CN103560884A - Method and system for user identity information logout, authentication server and client terminal - Google Patents

Method and system for user identity information logout, authentication server and client terminal Download PDF

Info

Publication number
CN103560884A
CN103560884A CN201310522513.4A CN201310522513A CN103560884A CN 103560884 A CN103560884 A CN 103560884A CN 201310522513 A CN201310522513 A CN 201310522513A CN 103560884 A CN103560884 A CN 103560884A
Authority
CN
China
Prior art keywords
user
identity information
application
registration request
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310522513.4A
Other languages
Chinese (zh)
Other versions
CN103560884B (en
Inventor
虞钢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI PUDONG LOGISTICS CLOUD COMPUTING Co Ltd
Original Assignee
SHANGHAI PUDONG LOGISTICS CLOUD COMPUTING Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI PUDONG LOGISTICS CLOUD COMPUTING Co Ltd filed Critical SHANGHAI PUDONG LOGISTICS CLOUD COMPUTING Co Ltd
Priority to CN201310522513.4A priority Critical patent/CN103560884B/en
Publication of CN103560884A publication Critical patent/CN103560884A/en
Application granted granted Critical
Publication of CN103560884B publication Critical patent/CN103560884B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention provides a method and system for user identity information logout. The method comprises the steps that a unified logout request of a user is received; at least two application logout addresses logged in by the user are obtained according to the unified logout request; the logout addresses are sent to a client terminal, a logout request is respectively sent to application servers corresponding to the logout addresses by the client terminal, first user identity information and second user identity information are logged out by the application servers according to the received logout request, the first user identity information is user identity information stored in the application servers, and the second user identity information is user identity information stored in the client terminal and corresponding to the first user identity information. According to the method, the speed of the application access of the user can be increased, the burden of an authentication server is relieved, and limitation on the technology does not exist.

Description

The cancellation method of subscriber identity information, system, certificate server and client
Technical field
The present invention relates to communication technical field, be specifically related to a kind of cancellation method, system, certificate server and client of subscriber identity information.
Background technology
In the application of the Internet,, there is Single Sign-On Technology Used in the management for user-friendly and website.So-called single-sign-on, sets up and is independent of the certificate server of each website, and by certain mechanism, between each website, set up certain trusting relationship, and user after any one website log, does not need while visiting again other websites again to login therein.
Yet, user adopts the mode of single-sign-on to login to some website, but cannot from listed website, unify logging off users identity information, therein after any one website logging off users identity information, cannot be in other websites the also described user's of corresponding cancellation identity information.
For the problems referred to above, the solution of taking in prior art has following two kinds: the first is when receiving user's unified de-registration request, only in certificate server, described user's identity information is nullified; The second is to make each website all use same User Token, and described User Token is kept in the Cookie of client, after receiving user's unified de-registration request, from the Cookie of client, obtain described User Token and described User Token is nullified.Wherein said Cookie is generally used for identity, the password of stored user and the fileinfos such as webpage of browsing, when user is during at client-access some websites, application server corresponding to described website can be according to the identity information that is stored in fileinfo in Cookie and confirms user.
Wherein, the first solution is when realizing, owing to only having nullified subscriber identity information on certificate server, while making user access each website the later stage, the application server of each website still needs first after the identity information of user described in certificate server request, just can carry out other operations, therefore, not only reduce user and accessed the speed of described website, and increased the burden of certificate server.
The second solution is when realizing, although the User Token of obtaining the Cookie from client can be nullified, thereby the identity information to described user is nullified, but owing to using each website of same User Token must be positioned at same territory, cause described solution when realizing, can only unify to nullify the website that is positioned at same territory, the User Token that is positioned at the website in different territories cannot be unified to nullify, therefore there is larger technical limitations, cannot meet better user's demand.
Summary of the invention
The problem that the embodiment of the present invention solves be as how simply, mode realizes the unified of user identity and nullifies efficiently, to meet better user's demand.
For addressing the above problem, the embodiment of the present invention provides a kind of cancellation method of subscriber identity information, and described method comprises:
Receive user's unified de-registration request;
According to described unified de-registration request, obtain the cancellation address of listed at least two application of described user;
Described cancellation address is sent to client, by client, to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
Alternatively, described according to described unified de-registration request, obtain the cancellation address of listed at least two application of described user, comprising:
According to described unified de-registration request, obtain the application identities of described listed at least two application;
According to described application identities, obtain the cancellation address of described application.
Alternatively, described application identities is stored in the Cookie of client.
Alternatively, described method also comprises: monitor described application server and nullify described user's the needed time of identity according to described de-registration request, and when the needed time of identity that described application server is nullified described user surpasses the default time, interrupt the cancellation of described application server to described user's identity.
The system that embodiments of the invention also provide a kind of subscriber identity information to nullify, described system comprises certificate server and client, wherein:
Described certificate server, for receiving user's unified de-registration request, obtains the cancellation address of listed at least two application of described user, and obtained cancellation address is sent to client according to described unified de-registration request;
The cancellation address that described client sends for receiving described certificate server, after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
Alternatively, described certificate server, for according to described unified de-registration request, obtains the application identities of described listed at least two application, according to described application identities, obtains the cancellation address of described application.
Alternatively, described certificate server is also for being stored in described application identities the Cookie of client.
Alternatively, described client is also nullified described user's the needed time of identity information according to described de-registration request for monitoring described application server, the needed time of identity information of nullifying described user at described application server, while surpassing the default time, is interrupted the cancellation of described application server to described user's identity information.
Embodiments of the invention also provide a kind of certificate server, and described certificate server comprises:
Receiving element, for receiving user's unified de-registration request;
Acquiring unit, for obtaining the cancellation address of listed at least two application of described user according to described unified de-registration request;
Transmitting element, for obtained cancellation address is sent to client, make client to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
Alternatively, described acquiring unit comprises:
First obtains subelement, for according to described unified de-registration request, obtains the application identities of described listed at least two application;
Second obtains subelement, for according to the application identities of described application, obtains the cancellation address of described application.
Embodiments of the invention also provide a kind of client, and described client comprises:
Receiving element, for receiving the cancellation address of listed at least two application of user of certificate server transmission;
Transmitting element, for after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
Alternatively, described client also comprises: monitoring unit and interrupt location, wherein:
Described monitoring unit is nullified described user's the needed time of identity according to described de-registration request for monitoring described application server;
When described interrupt location surpasses the default time for nullify described user's the needed time of identity at described application server, interrupt the cancellation of described application server to described user's identity.
Compared with prior art, the technical scheme of the embodiment of the present invention has the following advantages:
By obtaining the cancellation address of the listed application of user, and described cancellation address is sent to client, and then to application server corresponding to described application, send de-registration request by described client, when described application server is nullified user's information, nullified the subscriber identity information that is stored in client simultaneously, while making user again access described application in the later stage, the application server of described application need not just can carry out subsequent operation again after certificate server request user's identity information, thereby can improve the speed that user accesses described application, alleviate the burden of certificate server.And, because client not only can send de-registration request to each application server in same territory, also can send de-registration request to each application server of same area not, that is to say, adopt client to send the not restriction of existence domain of de-registration request to each application server, thereby can meet better user's demand.
Accompanying drawing explanation
Fig. 1 is the flow chart of the cancellation method of the subscriber identity information in the embodiment of the present invention;
Fig. 2 is the Signalling exchange figure of the user log off method in the embodiment of the present invention;
Fig. 3 is the structural representation of certificate server in the embodiment of the present invention;
Fig. 4 is the structural representation of client in the embodiment of the present invention.
Embodiment
In the solution of existing unified logging off users identity information, or the subscriber identity information on certificate server can only be nullified; Can only unify to nullify the subscriber identity information of the website that is positioned at same territory.Wherein, the former makes user when each application of subscriber identity information has been nullified in later stage access on certificate server, the application server of described application also needs first after described certificate server request subscriber identity information, just can carry out other operations, therefore cause user to visit again the Speed Reduction of described application the later stage, the burden of described certificate server increases; The latter can not unify to nullify the subscriber identity information that is positioned at different territories, has larger technical limitations.
For the problems referred to above, embodiments of the invention provide a kind of cancellation method of subscriber identity information, described method is by obtaining the cancellation address of the listed application of user, and described cancellation address is sent to client, application server transmission de-registration request by from client to described application, thus can be by the unified cancellation of the subscriber identity information of the listed application of user.The cancellation method of the subscriber identity information described in the present embodiment, when described application server is nullified user's identity information, can be simultaneously user corresponding to the subscriber identity information that is stored in client and store with described application server identity information be nullified to the burden that facilitates user to access described application the later stage and alleviate described certificate server.And by client, to described application server, send de-registration request, the therefore not restriction of existence domain.
For above-mentioned purpose of the present invention, feature and advantage can more be become apparent, below in conjunction with accompanying drawing, specific embodiments of the invention are described in detail.
Embodiment mono-
Referring to Fig. 1, the present embodiment provides a kind of cancellation method of subscriber identity information, and described method can comprise the steps:
Step 110: the unified de-registration request that receives user;
In concrete enforcement, the executive agent of the cancellation method of described subscriber identity information can be certificate server itself.
And user's unified de-registration request can be that user sends by client, can be also that user does not directly send by other intermediate equipments.When user sends described unified de-registration request by client, can adopt the mode of clicking " cancellation " button on the page of described application to send described unified de-registration request, also can adopt other modes to send described unified de-registration request.When user directly sends described unified de-registration request, can be by adopting the unified operation of nullifying of input on described certificate server to send described unified de-registration request.
It should be noted that, in the present embodiment, browser is also as a kind of way of realization of client, and user also can pass through each application server of browser access and certificate server.
Step 120: according to described unified de-registration request, obtain the cancellation address of listed at least two application of described user;
In concrete enforcement, the listed application of user can be carried out record by described certificate server.After listed application is recorded and can be occurred in user and access described application, can also be after receiving user's unified de-registration request.After getting the listed application of user, subscriber identity information corresponding to the above listed application of certificate server nullified simultaneously.
It should be noted that, the cancellation address of each application can be pre-stored on certificate server.
In concrete enforcement, step 120 can realize as follows:
According to described unified de-registration request, obtain the application identities of described listed at least two application;
According to described application identities, obtain the cancellation address of described application.
That is to say, can go to obtain by the application identities of listed application the cancellation address of described application.Wherein, described application identities is for identifying described each application, and each application has a unique application identities.Described application identities can be digital form, can be also character or other code form, as long as can the described application of unique correspondence.Described application identities can be that described application generates by certificate server in advance, and the application identities having generated is stored in the Cookie of client; Also can be by certificate server after receiving unified de-registration request, according to the listed application of user, for described application generates unique sign, similarly, the described application identities having generated is stored in the Cookie of client.
In the present embodiment, described application identities is also unique corresponding with the cancellation address of described application, can to the cancellation address of described application identities and described application, arrange in advance, after receiving unified de-registration request, according to any one in the cancellation address of application identities or described application, just can directly obtain other one.Also can, after receiving unified request of nullifying, according to listed application, find described application identities, then according to described listed application, find the cancellation address of described application.
Step 130: described cancellation address is sent to client, by client, to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
In concrete enforcement, described cancellation address is being sent to after client, by client, to the application server corresponding with described cancellation address, send de-registration request, now, because user is when client is logined certain application, the application server of described application can be stored in user's the temporary files such as identity information in the Cookie of client, like this, when described application server receives the de-registration request of client transmission and carries out cancellation operation, first user identity information and the second subscriber identity information are nullified simultaneously.Therefore, after step 130 and step 120, the subscriber identity information in client and certificate server is all nullified, and client remains consistent with the subscriber identity information on certificate server.
Pass through said method, when user accesses written-off application again, described application server can directly feed back to client by the login page of described application, and need not after certificate server request user's identity information, again the login page of described application be fed back to client again, therefore alleviate the burden of certificate server, improved the speed that user accesses described application.
In concrete enforcement, the cancellation method of described subscriber identity information can also comprise: monitor described application server and nullify described user's the needed time of identity according to described de-registration request, and when the needed time of identity that described application server is nullified described user surpasses the default time, interrupt the cancellation of described application server to described user's identity.
That is to say, at application server, receive after the de-registration request of client transmission, when subscriber identity information is nullified, client can be monitored described application server and carry out the time that subscriber identity information is nullified.When the time that described execution subscriber identity information is nullified surpasses the default time, client can, by sending and interrupt carrying out the instruction of nullifying to described application server, be controlled described application server and no longer continue to carry out subscriber identity information log off procedure.Like this, user is after sending unified de-registration request, can close described application, described client still continues the log off procedure of supervisory user identity information and carries out corresponding subsequent operation, and wait for that without user unified process of nullifying finishes just can close described application, has shortened user's stand-by period always.
And, carry out the log off procedure failure of subscriber identity information at described application server after, other application servers can also continue to carry out the log off procedure of subscriber identity information, thereby can avoid the log off procedure of carrying out subscriber identity information due to an application server unsuccessfully to cause all application servers to carry out the situation appearance of the log off procedure failure of subscriber identity information.
In concrete enforcement, the cancellation method of described subscriber identity information can also comprise: after user's identity information has been nullified in unification, jump to the login page of described application from current page.Like this, after unified logging off users identity information, owing to having jumped to the login page of described application, therefore can inform clearer, clearly described in user that unified process of nullifying finishes, and experiences thereby can further improve user.
For those skilled in the art being understood better and realizing the present invention, below the corresponding system of the cancellation method of above-mentioned subscriber identity information and device are described in detail.
Embodiment bis-
The system that the present embodiment provides a kind of subscriber identity information to nullify, described system can comprise certificate server and client, wherein:
Described certificate server, for receiving user's unified de-registration request, obtains the cancellation address of listed at least two application of described user, and obtained cancellation address is sent to client according to described unified de-registration request;
The cancellation address that described client sends for receiving described certificate server, after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
Below in conjunction with Fig. 2, to a plurality of application servers of user's unified login, and on a plurality of application servers after described login, the unified process of nullifying of user's identity information is elaborated:
As described in Figure 2, the system that described subscriber identity information is nullified comprises certificate server 210 and client 220.Client 220 can be accessed a plurality of application servers, comprising: application server 230, application server 240 and application server 250, and carry out unified certification and unified cancellation by 210 couples of users of certificate server.
Wherein, the process that 210 couples of users of certificate server carry out unified certification can comprise the steps:
Step S201: when user accesses certain application by client 220, need to send logging request to corresponding application server 230;
Step S202: when application server 230 receives after the logging request of user's transmission, send the first redirect messages to client 220, described the first redirect message comprises the entry address of certificate server 210;
Step S203: client 220 receives after the server address of application server 230 transmissions, sends authentication request to corresponding certificate server 210, and described authentication request comprises user's Unified Identity sign;
Step S204: the authentication request that 210 pairs of clients of certificate server send is carried out authentication and the Unified Identity sign of the user in described authentication request carried out to authentication;
Step S205: certificate server 210 sends the second redirect message according to the result of checking to client 220, and described the second redirect message comprises the address of application server 230 and the authentication result of certificate server 210;
Step S206: client, according to the second redirect message receiving, sends access request to application server, and described access request comprises the authentication result of described certificate server;
Step S207: application server 230 is according to the access request receiving, according to the identity of the authentication result authentication of users in described access request, when described authentication result represents that described user identity is legal, allow user's access application server 230, when described authentication result represents that described user identity is illegal, refusal user access application server 230;
Step S208: application server 230 sends response message to client 220, described corresponding message comprises the success of user's access application server or failed information;
To be client 220 send access request to application server 240 to step S209~step S211, and the process processed of 240 pairs of described access request of application server, and S206~step S208 is similar to step, repeats no more herein.
To be client 220 send de-registration request to application server 250 to step S212~step S214, and the process processed of 250 pairs of described de-registration request of application server, and S206~step S208 is similar to step, repeats no more herein.
User, can be unified to nullify by 210 couples of users' of certificate server identity information by abovementioned steps after a plurality of servers such as application server 230,240 and 250 are logined, and detailed process is as follows:
Step S215: client 220 sends unified request of nullifying to certificate server 210, for the unified subscriber identity information of nullifying listed each application server of described user of request authentication server 210;
In the present embodiment, the subscriber identity information of nullifying application server 230, application server 240 and application server 250 with request authentication server 210 describes.
Step S216: certificate server 210 receives after user's unified de-registration request, nullifies the subscriber identity information on certificate server 210, and obtains the cancellation address of application server 230, application server 240 and application server 250;
Step S217: certificate server 210 sends the unified message exiting to client 220, and the message that described unification is exited comprises the cancellation address of application server 230, application server 240 and application server 250;
Step S218: client 220 receives after the unified exit message of certificate server 210 transmissions, sends de-registration request to application server 230;
Step S219: application server 230 receives after the de-registration request of client transmission, first user identity information and the second subscriber identity information are nullified, wherein said first user identity information is the described user's that stores of described application server 230 identity information, and described the second subscriber identity information is that store and the described user's that described first user identity information is corresponding of described client 220 identity information;
Step S220: application server 230, after user's identity information is nullified, sends response message to client 220, described response message comprises application server 230 success of logging off users identity information or failed information;
To be client 220 send de-registration request to application server 240 to step S221~step S223, and the process processed of 240 pairs of described de-registration request of described application server, and S218~S220 is similar to step, repeats no more herein.
To be client 220 send de-registration request to application server 250 to step S224~step S226, and the process processed of 250 pairs of described de-registration request of described application server, similar to S218~S220, repeats no more herein.
It should be noted that, in concrete enforcement, client 220 can send de-registration request to corresponding application server simultaneously, also can to corresponding application server, send successively or several times.
In concrete enforcement, described certificate server 210 is also for according to described unified de-registration request, obtain the application identities of described listed at least two application, again according to described application identities, obtain the cancellation address of described application, and described application identities is stored in the Cookie of client.
In concrete application process, described client 220 also can be used for monitoring described application server and nullifies described user's the needed time of identity information according to described de-registration request, the needed time of identity information of nullifying described user at described application server is while surpassing the default time, by send the modes such as instruction of interrupting cancellation to described application server, interrupt the cancellation of described application server to described user's identity information.
Embodiment tri-
Referring to Fig. 3, the present embodiment provides a kind of certificate server, and described certificate server comprises:
Receiving element 310, for receiving user's unified de-registration request;
Acquiring unit 320, for obtaining the cancellation address of listed at least two application of described user according to described unified de-registration request;
Transmitting element 330, for obtained cancellation address is sent to client, by client, to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
In concrete enforcement, described acquiring unit 320 can also comprise:
First obtains subelement 3202, for according to described unified de-registration request, obtains the application identities of described listed at least two application;
Second obtains subelement 3204, for according to the application identities of described application, obtains the cancellation address of described application.
Referring to Fig. 4, the present embodiment also provides a kind of client 40, and described client 40 can comprise:
Receiving element 410, for receiving the cancellation address of listed at least two application of user of certificate server transmission;
Transmitting element 420, for after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
In concrete enforcement, described client 40 can also comprise monitoring unit 430 and interrupt location 440, wherein:
Described monitoring unit 430 is nullified described user's the needed time of identity according to described de-registration request for monitoring described application server;
When described interrupt location 440 surpasses the default time for nullify described user's the needed time of identity at described application server, interrupt the cancellation of described application server to described user's identity.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is to come the hardware that instruction is relevant to complete by program, this program can be stored in a computer-readable recording medium, and storage medium can comprise: ROM, RAM, disk or CD etc.
Although the present invention discloses as above, the present invention is not defined in this.Any those skilled in the art, without departing from the spirit and scope of the present invention, all can make various changes or modifications, so protection scope of the present invention should be as the criterion with claim limited range.

Claims (12)

1. a cancellation method for subscriber identity information, is characterized in that, comprising:
Receive user's unified de-registration request;
According to described unified de-registration request, obtain the cancellation address of listed at least two application of described user;
Described cancellation address is sent to client, by client, to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is that described client is stored and corresponding with described first user identity information described user's identity information.
2. the cancellation method of subscriber identity information as claimed in claim 1, is characterized in that, described according to described unified de-registration request, obtains the cancellation address of listed at least two application of described user, comprising:
According to described unified de-registration request, obtain the application identities of described listed at least two application;
According to described application identities, obtain the cancellation address of described application.
3. the cancellation method of subscriber identity information as claimed in claim 2, is characterized in that, described application identities is stored in the Cookie of client.
4. the cancellation method of subscriber identity information as claimed in claim 1, it is characterized in that, also comprise: monitor described application server and nullify described user's the needed time of identity according to described de-registration request, and when the needed time of identity that described application server is nullified described user surpasses the default time, interrupt the cancellation of described application server to described user's identity.
5. the system that subscriber identity information is nullified, is characterized in that, comprises certificate server and client, wherein:
Described certificate server, for receiving user's unified de-registration request, obtains the cancellation address of listed at least two application of described user, and obtained cancellation address is sent to client according to described unified de-registration request;
The cancellation address that described client sends for receiving described certificate server, after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
6. the system that subscriber identity information as claimed in claim 5 is nullified, it is characterized in that, described certificate server, for according to described unified de-registration request, obtains the application identities of described listed at least two application, according to described application identities, obtain the cancellation address of described application.
7. the system that subscriber identity information as claimed in claim 6 is nullified, is characterized in that, described certificate server is also for being stored in described application identities the Cookie of client.
8. the system that subscriber identity information as claimed in claim 5 is nullified, it is characterized in that, described client is also nullified described user's the needed time of identity information according to described de-registration request for monitoring described application server, the needed time of identity information of nullifying described user at described application server, while surpassing the default time, is interrupted the cancellation of described application server to described user's identity information.
9. a certificate server, is characterized in that, comprising:
Receiving element, for receiving user's unified de-registration request;
Acquiring unit, for obtaining the cancellation address of listed at least two application of described user according to described unified de-registration request;
Transmitting element, for obtained cancellation address is sent to client, make client to the application server corresponding with described cancellation address, send de-registration request respectively, and according to received de-registration request, nullify first user identity information and the second subscriber identity information by described application server, described first user identity information is the described user's that stores of described application server identity information, and described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
10. certificate server as claimed in claim 9, is characterized in that, described acquiring unit comprises:
First obtains subelement, for according to described unified de-registration request, obtains the application identities of described listed at least two application;
Second obtains subelement, for according to the application identities of described application, obtains the cancellation address of described application.
11. 1 kinds of clients, is characterized in that, comprising:
Receiving element, for receiving the cancellation address of listed at least two application of user of certificate server transmission;
Transmitting element, for after receiving the cancellation address of described certificate server transmission, to application server corresponding to the cancellation address sending with described certificate server, send de-registration request respectively, by described application server, according to received de-registration request, nullify first user identity information and the second subscriber identity information, described first user identity information is the described user's that stores of described application server identity information, described the second subscriber identity information is the described user's corresponding with described first user identity information that store of described client identity information.
12. clients as claimed in claim 11, is characterized in that, also comprise: monitoring unit and interrupt location, wherein:
Described monitoring unit is nullified described user's the needed time of identity according to described de-registration request for monitoring described application server;
When described interrupt location surpasses the default time for nullify described user's the needed time of identity at described application server, interrupt the cancellation of described application server to described user's identity.
CN201310522513.4A 2013-10-28 2013-10-28 The cancellation method of subscriber identity information, system, certificate server and client Expired - Fee Related CN103560884B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310522513.4A CN103560884B (en) 2013-10-28 2013-10-28 The cancellation method of subscriber identity information, system, certificate server and client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310522513.4A CN103560884B (en) 2013-10-28 2013-10-28 The cancellation method of subscriber identity information, system, certificate server and client

Publications (2)

Publication Number Publication Date
CN103560884A true CN103560884A (en) 2014-02-05
CN103560884B CN103560884B (en) 2016-08-17

Family

ID=50015040

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310522513.4A Expired - Fee Related CN103560884B (en) 2013-10-28 2013-10-28 The cancellation method of subscriber identity information, system, certificate server and client

Country Status (1)

Country Link
CN (1) CN103560884B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135489A (en) * 2014-08-13 2014-11-05 百度在线网络技术(北京)有限公司 Login authentication method and device
CN105072123A (en) * 2015-08-21 2015-11-18 广州博鳌纵横网络科技有限公司 Single sign on log-out method and system under cluster environment
CN106101293A (en) * 2016-08-30 2016-11-09 北京小米移动软件有限公司 Account management method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006065004A1 (en) * 2004-12-15 2006-06-22 Electronics And Telecommunications Research Institute System and method for performing service logout in single-sign-on service using identity
CN1889586A (en) * 2005-06-30 2007-01-03 华为技术有限公司 A log-on/log-down system and log-on/log-down method
CN102143131A (en) * 2010-08-02 2011-08-03 华为技术有限公司 User logout method and authentication server
CN104169835A (en) * 2012-03-14 2014-11-26 国际商业机器公司 Central logout from multiple websites

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006065004A1 (en) * 2004-12-15 2006-06-22 Electronics And Telecommunications Research Institute System and method for performing service logout in single-sign-on service using identity
CN1889586A (en) * 2005-06-30 2007-01-03 华为技术有限公司 A log-on/log-down system and log-on/log-down method
CN102143131A (en) * 2010-08-02 2011-08-03 华为技术有限公司 User logout method and authentication server
CN104169835A (en) * 2012-03-14 2014-11-26 国际商业机器公司 Central logout from multiple websites

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135489A (en) * 2014-08-13 2014-11-05 百度在线网络技术(北京)有限公司 Login authentication method and device
CN105072123A (en) * 2015-08-21 2015-11-18 广州博鳌纵横网络科技有限公司 Single sign on log-out method and system under cluster environment
CN106101293A (en) * 2016-08-30 2016-11-09 北京小米移动软件有限公司 Account management method and device

Also Published As

Publication number Publication date
CN103560884B (en) 2016-08-17

Similar Documents

Publication Publication Date Title
CN104580074B (en) The login method of client application and its corresponding server
US9794242B2 (en) Method, apparatus and application platform for realizing logon to an application service website
US8621589B2 (en) Cross domain single sign on
CN104735066B (en) A kind of single-point logging method of object web page application, device and system
US20150207814A1 (en) Validating Visitor Internet-Based Security Threats
US8898309B2 (en) Website monitoring and cookie setting
JP2016066362A (en) Remote access and administration of device content and configuration using http protocol
US8448233B2 (en) Dealing with web attacks using cryptographically signed HTTP cookies
CN102739684B (en) Portal authentication method based on virtual IP address, and server thereof
CN104660409B (en) The method of system login and certificate server cluster under cluster environment
US8423650B2 (en) Transferring session data between network applications
CN101540734A (en) Method, system and device for accessing Cookie by crossing domain names
EP2024860A2 (en) Instant messaging using browser
US9166951B2 (en) Strict communications transport security
KR101520751B1 (en) A method and server for monitoring users during their browsing within a communications network
CN101582856B (en) Session setup method of portal server and BAS (broadband access server) device and system thereof
MX2011003223A (en) Service provider access.
CN102783119A (en) Access control method and system, and access terminal
US20170032147A1 (en) Obscuring user web usage patterns
US20130117817A1 (en) Prevention of cross site request forgery attacks by conditional use cookies
CN104079683B (en) A kind of authoritative domain name server directly in response to domain name analytic method and system
CN105072123A (en) Single sign on log-out method and system under cluster environment
CN104468592A (en) Login method and system
CN103560884A (en) Method and system for user identity information logout, authentication server and client terminal
CN107483609B (en) A kind of Network Access Method, relevant device and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160817

Termination date: 20181028