CN103795767B - A cross-application session synchronization method and system information - Google Patents

A cross-application session synchronization method and system information Download PDF

Info

Publication number
CN103795767B
CN103795767B CN 201210434847 CN201210434847A CN103795767B CN 103795767 B CN103795767 B CN 103795767B CN 201210434847 CN201210434847 CN 201210434847 CN 201210434847 A CN201210434847 A CN 201210434847A CN 103795767 B CN103795767 B CN 103795767B
Authority
CN
Grant status
Grant
Patent type
Prior art keywords
application
corresponding
session
information
domain
Prior art date
Application number
CN 201210434847
Other languages
Chinese (zh)
Other versions
CN103795767A (en )
Inventor
叶文晖
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Abstract

本发明实施例提供了一种跨应用会话信息的同步方法和装置。 Embodiment the present invention provides a method and apparatus for synchronous cross-application session information. 所述方法包括:针对第二应用建立基于第一应用根域名的二级域名,并在第二服务器上保存二级域名与第二应用的原始域名的对应关系;第一服务器对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存,生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识;第二服务器接收对第二应用的访问请求,并判断所述访问请求是否携带第二应用对应的第二会话标识;若否,则依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识;依据所提取的第一会话标识查找保存的第一会话信息。 The method comprising: establishing a corresponding relationship between the domain name based on the original secondary domain root domain of a first application and a second application stored in the secondary domain name on the second server for the second application; the first application registering first server generated when the first session information, a first session identifier and the corresponding saved, generating a first information of a first application corresponding to the login sent to the client, the first root domain login information comprises a first application and the said first session identifier; receiving an access request to the second server, the second application, and determines whether the access request carries a second application corresponding to a second session identifier; if not, the secondary domain name based on the stored second application correspondence between the original domain name, the first session identifier is extracted in the first registration information; extracted based on the first session identifier to find information stored in the first session.

Description

一种跨应用会话信息的同步方法及系统 A cross-application session synchronization method and system information

技术领域 FIELD

[0001] 本申请实施例涉及网页技术领域,特别是涉及一种跨应用会话信息的同步方法和装置。 [0001] The present embodiment relates to web application technology, and particularly relates to a method and apparatus for synchronous cross-application session information.

背景技术 Background technique

[0002] 各大互联网企业一般都拥有多个独立的子公司,并且各子公司通常使用独立的网站和根域名。 [0002] the major Internet companies generally have multiple independent subsidiaries, and subsidiaries generally use a separate website and domain name root. 由于各网站通常针对的是相似的用户群体,为提高用户体验,方便用户登录, 当用户在其中的一个子公司的网站登录后,在访问另外一个子公司的网站时无需再登录。 Since each site is typically aimed at a similar user groups, in order to improve the user experience, user login, when the user is a subsidiary of the site where the logon, no longer need to log in when accessing a subsidiary of another site. 由于网页浏览器对于不同根域名之间的会话信息并不能共享,因此需要把登录过网站的会话同步到另外一个网站。 Since the web browser for session information between different root domain and can not be shared, and therefore you need to be logged in site to another site synchronization session.

[0003] 例如,用户在第一网站登录后,在Cookie中写入第一网站的根域名,然后由第一网站向其根域名对应的后台服务器发送请求;后台服务器接收到请求后获取第一网站的Cook ie,并提取Cooki e中的会话标识;然后,第一网站的后台服务器对会话标识加密后可以Ajax请求的方式,发送到第一网站的各个子网站根域名对应的后台服务器;子网站对应的后台服务器接收到请求后,解密出会话标识,然后将会话标识写入到Cookie中,从而使得用户在访问这些子网站的时候,根据会话标识获取到同一会话信息,无需再次登录。 [0003] For example, a user writing a first site in the Cookie root domain site after the first log, and send the request by the back-end server to which the first site domain corresponding to the root; first backend server after receiving a request for obtaining site Cook ie, and extracts the session identifier Cooki e; then, a first embodiment of the site after the back-end server may be encrypted session identifier Ajax request, the server transmits back to the root domain of each sub-site corresponding to the first website; sub after the site corresponding back-end server receives the request, decrypt the session identifier, and then identify the session will be written to the Cookie, so that when users access the subsite, access to the same session according to the session identifier information, without having to log in again.

[0004] 以上现有技术中存在的问题是,由于网页浏览器有并发连接数限制,例如,第一网站对应有10个子网站,一次只能发送3个Ajax请求到子网站,因此,发送Ajax请求的时间会比较长,导致用户登录主网站的速度非常慢,用户等待时间过长,在此过程中可能会直接刷新页面,导致Ajax请求发送失败,进而无法同步会话信息。 [0004] The above prior art, there is a problem, since the web browser with a limit number of concurrent connections, e.g., the site corresponding to the first 10 subsites, can send a request to the Ajax three subsites, therefore, transmitted Ajax requested time will be longer, causing the user to log the main site is very slow, users wait too long in this process may refresh the page directly, resulting Ajax request fails, and thus can not synchronize session information.

[0005] 因此,目前需要本领域技术人员解决的一个技术问题就是,提供一种跨应用会话信息的同步机制,以避免因网页并发连接数限制,而导致的子网站同步登录失败的问题。 [0005] Therefore, there needs skilled in the art to solve a technical problem is to provide a mechanism for cross-application synchronization session information, in order to avoid limiting the number of concurrent connections page, which led to the sub-site synchronization failed login problems.

发明内容 SUMMARY

[0006] 本申请实施例提供一种跨应用会话信息的同步方法,以避免因网页并发连接数限制,而导致的子网站同步登录失败的问题。 [0006] The present application embodiment provides a method of synchronizing session information across applications, in order to avoid limiting the number of concurrent connections page, which led to the sub-site synchronization failed login problems.

[0007] 本申请实施例还提供了一种跨应用会话信息的同步系统,用以保证上述方法在实际中的应用及实现。 [0007] The present application further provides a cross-system synchronization application session information, and to ensure the application of the above method in practice.

[0008] 为了解决上述问题,本申请实施例公开了一种跨应用会话信息的同步方法,包括: [0008] To solve the above problems, the present embodiment discloses a method for synchronizing a cross application session information, comprising:

[0009] 针对第二应用建立基于第一应用根域名的二级域名,并在第二服务器上保存二级域名与第二应用的原始域名的对应关系; Corresponding relationship [0009] Based on the first two applications root domain of the domain name, the domain name and save the two second application on a second server for a second application to establish the original domain;

[0010] 第一服务器对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存,生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; [0010] The first server a first session information of the first application generating a login time, and a corresponding saved first session identifier, to generate a first application corresponding to the first registration information sent to the client, the first login root domain name information comprises a first application and the first session identifier;

[0011] 第二服务器接收对第二应用的访问请求,并判断所述访问请求是否携带第二应用对应的第二会话标识; [0011] second server receives the request for access to the second application, and determines whether the access request carries a second application corresponding to a second session identifier;

[0012] 若否,则依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识; [0012] If not, the original domain name according to the corresponding relationship stored in the secondary domain name of the second application, a first session identifier extracted in the first registration information;

[0013] 依据所提取的第一会话标识查找保存的第一会话信息。 The first session of the extracted [0013] accordance with the identification information to find the saved first session.

[0014] 优选的,所述依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息提取第一会话标识的步骤包括: [0014] Preferably, the original domain name according to the corresponding relationship stored in the secondary domain name of the second application, the step of extracting the first identifier in the first session login information comprises:

[0015] 按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名; [0015] The second application in the original domain name, the domain name and the original and secondary domain name corresponding to a second application based on the corresponding relationship between a first application of the secondary domain root domain, is determined;

[0016] 依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 [0016] The two domain names as the root domain in the client registration information corresponding to a first extracted, and extracts the corresponding identifier from the first session of the first login message.

[0017] 优选的,所述方法还包括: [0017] Preferably, the method further comprising:

[0018] 第一服务器对登录第二应用时产生的第二会话标识,以及对应的第二会话信息进行保存,生成第二应用对应的第二登录信息并发送到客户端,所述第二登录信息中包括第二应用的根域名和所述第二会话标识。 [0018] a second server a first session identifier generated by the application when the second log, and the second session information corresponding saved, generating a second application corresponding to the second registration information sent to the client, the second login root domain information comprising a second application and the second session identifier.

[0019] 优选的,所述判断所述访问请求是否携带第二应用对应的第二会话标识的结果为是时, [0019] Preferably, the determining whether the access request carries a second result of the second session identifier corresponding to the application is YES,

[0020] 还包括依据所述第二会话标识查找相应的第二会话信息。 [0020] further comprising a second session identification according to the second session information corresponding to find.

[0021] 优选的,所述判断所述访问请求中,是否携带第二应用对应的第二会话标识的步骤为,判断所述访问请求中是否携带会话标识的关键字段,若否,贝U不存在相应的会话标识。 [0021] Preferably, the determining whether the access request, whether the session identifier of the second step corresponding to a second application is carried, determining whether the access request carries a session key segment identifier, if not, shellfish U respective session identifier does not exist.

[0022] 优选的,所述方法还包括: [0022] Preferably, the method further comprising:

[0023] 第二服务器接收登出第一应用的信息后,清除第二应用对应的第二登录信息。 After the information of the first application [0023] second server receives log out, a second clear the login information corresponding to the second application.

[0024] 本发明还提供了一种跨应用会话信息的同步系统,包括第一服务器和第二服务器; [0024] The present invention also provides a synchronization system across the application session information, comprising a first and second servers;

[0025] 所述第一服务器包括第一对应关系保存模块和第一登录信息生成模块; [0025] The first server includes a first module and a first correspondence relationship storing login information generation module;

[0026] 所述第一对应关系保存模块,用于对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存; [0026] the first correspondence storing module, for the first login session information generated by a first application, a first session identifier and the corresponding saved;

[0027] 所述第一登录信息生成模块,用于生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; [0027] The first login information generation module for generating a first a first application corresponding to the login information sent to the client, the first root domain login information comprises a first application and the first session identity;

[0028] 所述第二服务器包括对应关系预存模块、判断模块、第一会话标识提取模块和第一会话信息提取模块; [0028] The second server includes a pre-stored corresponding relationship module, judging module, a first session identifier and the first session information extraction module extracting module;

[0029] 对应关系预存模块,用于保存针对第二应用建立的基于第一应用根域名的二级域名与第二应用的原始域名的对应关系; [0029] pre-stored corresponding relationship between the module for storing the first application based on the secondary domain root domain of the domain of the original and the second application for a second application to establish a corresponding relationship;

[0030] 判断模块,用于接收对第二应用的访问请求,并判断所述访问请求是否携带第二应用对应的第二会话标识; [0030] The determining module, configured to receive a request for access to the second application, and determines whether the access request carries a second application corresponding to a second session identifier;

[0031] 第一会话标识提取模块,用于依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识; [0031] The first session identifier extracting module, for pre-stored corresponding relationship between the original domain and two domain names based on a second application, a first session identifier extracted in the first registration information;

[0032] 第一会话信息提取模块,用于依据所提取的第一会话标识查找保存的第一会话信肩、。 [0032] The first session information extraction means for extracting a first session based on the session identifier to find the letter a first shoulder saved.

[0033] 优选的,所述会话标识提取模块包括: [0033] Preferably, the session identifier extraction module comprising:

[0034]二级域名确定子模块,用于按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名; [0034] The two domain determination sub-module, a second application for the original domain name, the domain name and the original corresponding relationship according to the first and second level domain based on the root domain of the application, a second application to determine the domain name corresponding to two;

[0035]登录信息提取子模块,用于依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 [0035] The log information extracting submodule, configured according to the two domain root domain, extracting information corresponding to the first login client, and extracts the corresponding identifier from the first session of the first login message.

[0036] 优选的,所述第一服务器还包括: [0036] Preferably, the first server further comprises:

[0037] 第二对应关系保存模块,用于对登录第二应用时产生的第二会话信息,以及对应的第二会话标识进行保存; [0037] The second correspondence storing module, for a second session log information generated when the second application, and a session identifier corresponding to a second save;

[0038] 第二登录信息生成模块,用于生成第二应用对应的第二登录信息并发送到客户端,所述第二登录信息中包括第二应用的根域名和所述第二会话标识。 [0038] The second login information generation module for generating a second application corresponding to the second registration information sent to the client, the second root domain login information comprises a second application and the second session identifier.

[0039] 优选的,所述第二服务器还包括: [0039] Preferably, the second server further comprises:

[0040]登录信息清除模块,用于接收登出第一应用的信息后,清除第二应用对应的第二登录信息。 [0040] Clear login module, for receiving the logout information of the first application, a second clear login information corresponding to the second application.

[0041] 与现有技术相比,本申请实施例具有以下优点: [0041] Compared with the prior art, embodiments of the present application has the following advantages:

[0042] 依据本申请实施例,针对子网站,设定一个基于主网站的二级域名,用户在主网站登录后,分别对会话标识和对应的会话信息,以及包含根域名的登录信息进行保存;用户访问子网站时,可以依据子网站对应的二级域名,提取主网站登录信息中的会话标识,并依据该会话标识提取主网站的会话信息。 [0042] According to this embodiment of the application, for the sub-site, based on a set of two main site domain, the main site after the user logged in, respectively, corresponding to the session identifier and session information, and login information is stored root domain comprising ; when the user accesses the subsite, the subsite can be based on two domain names corresponding to extract the main site logon session ID information, and extracts the session information in accordance with the main site of the session identifier. 这种按需提取会话信息的同步方法,不需要同时将会话信息同步到所有的子网站,可以避免因网页并发连接数限制,而导致的子网站同步登录失败的问题。 This extraction method for on-demand synchronization session information, session information is not required while synchronized to all sub-sites, web pages can be avoided by limiting the number of concurrent connections, which led to the sub-site synchronization failed login problems.

[0043] 此外,现有技术中,需要对各个子网站进行P3P (P latf orm f or Pr i vacy Preferences,个人隐私保护平台)设置,允许第三方网站异步访问,即在主网站登录后,允许将会话信息写入子网站对应的cookie中,P3P设置可能存在安全风险;而本申请实施例无需对子网站进行P3P设置,在访问子网站的时候,直接提取所需的会话信息即可,因此,避免了各网站信息交互时带来的安全风险。 [0043] In addition, the prior art, the need for P3P (P latf orm f or Pr i vacy Preferences, internet privacy protection) is provided for each sub-site, third-party website to allow asynchronous access, i.e., after the main website logins, allowing session information is written to the cookie corresponding subsites, P3P settings may be a security risk; and patients do not need to be subsite present application P3P settings, when accessing subsite, directly extract the required information to the session, so to avoid the security risks posed by each site when the information exchange.

[0044] 并且,本申请实施例可以对会话信息和对应的会话标识进行保存,由需要同步会话信息的子网站服务器判断或是获取会话标识,而不是由一台统一的主网站服务器来执行同步逻辑,避免了主网站的服务器出现异常时,所有子网站都无法同步会话信息的问题。 [0044] Further, embodiments of the present application can be saved and session information corresponding to the session identifier, the sub-information from the web server needs to acquire the synchronization session or the session identifier is determined, instead performed by a single server synchronization main site logic, avoiding abnormal primary site's server appears, all sub-sites can not issue a synchronization session information.

附图说明 BRIEF DESCRIPTION

[0045]图1是本申请实施例的一种跨应用会话信息的同步方法实施例一的流程图; [0045] FIG. 1 is a cross-synchronization method of an embodiment of the application session information in the present application embodiment a flow diagram embodiment;

[0046]图2是本申请实施例的一种跨应用会话信息的同步方法实施例二的流程图; [0046] FIG. 2 is a cross-synchronization method of an embodiment of the application of the present application session information according to a second embodiment of a flowchart;

[0047]图3是本申请实施例的一种跨应用会话信息的同步系统实施例的结构框图本申请实施例。 [0047] FIG. 3 is a block diagram showing an embodiment of a cross application session information in the synchronization system of the embodiment of the present embodiment application of the present application.

具体实施方式 detailed description

[0048] 为使本申请实施例的上述目的、特征和优点能够更加明显易懂,下面结合附图和 [0048] The above object of the present application, features and advantages of the embodiments can be more fully understood in conjunction with the accompanying drawings and the following

具体实施方式对本申请实施例作进一步详细的说明。 DETAILED DESCRIPTION Embodiments of the present application will be further described in detail.

[0049]用户在浏览器端访问第一应用和第二应用,第一服务器用于处理用户请求,在具体的实现中,第一服务器可以是统一登录服务器,用于处理用户的登录请求;第一服务器接收用户的请求后,依据请求去第二服务器获取相应的内容或服务,第二服务器为第二应用对应的后台服务器。 [0049] The user browser accessing the first application and the second application, a first server for processing user requests, in a particular implementation, the first unified login server may be a server, a login request of the user process; first after the server receives a user request, according to a second request to the server to obtain the corresponding service or content, the second server to the second application corresponding to the backend server.

[0050]本申请实施例保存了第一应用登录后产生的第一会话标识和第一会话信息,并预存了第二应用的原始域名与基于第一应用的二级域名的对应关系,在用户第一次登录第二应用时,第二服务器依据对应关系,在第一应用的第一登录信息中提取第一会话标识,进一步依据第一会话标识提取对应的第一会话信息,这种按需提取会话信息的同步方法,不需要同时将会话信息同步到所有的子网站,可以避免因网页并发连接数限制,而导致的子网站同步登录失败的问题。 [0050] Example embodiments of the present application session identifier and the saved first session information produced after the first application registering first and second application stored original domain name based on a corresponding relationship between a first application of the secondary domain name, the user when the first log a second application, the second server based on the correspondence relationship, a first extraction in a first session identifier in the registration information of the first application, the first extract is further based on a first session information corresponding to the session identifier, the demand synchronization method of extracting session information, session information is not required while synchronized to all sub-sites, web pages can be avoided by limiting the number of concurrent connections, which led to the sub-site synchronization failed login problems.

[0051] 参考图1,其示出了本申请实施例的一种跨应用会话信息的同步方法实施例一的流程图,具体可以包括以下步骤: [0051] Referring to FIG 1, there is shown a flow diagram of the present application embodiment a method of synchronizing the application session information across Example embodiment may specifically include the following steps:

[0052] 步骤101、针对第二应用建立基于第一应用根域名的二级域名,并在第二服务器上保存该二级域名与第二应用的原始域名的对应关系。 Corresponding relationship [0052] Step 101, for a second application to establish a first domain name based on the two application root domain, and the domain name and save the two second application on a second server in the original domain.

[0053] 本申请实施例中,第一应用和第二应用可以是网站或其他可以进行用户登录的应用程序。 [0053] Example embodiments of the present application, the first application and the second application may be a web site or other applications may be logged in user. 当第一应用和第二应用分别对应第一网站和第二网站时,第一网站和第二网站可以是主网站和子网站的关系,也可以经过授权可以共享会话信息的任意两个网站。 When the first and second applications corresponding to the first site and the second site, respectively, the first site and the second site may be a relationship between the main site and the sub-site, it may be authorized to share session information of any two sites.

[0054]本申请实施例中,第二网站有两个域名,一个是原始域名,即自己原本的域名,例如blog.b. com,对应的根域名为*.b. com;-个是基于第一网站根域名的二级域名,例如,第一网站的根域名为*.a. com,则可设置第二网站的二级域名为Syncl. a. com。 [0054] Application of the present embodiment, there are two second site domain, a domain name is the original, i.e. their original name, e.g. blog.b. com, corresponding to the domain root * .b com; -. Is based on a the first two domain root domain of the site, for example, the root domain is the first site * .a. com, a second site may be a secondary domain name Syncl. a. com.

[0055] 将第二网站的原始域名和二级域名的对应关系保存在第二网站的后台服务器中, 依据第二网站的原始域名,便可以确定相应的二级域名。 [0055] The correspondence between the original site of the second domain and the secondary domain name stored in the site's back-end server in the second, according to the original site of the second domain, you can determine the corresponding second-level domain.

[0056] 步骤102、第一服务器对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存,生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识。 [0056] Step 102, a first information server a first session when a first log generated by the application, and the corresponding saved first session identifier, to generate a first application corresponding to the first registration information sent to the client, the a first root domain login information includes a first application and the first session identifier.

[0057]用户登录第一应用后,第一服务器会生成本次会话的会话标识和会话信息,例如, 用户登录网站131(^.&.£;0111,生成的会话标识为"31(1=1\\1",会话信息为"11361'11;^1^=7}^7; lgt=123456;userid=12333;userip=10.10• 32• 33;uaid=l 12233",其中,usernick是用户昵称,lgt为最后登录时间,userid为用户数字id,userip为用户机器ip,uaid为浏览器标识。 会话标识和会话信息是一一对应的,可以唯一标记本次会话信息。第一会话标识和相应的第一会话信息可以保存在一个独立于第二服务器的集中存储服务器中,在登录其他网站时,可以依据会话标识在集中存储服务器中搜索,可以找到相应的会话信息。 [0057] After logging in a first application, a first session identifier and the session information server sessions will green cost, e.g., user log on the website 131 (^ & £;.. 0111, the generated session identifier is "31 (= 1 1 \\ 1 "session information" 11361'11; ^ 1 ^ = 7} ^ 7; lgt = 123456; userid = 12333; userip = 10.10 • 32 • 33; uaid = l 12233 ", wherein, usernick user nickname, lgt last login time, userid for users of digital id, userip for the user's machine ip, uaid the browser identity. session ID and session information is one to one, may be the only mark this session information. the first session identifier and corresponding first session information can be stored in a centralized storage server independent of the second server, when you log on other sites, you can search session identifier in centralized storage server basis, you can find the corresponding session information.

[0058] 第一服务器可依据用户本次登录生成相应的第一登录信息,其中可以包括第一应用的根域名和第一会话标识,当第一应用和第二应用对应的是网站时,第一登录信息即为网页cookie,相应的,客户端也即是浏览器端。 [0058] The first server may be generated based on user login The respective first login information, which may include a first application root domain identifier and a first session, when the first application and the second application is the site corresponding to the first that is, a login page cookie, correspondingly, that is, the client browser. 如上例,对应的cookie为a. com: sid= xxxx;usernick=yyyy; lgt=123456…;sign=zzzz",其中,* .a. com为第一网站的根域名,sid 是会话标识,usernick是用户昵称,lgt为最后登录时间,sign是sid等cookie字段的合并加密校验码,作用是防止cookie被修改和伪造。cookie中包括了登录网站的根域名,用户登录多个网站后,浏览器端会保存有不同的根域名对应的cookie信息。 The above embodiment, the corresponding cookie is a com: sid = xxxx; usernick = yyyy; lgt = 123456 ...; sign = zzzz ", wherein, * .a com root domain is the first site, the session identifier SID is, usernick.. user nickname, lgt last login time, sign a merger cookie encrypted checksum field sid, etc., is to prevent forgery .cookie cookie being modified and included a visit the website of the root domain, users log in multiple sites, browse end will be saved in the cookie information corresponding to different root domain.

[0059] 步骤103、第二服务器接收对第二应用原始域名的访问请求,并判断所述访问请求是否携带会话标识,若否,则执行步骤104。 [0059] Step 103, the server receives a second request for a second application to access the original domain, and determines whether the access request carries the session identifier, if not, step 104 is performed.

[0060] 用户在客户端请求访问第二应用(对于网站,可以通过在浏览器端输入第二网站的原始域名发送访问请求),客户端接收到这个请求,会依据第二应用的原始域名的根域名提取第二应用对应的第二登录信息。 [0060] user on the client requests access to a second application (For websites, the access request can be sent over the original domain name in the browser enter the site of the second end), the client receives the request, according to the original domain name of the second application extracting a second application root domain name corresponding to the second login information.

[0061] 若用户不是第一次登录第二应用,依据步骤102,则客户端已存在对应的第二登录信息,则可以依据第二应用根域名提取相应的第二登录信息,将第二应用的访问请求和对应的第二登录信息,一同发送给第二服务器;若用户是第一次登录第二应用,则客户端并不存在第二应用根域名对应的第二登录信息,则仅仅会将第二应用的访问请求发送给第二服务器。 [0061] If the user is not the first log a second application, according to step 102, the client has logged information corresponding to the presence of a second, can be extracted corresponding second login information according to a second root domain application, the second application and a second access request corresponding to login information, is sent along to the second server; if the user is the first login second application, the client does not exist a second root domain login information corresponding to the second application, then only will a second application accessing a second request to the server. _ _

[0062] 第二服务器接收到访问请求后,会进一步判断访问请求中是否携带第二会话标识第一应用和第二应用为网站时,即判断网页请求中是否存在"sid= XXX"这样的字段,如果存在,表示有会话标识,若否,则没有会话标识,若是,则不存在相应的会话标识,可以进一步执行步骤105。 After the [0062] second server receives the access request, the access request further determines whether a second session identifier carried in the first and second applications for the portal, i.e., determines whether there is a field "sid = XXX" page request , if present, expressed session identifier, if not, then no session identifier, and if so, the appropriate session identifier is not present, step 105 may be further performed.

[0063] 步骤104、依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识。 [0063] Step 104, the domain name according to the corresponding relationship between the original pre-stored secondary domain and a second application, a first session identifier extracted in the first registration information.

[0064] 所述原始域名的根域名与第一网站的根域名不同,所述步骤104可以包括: [0064] The original domain root domain root domain different from the first site, the step 104 may include:

[0065] 子步骤S21、按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名。 [0065] The sub-step S21, the second application in the original domain name, the domain name and the correspondence between original and secondary domain name based on the root domain of the first application, a second application to determine the domain name corresponding to two.

[0066] 子步骤S22、依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 [0066] The sub-step S22, the domain names as the root domain of the two, the client registration information corresponding to a first extracted, and extracts the corresponding identifier from the first session of the first login message.

[0067] 若第二应用原始域名对应的第二登录信息中不存在相应的第二会话标识,则说明用户未登录过第二应用,可以依据第二应用的二级域名提取第一应用登录后产生的第一会话标识。 [0067] When the original domain name corresponding to a second application corresponding to the absence of the second session identification second login information, then the user is not logged through the second application may be extracted based on a first application registering second application after the secondary domain name generating a first session identifier.

[0068]具体的,由于预存了第二应用的原始域名与二级域名的对应关系,依据第二应用的原始域名便可以确定对应的二级域名,二级域名基于第一应用的根域名建立,因此,二级域名的根域名也即是第一应用的根域名。 [0068] Specifically, since the original pre-stored corresponding relationship between the domain and the second application of the second level domain, the second domain based on the original application can determine two domain names corresponding to the domain name based on the root domain of the first two applications to establish Therefore, the domain root that is, two domain root domain of the first application. 步骤102中,用户登录第一应用后,客户端保存了第一服务器发送的第一登录信息,第一登录信息中包括第一应用的根域名和第一会话标识。 In step 102, after the user logs in the first application, the first client to save login information transmitted from the first server, the first root domain login information includes a first application and a first session identifier. 依据第一应用的根域名可以在客户端找到对应的第一登录信息,进而可以提取其中的会话标识。 The first login information can be found in the corresponding client application based on the root domain first, and then you can extract the session ID.

[0069] 如上例,第二网站的原始域名为blog. b. com,保存的对应关系为blog.b. com-- syncl .a. com,因此确定对应的二级域名为sync 1 .a. com,对应的第一网站的根域名为* • a. com,可以依据a. com在浏览器端提取第一网站对应的cookie、.a. com: sid=xxxx; usernick=yyyy; lgt=123456…;sign=zzzz",对应的会话标识为sid=xxxx。 [0069] the above embodiment, the original site of the second domain blog. B. Com, corresponding to the stored relationship blog.b. com-- syncl .a. Com, so as to determine two domain names corresponding to sync 1 .a. com, corresponding to the first site of the root domain name * • a com, can be based on a com extracted first website in the browser corresponding cookie, .a com:... sid = xxxx; usernick = yyyy; lgt = 123456 ...; sign = zzzz ", corresponding to the session identifier sid = xxxx.

[0070] 步骤105、依据所提取的第一会话标识查找保存的第一会话信息。 [0070] Step 105, based on the extracted first session identifier to find the saved first session information.

[0071] 会话标识和会话信息是一一对应的,依据会话标识便可获取会话信息,将会话信息写入第二应用原始域名对应的信息中,便可以实现在第二应用的登录。 [0071] session identifier and session information is one to one, according to the session identifier can get session information, session information is written to the second application information corresponding to the original domain name, you can log on to achieve in the second application. 对于网站而言,将会话信息写入第二网站对应的网页内容中,然后发送到浏览器端进行渲染,展示的页面中会显示用户状态为已登录。 For the site, the session information is written web content corresponding to the second site, and then sent to the browser to render the page will be displayed to show the status of the user is logged in.

[0072]相对于现有技术中,主网站的后台服务器出现问题,其子网站便无法同步会话信息,进而不能登录的状况相比,本申请实施例中,各网站的后台服务器主动去获取第一网站对应的第一会话信息,避免了主网站的服务器出现异常时,所有子网站都无法同步会话信息的问题。 [0072] with respect to the prior art, the main problem with the site's back-end server, its subsites can not synchronize session information, and then the situation can not log as compared to the present application embodiment, each of the site's back-end server initiative to get the first the first session information corresponding to a site, avoiding abnormal primary site's server appears, all sub-sites can not issue a synchronization session information.

[0073] 参考图2,其示出了本申请实施例的一种跨应用会话信息的同步方法实施例2的流程图,具体可以包括以下步骤: [0073] Referring to Figure 2, which shows a flowchart of application Example 2 of the present embodiment of the synchronization method of the embodiment of the application session information across embodiment may specifically include the following steps:

[0074] 步骤201、针对第二应用建立基于第一应用根域名的二级域名,并在第二服务器上保存二级域名与第二应用的原始域名的对应关系。 [0074] Step 201, the corresponding relationship for the second application to establish a first secondary domain name based on the application root domain, and the domain name and save the original domain two second application on the second server.

[0075] 步骤202、第一服务器对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存,生成第一应用对应的第一登录信息并发送到浏览器端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; [0075] Step 202, a first information server a first session when a first log generated by the application, and the corresponding saved first session identifier, to generate a first login information corresponding to a first application sent to the browser side, the said first root domain name registration information comprises a first application and the first session identifier;

[0076] 步骤203、第二服务器接收对第二应用的访问请求,并判断所述访问请求中是否携带第二网站对应的会话标识,若否,则执行步骤204和步骤205,若是,则执行步骤206。 [0076] Step 203, the second server receives an access request for a second application, and determines whether the access request carries a session identification corresponding to a second site, and if not, step 204 and step 205, if yes, performing step 206.

[0077]本实施例中,若访问请求信息中包括会话标识,说明用户之前登录过第二网站,客户端已经保存有第二会话标识以及对应的第二会话信息,可以依据第二会话标识直接提取第二会话信息。 [0077] In this embodiment, if the access request information includes the session identifier, the second site described previously logged user, client session identifier has been stored, and a second information corresponding to the second session, a second session can be identified based on direct extracting the second session information.

[0078]步骤204、依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识。 [0078] Step 204, the domain name according to the corresponding relationship between the original pre-stored secondary domain and a second application, a first session identifier extracted in the first registration information.

[0079] 步骤205、依据所提取的第一会话标识查找保存的第一会话信息。 [0079] Step 205, based on the extracted first session identifier to find the saved first session information.

[0080] 在本实施例中,可以将会话标识写入第二网站对应的cookie中,如图2所示,本实施例还可以进一步包括: [0080] In the present embodiment, the identifier may be written into the second session cookie corresponding to the website, as shown in FIG. 2, the present embodiment may further comprise:

[0081] 步骤206、依据所提取的第二会话标识查找相应的第二会话信息。 [0081] Step 206, based on the extracted second session identifier to find the appropriate second session information.

[0082] 步骤207、第一服务器对登录第二网站时产生的第二会话标识,以及对应的第二会话信进行保存,生成第二网站对应的第二登录信息并发送到客户端,所述第二登录信息中包括第一网站的根域名和所述第二会话标识。 [0082] Step 207, the second server a first session identifier when the second log generating site, and a second channel corresponding to the saved session, generating a second web site corresponding to a second login information sent to the client, the the second root domain name registration information includes first site and the second session identifier.

[0083] 在第二应用成功登录后,还可以生成包括第二网站的根域名和第二会话标识的第二登录信息发送到客户端进行保存,并对第二会话标识,以及对应的第二会话信息进行保存。 [0083] In a second application after successful login, you can generate include sending a second root domain login information of the second site and the second session identifier to the client to save, and the second session identifier and a corresponding second session information is saved. 用户下次访问第二应用时,第一服务器会将第二应用的第二登录信息和访问请求发送给第二服务器,这样,第二服务器可以直接在访问请求中提取到第二会话标识,进而可以提取对应的第二会话信息,不用去二级域名对应的第一登录信息中获取第一会话标识,加快了登录第二应用的速度。 Next time the user accesses the second application, the second server will first log information and the second application access request to the second server so that the server can be extracted directly from the second access request to the second session identifier, and further can extract information corresponding to the second session, do not have to login first secondary domain name corresponding to acquire a first session identifier, accelerates login second application.

[0084] 在本实施例中,还可以在登出第一应用时,清除写入第二应用对应的第二登录信息,如图2所示,本实施例还可以进一步包括: [0084] In the present embodiment may also be applied at the first sign out, clear the log information is written to a second application corresponding to the second, shown in Figure 2, the present embodiment may further comprise:

[0085] 步骤207、第二服务器接收登出第一应用的信息后,清除第二应用对应的第二登录fg息。 After [0085] Step 207, the second server receives the logout information of the first application, the second login fg remove information corresponding to the second application.

[0086] 在登出第一应用时,客户端会向第二应用服务器发送登出的提示信息,第二服务器接收到提示信息后,会向客户端发送需要删除会话标识的第二应用的根域名,客户端器依据第二应用的根域名查找到相应的登录信息后,会进行清除的操作。 After [0086] In the logout first application, the client sends the logout message to the second server, the second server receives the message, the root sends a second session identifier to be deleted to the client application after the domain name, the client looks for the appropriate login as the root domain of the second application, the operation will clear.

[0087] 综上所述,依据本申请实施例,针对子网站,设定一个基于主网站的二级域名,用户在主网站登录后,分别对会话标识和对应的会话信息,以及包含根域名的登录信息进行保存;用户访问子网站时,可以依据子网站对应的二级域名,提取主网站登录信息中的会话标识,并依据该会话标识提取主网站的会话信息。 [0087] In summary, according to embodiments of the present application, for the sub-site, based on a set of two main site domain, the main site after the user logged in, respectively, the session identifier and the corresponding session information, and a root domain comprising login information stored; when the user accesses the subsite, the subsite can be based on two domain names corresponding to extract the main site logon session ID information, and extracts the session information in accordance with the main site of the session identifier. 这种按需提取会话信息的同步方法,不需要同时将会话信息同步到所有的子网站,可以避免因网页并发连接数限制,而导致的子网站同步登录失败的问题。 This extraction method for on-demand synchronization session information, session information is not required while synchronized to all sub-sites, web pages can be avoided by limiting the number of concurrent connections, which led to the sub-site synchronization failed login problems.

[0088] 此外,现有技术中,需要对各个子网站进行P3P(Platform for Privacy Preferences,个人隐私保护平台)设置,允许第三方网站异步访问,g卩在主网站登录后,允许将会话信息写入子网站对应的cookie中,P3P设置可能存在安全风险;而本申请实施例无需对子网站进行P3P设置,在访问子网站的时候,直接提取所需的会话信息即可,因此,避免了各网站信息交互时带来的安全风险。 [0088] In addition, the prior art, the need for each sub-site P3P (Platform for Privacy Preferences, privacy protection platform) is set to allow asynchronous access third-party sites, g Jie after the main site login information to allow the session to write the corresponding subsites a cookie, P3P settings may be a security risk; and patients do not need to be subsite present application P3P settings, when accessing subsite, directly extract the required information to the session, therefore, avoided each the website information security risks when interacting.

[0089] 并且,本申请实施例可以对会话信息和对应的会话标识进行保存,由需要同步会话信息的服务器判断或是获取会话标识,而不是由一台统一的主网站服务器来执行同步逻辑,避免了主网站的服务器出现异常时,所有子网站都无法同步会话信息的问题。 [0089] Further, the present embodiment can save the application session information corresponding to the session identifier is determined by the server needs to synchronize session information or session identifier acquisition, synchronization logic instead performed by a single stage primary web server, avoid abnormal primary site's server appears, all sub-sites can not issue a synchronization session information.

[0090] 对于方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本申请实施例并不受所描述的动作顺序的限制,因为依据本申请实施例,某些步骤可以采用其他顺序或者同时进行。 [0090] For Example, for ease of description, it is described as a series combination of actions, those skilled in the art should understand that the embodiments not limited by the order of acts described in this application, because according to the present Example application, some steps may be performed simultaneously or in other sequences. 其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本申请实施例所必须的。 Secondly, those skilled in the art should also understand that the embodiments are described in the specification are exemplary embodiments, actions and modules are not necessarily related to the present embodiment of the application must embodiment.

[0091] 参考图3,示出了本申请实施例的一种跨应用会话信息的同步系统实施例的结构框图,具体可以包括: [0091] Referring to Figure 3, there is shown a block diagram of an embodiment of the present application a system for synchronizing the application session information across embodiment embodiment may specifically include:

[0092] 第一服务器301和第二服务器302; [0092] The first server 301 and second server 302;

[0093] 所述第一服务器包括第一对应关系保存模块3011和第一登录信息生成模块3〇12 ; [0093] The first server comprises first correspondence storing module 3011 and a first generating module 3〇12 login information;

[0094]所述第一对应关系保存模块,用于对将登录第一应用时产生的第一会话信息,以及对应的第一会话标识发送到集中存储服务器进行保存,; [0094] the first correspondence storing module, for the first session information, and a first session corresponding to the generated application identifier transmits a first login to the central storage server to save,;

[0095] 所述第一登录信息生成模块,用于生成第一应用对应的第一登录信息并发送到浏览器客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; [0095] The first login information generation module for generating a first log information sent to the browser client, said first root domain login information comprises a first application and said second application corresponds to a first a session identifier;

[0096] 所述第二服务器302包括对应关系预存模块3021、判断模块3022、第一会话标识提取模块3023和第一会话信息提取模块3024; [0096] The second server 302 includes pre-stored corresponding relationship between module 3021, judging module 3022, a first session identifier session extraction module 3023 and a first information extraction module 3024;

[0097] 对应关系预存模块,用于保存针对第二应用建立的基于第一应用根域名的二级域名与第二应用的原始域名的对应关系; [0097] pre-stored corresponding relationship between the module for storing the first application based on the secondary domain root domain of the domain of the original and the second application for a second application to establish a corresponding relationship;

[0098]判断模块302,用于接收对第二应用原始域名的访问请求信息,并判断所述访问请求中是否携带第二应用对应的第二会话标识,若否则执行会话标识提取模块; [0098] a determination module 302, configured to receive access to the second application requesting the domain name of the original information, and determines whether the access request carries a second application corresponding to the second session identifier, the session identifier, if otherwise, executing extraction module;

[0099] 第一会话标识提取模块,用于依据预存的二级域名与第二网站的原始域名的对应关系,在所述第一登录信息中提取第一会话标识; [0099] The first session identifier extraction module according to the original domain for the corresponding relationship stored domain of the second secondary site extracts a first session identifier in the first registration information;

[0100] 第一会话信息写入提取模块,用于依据所提取的第一会话标识查找保存相应的第一'会话彳§息。 [0100] The session information is written first extraction means for the extracted session identifier according to the first save the corresponding first look '§ left foot session information.

[0101] 本申请实施例中,所述第二服务器还可以包括: [0101] Application of the present embodiment, the second server may further comprise:

[0102] 第二会话信息提取模块,用于依据所述第二会话标识查找相应的第二会话信息。 [0102] The second session information extraction module according to the second session identifier to find the appropriate second session information.

[0103] 本申请实施例中,所述会话标识提取模块可以包括: [0103] Application of the present embodiment, the session identifier may extraction module comprising:

[0104] 二级域名确定子模块,用于按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名; [0104] secondary domain determination sub-module, a second application for the original domain name, the domain name and the original corresponding relationship according to the first and second level domain based on the root domain of the application, a second application to determine the domain name corresponding to two;

[0105] 登录信息提取子模块,用于依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 [0105] Login information extraction submodule, configured according to the two domain root domain, extracting information corresponding to the first login client, and extracts the corresponding identifier from the first session of the first login message.

[0106] 在本申请实施例的一种优选实施例中,所述第一服务器还包括: A preferred [0106] embodiment of the present application example, the first server further comprises:

[0107] 第二对应关系保存模块,用于对登录第二应用时产生的第二会话标识,以及对应的第二会话信息进行保存; [0107] second correspondence storing module, for generating a second session identifier when the application of a second log, and the second session information corresponding to the saved;

[0108] 第二登录信息生成模块,用于生成第二应用对应的第二登录信息并发送到客户端,所述第二登录信息中包括第二应用的根域名和所述第二会话标识。 [0108] The second login information generation module for generating a second application corresponding to the second registration information sent to the client, the second root domain login information comprises a second application and the second session identifier.

[0109] 在本申请实施例的一种优选实施例中,所述判断模块包括: [0109] In a preferred embodiment of the present application embodiment, the determination module comprises:

[0110] 会话标识字段判断子模块,用于判断所述访向请求中是否携带会话标识的关键字段,若是,则不存在相应的会话标识。 [0110] session identifier field determining submodule, configured to judge whether the request carries the access to the key field of the session identifier, if the corresponding session identifier is present.

[0111] 在本申请实施例的一种优选实施例中,所述第二应用的应用服务器还包括: A preferred [0111] embodiment of the present application example, the application of the second application server further comprising:

[0112] 登录信息清除模块,用于接收登出第一应用的信息后,清除第二应用对应的第二登录信息。 [0112] Clear login module, for receiving the logout information of the first application, a second clear login information corresponding to the second application.

[0113] 由于所述装置实施例基本相应于前述图1和图2所示的方法实施例,故本实施例的描述中未详尽之处,可以参见前述实施例中的相关说明,在此就不赘述了。 [0113] Since the embodiment of the apparatus substantially corresponds to the embodiment of FIG. 1 and the method shown in FIG. 2, so the description of the present embodiment is not exhaustive place can be found in the aforementioned embodiment described related embodiments, this will I do not go into details.

[0114] 本申请实施例可用于众多通用或专用的计算系统环境或配置中。 [0114] Example embodiments of the present application with numerous general purpose or special purpose computing system environments or configurations. 例如:个人计算机、服务器计算机、手持设备或便携式设备、平板型设备、多处理器系统、基于微处理器的系统、置顶盒、可编程的消费电子设备、网络PC、小型计算机、大型计算机、包括以上任何系统或设备的分布式计算环境等等。 For example: personal computers, server computers, handheld or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, set-top boxes, programmable consumer electronics, network PC, minicomputers, mainframe computers, comprising any of the above systems or devices, the distributed computing environment.

[0115] 本申请实施例可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。 [0115] The present application may be described in the general context of the embodiment in a computer-executable instructions executed by a computer, such as program modules. 一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、 对象、组件、数据结构等等。 Generally, program modules include performing particular tasks or implement particular abstract data types routines, programs, objects, components, data structures, and the like. 也可以在分布式计算环境中实践本申请实施例,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。 The present embodiment may also be practiced in distributed computing application environment, the distributed computing environments, where tasks are performed by remote processing devices that are linked through a communications network. 在分布式计算环境中, 程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。 In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices in.

[0116] 在本文中,术语"包括"、"包含"或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。 [0116] As used herein, the term "comprising", "containing" or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, article, or apparatus not include only those elements but also other elements not explicitly listed, or further includes elements of the process, method, article or device inherent. 在没有更多限制的情况下,由语句"包括一个......"限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。 Without more constraints, by the wording "include a ......" defined does not exclude the existence of additional identical elements in the element comprising a process, method, article, or apparatus.

[0117] 以上对本申请实施例所提供的一种跨应用会话信息的同步方法,以及,一种跨应用会话信息的同步系统进行了详细介绍,本文中应用了具体个例对本申请实施例的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本申请实施例的方法及其核心思想;同时,对于本领域的一般技术人员,依据本申请实施例的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本申请实施例的限制。 Described in detail synchronization method for cross-application session information embodiments provided, as well as a cross-application session synchronization system information [0117] or more embodiments of the present application, herein apply principles specific examples of embodiments of the present application and embodiments are set forth in the above described embodiment merely used to help understanding of the present application a method and core ideas of the embodiment; the same time, those of ordinary skill in the art, according to the present application ideas of the embodiments, in particular embodiments and the application scope of the change, Therefore, the specification shall not be construed as limiting the embodiments of the present application.

Claims (10)

  1. 1. 一种跨应用会话信息的同步方法,其特征在于,包括: 针对第二应用建立基于第一应用根域名的二级域名,并在第二服务器上保存二级域名与第二应用的原始域名的对应关系; 第一服务器对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存,生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; 第二服务器接收对第二应用的访问请求,并判断所述访问请求是否携带第二应用对应的第二会话标识; 若否,则依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识; 依据所提取的第一会话标识查找保存的第一会话信息。 1. A method for synchronizing information across an application session, wherein, comprising: establishing a first secondary domain root domain name based on the application for the second application and stored in the secondary domain name and a second application on the second server's original the correspondence between the domain name; a first server a first session information of the first application generating a login time, and a corresponding saved first session identifier, to generate a first application corresponding to the first registration information sent to the client, the second a root domain name registration information comprises a first application and the first session identifier; receiving an access request to the second server, the second application, and a second session identifier determines whether the request carries the access corresponding to the second application; if No, the original domain name according to the corresponding relationship between domain names and pre-stored two second application, a first session identifier extracted in the first registration information; extracted according to a first session identifier to find the saved first session information.
  2. 2. 如权利要求1所述的方法,其特征在于,所述依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识的步骤包括: 按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名; 依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 2. The method according to claim 1, characterized in that, according to the corresponding relationship between the original domain and two domain names pre-stored second application, the step of extracting a first session identifier included in the first registration information : second application in the original domain name, the domain name and the correspondence between original and secondary domain name based on the first application root domain of the domain name to determine the second application corresponding to two; the two domain names as the root domain of the client extracting information corresponding to the first log, and extracts the corresponding identifier from the first session of the first login message.
  3. 3. 如权利要求1所述的方法,其特征在于,所述方法还包括: 第一服务器对登录第二应用时产生的第二会话标识,以及对应的第二会话信息进行保存,生成第二应用对应的第二登录信息并发送到客户端,所述第二登录信息中包括第二应用的根域名和所述第二会话标识。 3. The method according to claim 1, wherein said method further comprises: a second server a first session identifier generated by the application when the second log, and the second session information corresponding saved, generating a second the second application corresponding to the login information sent to the client, the second root domain login information comprises a second application and the second session identifier.
  4. 4. 如权利要求1所述的方法,其特征在于,所述判断所述访问请求是否携带第二应用对应的第二会话标识的结果为是时, 还包括依据所述第二会话标识查找相应的第二会话信息。 4. The method according to claim 1, wherein said determining whether the access request carries a second result of the second session identifier corresponding to the application is YES, further comprising a session identifier according to the second look up the corresponding the second session information.
  5. 5. 如权利要求1所述的方法,其特征在于,所述判断所述访问请求中,是否携带第二应用对应的第二会话标识的步骤为,判断所述访问请求中是否携带会话标识的关键字段,若否,则不存在相应的会话标识。 5. The method according to claim 1, wherein said determining whether the access request, whether the application corresponding to the second step of the second carries a session identifier determines whether the access request carries the session identifier key field, and if not, do not correspond to the session identifier is present.
  6. 6. 如权利要求3所述的方法,其特征在于,还包括: 第二服务器接收登出第一应用的信息后,清除第二应用对应的第二登录信息。 6. The method according to claim 3, characterized in that, further comprising: a second server receives the logout information of the first application, a second clear login information corresponding to the second application.
  7. 7. -种跨应用会话信息的同步系统,其特征在于,包括第一服务器和第二服务器; 所述第一服务器包括第一对应关系保存模块和第一登录信息生成模块; 所述第一对应关系保存模块,用于对登录第一应用时产生的第一会话信息,以及对应的第一会话标识进行保存; 所述第一登录信息生成模块,用于生成第一应用对应的第一登录信息并发送到客户端,所述第一登录信息中包括第一应用的根域名和所述第一会话标识; 所述第二服务器包括对应关系预存模块、判断模块、第一会话标识提取模块和第一会话f目息提取t吳块; 对应关系预存模块,用于保存针对第二应用建立的基于第一应用根域名的二级域名与第二应用的原始域名的对应关系; 判断模块,用于接收对第二应用的访问请求,并判断所述访问请求是否携带第二应用对应的第二会话标识; 第一会话 7. - Species Cross application session information synchronization system, characterized by comprising a first and second servers; the first server comprises a first storage module and the corresponding relationship between the first login information generation module; corresponding to the first storing module, for the first login session information generated by a first application, a first session identifier and the corresponding saved; the first login information generation module for generating a first application corresponding to a first login sent to the client, the first root domain login information comprises a first application and the first session identifier; the second server comprises a pre-stored corresponding relationship module, judging module, a first session identifier and extracting module extracting a session information entry f t Wu block; pre-stored corresponding relationship between the module configured to store a correspondence relationship based on two original domain root domain of the domain name of the first application and the second application for the establishment of a second application; determining means for receiving an access request to the second application, and a second session identifier determines whether the request carries the access corresponding to the second application; first session 标识提取模块,用于依据预存的二级域名与第二应用的原始域名的对应关系,在所述第一登录信息中提取第一会话标识; 第一会话信息提取模块,用于依据所提取的第一会话标识查找保存的第一会话信息。 Extracting identification module, according to the original domain for the corresponding relationship between domain names and pre-stored two second application, a first session identifier extracted in the first registration information; a first session information extraction means for extracting based on the Find the first session identifier stored in the first session information.
  8. 8. 如权利要求7所述的系统,其特征在于,所述会话标识提取模块包括: 二级域名确定子模块,用于按照第二应用的原始域名,以及原始域名和基于第一应用根域名的二级域名的对应关系,确定第二应用对应的二级域名; 登录信息提取子模块,用于依据所述二级域名的根域名,在客户端提取对应的第一登录信息,并从该第一登录信息中提取对应的第一会话标识。 8. The system according to claim 7, wherein the session identification extraction module comprising: two sub-domain determination means for the second application in the original domain name, the domain name and the original application, and based on the first root domain a correspondence between two domains, the domain determining two corresponding to the second application; login information extracting submodule, used for the two domain names as the root domain, the log information corresponding to the first extracting the client, and from the first extracts the corresponding login information in a first session identifier.
  9. 9. 如权利要求7所述的系统,其特征在于,所述第一服务器还包括: 第二对应关系保存模块,用于对登录第二应用时产生的第二会话信息,以及对应的第二会话标识进行保存; 第二登录信息生成模块,用于生成第二应用对应的第二登录信息并发送到客户端,所述第二登录信息中包括第二应用的根域名和所述第二会话标识。 9. The system according to claim 7, wherein said first server further comprises: a second correspondence storing module, a second session for the second application login information is generated, and a corresponding second save the session identifier; second login information generation module for generating a second application corresponding to the second registration information sent to the client, the second root domain login information comprises a second application and the second session identity.
  10. 10. 如权利要求7所述的系统,其特征在于,所述第二服务器还包括: 登录信息清除模块,用于接收登出第一应用的信息后,清除第二应用对应的第二登录fe息。 10. The system according to claim 7, wherein said second server further comprising: login information clearing module, for receiving the logout information of the first application, a second clearance corresponding to the second application log fe interest.
CN 201210434847 2012-11-02 2012-11-02 A cross-application session synchronization method and system information CN103795767B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201210434847 CN103795767B (en) 2012-11-02 2012-11-02 A cross-application session synchronization method and system information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201210434847 CN103795767B (en) 2012-11-02 2012-11-02 A cross-application session synchronization method and system information

Publications (2)

Publication Number Publication Date
CN103795767A true CN103795767A (en) 2014-05-14
CN103795767B true CN103795767B (en) 2017-04-12

Family

ID=50671045

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201210434847 CN103795767B (en) 2012-11-02 2012-11-02 A cross-application session synchronization method and system information

Country Status (1)

Country Link
CN (1) CN103795767B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1549978A (en) * 2001-07-16 2004-11-24 Bea系统公司 Method and apparatus for session replication and failover
CN102594796A (en) * 2011-12-27 2012-07-18 中兴通讯股份有限公司 Terminal device and user information synchronization method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1549978A (en) * 2001-07-16 2004-11-24 Bea系统公司 Method and apparatus for session replication and failover
CN102594796A (en) * 2011-12-27 2012-07-18 中兴通讯股份有限公司 Terminal device and user information synchronization method

Also Published As

Publication number Publication date Type
CN103795767A (en) 2014-05-14 application

Similar Documents

Publication Publication Date Title
US20090089870A1 (en) System and method for validating interactions in an identity metasystem
US20120210413A1 (en) Facilitating single sign-on (sso) across multiple browser instance
US20120278872A1 (en) System and method of federated authentication with reverse proxy
US20100043065A1 (en) Single sign-on for web applications
CN101075875A (en) Method and system for realizing monopoint login between gate and system
CN1946022A (en) Method and system for switching third party landing and third party network and service server
CN101651666A (en) Method and device for identity authentication and single sign-on based on virtual private network
CN101834882A (en) Method, browser and communication system for sharing web page
US20130055384A1 (en) Dealing with web attacks using cryptographically signed http cookies
US20110265155A1 (en) Service provider access
CN102333065A (en) Cloud interaction protocol design
CN1897523A (en) System and method for realizing single-point login
WO2010014386A1 (en) Method and system for securing communication sessions
US7640580B1 (en) Method and apparatus for accessing a computer behind a firewall
US20080263126A1 (en) Internet bridge for applications and web servers
CN101267299A (en) A method and system for securely display data on the webpage
US20080140841A1 (en) Method and apparatus for detecting the IP address of a computer, and location information associated therewith
CN102129528A (en) WEB page tampering identification method and system
CN102064966A (en) Configuration method, server, equipment and system
CN103200215A (en) Method achieving XenServer virtual machine remote control on https
CN103701805A (en) Method and device for detecting weak password in network
US20150188906A1 (en) Multi-domain applications with authorization and authentication in cloud environment
CN101557403A (en) Website login method, device and system
US20120254622A1 (en) Secure Access to Electronic Devices
CN103297410A (en) Account intercommunication system and using method thereof

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
GR01