiver module 11 to first service end 10 with receiver module 31 received authorization informations; And after first receiver module 11 obtains authorization information, promptly can verify through 12 pairs of authorization informations of authentication module of first service end 10 again.
Because authorization information includes user's title and user's password; Therefore; 12 pairs of authorization informations of authentication module verify whether the user's title and the user's password that are the comparison authorization information are present in the tables of data, and whether user's title and user's password be corresponding, when user's title and user's password all are present in the tables of data; And user's title and the corresponding establishment simultaneously of user's password; Then authorization information just can be through the checking of authentication module 12, and wherein, above-mentioned tables of data stores many data; Each data comprises user's title, user's password and this identity, and tables of data is established in advance.
Then; The identity module 13 of first service end 10 can be when the checking of authorization information through authentication module 12 (representing that application program end 30 passes through login authentication at this moment); Give the identity of authorization information according to tables of data; Identity can for highest weight limit identity, the first order limit authority identity, the second level limit the authority identity ..., visitor's authority identity ... etc.; The operable service function of each different identity can have difference, is merely at this and illustrates it, does not limit to application category of the present invention with this.
Then; After identity module 13 is given the identity of authorization information according to tables of data; Promptly can generate identity information through the generation module 14 of first service end 10; Generation module 14 is to generate identity information with network biscuit (cookie) mode, and first delivery module 15 through first service end 10 provides the identity information that generation module 14 is generated to link module 32 again.
At the same time; First service module 16 of first service end 10 can provide at least one first service function corresponding with the identity of identity information to link module 32 according to the identity information that generation module 14 is generated; Under SOA, let application program end 30 can simulate the webpage login whereby, make application program end 30 obtain further service function.
Then; When the user need use second service function of second service end 20, at this moment, link module 32 promptly can be set up the line with second service end 20; The application program end 30 and second service end 20 set up line can through cable network or wireless network (blue bud, WIFI ... etc.) mode; Be merely at this and illustrate it, do not limit to application category of the present invention, and second service end 20 can be service end or the service end on the internet in the LAN with this.
Then; Second receiver module 21 of identity information to the second service end 20 is provided; After second receiver module 21 obtains identity information; Promptly can be again second service module 22 through second service end 20 provide at least one second service function corresponding to link module 32 with the identity of identity information, under SOA, let application program end 30 can simulate the webpage login whereby, make application program end 30 obtain further service function.
Then; Below will explain orally function mode of the present invention and flow process with an embodiment; Following embodiment explains and describes cooperating shown in " Fig. 1 " and " Fig. 2 " synchronously that " Fig. 2 " illustrates the method flow diagram into application program end login validation method of the present invention.
Please refer to shown in " Fig. 3 " and " Fig. 4 ", " Fig. 3 " illustrates the system architecture sketch map into application program end login authentication of the present invention; " Fig. 4 " illustrates the information input window sketch map into application program end login authentication of the present invention.
The user in the process of using application program end 30 in the time need using first service function 41 of first service end 10; Application program end 30 at first can provide user's information input window 51; And the user imports in information input window 51, and user's name is called " XYZ " and user's password is " 1234 "; And press " confirming " button; At this moment, receiver module 31 promptly can receive the authorization information 61 that the user imported and is " user's title: XYZ, user's password: 1234 " in information input window 51.
Then, link module 32 can be set up the line with first service end 10, and is that " user's title: XYZ, user's password: 1234 " provides to first receiver module 11 with receiver module 31 received authorization informations 61.
Then, please refer to shown in " Fig. 3 " and " Fig. 5 ", " Fig. 5 " illustrates the data representation intention into application program end login authentication of the present invention.
Then; Please refer again to shown in " Fig. 3 "; Identity module 13 can be when the checking of authorization information 61 through authentication module 12 (representing that application program end 30 passes through login authentication at this moment); The identity of giving authorization information 61 according to tables of data 62 is " highest weight limit identity ", and can be again through generation module 14 identity " highest weight limit identity " of identity module 13 be generated identity information 63 with network biscuit (cookie) mode.
And identity information 63 provided to link module 32 through first delivery module 15; And first service module 16 can be again provides the first corresponding service function 41 of identity " highest weight limit identity " with identity information 63 according to identity information 63, and the identity of identity information 63 " highest weight limit identity " promptly can be used the first all service functions 41.
Then; When the user need use second service function 42 of second service end 20; At this moment; Link module 32 promptly can be set up the line with second service end 20, and second receiver module 21 of identity information 63 to second service ends 20 is provided, after second receiver module 21 obtains identity information 63; Promptly can be again the second corresponding service function 42 of identity " highest weight limit identity " with identity information 63 be provided, and the identity of identity information 63 " highest weight limit identity " promptly can be used the second all service functions 42 through second service module 22.
In sum; But the difference between knowledge capital invention and the prior art is that the present invention provides information input window at the application program end; And in information input window Receipt Validation information and authorization information to the first service end is provided; First service end promptly this authorization information is verified and when authorization information through when checking; First service end is given the identity of authorization information and is generated identity information according to tables of data, and according to identity information at least one first service function and identity information to application program end is provided, and the application program end can be through obtaining at least one second service function in identity information to the second client.
In the time of can solving the existing existing login authentication mode of prior art and be applied on the application program through this technological means; Can produce and to carry out login authentication or need carry out the problem of login authentication, and then reach the application program login authentication technology effect of convenience through webpage.
Though execution mode provided by the present invention as above, only described content is not in order to direct qualification scope of patent protection of the present invention.Have common knowledge the knowledgeable in the technical field under any the present invention, under the prerequisite that does not break away from disclosed spirit of the present invention and scope, can do a little change in form and on the details what implement.Scope of patent protection of the present invention, still must with appending claims the person of being defined be as the criterion.
Claims (8)
1. application program end login authentication system, this application program end login authentication system is applicable to SOA, it is characterized in that, this application program end login authentication system comprises:
One first service end, this first service end more comprises:
One first receiver module is in order to receive an authorization information;
One authentication module is verified this authorization information;
One identity module when this authorization information is passed through checking, is given an identity of this authorization information according to tables of data;
One generates module, in order to generate an identity information according to this identity;
One first delivery module is in order to transmit this identity information; And
One first service module provides at least one first service function according to this identity information;
One second service end, this second service end more comprises:
One second receiver module is in order to receive this identity information; And
One second service module provides at least one second service function according to this identity information; And
One application program end, this application program end more comprises:
One receiver module is in order to receive this authorization information in the information input window; And
One link module; In order to the line of foundation with this first service end and this second service end; And provide this authorization information to this first receiver module; And provide this identity information to this second receiver module, and this first delivery module obtains this identity information certainly, and this first service module/this second service module obtains this at least one first service function/this at least one second service function certainly.
2. application program end login authentication as claimed in claim 1 system is characterized in that this authorization information comprises user's title and user's password.
3. application program end login authentication as claimed in claim 1 system is characterized in that this generation module is to generate this identity information with network biscuit mode.
4. application program end login authentication as claimed in claim 1 system is characterized in that this tables of data stores many data, and each data comprises user's title, user's password and this identity.
5. application program end login validation method, this application program end login validation method is applicable to SOA, it is characterized in that, this application program end login validation method comprises the following step:
One application program termination is collected mail and is ceased the authorization information in the input window;
Line between this application program end foundation and one first service end, and provide this authorization information to this first service end;
This first service end is verified this authorization information;
When this authorization information was passed through checking, this first service end was given an identity of this authorization information according to tables of data;
This first service end generates an identity information according to this identity;
This first service end provides this identity information to this application program end, and provides at least one first service function to this application program end according to this identity information;
Line between this application program end foundation and one second service end, and provide this identity information to this second service end; And
This second service end provides at least one second service function to this application program end according to this identity information.
6. application program end login validation method as claimed in claim 5 is characterized in that, this application program termination is collected mail and ceased in the step of this authorization information in the input window, and this authorization information comprises user's title and user's password.
7. application program end login validation method as claimed in claim 5 is characterized in that, this first service end is to generate this identity information with network biscuit mode according to the step that this identity generates this identity information.
8. application program end login validation method as claimed in claim 5; It is characterized in that; When this authorization information is passed through checking; This first service end is given according to tables of data in the step of this identity of this authorization information, and this tables of data stores many data, and each data comprises user's title, user's password and this identity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100975760A CN102739628A (en) | 2011-04-14 | 2011-04-14 | System for application-side login and authentication, and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100975760A CN102739628A (en) | 2011-04-14 | 2011-04-14 | System for application-side login and authentication, and method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102739628A true CN102739628A (en) | 2012-10-17 |
Family
ID=46994423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011100975760A Pending CN102739628A (en) | 2011-04-14 | 2011-04-14 | System for application-side login and authentication, and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102739628A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112836208A (en) * | 2019-11-25 | 2021-05-25 | 英业达科技有限公司 | Multiple login system and method for same user |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1469583A (en) * | 2002-07-16 | 2004-01-21 | 北京创原天地科技有限公司 | Method of sharing subscriber confirming information in different application systems of internet |
| CN101277193A (en) * | 2008-05-05 | 2008-10-01 | 北京航空航天大学 | One-point entry and access system based on authentication service acting information facing to service architecture |
| CN101350717A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Method and system for logging on third party server through instant communication software |
| CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
-
2011
- 2011-04-14 CN CN2011100975760A patent/CN102739628A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1469583A (en) * | 2002-07-16 | 2004-01-21 | 北京创原天地科技有限公司 | Method of sharing subscriber confirming information in different application systems of internet |
| CN101350717A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Method and system for logging on third party server through instant communication software |
| CN101277193A (en) * | 2008-05-05 | 2008-10-01 | 北京航空航天大学 | One-point entry and access system based on authentication service acting information facing to service architecture |
| CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112836208A (en) * | 2019-11-25 | 2021-05-25 | 英业达科技有限公司 | Multiple login system and method for same user |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104348777B (en) | The access control method and system of a kind of mobile terminal to third-party server | |
| CN111580820B (en) | Applet generation method and device | |
| CN101951319B (en) | Unified identity authentication method supporting data integration of heterogeneous application module | |
| CN103227799A (en) | Implementing method of unified user management and single sign-on platform based on multiple application systems | |
| CN103198130A (en) | Method and device for realizing login unified with webpage on client side | |
| CN102724079B (en) | Method and system for auxiliary configuration of Ethernet equipment | |
| CN110442524A (en) | It is a kind of for have Certificate Authority web service interface test method and device | |
| EP1773082A1 (en) | Remote testing of mobile terminals | |
| CN104272293B (en) | For remote enterprise strategy/client configuration of computing device | |
| CN105337933B (en) | Create method, system and the main account device of sub- account and sub- account device | |
| CN109254739A (en) | file printing method, device and system | |
| CN108369614A (en) | User authen method and system for carrying out the process | |
| CN110247758A (en) | The method, apparatus and code management device of Password Management | |
| CN104580211A (en) | SOA architecture-based intrusive system | |
| CN104144161A (en) | Interacting method and system for client side and WEB server side | |
| CN102420808B (en) | Method for realizing single signon on telecom on-line business hall | |
| CN104823410B (en) | Parameter setting system, program managing device and information processing unit | |
| CN103384246A (en) | Safety supervision system login assistant method | |
| CN102412969A (en) | Method for carrying out authentication by remotely using certificate and secret key, apparatus and system thereof | |
| CN102137045A (en) | Method and system for implementing group information interaction on community platform | |
| CN102739628A (en) | System for application-side login and authentication, and method thereof | |
| CN111461718A (en) | Access method, device and system of block chain node | |
| CN107770219A (en) | A kind of sharing method, gateway server and the system of form window | |
| CN102137035A (en) | Method and system for realizing group information interaction based on community platform | |
| CN102137044A (en) | Method and system for safely interacting group information based on community platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20121017 |