CN103023861B - A kind of network entry method and login system, authentication server - Google Patents
A kind of network entry method and login system, authentication server Download PDFInfo
- Publication number
- CN103023861B CN103023861B CN201110287790.2A CN201110287790A CN103023861B CN 103023861 B CN103023861 B CN 103023861B CN 201110287790 A CN201110287790 A CN 201110287790A CN 103023861 B CN103023861 B CN 103023861B
- Authority
- CN
- China
- Prior art keywords
- information
- client
- authentication server
- log
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of network entry method and login system, authentication server, method includes: the website information that client accesses as required determines the authentication server that needs access, and sends identity information to authentication server;The identity information received is verified by authentication server, and after being verified, the log-on message corresponding with identity information is returned to client;Client accesses corresponding Website page according to the log-on message received to function server request.By the present invention, improve the safety of website log, also relieve log-on message and be saved in client and be easily stolen the potential safety hazard taken.
Description
Technical field
The present invention relates to computer, network communication technology field, particularly relate to a kind of network entry method and step on
Recording system, authentication server.
Background technology
Network entry is a kind of user when using Client browse webpage, automatically arranges logging status, to save
The method of user's manual entry operation, the method facilitates user to browse webpage.A kind of network that presently, there are is stepped on
Recording method is as it is shown in figure 1, mainly comprise the steps that
Step 101, client preserves static subscriber's name and the password of each website in this locality, according to access
Website information obtain domain name, select corresponding username and password as log-on message by domain name.
Step 102, the log-on message of described website information and lookup is carried and is sent out in logging request by client
Deliver to function server.
Step 103, function server checking logging request, i.e. the log-on message carried in logging request is entered
Row checking, and return corresponding web page information when being verified to client.
But, there is following defect in above-mentioned login method: needs in client maintenance, preserve many parts and log in letter
Breath, log-on message is saved in client and there is potential safety hazard, such as stolen by wooden horse.
Summary of the invention
In view of this, a kind of network entry method of offer and login system, mirror are provided
Power server, with solve existing network entry method need in client maintenance, preserve many parts of log-on messages,
The problem that there is potential safety hazard.
For reaching above-mentioned purpose, the technical scheme is that and be achieved in that:
The invention provides a kind of network entry method, the method includes:
The website information that client accesses as required determines the authentication server needing to access, and sends identity
Information is to described authentication server;
The identity information received is verified by described authentication server, and will be with described body after being verified
Log-on message corresponding to part information returns to described client;
Described client accesses corresponding Website page according to the log-on message received to function server request.
In such scheme, the website information that described client accesses as required determines the authentication clothes needing to access
Business device, particularly as follows: obtain the domain name that described website information is corresponding, according to the domain name that described website information is corresponding
It is spliced into the domain name of corresponding authentication server, to determine the authentication server needing to access.
In such scheme, described client accesses corresponding according to the log-on message received to function server request
Website page, particularly as follows: described client sends logging request, described logging request to function server
In carry described log-on message and website information;Login in described logging request is believed by described function server
Breath is verified, and returns the website pages corresponding with described website information to described client after being verified
Surface information.
In such scheme, the method farther includes: described authentication server preserves identity information and logs in letter
The corresponding relation of breath.
In such scheme, farther include in the method: described client is asked to the login service device of self
And obtain described identity information.
Present invention also offers a kind of network entry system, this system includes: client, authentication server and
Function server, wherein,
Described client, the website information for accessing as required determines the authentication server needing to access,
And send identity information to described authentication server;
Described authentication server, for the identity information received is verified, and will be with after being verified
The log-on message that described identity information is corresponding returns to described client;
Described client is additionally operable to, and accesses corresponding net according to the log-on message received to function server request
Stand the page;
Described function server, for providing the service accessing Website page for described client.
In such scheme, described client is further used for, and obtains the domain name that described website information is corresponding, root
It is spliced into the domain name of corresponding authentication server according to the domain name that described website information is corresponding, needs access to determine
Authentication server.
In such scheme, described client is further used for, after receiving described log-on message, to function
Server sends logging request, carries described log-on message and website information in described logging request;
Accordingly, described function server is further used for, and carries out the log-on message in described logging request
Checking, and return the Website page information corresponding with described website information to described client after being verified.
Present invention also offers a kind of authentication server, including:
Identity information authentication module, for when receiving the identity information that client sends, to received
Identity information is verified;
Logon information returns module, in the checking to described identity information of the described identity information authentication module
By rear, the logon information corresponding with described identity information is returned to described client, for described client
Hold and access corresponding Website page according to described logon information.
Wherein, described authentication server farther includes corresponding relation memory module, connects described logon information
Return module, for preserving the corresponding relation of identity information and log-on message, and be that described logon information returns
Module provides the inquiry service of described corresponding relation.
A kind of network entry method provided by the present invention and login system, authentication server, client according to
Need the website information accessed to determine the authentication server needing to access, and send identity information to authentication service
Device;The identity information received is verified by authentication server, and will be with identity information pair after being verified
The log-on message answered returns to client;Client is visited to function server request according to the log-on message received
Ask corresponding Website page.By the present invention, the log-on message of website is saved in special authentication server,
And no longer preserved by client, client needs the checking first passing through authentication server just can get when logging in
Log-on message, improves the safety of website log;It addition, client no longer preserves log-on message, also solve
Easily it is stolen the potential safety hazard taken except log-on message is saved in client.
Accompanying drawing explanation
Fig. 1 is the flow chart of a kind of network entry method of the prior art;
Fig. 2 is the flow chart of a kind of network entry method of the embodiment of the present invention;
Fig. 3 is the structural representation of a kind of network entry system of the embodiment of the present invention;
Fig. 4 is the structural representation of a kind of authentication server of the embodiment of the present invention.
Detailed description of the invention
The technical solution of the present invention is further elaborated with specific embodiment below in conjunction with the accompanying drawings.
For avoiding in client maintenance, preserving many parts of log-on messages and the potential safety hazard that exists, the present invention is carried
A kind of user of allowing of confession when browsing webpage can the method for automated log on, specifically include that
Step 1, the website information that client accesses as required determines the authentication server needing to access, and
Send identity information to described authentication server.
So-called authentication server, refers to receive the identity information of client, the clothes verifying identity information
Business device.Wherein, the website information that client accesses as required determines the authentication server needing to access, tool
Body is:
Obtain the domain name that described website information is corresponding, be spliced into accordingly according to the domain name that described website information is corresponding
The domain name of authentication server, to determine the authentication server needing to access.
It addition, actual application is likely to multiple website share a unified authentication server, for this
Situation, client can directly carry the authentication server that domain name access corresponding to website information is unified.
No matter using which kind of mode above-mentioned, purpose is all the website needs allowing authentication server know which domain name
Log in.
Step 2, the identity information received verified by authentication server, and will be with institute after being verified
State log-on message corresponding to identity information and return to described client.
Authentication server needs to preserve identity information and log-on message, and safeguards identity information and log-on message
Mapping relations.
Step 3, client accesses corresponding website pages according to the log-on message received to function server request
Face.
, when being Client browse webpage, pulling data, there is the relevant of network request in called function server
Server.
Concrete, client sends logging request to function server, carries login letter in described logging request
Breath and website information;Log-on message in logging request is verified by function server, and is being verified
Backward client returns the Website page information corresponding with described website information.
In conjunction with Fig. 2, the network entry method of the present invention is further elaborated on below, as in figure 2 it is shown,
Mainly comprise the steps that
Step 201, after client terminal start-up, asks to the login service device of self and obtains identity information;Visitor
When family end needs to access webpage, the website information accessed as required determines the authentication server needing to access,
And send identity information to authentication server.
Step 202-203, the identity information received is verified, and is incited somebody to action after being verified by authentication server
The log-on message corresponding with described identity information returns to client.
Described log-on message can be returned to client to use the form of cookie by authentication server, certainly,
The mode that in the embodiment of the present invention, authentication server returns log-on message to client is not limited only to above-mentioned institute
Lift.Such as: can be by log-on message with HTML (Hypertext Markup Language) (HTTP, HyperText Transfer
Protocol) form of packet inclusion or file returns to client.
It should be noted that when authentication server is to the authentication failed of identity information, returns to client and test
Demonstrate,prove failed response.
Step 204, client sends logging request to function server, carries described in described logging request
The website information that log-on message and needs access.
Step 205-206, the log-on message in described logging request is verified, and is being tested by function server
Demonstrate,prove and return the Website page information corresponding with described website information by backward client.
It should be noted that when function server is to the authentication failed of log-on message, returns to client and test
Demonstrate,prove failed response.
Corresponding above-mentioned network entry method, present invention also offers a kind of network entry system, as it is shown on figure 3,
Specifically include that client 10, authentication server 20 and function server 30.Wherein, client 10, use
Determine the authentication server needing to access in the website information accessed as required, and send identity information to mirror
Power server 20.Authentication server 20, for verifying the identity information received, and is being verified
After the log-on message corresponding with identity information is returned to client 10.Client 10 is additionally operable to, according to connecing
The log-on message received accesses corresponding Website page to function server 30 request;Function server 30, uses
In providing the service accessing Website page for client 10.
It is also preferred that the left client 10 can be additionally used in, obtain the domain name that described website information is corresponding, according to described net
Domain name corresponding to location information is spliced into the domain name of corresponding authentication server, to determine the authentication service needing to access
Device 20.It addition, actual application is likely to multiple website share a unified authentication server 20, for
This situation, client 10 can directly carry the authentication server that domain name access corresponding to website information is unified
20.No matter using which kind of mode above-mentioned, purpose is all the website need allowing authentication server 20 know which domain name
Log in.
It is also preferred that the left client 10 can be additionally used in, after receiving log-on message, to function server 30
Send logging request, described logging request is carried described log-on message and website information;
Accordingly, function server 30 can be additionally used in, and verifies the log-on message in described logging request,
And return the Website page information corresponding with described website information to client 10 after being verified.
It is also preferred that the left authentication server 20 is further used for, preserve the corresponding relation of identity information and log-on message.
It is also preferred that the left client 10 is further used for, when needs access Website page, from the server of self
Ask and obtain described identity information.
A kind of preferred embodiment of the present invention provides the structure of a kind of authentication server, as shown in Figure 4, is somebody's turn to do
Authentication server includes: identity information authentication module 21 and logon information return module 22.Wherein, identity
Information authentication module 21, for when receiving the identity information that client sends, to the identity letter received
Breath is verified.Logon information returns module 22, is used at identity information authentication module 21 identity information
Be verified after, the logon information corresponding with this identity information is returned to client, for client root
Corresponding Website page is accessed according to logon information.
Authentication server can farther include corresponding relation memory module 23, connects logon information and returns module
22, for preserving the corresponding relation of identity information and log-on message, and provide for logon information return module 22
The inquiry service of described corresponding relation.In actual applications, corresponding relation memory module 23 both can be as solely
The module standing on identity information authentication module 21 and logon information return module 22 exists, certainly, and its function
Logon information can also be integrated in and return in module 22, logon information return module 22 and realize described correspondence
The storage function of relation.
In sum, the log-on message of website is saved in special authentication server by the present invention, and no longer by
Client preserves, and client needs the checking first passing through authentication server just can get log-on message when logging in,
Improve the safety of website log;It addition, client no longer preserves log-on message, also relieve login letter
Breath is saved in client and is easily stolen the potential safety hazard taken.
The above, only presently preferred embodiments of the present invention, it is not intended to limit the protection model of the present invention
Enclose.
Claims (9)
1. a network entry method, it is characterised in that the method includes:
The website information that client accesses as required determines the authentication server needing to access, and sends identity
Information is to described authentication server;
The identity information received is verified by described authentication server, and will be with described body after being verified
Log-on message corresponding to part information returns to described client with form or the HTML (Hypertext Markup Language) form of cookie
End;
Described client accesses corresponding Website page according to the log-on message received to function server request;
Wherein, described authentication server preserves the corresponding relation of identity information and log-on message.
Network entry method the most according to claim 1, it is characterised in that described client is as required
The website information accessed determines the authentication server needing to access, particularly as follows:
Obtain the domain name that described website information is corresponding, be spliced into accordingly according to the domain name that described website information is corresponding
The domain name of authentication server, to determine the authentication server needing to access.
Network entry method the most according to claim 1, it is characterised in that described client is according to reception
Log-on message to function server request access corresponding Website page, particularly as follows:
Described client sends logging request to function server, carries described login and believe in described logging request
Breath and website information;
Log-on message in described logging request is verified by described function server, and after being verified
The Website page information corresponding with described website information is returned to described client.
4. according to network entry method described in claim 1,2 or 3, it is characterised in that enter in the method
One step includes: described client is asked to the login service device of self and obtains described identity information.
5. a network entry system, it is characterised in that this system includes: client, authentication server and
Function server, wherein,
Described client, the website information for accessing as required determines the authentication server needing to access,
And send identity information to described authentication server;
Described authentication server, for the identity information received is verified, and will be with after being verified
The log-on message that described identity information is corresponding returns to institute with form or the HTML (Hypertext Markup Language) form of cookie
State client;
Described client is additionally operable to, and accesses corresponding net according to the log-on message received to function server request
Stand the page;
Described function server, for providing the service accessing Website page for described client;
Described authentication server is further used for, and preserves the corresponding relation of identity information and log-on message.
Network entry system the most according to claim 5, it is characterised in that described client is used further
In, obtain the domain name that described website information is corresponding, be spliced into accordingly according to the domain name that described website information is corresponding
The domain name of authentication server, to determine the authentication server needing to access.
Network entry system the most according to claim 5, it is characterised in that described client is used further
In, after receiving described log-on message, send logging request to function server, in described logging request
Carry described log-on message and website information;
Accordingly, described function server is further used for, and carries out the log-on message in described logging request
Checking, and return the Website page information corresponding with described website information to described client after being verified.
8. according to network entry system described in claim 5,6 or 7, it is characterised in that described client
It is further used for, asks to the login service device of self and obtain described identity information.
9. an authentication server, it is characterised in that including:
Identity information authentication module, for when receiving the identity information that client sends, to received
Identity information is verified;
Logon information returns module, in the checking to described identity information of the described identity information authentication module
By rear, by the logon information corresponding with described identity information with the form of cookie or HTML (Hypertext Markup Language)
Form returns to described client, accesses corresponding website pages for described client according to described logon information
Face;
Described authentication server farther includes corresponding relation memory module, connects described logon information and returns mould
Block, for preserving the corresponding relation of identity information and log-on message, and carries for described logon information return module
Inquiry service for described corresponding relation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110287790.2A CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110287790.2A CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103023861A CN103023861A (en) | 2013-04-03 |
CN103023861B true CN103023861B (en) | 2016-11-16 |
Family
ID=47971995
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110287790.2A Active CN103023861B (en) | 2011-09-26 | 2011-09-26 | A kind of network entry method and login system, authentication server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103023861B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104579860B (en) * | 2013-10-25 | 2018-10-12 | 华为终端有限公司 | Access method, server and the system of network-side service |
CN103888540B (en) * | 2014-03-31 | 2017-02-08 | 百度在线网络技术(北京)有限公司 | Login information synchronization method, synchronized network servers and synchronizing network servers |
CN105677861B (en) * | 2016-01-07 | 2019-05-24 | 无锡天脉聚源传媒科技有限公司 | A kind of method and device switching the advanced content of webpage in a manner of overturning |
CN105978866B (en) * | 2016-04-28 | 2019-04-23 | 北京网康科技有限公司 | A kind of method and system of user access control, third party's client server |
CN107872440B (en) * | 2016-09-28 | 2020-09-08 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system |
CN108234415A (en) * | 2016-12-21 | 2018-06-29 | 百度在线网络技术(北京)有限公司 | For verifying the method and apparatus of user |
CN107948210A (en) * | 2018-01-08 | 2018-04-20 | 武汉斗鱼网络科技有限公司 | A kind of login method, device, client, server and medium |
CN109768965B (en) * | 2018-12-14 | 2022-04-19 | 广州华多网络科技有限公司 | Login method, equipment and storage medium of server |
CN109672680B (en) * | 2018-12-24 | 2021-10-08 | 成都四方伟业软件股份有限公司 | Cross-domain login method |
CN112422533B (en) * | 2020-11-05 | 2023-03-24 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
CN113973006A (en) * | 2021-09-18 | 2022-01-25 | 重庆云华科技有限公司 | Intranet data access management method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005004406A1 (en) * | 2003-07-03 | 2005-01-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and network for wlan session control |
CN101534531A (en) * | 2009-04-02 | 2009-09-16 | 中兴通讯股份有限公司 | A network switching method and system |
CN102026091A (en) * | 2010-10-27 | 2011-04-20 | 大连工业大学 | Navigation system and working method thereof |
-
2011
- 2011-09-26 CN CN201110287790.2A patent/CN103023861B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005004406A1 (en) * | 2003-07-03 | 2005-01-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and network for wlan session control |
CN101534531A (en) * | 2009-04-02 | 2009-09-16 | 中兴通讯股份有限公司 | A network switching method and system |
CN102026091A (en) * | 2010-10-27 | 2011-04-20 | 大连工业大学 | Navigation system and working method thereof |
Also Published As
Publication number | Publication date |
---|---|
CN103023861A (en) | 2013-04-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103023861B (en) | A kind of network entry method and login system, authentication server | |
CN102882903B (en) | A kind of many website application message acquisition methods and system | |
CN103905497B (en) | Realize the method, apparatus and application platform of third-party application business website log | |
CN104580074B (en) | The login method of client application and its corresponding server | |
CN104348822B (en) | A kind of method, apparatus and server of internet account number authentication | |
CN104335523B (en) | A kind of authority control method, client and server | |
CN102868719B (en) | A kind of Network Access Method based on buffer memory and server | |
CN103634301B (en) | The method of the private data of user's storage in client and access server thereof | |
CN101388773B (en) | Identity management platform, service server, uniform login system and method | |
CN103024740B (en) | Method and system for accessing internet by mobile terminal | |
CN101102313B (en) | Network download system and method with automatically replaced proxy server | |
CN102984169A (en) | Single sign-on method, equipment and system | |
EP3018884A1 (en) | Mobile terminal cross-browser login method and device | |
CN102790772B (en) | The processing method of Cookie data, server and client side | |
KR20140111265A (en) | Method and apparatus for providing web pages | |
CN110232265A (en) | Dual-identity authentication method, apparatus and system | |
CN105072123A (en) | Single sign on log-out method and system under cluster environment | |
CN1761188B (en) | Simple point logging in method and simple point logging out method | |
CN107689941A (en) | A kind of apparatus and method for preventing same user's repeat logon | |
CN105871822A (en) | B/C/S blending mode based single sign-on system development model | |
CN103634111B (en) | Single-point logging method and system and single sign-on client-side | |
CN105556932A (en) | Enabling mobile applications to acquire a MAC address for obtaining location information | |
CN110753045A (en) | Single sign-on method between different domains | |
CN113285936B (en) | Cross-domain data acquisition method and related device | |
CN103560884B (en) | The cancellation method of subscriber identity information, system, certificate server and client |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |