CN103023861A - Network login method and login system, as well as authentication server - Google Patents
Network login method and login system, as well as authentication server Download PDFInfo
- Publication number
- CN103023861A CN103023861A CN2011102877902A CN201110287790A CN103023861A CN 103023861 A CN103023861 A CN 103023861A CN 2011102877902 A CN2011102877902 A CN 2011102877902A CN 201110287790 A CN201110287790 A CN 201110287790A CN 103023861 A CN103023861 A CN 103023861A
- Authority
- CN
- China
- Prior art keywords
- information
- client
- authentication server
- log
- identity information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a network login method and a login system, as well as an authentication server. The method comprises the steps of determining the authentication server to be accessed by a client according to web site information to be accessed, and transmitting identity information to the authentication server; validating the received identity information by the authentication server; returning the login information corresponding to the identity information to the client through certification; and requesting a function server to access corresponding web page by the client according to the received login information. Through the network login method and the login system, the security of web site login is improved, and the potential safety hazard that the login information is easily stolen when being stored at the client is also removed.
Description
Technical field
The present invention relates to computer, network communications technology field, relate in particular to a kind of network entry method and login system, authentication server.
Background technology
Network entry is a kind of user when using the client browsing page, the Lookup protocol logging status, and to save the method for user's manual entry operation, the method makes things convenient for user's browsing page.A kind of network entry method that exists at present mainly may further comprise the steps as shown in Figure 1:
Step 101, client are preserved each website in this locality static subscriber's name and password obtain domain name according to the website information that will access, select corresponding username and password as log-on message by domain name.
Step 102, client are carried at described website information and send to function server in the logging request with the log-on message of searching.
Step 103, function server checking logging request is namely verified the log-on message of carrying in the logging request, and checking by the time return corresponding Webpage information to client.
Yet there is following defective in above-mentioned login method: need to be in client maintenance, preserve many parts of log-on messages, and log-on message is kept at client and has potential safety hazard, such as being stolen by wooden horse etc.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of network entry method and login system, authentication server, need to be in client maintenance to solve existing network entry method, preserve many parts of log-on messages, there is the problem of potential safety hazard.
For achieving the above object, technical scheme of the present invention is achieved in that
The invention provides a kind of network entry method, the method comprises:
The website information that client is accessed as required need to determine the authentication server of access, and sends identity information to described authentication server;
Described authentication server verifies the identity information that receives, and checking by after the log-on message corresponding with described identity information returned to described client;
Described client according to the log-on message that receives to the corresponding Website page of function server request access.
In the such scheme, the website information that described client is accessed as required need to determine the authentication server of access, be specially: obtain domain name corresponding to described website information, the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server of access.
In the such scheme, to the corresponding Website page of function server request access, be specially: described client sends logging request to function server to described client, carries described log-on message and website information in the described logging request according to the log-on message that receives; Described function server is verified the log-on message in the described logging request, and is returned with described website information corresponding Website page information by rear to described client in checking.
In the such scheme, the method further comprises: described authentication server is preserved the corresponding relation of identity information and log-on message.
In the such scheme, further comprise in the method: described client to self the logon server request and obtain described identity information.
The present invention also provides a kind of network entry system, and this system comprises: client, authentication server and function server, wherein,
Described client, the website information that is used for as required access need to determine the authentication server of access, and sends identity information to described authentication server;
Described authentication server is used for the identity information that receives is verified, and checking by after the log-on message corresponding with described identity information returned to described client;
Described client also is used for, according to the log-on message that receives to the corresponding Website page of function server request access;
Described function server is used to described client that the service of the access websites page is provided.
In the such scheme, described client is further used for, and obtains domain name corresponding to described website information, and the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server of access.
In the such scheme, described client is further used for, and after receiving described log-on message, sends logging request to function server, carries described log-on message and website information in the described logging request;
Accordingly, described function server is further used for, and the log-on message in the described logging request is verified, and returned with described website information corresponding Website page information by rear to described client in checking.
The present invention also provides a kind of authentication server, comprising:
The identity information authentication module is used for when receiving the identity information of client transmission the identity information that receives being verified;
Logon information returns module, be used for after described identity information authentication module passes through the checking of described identity information, the logon information corresponding with described identity information returned to described client, access corresponding Website page for described client according to described logon information.
Wherein, described authentication server further comprises the corresponding relation memory module, connect described logon information and return module, be used for to preserve the corresponding relation of identity information and log-on message, and return the inquiry service that module provides described corresponding relation for described logon information.
A kind of network entry method provided by the present invention and login system, authentication server, the website information that client is accessed as required need to determine the authentication server of access, and sends identity information to authentication server; Authentication server verifies the identity information that receives, and checking by after the log-on message corresponding with identity information returned to client; Client according to the log-on message that receives to the corresponding Website page of function server request access.By the present invention, the log-on message of website is kept at special authentication server, and no longer by client storage, needs just can get access to log-on message by the checking of authentication server first during the client login, have improved the fail safe of website log; In addition, client is no longer preserved log-on message, has also removed log-on message and has been kept at the potential safety hazard that client is stolen easily and gets.
Description of drawings
Fig. 1 is the flow chart of a kind of network entry method of the prior art;
Fig. 2 is the flow chart of a kind of network entry method of the embodiment of the invention;
Fig. 3 is the structural representation of a kind of network entry system of the embodiment of the invention;
Fig. 4 is the structural representation of a kind of authentication server of the embodiment of the invention.
Embodiment
The technical solution of the present invention is further elaborated below in conjunction with the drawings and specific embodiments.
For avoiding in client maintenance, preserve the many parts of potential safety hazards that log-on message exists, the method that a kind of user of allowing provided by the present invention can login when browsing page automatically mainly comprises:
The website information that step 1, client are accessed as required need to determine the authentication server of access, and sends identity information to described authentication server.
So-called authentication server refers to receive the identity information of client, the server that identity information is verified.Wherein, the website information that client is accessed as required need to determine the authentication server of access, is specially:
Obtain domain name corresponding to described website information, the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server of access.
In addition, also may share a unified authentication server in a plurality of websites in the practical application, for this situation, client can directly be carried the unified authentication server of domain name access corresponding to website information.
No matter adopt above-mentioned which kind of mode, purpose all is to allow authentication server know that the website of which domain name needs login.
Step 2, authentication server verify the identity information that receives, and checking by after the log-on message corresponding with described identity information returned to described client.
Authentication server need to be preserved identity information and log-on message, and safeguards the mapping relations of identity information and log-on message.
Step 3, client according to the log-on message that receives to the corresponding Website page of function server request access.
The called function server is the client browsing page, when pulling data, the associated server of network request occurs.
Concrete, client sends logging request to function server, carries log-on message and website information in the described logging request; Function server is verified the log-on message in the logging request, and is returned with described website information corresponding Website page information by rear to client in checking.
The below further elaborates network entry method of the present invention in conjunction with Fig. 2 again, as shown in Figure 2, mainly may further comprise the steps:
Step 201, behind the client terminal start-up, to self the logon server request and obtain identity information; When client needed accessed web page, the website information of access need to determine the authentication server of access as required, and sent identity information to authentication server.
Step 202-203, authentication server verify the identity information that receives, and checking by after the log-on message corresponding with described identity information returned to client.
Authentication server can adopt the form of cookie that described log-on message is returned to client, and certainly, the mode that authentication server returns log-on message to client in the embodiment of the invention is not limited only to above-mentioned the act.Such as: log-on message can be returned to client with the form of HTML (Hypertext Markup Language) (HTTP, HyperText Transfer Protocol) packet inclusion or file.
Need to prove, when authentication server during to the authentication failed of identity information, return the response of authentication failed to client.
Step 204, client sends logging request to function server, the website information of carrying described log-on message in the described logging request and needing to access.
Step 205-206, function server verify the log-on message in the described logging request, and return with described website information corresponding Website page information by rear to client in checking.
Need to prove, when function server during to the authentication failed of log-on message, return the response of authentication failed to client.
Corresponding above-mentioned network entry method, the present invention also provides a kind of network entry system, as shown in Figure 3, mainly comprises: client 10, authentication server 20 and function server 30.Wherein, client 10, the website information that is used for as required access need to determine the authentication server of access, and sends identity information to authentication server 20.Authentication server 20 is used for the identity information that receives is verified, and checking by after the log-on message corresponding with identity information returned to client 10.Client 10 also is used for, according to the log-on message that receives to the corresponding Website page of function server 30 request access; Function server 30 is used to client 10 that the service of the access websites page is provided.
Better, client 10 also can be used for, and obtains domain name corresponding to described website information, and the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server 20 of access.In addition, also may share a unified authentication server 20 in a plurality of websites in the practical application, for this situation, client 10 can directly be carried the unified authentication server 20 of domain name access corresponding to website information.No matter adopt above-mentioned which kind of mode, purpose all is to allow authentication server 20 know that the website of which domain name needs login.
Better, client 10 also can be used for, and after receiving log-on message, sends logging request to function server 30, carries described log-on message and website information in the described logging request;
Accordingly, function server 30 also can be used for, and the log-on message in the described logging request is verified, and returned with described website information corresponding Website page information by rear to client 10 in checking.
Better, authentication server 20 is further used for, and preserves the corresponding relation of identity information and log-on message.
Better, client 10 is further used for, when the needs access websites page, from self server request and obtain described identity information.
A kind of preferred embodiment of the present invention provides a kind of structure of authentication server, and as shown in Figure 4, this authentication server comprises: identity information authentication module 21 and logon information return module 22.Wherein, identity information authentication module 21 is used for when receiving the identity information of client transmission the identity information that receives being verified.Logon information returns module 22, is used for after the checking of 21 pairs of identity informations of identity information authentication module is passed through the logon information corresponding with this identity information being returned to client, accesses corresponding Website page for client according to logon information.
Authentication server can further comprise corresponding relation memory module 23, connects logon information and returns module 22, is used for preserving the corresponding relation of identity information and log-on message, and returns the inquiry service that module 22 provides described corresponding relation for logon information.In actual applications, corresponding relation memory module 23 both can be used as and has been independent of the module that identity information authentication module 21 and logon information return module 22 and exists, certainly, its function also can be integrated in logon information and return in the module 22, returns the memory function that module 22 realizes described corresponding relation by logon information.
In sum, the present invention is kept at special authentication server with the log-on message of website, and no longer by client storage, needs just can get access to log-on message by the checking of authentication server first during the client login, have improved the fail safe of website log; In addition, client is no longer preserved log-on message, has also removed log-on message and has been kept at the potential safety hazard that client is stolen easily and gets.
The above is preferred embodiment of the present invention only, is not for limiting protection scope of the present invention.
Claims (12)
1. network entry method is characterized in that the method comprises:
The website information that client is accessed as required need to determine the authentication server of access, and sends identity information to described authentication server;
Described authentication server verifies the identity information that receives, and checking by after the log-on message corresponding with described identity information returned to described client;
Described client according to the log-on message that receives to the corresponding Website page of function server request access.
2. described network entry method according to claim 1 is characterized in that, the website information that described client is accessed as required need to determine the authentication server of access, is specially:
Obtain domain name corresponding to described website information, the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server of access.
3. described network entry method according to claim 1 is characterized in that, described client, is specially to the corresponding Website page of function server request access according to the log-on message that receives:
Described client sends logging request to function server, carries described log-on message and website information in the described logging request;
Described function server is verified the log-on message in the described logging request, and is returned with described website information corresponding Website page information by rear to described client in checking.
4. according to claim 1,2 or 3 described network entry methods, it is characterized in that the method further comprises: described authentication server is preserved the corresponding relation of identity information and log-on message.
5. according to claim 1,2 or 3 described network entry methods, it is characterized in that, further comprise in the method: described client to self the logon server request and obtain described identity information.
6. a network entry system is characterized in that, this system comprises: client, authentication server and function server, wherein,
Described client, the website information that is used for as required access need to determine the authentication server of access, and sends identity information to described authentication server;
Described authentication server is used for the identity information that receives is verified, and checking by after the log-on message corresponding with described identity information returned to described client;
Described client also is used for, according to the log-on message that receives to the corresponding Website page of function server request access;
Described function server is used to described client that the service of the access websites page is provided.
7. described network entry system according to claim 6, it is characterized in that described client is further used for, obtain domain name corresponding to described website information, the domain name of splicing corresponding authentication server according to domain name corresponding to described website information is need to determine the authentication server of access.
8. described network entry system according to claim 6 is characterized in that described client is further used for, and after receiving described log-on message, sends logging request to function server, carries described log-on message and website information in the described logging request;
Accordingly, described function server is further used for, and the log-on message in the described logging request is verified, and returned with described website information corresponding Website page information by rear to described client in checking.
9. according to claim 6,7 or 8 described network entry systems, it is characterized in that described authentication server is further used for, preserve the corresponding relation of identity information and log-on message.
10. according to claim 6,7 or 8 described network entry systems, it is characterized in that described client is further used for, to self the logon server request and obtain described identity information.
11. an authentication server is characterized in that, comprising:
The identity information authentication module is used for when receiving the identity information of client transmission the identity information that receives being verified;
Logon information returns module, be used for after described identity information authentication module passes through the checking of described identity information, the logon information corresponding with described identity information returned to described client, access corresponding Website page for described client according to described logon information.
12. described authentication server according to claim 11, it is characterized in that, described authentication server further comprises the corresponding relation memory module, connect described logon information and return module, be used for to preserve the corresponding relation of identity information and log-on message, and return the inquiry service that module provides described corresponding relation for described logon information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110287790.2A CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110287790.2A CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103023861A true CN103023861A (en) | 2013-04-03 |
CN103023861B CN103023861B (en) | 2016-11-16 |
Family
ID=47971995
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110287790.2A Active CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103023861B (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103888540A (en) * | 2014-03-31 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Login information synchronization method, synchronized network servers and synchronizing network servers |
CN104579860A (en) * | 2013-10-25 | 2015-04-29 | 华为终端有限公司 | Method for accessing network side service, server and system for accessing network side service |
CN105677861A (en) * | 2016-01-07 | 2016-06-15 | 无锡天脉聚源传媒科技有限公司 | Method and device for switching webpage advanced content in reversal mode |
CN105978866A (en) * | 2016-04-28 | 2016-09-28 | 北京网康科技有限公司 | User access control implementation method, system and third party user server |
CN107872440A (en) * | 2016-09-28 | 2018-04-03 | 腾讯科技(深圳)有限公司 | Identification authentication methods, devices and systems |
CN107948210A (en) * | 2018-01-08 | 2018-04-20 | 武汉斗鱼网络科技有限公司 | A kind of login method, device, client, server and medium |
CN108234415A (en) * | 2016-12-21 | 2018-06-29 | 百度在线网络技术(北京)有限公司 | For verifying the method and apparatus of user |
CN109672680A (en) * | 2018-12-24 | 2019-04-23 | 成都四方伟业软件股份有限公司 | Cross-domain login method |
CN109768965A (en) * | 2018-12-14 | 2019-05-17 | 广州华多网络科技有限公司 | A kind of login method of server, equipment and storage device |
CN112422533A (en) * | 2020-11-05 | 2021-02-26 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
CN113973006A (en) * | 2021-09-18 | 2022-01-25 | 重庆云华科技有限公司 | Intranet data access management method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005004406A1 (en) * | 2003-07-03 | 2005-01-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and network for wlan session control |
CN101534531A (en) * | 2009-04-02 | 2009-09-16 | 中兴通讯股份有限公司 | A network switching method and system |
CN102026091A (en) * | 2010-10-27 | 2011-04-20 | 大连工业大学 | Navigation system and working method thereof |
-
2011
- 2011-09-26 CN CN201110287790.2A patent/CN103023861B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005004406A1 (en) * | 2003-07-03 | 2005-01-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and network for wlan session control |
CN101534531A (en) * | 2009-04-02 | 2009-09-16 | 中兴通讯股份有限公司 | A network switching method and system |
CN102026091A (en) * | 2010-10-27 | 2011-04-20 | 大连工业大学 | Navigation system and working method thereof |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104579860B (en) * | 2013-10-25 | 2018-10-12 | 华为终端有限公司 | Access method, server and the system of network-side service |
CN104579860A (en) * | 2013-10-25 | 2015-04-29 | 华为终端有限公司 | Method for accessing network side service, server and system for accessing network side service |
CN103888540B (en) * | 2014-03-31 | 2017-02-08 | 百度在线网络技术(北京)有限公司 | Login information synchronization method, synchronized network servers and synchronizing network servers |
CN103888540A (en) * | 2014-03-31 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Login information synchronization method, synchronized network servers and synchronizing network servers |
CN105677861B (en) * | 2016-01-07 | 2019-05-24 | 无锡天脉聚源传媒科技有限公司 | A kind of method and device switching the advanced content of webpage in a manner of overturning |
CN105677861A (en) * | 2016-01-07 | 2016-06-15 | 无锡天脉聚源传媒科技有限公司 | Method and device for switching webpage advanced content in reversal mode |
CN105978866A (en) * | 2016-04-28 | 2016-09-28 | 北京网康科技有限公司 | User access control implementation method, system and third party user server |
CN105978866B (en) * | 2016-04-28 | 2019-04-23 | 北京网康科技有限公司 | A kind of method and system of user access control, third party's client server |
CN107872440A (en) * | 2016-09-28 | 2018-04-03 | 腾讯科技(深圳)有限公司 | Identification authentication methods, devices and systems |
CN107872440B (en) * | 2016-09-28 | 2020-09-08 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system |
CN108234415A (en) * | 2016-12-21 | 2018-06-29 | 百度在线网络技术(北京)有限公司 | For verifying the method and apparatus of user |
CN107948210A (en) * | 2018-01-08 | 2018-04-20 | 武汉斗鱼网络科技有限公司 | A kind of login method, device, client, server and medium |
CN109768965A (en) * | 2018-12-14 | 2019-05-17 | 广州华多网络科技有限公司 | A kind of login method of server, equipment and storage device |
CN109768965B (en) * | 2018-12-14 | 2022-04-19 | 广州华多网络科技有限公司 | Login method, equipment and storage medium of server |
CN109672680A (en) * | 2018-12-24 | 2019-04-23 | 成都四方伟业软件股份有限公司 | Cross-domain login method |
CN109672680B (en) * | 2018-12-24 | 2021-10-08 | 成都四方伟业软件股份有限公司 | Cross-domain login method |
CN112422533A (en) * | 2020-11-05 | 2021-02-26 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
CN113973006A (en) * | 2021-09-18 | 2022-01-25 | 重庆云华科技有限公司 | Intranet data access management method and system |
Also Published As
Publication number | Publication date |
---|---|
CN103023861B (en) | 2016-11-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103023861A (en) | Network login method and login system, as well as authentication server | |
US9794242B2 (en) | Method, apparatus and application platform for realizing logon to an application service website | |
US11706218B2 (en) | Systems and methods for controlling sign-on to web applications | |
CN103024740B (en) | Method and system for accessing internet by mobile terminal | |
US9264435B2 (en) | Apparatus and methods for access solutions to wireless and wired networks | |
CN103188207B (en) | A kind of cross-domain single sign-on realization method and system | |
CN104378376A (en) | SOA-based single-point login method, authentication server and browser | |
EP2894833B1 (en) | Portal push method and network equipment | |
CN104378382A (en) | Multiple client wireless authentication system and authentication method thereof | |
CN102984169A (en) | Single sign-on method, equipment and system | |
CN103139137B (en) | Network service provider method and device | |
US20080119177A1 (en) | Metadata Content Delivery System for Wireless Networks | |
CN105072123A (en) | Single sign on log-out method and system under cluster environment | |
CN102843357A (en) | Network accessing method, application server and system | |
CN102801713A (en) | Website logging-in method and system as well as accessing management platform | |
CN103179080B (en) | The cloud computer system of a kind of Internet user and the method for connection cloud computer | |
CN109819033A (en) | A kind of resource file loading method and system | |
CN103634111B (en) | Single-point logging method and system and single sign-on client-side | |
CN109088884B (en) | Website access method, device, server and storage medium based on identity authentication | |
CN104902033B (en) | Log in address recording method and device | |
CN105100068A (en) | System and method for realizing single sign-on | |
US11075922B2 (en) | Decentralized method of tracking user login status | |
CN102984179A (en) | Cloud-computing operating system oriented method for cross-domain access to Web services | |
CN103069741A (en) | Credential authentication method and single sign-on server | |
CN105490993B (en) | Method and device for preventing Cookie tracking in browser |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |