CN103067404B - A kind of method that user accesses embedded web server - Google Patents
A kind of method that user accesses embedded web server Download PDFInfo
- Publication number
- CN103067404B CN103067404B CN201310010250.9A CN201310010250A CN103067404B CN 103067404 B CN103067404 B CN 103067404B CN 201310010250 A CN201310010250 A CN 201310010250A CN 103067404 B CN103067404 B CN 103067404B
- Authority
- CN
- China
- Prior art keywords
- user
- web server
- login
- client
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention relates to a kind of methods of user access server, more particularly to a kind of method that user accesses embedded web server, by defining multiple security permission grades, and after each security permission grade of setting is to the opereating specification of web server, in in web server, the security permission grade of each user is set according to user type, and each user can only configure web server in the opereating specification according to the security permission grade regulation of setting, and then it realizes and carries out user staged managing in the server, to solve when there is disabled user to input absolute address inside address field, it is avoided to carry out unauthorized access to user equipment.
Description
Technical field
Realizing that the method for accessing server more particularly to a kind of user access embedded type web service the present invention relates to a kind of
The method of device.
Background technology
With universal and embedded system the development of Internet, embedded system access network has become embedded
One important directions of system application, and embedded web server is the key component of the embedded internetization application.
In the prior art, it in order to realize the more preferable distribution to system resource and/or the more preferable scheduling to complex task, all needs
Introduce embedded OS.It is generally handled using 8 microcontrollers in traditional embedded OS, but due to
The traditional 8 the problems such as microcontroller speed of service is slow, driving capability is weak, power consumption is big, it cannot increasingly meet design
Demand, and arm processor then has become new embedded electronic with functions such as its high-performance, low-power consumption, abundant drivings and produces
Product exploitation ideal chose, especially ARM-Linux have the function of good transplantability, stability, powerful agreement support and
Abundant equipment supports function, has been widely used in embedded OS now;Wherein, embedded device refers to tool
Have a computer function, but be not known as the equipment or equipment of computer, as PDA, mobile phone set-top box, automobile, micro-wave oven, elevator,
Security system, automatic vending machine, Medical Instruments, ATM etc..
Since current people increasingly increase the degree of dependence that Internet is applied, embedded technology is promoted accordingly
Increase, the embedded Internet technology that develops into of especially information household appliances provides wide space.Embedded Internet skill
Art includes mainly sensor technology, the communication technology, computer technology and integrated circuit technique etc..
Traditional apparatus control system is generally by carrying out in private communication line, communication media, communication protocol, phase
It is all dedicated to close software and hardware, and embedded system can pass through various wireless(Such as WAP, Blue Tooth)With
Wired forms(TCP/IP, PPP etc.)Internetwork connection mode carry out mutual communication, i.e. the development of Internet technologies makes
The remote control and way to manage of embedded device have the change of matter, it is no longer necessary to dedicated communication line, and transmit
Office of office can also not have sound and image etc. to information in data-signal, and the particularly important is its communication protocol is standard and openly
's.
Due to the standard uniformity of html language, as long as there are one micro servers in embedded device, so that it may so that
Information is sended and received with any one Web browser so that the application based on Web technologies is more and more, and in order to meet confession
It answers quotient to terminal device demand, is such as directed to the demand of different levels user, need to carry out differentiated control to user, i.e., according to difference
The different permission of user setting, operated with carrying out corresponding configuration to equipment, advanced level user be such as set and is possessed more comprehensively more
Fatal setting, and the shirtsleeve operations permission such as ordinary user only inquiry, are carried out in violation of rules and regulations with the user for preventing some unprofessional
Configuration, and then equipment is caused to can not work normally.
Existing user staged managing needs write a large amount of script for parsing inside CGI, and utilize hiding or aobvious
Show and the page is accomplished in classification or is classified etc. using Java script, and if thering is disabled user to be inputted inside address field
Absolute address can carry out unauthorized access to user equipment, and then can cause serious adverse consequences.
Invention content
For the above problem present in existing user staged managing, a kind of user's access embedded type web clothes are now provided
The method of business device, the web server are connect with client communication, wherein including:
User security Permission Levels are defined in the web server and are at least ordinary user and advanced level user, and according to peace
At least one security permission Array for structural body is arranged in full Permission Levels, and is preset in the security permission Array for structural body multiple
To the operational motion of web server;
Before the ordinary user carries out operational motion by the client to the web server, web server traversal
The security permission structural array determines the operational motion within the scope of the preset operational motion of security permission structural array
Afterwards, the ordinary user carries out aforesaid operations action to the web server;
The advanced level user directly carries out operational motion by the client to the web server.
The method that above-mentioned user accesses embedded web server, wherein further include:
User sends logging request from the client to the web server, after establishing communication connection, the web clothes
Business device judges whether the client has login record.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the client, without login record, the web server sends login page to the client;
If the client has login record, continue to judge whether the login record meets registration conditions.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the login record meets registration conditions, the web server sends the relative users center page to the client
End, and the login record of the user is updated;
If the login record does not meet registration conditions, the web server sends login page to the client, and clear
Empty login record.
The method that above-mentioned user accesses embedded web server, wherein further include:
The login record includes logging in ip addresses, the login time of user, user security Permission Levels, user name and close
Code;
The landing time is cyclically updated according to user customer operational motion, is set as user customer last time
The time of operational motion;
The registration conditions are absolute value the stepping on less than setting of the login time of the user and the difference of current time
Record time value.
The method that above-mentioned user accesses embedded web server, wherein further include:
User is by the way that after username and password is sent to the web server by login page, the web server is sentenced
Whether the disconnected username and password is correct and corresponding.
If the user name or password bad and/or user name are not correspond to password, the web server, which is sent, to be logged in
The page is to the client;
If the username and password is correct and corresponding, continue to judge whether the login time of the user is empty.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the login time of the user is not sky, login page is sent to the client;
If the login time of the user is sky, continue the security permission for judging the user, and according to the safety judged
Permission, the web server sends the relative users center page to the client, and generates the login record of the user.
The method that above-mentioned user accesses embedded web server, wherein further include:
After the web server sends the relative users center page to the client, the user is in customer center page
When carrying out operational motion in face of the client, after the web server receives the operational motion data of client transmission, first
Judge whether the username and password in the client login record is correct and corresponding.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the user name or password bad and/or user name are not correspond to password, the web server, which is sent, to be logged in
The page empties login record to the client;
If the username and password is correct and corresponding, continue to judge in the client login record login time and
Whether the absolute value of the difference of current time is less than the operating time value of setting.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the absolute value of the difference of login time and current time in the client login record is greater than or equal to operation
Time value, the web server sends login page to the client, and empties login record;
If the absolute difference of login time and current time in the client login record is less than operating time value,
The addresses ip of active client are obtained, and are compared with the addresses login ip in the client login record.
The method that above-mentioned user accesses embedded web server, wherein further include:
If the addresses active client ip are different from the addresses login ip in login record, the web server, which is sent, to be logged in
The page empties the login record in the client to the client;
If the addresses active client ip are identical as the addresses login ip in login record, the web server is according to client
Whether the user security Permission Levels on end in login record judge aforesaid operations action in its security permission opereating specification.
The method that above-mentioned user accesses embedded web server, wherein further include:
If aforesaid operations act in the security permission opereating specification of user security Permission Levels, the web server is held
The row operational motion;
If aforesaid operations act not in the security permission opereating specification of user security Permission Levels, the web server
The operation is not executed, and the web server sends user right prompt message to the client.
The method that above-mentioned user accesses embedded web server, wherein further include:
The user security Permission Levels include ordinary user and advanced level user, and are additionally provided with safety for ordinary user
Purview structure body array is preset with multiple operational motions to web server in the security permission Array for structural body;
If the user security Permission Levels in client in login record are advanced level user, the web server is directly held
The row operational motion;
If the user security Permission Levels in client in login record are ordinary user, the web server traverses institute
Security permission Array for structural body is stated, to judge whether aforesaid operations action is dynamic in its preset multiple operation to web server
Make in range.
The method that above-mentioned user accesses embedded web server, wherein further include:
If whether aforesaid operations act within the scope of its preset multiple operational motion to web server, the web clothes
Business device then executes the operational motion;
If whether aforesaid operations act not within the scope of its preset multiple operational motion to web server, the web
Server does not execute the operational motion then, and the web server sends user right prompt message to the client.
The method that user described in above-mentioned any one accesses embedded web server, wherein the user is from the use
When the page Safe withdrawing of family center, the login record of the user is emptied.
In conclusion the method that user of the present invention accesses embedded web server, by carrying out user point in the server
Grade management avoids it from carrying out user equipment illegal to solve when there is disabled user to input absolute address inside address field
It accesses.
Description of the drawings
Fig. 1 is communication structure schematic diagram between client and web server in the embodiment of the present invention;
Fig. 2 is the schematic diagram of security permission grade of being Added User by web server in the embodiment of the present invention;
Fig. 3 is that web server sends respective page to client for the request of client difference in the embodiment of the present invention
Schematic diagram;
Fig. 4 is the flow diagram of client input address acquisition request login interface in the embodiment of the present invention;
Fig. 5 be in the embodiment of the present invention client from the flow diagram at login page login user center;
Fig. 6 is the flow diagram for carrying out operation requests after user logins successfully in the embodiment of the present invention to web server;
Fig. 7 is the flow diagram that user security exits in the embodiment of the present invention.
Specific implementation mode
The specific implementation mode of the present invention is further described below in conjunction with the accompanying drawings:
A kind of method that user accesses embedded web server, the embedded web server based on communication connection and client
End:
First, in predefined multiple security permission grades in web server, and each security permission grade is set to web
The opereating specification of server, and set according to user type the security permission grade of each user, and each user can only root
Web server is configured in opereating specification according to the security permission grade regulation of setting;It is common that user type, which is such as arranged,
(user)User and advanced(admin)User, and by setting Permission Levels Array for structural body to user user user is arranged
The privilege feature of user needs to be traversed for Permission Levels Array for structural body when use user operates and such as checks equipment to realize
The operation of the simple functions such as information, easy configuration data, but user user cannot operate some rank higher functionalities, such as
The access of some hidden data cannot be carried out, super-ordinate right cannot be used or Premium Features cannot be configured etc., and admin
User is then not required to setting Permission Levels Array for structural body or sets the functional class highest of Permission Levels Array for structural body, with direct
Setting Permission Levels Array for structural body is skipped, directly executes the operation of admin user, such as in home gateway, admin user can
Carry out the operations such as qos settings, queue setting, communication control, UPNP functions, broadband setting and/or remote management.
Secondly, after setting user gradation and its security permission, user sends to log in from client to web server and ask
It asks, to establish communication connection, web server judges whether the client has login record(It is stored in the cookie of client)
Such as user logs in the addresses ip, the login time of user, user security Permission Levels, username and password;If the client without
Login record, web server then send login page to client, user are prompted to input username and password;If the client
There is login record, then continues to judge whether the login record meets registration conditions;If the login record meets registration conditions, web
Server sends the relative users center page and is updated to client, and to the login record of the user(Such as by login time
It is updated to the time of user customer last time operation);If the login record does not meet registration conditions, web server hair
The reason of sending login page to client, and user prompted not meet registration conditions, such as login-timeout, and by the client
Login record empties.
Further, above-mentioned registration conditions be client login record in user's login time and current time difference
The absolute value of value is less than the login time value d of setting(D > 0), and the username and password in login record is correct and opposite
It answers.
Later, user is by the way that after username and password is sent to web server by login page, web server judges
Whether the username and password is correct and corresponding;If the username and password is correct and corresponding, continue to judge to be somebody's turn to do
Whether the login time of user is empty;If the login time of the user is not sky, login page is sent to client, and prompt
Login failure reason has such as had other users logging in the account under the user name;If the login time of the user is
Sky then continues the security permission for judging the user, and according to the security permission judged, web server is sent in relative users
The heart page generates the login record of the user to client, to be stored in the cookie of client;And if the user name or
Password bad and/or user name are not correspond to password, and web server sends login page to client, and prompts user
Login failure reason such as password bad etc..
Then, after user successfully logs in and enters the relative users center page, user is in the customer center page to client
Operational motion is carried out, for web server after receiving the corresponding operating action data that client is sent, web server judges the visitor
Username and password on the end of family in login record(The user information being stored in cookie)It is whether correct and corresponding:
If the user name or password bad and/or user name are not correspond to password, web server sends login page
To client, and send logon error information such as password bad etc., while emptying login record;
If the username and password is correct and corresponding, continue the difference for judging user's login time and current time
Whether the absolute value of value is less than the operating time value D of setting;
If the absolute value of the difference of user's login time and current time is greater than or equal to operating time value D, web server
Login page is sent to client, sends logon error information to client such as operating time time-out energy, while emptying the client
Login record on end;
If the absolute value of the difference of user's login time and current time is less than operating time value, active client is obtained
The addresses ip, and be compared with the addresses login ip in login record, to prevent disabled user by inputting absolute address to web
Server carries out illegal operation;
If the addresses active client ip are different from the addresses login ip in login record, web server sends login page
To client, and send error message such as the user name has logged in, while this empties login record in client;
If the addresses active client ip are identical as the addresses login ip in login record, web server is according to login record
In user security Permission Levels judge that above-mentioned configuration operates whether in its security permission opereating specification;
If above-mentioned configuration operation is in the security permission opereating specification of user security Permission Levels, web server executes
The configuration operates;
If above-mentioned configuration operation is not in the security permission opereating specification of user security Permission Levels, web server is not
Configuration operation is executed, and web server sends user right prompt message to client.
Finally, user empties the login record of the user when customer center Pages Security exits.
Due to there is a principle in security fields:The permission of minimum service+minimum=maximum safety, the application are based on
Above-mentioned principle, in the terminal of embedded device(Web server)On, client is divided according to permission and the range for obtaining service
For different security permission grades, client is such as divided into ordinary user(user)And advanced level user(admin), with to from low to high
Different permissions is arranged in different secured users, and matching for the different range that embedded device terminal provides is obtained according to respective permission
Set permission, such as ordinary user(user)Advanced level user cannot be entered(admin)Configuration center, and cannot configure advanced level user
The configuration permission possessed, and then to improve the configuration safety of embedded type terminal equipment.
In order to which the more detailed method for accessing embedded web server to user of the present invention illustrates, below with tool
Body embodiment is illustrated:
The http agreements based on TCP/IP establish the communication connection of embedded web server and client in the present embodiment,
And the communication between web server and client is completed using socket, while being ordinary user by user setting(user)With
Advanced level user(admin).
Fig. 1 is communication structure schematic diagram between client and web server in the embodiment of the present invention;As shown in Figure 1, foundation
The principle of TCP/IP completes to send and receive data, and subsequent using Write () and Read () after a connection is established
Interaction is sent and received using two functions;Client Write () request data is to web server, web services
After device Read () request data, the data of reception are parsed according to user demand, and the access rights of the user are sentenced
It is disconnected, to send corresponding respective request data to client, prompt the concrete operations of user's next step.
Fig. 2 is the schematic diagram of security permission grade of being Added User by web server in the embodiment of the present invention;Such as Fig. 2 institutes
Showing, user sends request logon data by computer client, after web server listens to the request of client, parsing visitor
Its header is first sent to computer client, is parsed as requested by the data that family end sends over, with judge to with
The rank at family, and record login time and the addresses ip;Corresponding data are read according to judging result, with transmission data packet to calculating
Machine client.
Fig. 3 is that web server sends respective page to client for the request of client difference in the embodiment of the present invention
Schematic diagram;As shown in figure 3, user sends request data by client to web server, web server is receiving request
After data, the corresponding page is sent to client according to the type of request data;Wherein, the type of request data includes client
After input address acquisition request login interface 101, login page client request login user center 102, user login successfully
Request 103 and Safe withdrawing request 104.
Fig. 4 is the flow diagram of client input address acquisition request login interface in the embodiment of the present invention;Such as Fig. 4 institutes
Show, when client's request data is client input address acquisition request login interface 101, user is on the browser of client
Input address such as http:After // 192.168.1.1 etc., with acquisition request login interface;Web server is receiving client transmission
After the request of data to come over, determination requirement obtains login page, and checks whether the user had logged on, that is, parses the client
Whether the cookie at end contains corresponding username and password, if not just without username and password or username and password
Really, web server sends the login page of user demand, and if the username and password inside cookie is correct,
Continue to judge login time(login_time)Whether it is empty(If being Safe withdrawing, login_ after once being logged in before the user
Time is emptied), web server sends the login page of user demand if login_time is sky;And if login_time
It is not sky, then needs to judge login time again(login_time)Whether the absolute value of the difference between current time is less than rule
Fixed login time value d continues to judge security permission grade if being less than login time value(level)Rank, web services
Device sends corresponding interface to client, the interfaces user is sent to client if user as judged user, and if judging user
The interfaces admin are then sent for admin to client;And if login time(login_time)Difference between current time
Whether absolute value is greater than or equal to defined login time value d, then web server sends corresponding interface to client.
Fig. 5 be in the embodiment of the present invention client from the flow diagram at login page login user center;Such as Fig. 5 institutes
Show, after web server sends login page to client, user inputs username and password by login page, is stepped on request
Record the customer center of web server.
First, the username and password that web server sends client is verified;Web server receives client
After holding the message sended over, username and password is extracted from data field, with the username and password being stored in flash
Verification is compared, if wrong, prompt the input of user's username and password wrong, and returns to login page, with allow user again
Secondary input username and password;If username and password is correct and corresponding, continue to judge login time(login_
time)Whether it is sky, it is online to judge whether there is the user name, to prevent the when of logging in from squeezing out online user;If
Login_time is not that sky then indicates that existing subscriber logs in, and prompts reason and returns to login page.
Secondly, if login_time is sky, to user class(level)Assignment is carried out, and starts timer and note
The addresses ip are recorded, login record is generated(As user logs in the addresses ip, the login time of user, user security Permission Levels, user name
With password etc.)And it stores into the cookie of client;Continue to judge user class(level)To enter corresponding ordinary user
And advanced user interfaces, the interfaces user are sent to client if user as judged user, and sent out if judging user for admin
Send the interfaces admin to client.
Fig. 6 is the flow diagram for carrying out operation requests after user logins successfully in the embodiment of the present invention to web server;
As shown in fig. 6, after user is successfully logged onto corresponding customer center by client, user sends request data(Such as web is taken
Data configuration operation of business device etc.)To web server, web server is after receiving request data:
First, it is determined that whether the username and password stored in the cookie of client is correct, if incorrect will return
Login interface is returned to, client is needed to re-enter user and password and is verified again;And if username and password is equal
Correctly, then continue to login time(login_time)Judged, by the absolute of the difference of login_time and current time
Value and setting operation time value D(D > 0)It is compared;If overtime, login record is emptied login time such as(login_
time), log in user class(level)With the addresses login ip(login_ip)It is set to NULL, and prompts user overtime, hair
Send login page;
Secondly, if the absolute difference of login_time and current time is not more than setting operation time value D, continue
Judge whether the addresses ip of active client consistent with the addresses login ip in login record, if inconsistent explanation has had
User has logged in the account under this user name, prompts had user to log in this user name, and send login page;And if working as
The addresses ip of preceding client are consistent with the addresses login ip in login record, then continue to judge user class level, if user
Level is advanced level user(admin), then the required configuration page of client is returned to according to user demand, if user level
It is ordinary user(user), then the good structure of predefined is traversed, whether the operation to confirm user at this time is fixed in advance
In the extent of competence of justice;If intra vires, not illustrating that the user right is inadequate, sends prompt user right and not enough believe
It ceases to client, if in the extent of competence in defined structure, correctly returning to the information needed for client.
Fig. 7 is the flow diagram that user security exits in the embodiment of the present invention;As shown in fig. 7, user is successfully logging in
To after relative users center, or after configuration is complete, Safe withdrawing request is sent, web server is receiving Safe withdrawing
Information(Web server receives message)Afterwards, the login record in the cookie of client is emptied(Such as by login time
(login_time), log in user class(level), log in ip addresses(login_ip)Deng being set to NULL), and return to
Login interface.
Http agreement of the embodiment of the present invention based on TCP/IP establishes the communication connection of embedded server and client, and
Communication between server and client is completed using socket, i.e., when client needs to send message to server, client
Socket communication channels are first established at end, and using ICP/IP protocol big end syllable sequence such as IPV4 internet domains etc., its message is tied up
Surely grid port to be arrived, and then creates set byte, orderly, reliable, two-way connection-oriented byte stream is set up in realization, and
It completes to send and receive data using send () and Recv (), due to needing client and server-side first to establish TCP connection,
Then the request of data of client could be sent to server-side, so being arranged the part that user is classified in parsing client
It is completed between data and searching data.
In conclusion the application is arranged by the way that user to be classified in flush type WEB server, and then improve communication security
Property, and has the following advantages:
A, two users cannot log in simultaneously, i.e., logged in there are one user, another user cannot log in, it is necessary to
Deng another user exit or time-out after could log in, to prevent two users to be carried out at the same time the identical configuration page, keep away
Exempt to clash.
B, a client(PC)A user can only be logged in, i.e., if the client has logged on a user,
Another client cannot log in the user simultaneously, and the limited time system logged in, time-out cannot access, it is necessary to again
User name and user password are inputted, to re-start verification.
If c, user has logged on, but accidentally browser is turned off, if input address again, server can be examined
User's login time is looked into whether within the effective range time, if within the effective range time, input is no longer needed to and uses
Name in an account book and password, by checking that the cookie of client will automatic jump to the login center of user.
D, when user security exits, server can be by all log-on messages of the user(Login record)It empties, and returns
Login page.
Although specific embodiments of the present invention have been described above, it will be appreciated by those of skill in the art that these
It is process description, protection scope of the present invention is defined by the appended claims.Those skilled in the art without departing substantially from
Under the premise of the principle and substance of the present invention, many changes and modifications may be made, but these change and
Modification each falls within protection scope of the present invention.
Claims (14)
1. a kind of method that user accesses embedded web server, the web server are connect with client communication, feature
It is, including:
User security Permission Levels are defined in the web server and are at least ordinary user and advanced level user, and according to safety right
Limit grade and at least one security permission Array for structural body be set, and be preset in the security permission Array for structural body it is multiple right
The operational motion of web server;
Before the ordinary user carries out operational motion by the client to the web server, described in web server traversal
Security permission structural array, after determining the operational motion within the scope of the preset operational motion of security permission structural array,
The ordinary user carries out aforesaid operations action to the web server;
The advanced level user directly carries out operational motion by the client to the web server;
User sends logging request from the client to the web server, after establishing communication connection, the web server
Judge whether the client has login record, if the client has login record, continues to judge whether the login record meets
Registration conditions;The registration conditions are whether the login time of the user is empty;
If the client is not logged on record, username and password is sent to the web server by user in login page,
The web server judges whether username and password is correct;If username and password is correct, the web server judges should
Whether the login time of login record is empty, if it is empty then judges that security permission grade, user successfully log in and enter corresponding use
After the page of family center, web server judges whether the username and password in client in login record is correct and corresponding,
If the username and password is correct and corresponding, continue to judge login time and current time in the client login record
Whether the absolute value of difference is less than the operating time of setting.
2. the method that user according to claim 1 accesses embedded web server, which is characterized in that further include:If should
For client without login record, the web server sends login page to the client;If the client has login record,
Then continue to judge whether the login record meets registration conditions.
3. the method that user according to claim 2 accesses embedded web server, which is characterized in that further include:If should
Login record meets registration conditions, and the web server sends the relative users center page to the client, and to the user
Login record be updated;
If the login record does not meet registration conditions, the web server sends login page to the client, and empties and step on
Record record.
4. the method that user according to claim 3 accesses embedded web server, which is characterized in that further include:It is described
Login record includes logging in the addresses ip, the login time of user, user security Permission Levels, username and password;The login
Time is cyclically updated according to user customer operational motion, is set as the time of user customer last time operational motion;
The registration conditions are less than the login time value of setting for the login time of the user and the absolute value of the difference of current time.
5. the method that user according to claim 3 accesses embedded web server, which is characterized in that further include:User
By after username and password is sent to the web server by login page, the web server judge the user name and
Whether password is correct and corresponding;
If the user name or password bad and/or user name are not correspond to password, the web server sends login page
To the client;If the username and password is correct and corresponding, continue to judge the user login time whether be
It is empty.
6. the method that user according to claim 5 accesses embedded web server, which is characterized in that further include:If should
The login time of user is not sky, then sends login page to the client;If the login time of the user is sky, continue
Judge the security permission of the user, and according to the security permission judged, the web server sends the relative users center page
To the client, and generate the login record of the user.
7. the method that user according to claim 6 accesses embedded web server, which is characterized in that further include:It is described
After web server sends the relative users center page to the client, the user is in the customer center page to the client
When end carries out operational motion, after the web server receives the operational motion data of client transmission, the client is first judged
Whether the username and password in login record is correct and corresponding.
8. the method that user according to claim 7 accesses embedded web server, which is characterized in that further include:If should
User name or password bad and/or user name are not correspond to password, and the web server sends login page to the visitor
Family end, and empty login record;If the username and password is correct and corresponding, continue to judge the client login record
Whether the absolute value of the difference of middle login time and current time is less than the operating time value of setting.
9. the method that user according to claim 8 accesses embedded web server, which is characterized in that further include:If should
The absolute value of the difference of login time and current time in client login record is greater than or equal to operating time value, described
Web server sends login page to the client, and empties login record;If when login in the client login record
Between and the absolute difference of current time be less than operating time value, then obtain the addresses ip of active client, and with the client
The addresses login ip in login record are compared.
10. the method that user according to claim 9 accesses embedded web server, which is characterized in that further include:If
The addresses active client ip are different from the addresses login ip in login record, and the web server sends login page to described
Client, and empty the login record in the client;
If the addresses active client ip are identical as the addresses login ip in login record, the web server is according in client
Whether the user security Permission Levels in login record judge aforesaid operations action in its security permission opereating specification.
11. the method that user according to claim 10 accesses embedded web server, which is characterized in that further include:If
Aforesaid operations act in the security permission opereating specification of user security Permission Levels, and it is dynamic that the web server executes the operation
Make;
If aforesaid operations act not in the security permission opereating specification of user security Permission Levels, the web server is not held
The row operation, and the web server sends user right prompt message to the client.
12. the method that user according to claim 9 accesses embedded web server, which is characterized in that further include:Institute
It includes ordinary user and advanced level user to state user security Permission Levels, and is additionally provided with security permission structure for ordinary user
Array is preset with multiple operational motions to web server in the security permission Array for structural body;If login record in client
In user security Permission Levels be advanced level user, the web server directly executes the operational motion;
If the user security Permission Levels in client in login record are ordinary user, the web server traverses the peace
Full powers limit structure body array, to judge aforesaid operations action whether in its preset multiple operational motion model to web server
In enclosing.
13. the method that user according to claim 12 accesses embedded web server, which is characterized in that further include:
If aforesaid operations act within the scope of its preset multiple operational motion to web server, the web server is held
The row operational motion;
If aforesaid operations act not within the scope of its preset multiple operational motion to web server, the web server
The operational motion is not executed, and the web server sends user right prompt message to the client.
14. the method that the user according to any one of claim 3-13 accesses embedded web server, feature exist
In when the user exits from the customer center Pages Security, emptying the login record of the user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310010250.9A CN103067404B (en) | 2013-01-10 | 2013-01-10 | A kind of method that user accesses embedded web server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310010250.9A CN103067404B (en) | 2013-01-10 | 2013-01-10 | A kind of method that user accesses embedded web server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103067404A CN103067404A (en) | 2013-04-24 |
| CN103067404B true CN103067404B (en) | 2018-09-28 |
Family
ID=48109865
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310010250.9A Active CN103067404B (en) | 2013-01-10 | 2013-01-10 | A kind of method that user accesses embedded web server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103067404B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104349179A (en) * | 2013-07-24 | 2015-02-11 | 中兴通讯股份有限公司 | IPTV system login processing method and device |
| CN103763149B (en) * | 2013-12-27 | 2017-01-25 | 北京集奥聚合科技有限公司 | Real-time statistical method for network user number |
| CN103812866B (en) * | 2014-01-28 | 2018-03-09 | 努比亚技术有限公司 | The management method and device and mobile terminal of operation layer |
| CN105282145A (en) * | 2015-09-14 | 2016-01-27 | 浪潮集团有限公司 | Multi-data center user access control method and system |
| CN107609136B (en) * | 2017-09-19 | 2021-03-05 | 北京许继电气有限公司 | Access characteristic marking-based autonomous controllable database auditing method and system |
| CN108616499B (en) * | 2018-03-02 | 2021-01-26 | 努比亚技术有限公司 | Authentication method of application program, terminal and computer readable storage medium |
| CN109409104B (en) * | 2018-09-20 | 2021-02-12 | 视联动力信息技术股份有限公司 | Interface display method and system |
| CN109379254B (en) * | 2018-11-07 | 2021-02-09 | 视联动力信息技术股份有限公司 | Network connection detection method and system based on video conference |
| CN109977661A (en) * | 2019-04-09 | 2019-07-05 | 福建奇点时空数字科技有限公司 | A kind of network safety protection method and system based on big data platform |
| CN116208378B (en) * | 2023-01-03 | 2023-11-24 | 学银通融(北京)教育科技有限公司 | Method, device and equipment for preventing user from logging in repeatedly |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388797A (en) * | 2008-11-05 | 2009-03-18 | 杭州华三通信技术有限公司 | Method for realizing authority control in network management and network management system |
| CN102739686A (en) * | 2012-07-05 | 2012-10-17 | 无锡中科泛在信息技术研发中心有限公司 | Method for restricting users to login at multiple locations simultaneously |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7505432B2 (en) * | 2003-04-28 | 2009-03-17 | Cisco Technology, Inc. | Methods and apparatus for securing proxy Mobile IP |
| CN100492991C (en) * | 2007-02-08 | 2009-05-27 | 华为技术有限公司 | Network element management method, system and network element |
| CN101702687B (en) * | 2009-11-27 | 2011-12-14 | 北京傲天动联技术有限公司 | Method for utilizing device with exchange board structure as broadband access server |
| CN102204307B (en) * | 2011-06-15 | 2014-04-16 | 华为技术有限公司 | WLAN authentication method based on MAC address and device thereof |
-
2013
- 2013-01-10 CN CN201310010250.9A patent/CN103067404B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388797A (en) * | 2008-11-05 | 2009-03-18 | 杭州华三通信技术有限公司 | Method for realizing authority control in network management and network management system |
| CN102739686A (en) * | 2012-07-05 | 2012-10-17 | 无锡中科泛在信息技术研发中心有限公司 | Method for restricting users to login at multiple locations simultaneously |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103067404A (en) | 2013-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103067404B (en) | A kind of method that user accesses embedded web server | |
| US6253325B1 (en) | Apparatus and method for securing documents posted from a web resource | |
| US7356833B2 (en) | Systems and methods for authenticating a user to a web server | |
| US6751654B2 (en) | Simulating web cookies for non-cookie capable browsers | |
| US7797372B2 (en) | Serving software applications from servers for client computers | |
| US20050198292A1 (en) | An apparatus and method for determining a program neighborhood for a client node in a client-server network | |
| CN105306433B (en) | A kind of method and apparatus accessing virtual machine server | |
| CN111049946B (en) | Portal authentication method, portal authentication system, electronic equipment and storage medium | |
| CN106330816A (en) | Method and system for logging in cloud desktop | |
| JP2008181310A (en) | Authentication server and authentication program | |
| CN107395642A (en) | The method and system for the Docker containers for starting TLS certifications are accessed based on Websocket | |
| CN103179080B (en) | The cloud computer system of a kind of Internet user and the method for connection cloud computer | |
| CN103179104A (en) | Method, system and equipment thereof for accessing remote service | |
| CN108712376A (en) | A kind of verification method and device for server log | |
| CN110502315A (en) | A kind of method, apparatus and system remotely accessing physical machine | |
| US7457849B2 (en) | Controlled firewall penetration for management of discrete devices | |
| Cisco | Configuring Network Access Security | |
| Cisco | Configuring Network Access Security | |
| Cisco | Configuring Network Access Security | |
| Cisco | Configuring Terminal Operating Characteristics for Dial-In Sessions | |
| Cisco | Configuring Terminal Operating Characteristics for Dial-In Sessions | |
| Cisco | Configuring RADIUS | |
| Cisco | Configuring RADIUS | |
| Cisco | Configuring Terminal Characteristics for Dial Sessions | |
| Cisco | Configuring Network Access Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201106 Address after: Room 10242, No. 260, Jiangshu Road, Xixing street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Hangzhou Jiji Intellectual Property Operation Co.,Ltd. Address before: 201616 Shanghai city Songjiang District Guangfulin road 4855 Lane 20, No. 90 Patentee before: Phicomm (Shanghai) Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20130424 Assignee: Hangzhou Bolian Intelligent Technology Co.,Ltd. Assignor: Hangzhou Jiji Intellectual Property Operation Co.,Ltd. Contract record no.: X2021330000761 Denomination of invention: A method for users to access embedded web server Granted publication date: 20180928 License type: Common License Record date: 20211117 Application publication date: 20130424 Assignee: ZHEJIANG SUPCON TECHNOLOGY Co.,Ltd. Assignor: Hangzhou Jiji Intellectual Property Operation Co.,Ltd. Contract record no.: X2021330000762 Denomination of invention: A method for users to access embedded web server Granted publication date: 20180928 License type: Common License Record date: 20211117 |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230511 Address after: Room 115-43, No.160 Xiangyuan Road, Jingjin Technology Valley Industrial Park, Wuqing District, Tianjin, 301721 Patentee after: Tianjin Zhongyi E-commerce Co.,Ltd. Address before: Room 10242, No. 260, Jiangshu Road, Xixing street, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Hangzhou Jiji Intellectual Property Operation Co.,Ltd. |
|
| TR01 | Transfer of patent right |