CN104426834A - Webpage requesting method, client, server and system - Google Patents

Webpage requesting method, client, server and system Download PDF

Info

Publication number
CN104426834A
CN104426834A CN201310362417.8A CN201310362417A CN104426834A CN 104426834 A CN104426834 A CN 104426834A CN 201310362417 A CN201310362417 A CN 201310362417A CN 104426834 A CN104426834 A CN 104426834A
Authority
CN
China
Prior art keywords
web
client
information
dynamically verifying
page server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310362417.8A
Other languages
Chinese (zh)
Other versions
CN104426834B (en
Inventor
玄立永
陈文杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201310362417.8A priority Critical patent/CN104426834B/en
Publication of CN104426834A publication Critical patent/CN104426834A/en
Application granted granted Critical
Publication of CN104426834B publication Critical patent/CN104426834B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

An embodiment of the invention discloses a webpage requesting method which comprises the following steps: a client obtains dynamic verification information generated by a webpage server; the client generates signature information according to the dynamic verification information, preset fixation verification information corresponding to the webpage server and current login user identify identification of the client; and the client sends a webpage request to the webpage server, wherein the webpage request carries the signature information so as to enable the webpage server to carry out signature verification on the signature information and carry out processing on the webpage request after the signature verification is successful. The embodiment of the invention also discloses the client and the webpage server for realizing the webpage request as well as a webpage requesting system. According to the webpage requesting method, client, server and system, safety of the client during sending the webpage request to the webpage server can be guaranteed, and privacy of webpage privacy content of a user can be guaranteed.

Description

A kind of web-page requests method, client, server and system
Technical field
The present invention relates to a kind of Internet technical field, particularly relate to a kind of web-page requests method, client, server and system.
Background technology
Along with the development of Internet technology, comprise instant communication client, SNS(Social NetworkingServices, social network services) client is increasingly comprehensive at interior client functionality, user can browse all kinds of information by the web-page requests function carried in client, some of them information belongs to the private information (information that such as user is customized or the upper undocumented information of About You) of individual subscriber, needs user can be accessed by authentication and browses.And for the consideration of ease for use, client can carry out user identification relevancy binding with web page contents supplier (passing through web page server), then each by web page server from client to this web page contents supplier send web-page requests time, the identify label of client self login user can be only provided, in own user database, the user identity of binding associated with it is searched by web page server, thus can process the web-page requests that client sends, avoid the operations such as the login authentication all needing when at every turn browsing private information to carry out.
There is following defect in the scheme of carrying out web-page requests by client above: because client is to only needing during web server request webpage to provide login user identify label, if the User Identity leaking data that user uses when client logs, just likely cause by the private information be maliciously used for web server request user, cause the privacy of user to be revealed.
Summary of the invention
In view of this, the embodiment of the present invention provides a kind of web-page requests method, client, server and system, can avoid the leakage of the private information caused because of the login user identify label leakage of client.
In order to solve the problems of the technologies described above, embodiments provide a kind of web-page requests method, described web-page requests method comprises:
Client obtains the dynamically verifying information that web page server generates;
The login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client of described client generates signing messages;
Described client sends web-page requests to described web page server, carries described signing messages in described web-page requests, carries out signature verification and process described web-page requests after signature verification success to make described web page server to signing messages.
Correspondingly, the embodiment of the present invention additionally provides a kind of client realizing web-page requests, and described client comprises:
Multidate information acquisition module, for obtaining the dynamically verifying information that web page server generates;
Signing messages generation module, generates signing messages for the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client;
Web-page requests sending module, for sending web-page requests to described web page server, carry described signing messages in described web-page requests, to make described web page server signature verification carried out to signing messages and after signature verification success, described web-page requests processed.
Accordingly, the embodiment of the present invention additionally provides a kind of web page server, it is characterized in that, described web page server comprises:
Multidate information sending module, for generating and issuing dynamically verifying information to client;
Authorization information preserves module, for the fixing authorization information corresponding with described web page server of preserving described dynamically verifying information and preset;
Web-page requests acquisition module, for obtaining the web-page requests that described client sends, described web-page requests comprises the signing messages that the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client of described client generates;
Request processing module, for carrying out signature verification to signing messages and processing described web-page requests after signature verification success.
Accordingly, the embodiment of the present invention additionally provides a kind of web-page requests system, and described web-page requests system comprises client as previously described and web page server, wherein:
Described client is for obtaining dynamically verifying information; The login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client generates signing messages; Send web-page requests to described web page server, in described web-page requests, carry described signing messages;
Described web page server is used for generating and issuing dynamically verifying information to client, obtains the web-page requests that client sends, and carries out signature verification and process described web-page requests after signature verification success signing messages.
The embodiment of the present invention is passed through to carry the signing messages generated according to dynamically verifying information and fixing authorization information in the web-page requests sent to web page server in client, ensure that client sends the fail safe of web-page requests to web page server, guarantee that the privacy of the webpage private content of user is protected.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of a kind of web-page requests method in the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of the web-page requests method in another embodiment of the present invention;
Fig. 3 is the schematic flow sheet of the web-page requests method in further embodiment of this invention;
Fig. 4 is a kind of structural representation realizing the client of web-page requests in the embodiment of the present invention;
Fig. 5 is the structural representation of the multidate information acquisition module of client in the embodiment of the present invention;
Fig. 6 is the structural representation of a kind of web page server in the embodiment of the present invention;
Fig. 7 is the structural representation of the multidate information sending module of web page server in the embodiment of the present invention;
Fig. 8 is the structural representation of the request processing module of web page server in the embodiment of the present invention;
Fig. 9 is the structural representation of a kind of web-page requests system in the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Client in the embodiment of the present invention can be PC, mobile phone, panel computer, Digital Television, car-mounted terminal, programmatic client in the internet terminal such as smart mobile phone or intelligent television, such as instant communication client can be comprised, SNS client side, multimedia client etc., user can log in the instant communication server corresponding with described client by account in described client, SNS server, multimedia server, then web-page requests is sent to obtain corresponding web page contents by client to web page server, described web page server can be the background server of web page contents supplier, its server corresponding with described client is in advance set up associating of user profile and is bound.
Fig. 1 is the schematic flow sheet of a kind of web-page requests method in the embodiment of the present invention, and the web-page requests method as shown in the figure in the present embodiment can comprise:
S101, client obtains the dynamically verifying information that web page server generates.
Concrete, described dynamically verifying information can get from web page server for client, such as client according to user instruction to immediately asking to obtain from web page server during web server request web page contents, also can be that client gets from web page server in advance, such as web page server carries when this returns asked web content data to client the dynamically verifying information once providing client to use.Described dynamically verifying information can the such as information in order to carry out authentication such as dynamic password, password, character string, can preset the term of validity (or effective degree), such as only this use effectively, use 5 times effectively, effective in one week or one month.
S102, the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client of described client generates signing messages.
Concrete, the character string in order to jointly to carry out authentication in conjunction with dynamically verifying information such as fixed password, password that the described default fixing authorization information corresponding with described web page server can be arranged for the background server of described client and web page server, is kept in client and web page server after agreement respectively.When receiving user instruction or client process automatically triggers needs to web page server transmission web-page requests, the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client can combine the algorithm preset and generates signing messages, such as, adopt described dynamically verifying information and fixing authorization information to combine default cryptographic algorithm and login user identify label is encrypted.
S103, described client sends web-page requests to described web page server, carries described signing messages in described web-page requests, carries out signature verification and process described web-page requests after signature verification success to make described web page server to signing messages.
In specific implementation, described web-page requests can be to destination server acquisition request targeted web content, request compiling objective web page contents or upload web content data and ask the information-setting by user of the relative users revising web page server.The web-page requests of carrying described signing messages is sent to web page server by client, after web page server receives web-page requests, first signature verification can be carried out to signing messages, fixing authorization information corresponding to client and send to the dynamically verifying information of client to combine default inverse algorithm in advance to verify signing messages in advance can be called, such as adopt described dynamically verifying information and fixing authorization information to combine the decipherment algorithm preset to be decrypted signing messages, thus obtain login user identify label, and then search register itself user library and whether be present in validated user corresponding to the login user identify label of client, if exist, can by the signature verification to described web-page requests, thus web-page requests is processed, comprise the web page contents returning client-requested, according to the request editor web page contents of client or the information-setting by user etc. uploading web content data and the relative users according to the request amendment web page server of client.
Fig. 2 is the schematic flow sheet of the web-page requests method in another embodiment of the present invention, the present embodiment illustrates the implementation procedure of web-page requests method of the present invention to web server request secret web content data by client for user, can comprise as shown in the figure:
S201, client sends dynamically verifying information request message to web page server.
Concrete, before client needs to send web-page requests to web page server at every turn in the present embodiment, dynamically verifying information request message can be sent to web page server.In other embodiment, described dynamically verifying information also can be not only effective access times once or certain term of validity, client, when current dynamically verifying information still remains effective access times or is still in the term of validity, can continue use this dynamically verifying information to generate signing messages thus send web-page requests to web page server.
S202, web page server returns dynamically verifying information to client.
Concrete, web page server can generate dynamic authentication message according to described dynamically verifying information request message, and returns described dynamically verifying information to client.
S203, the client login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client generates signing messages.
Concrete, client the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client can combine the algorithm preset and generates signing messages, such as, adopt described dynamically verifying information and fixing authorization information to combine default cryptographic algorithm and be encrypted login user identify label.
S204, client sends web-page requests to described web page server, carries described signing messages in described web-page requests.
S205, web page server carries out signature verification according to fixing authorization information and dynamically verifying information to signing messages.Concrete, web page server can preserve the fixing authorization information of the server commitment corresponding with described client and current effective dynamically verifying information in the authorization information database preset, after receiving the web-page requests of client transmission, fixing authorization information corresponding to client and send to the dynamically verifying information of client to combine default inverse algorithm in advance to carry out signature verification to signing messages in advance can be called, such as adopt described dynamically verifying information and fixing authorization information to combine the decipherment algorithm preset to be decrypted signing messages, thus obtain login user identify label, and then search register itself user library and whether be present in validated user corresponding to the login user identify label of client, if exist, can by the signature verification to described web-page requests.
S206, signature verification success, web page server nullifies described dynamically verifying information.
Concrete, web page server is after using the signing messages sending to the dynamically verifying information of client and fixing authorization information to carry the web-page requests that client sends in advance to carry out signature verification success, in authorization information database, this dynamically verifying information used can be nullified, it is invalid such as to be deleted or be set to, so just ensure that same dynamically verifying information only can use once, if the signing messages that client is generated by identical dynamically verifying information again sends web-page requests, web page server will confirm that this signing messages is illegal.In other embodiment, described dynamically verifying information also can be not only effective access times once or certain term of validity, web page server can judge whether this dynamically verifying information reaches effective access times upper limit or exceeded the term of validity, if then nullify this dynamically verifying information.
S207, web page server returns to client the web data that web-page requests asks.So far, the present embodiment achieves user by client to web server request secret web content data, and the web-page requests in the present embodiment is carried according to the fixing authorization information of making an appointment with only when secondary effective dynamically verifying information, ensure that the privacy of web page contents obtains safety guarantee.
Fig. 3 is the schematic flow sheet of the web-page requests method in further embodiment of this invention, the present embodiment still illustrates the implementation procedure of web-page requests method of the present invention to web server request secret web content data by client for user, can comprise as shown in the figure:
S301, client obtains the dynamically verifying information acquired in advance.Concrete, web page server in the present embodiment can issue the dynamically verifying information providing client to send web-page requests when returning web data or response message to client, client is kept in default file or storage area, when client receives user instruction or client process automatically triggers needs to web page server transmission web-page requests, first this dynamically verifying information can be obtained from the file preset or storage area.
S302, the client login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client generates signing messages.
Concrete, client the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client can combine the algorithm preset and generates signing messages, such as, adopt described dynamically verifying information and fixing authorization information to combine default cryptographic algorithm and be encrypted login user identify label.
S303, client sends web-page requests to described web page server, carries described signing messages in described web-page requests.
S304, web page server carries out signature verification according to fixing authorization information and dynamically verifying information to signing messages.Concrete, web page server can preserve the fixing authorization information of the server commitment corresponding with described client and current effective dynamically verifying information in the authorization information database preset, after the web-page requests receiving client transmission, fixing authorization information corresponding with client in advance can be called and send to the dynamically verifying information of client to combine the inverse algorithm preset in advance and signature verification is carried out to signing messages, such as adopt described dynamically verifying information and fixing authorization information to combine the decipherment algorithm preset to be decrypted signing messages, thus obtain login user identify label, and then search register itself user library and whether be present in validated user corresponding to the login user identify label of client, if exist, can by the signature verification to described web-page requests.
S305, signature verification success, web page server nullifies described dynamically verifying information.
Concrete, web page server is after using the signing messages sending to the dynamically verifying information of client and fixing authorization information to carry the web-page requests that client sends in advance to carry out signature verification success, the dynamically verifying information that this can be used is nullified, it is invalid such as to be deleted or be set to, so just ensure that same dynamically verifying information only can use once, if the signing messages that client is generated by identical dynamically verifying information again sends web-page requests, web page server will confirm that this signing messages is illegal.In other embodiment, described dynamically verifying information also can be not only effective access times once or certain term of validity, web page server can judge whether this dynamically verifying information reaches effective access times upper limit or exceeded the term of validity, if then nullify this dynamically verifying information.
S306, web page server returns to client the web data and new dynamically verifying information that web-page requests asks.Concrete, web page server in the present embodiment is after dynamically verifying information client used is nullified, new dynamically verifying information can be generated and send to client together with the web data returned to client, allow client can upper once initiate web-page requests time use this new dynamically verifying information.
Fig. 4 is a kind of structural representation realizing the client of web-page requests in the embodiment of the present invention, client in the embodiment of the present invention can be the programmatic client in the internet terminals such as PC, mobile phone, panel computer, Digital Television, car-mounted terminal, smart mobile phone or intelligent television, such as can comprise instant communication client, SNS client side, multimedia client etc., the client as shown in the figure in the embodiment of the present invention at least can comprise:
Multidate information acquisition module 410, for obtaining the dynamically verifying information that web page server generates.
In specific implementation, multidate information acquisition module 410 can obtain described dynamically verifying information from web page server, such as need immediately to ask to multidate information acquisition module 410 during web server request web page contents from web page server to obtain according to user instruction in client, also can be that multidate information acquisition module 410 gets from web page server in advance, such as web page server carries when this returns asked web content data to client the dynamically verifying information once providing client to use.Described dynamically verifying information can the such as information in order to carry out authentication such as dynamic password, password, character string, can preset the term of validity (or effective degree), such as only this use effectively, use 5 times effectively, effective in one week or one month.
In an alternative embodiment, described multidate information acquisition module 410 can comprise as shown in Figure 5 further:
Dynamic Information Requests unit 411, for sending dynamically verifying information request message to web page server, generates dynamically verifying information to make described web page server according to described dynamically verifying information request message;
Multidate information acquiring unit 412, for obtaining the described dynamically verifying information that web page server returns.
Signing messages generation module 420, generates signing messages for the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client.
In specific implementation, the character string in order to jointly to carry out authentication in conjunction with dynamically verifying information such as fixed password, password that the described default fixing authorization information corresponding with described web page server can be arranged for the background server of described client and web page server, is kept in client and web page server after agreement respectively.When receiving user instruction or client process automatically triggers needs to web page server transmission web-page requests, signing messages generation module 420 the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client can combine the algorithm preset and generates signing messages, and such as signing messages generation module 420 can adopt described dynamically verifying information and fixing authorization information to combine default cryptographic algorithm and be encrypted login user identify label.
Web-page requests sending module 430, for sending web-page requests to described web page server, carry described signing messages in described web-page requests, to make described web page server signature verification carried out to signing messages and after signature verification success, described web-page requests processed.
In specific implementation, described web-page requests can comprise to destination server acquisition request targeted web content, request compiling objective web page contents or upload web content data and ask the information-setting by user of the relative users revising web page server.The web-page requests of carrying described signing messages is sent to web page server by web-page requests sending module 430, after web page server receives web-page requests, first signature verification can be carried out to signing messages, fixing authorization information corresponding to client and send to the dynamically verifying information of client to combine default inverse algorithm in advance to verify signing messages in advance can be called, such as adopt described dynamically verifying information and fixing authorization information to combine the decipherment algorithm preset to be decrypted signing messages, thus obtain login user identify label, and then search register itself user library and whether be present in validated user corresponding to the login user identify label of client, if exist, can by the signature verification to described web-page requests, thus web-page requests is processed, comprise the web page contents returning client-requested, according to the request editor web page contents of client or the information-setting by user etc. uploading web content data and the relative users according to the request amendment web page server of client.
Fig. 6 is the structural representation of a kind of web page server in the embodiment of the present invention, and the web page server in the embodiment of the present invention can be the background server of web page contents supplier, and it at least can comprise as shown in the figure:
Multidate information sending module 610, for generating and issuing dynamically verifying information to client.
In specific implementation, multidate information sending module 610 can generate according to the request of client and issue dynamically verifying information to client, such as client sends dynamically verifying information request message to during web server request web page contents to web page server in each needs, and multidate information sending module 610 generates according to dynamically verifying information request message and issues dynamically verifying information to client; Also can be that dynamically verifying information and this are returned asked web content data to client and together send to client by multidate information sending module 610.Described dynamically verifying information can the such as information in order to carry out authentication such as dynamic password, password, character string, can preset the term of validity (or effective degree), such as only this use effectively, use 5 times effectively, effective in one week or one month.
In an alternative embodiment, the multidate information sending module 610 in the embodiment of the present invention may further include as shown in Figure 7:
Dynamic requests acquiring unit 611, for obtaining the dynamically verifying information request message that described client sends;
Multidate information generation unit 612, for generating according to described dynamically verifying information request message and returning described dynamically verifying information to described client.
Authorization information preserves module 620, for the fixing authorization information corresponding with described web page server of preserving described dynamically verifying information and preset.
In specific implementation, authorization information preserves module 620 can preserve the fixing authorization information of the server commitment corresponding with described client and current effective dynamically verifying information in the authorization information database preset.
Web-page requests acquisition module 630, for obtaining the web-page requests that described client sends, described web-page requests comprises the signing messages that the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client of described client generates.
In specific implementation, after multidate information sending module 610 issues dynamically verifying information to client, client the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client can generate signing messages, and sends the web-page requests of carrying described signing messages to web page server.The character string in order to jointly to carry out authentication in conjunction with dynamically verifying information such as fixed password, password that the described default fixing authorization information corresponding with described web page server can be arranged for the background server of described client and web page server, is kept in client and web page server after agreement respectively.
Request processing module 640, for carrying out signature verification to signing messages and processing described web-page requests after signature verification success.
In specific implementation, described web-page requests can be to destination server acquisition request targeted web content, request compiling objective web page contents or upload web content data and ask the information-setting by user of the relative users revising web page server.The web-page requests of carrying described signing messages is sent to web page server by client, after web-page requests acquisition module 630 receives web-page requests, request processing module 640 can carry out signature verification to signing messages, can preserve the authorization information that module 620 preserves from authorization information and call fixing authorization information corresponding to client and dynamically verifying information in advance and combine default inverse algorithm signing messages is verified, such as adopt described dynamically verifying information and fixing authorization information to combine the decipherment algorithm preset to be decrypted signing messages, thus obtain login user identify label, and then search register itself user library and whether be present in validated user corresponding to the login user identify label of client, if exist, can by the signature verification to described web-page requests, thus web-page requests is processed, the web page contents returning client-requested can be comprised, according to the request editor web page contents of client or the information-setting by user etc. uploading web content data and the relative users according to the request amendment web page server of client.
In an alternative embodiment, the request processing module 640 in the embodiment of the present invention may further include as shown in Figure 8:
Signature verification unit 641, for carrying out signature verification according to the fixing authorization information preset and described dynamically verifying information to the signing messages in described web-page requests;
Web data returns unit 642, for when described signature verification unit is to the signature verification of the signing messages in described web-page requests success, returns to client the web data that described web-page requests asks.
Further alternative, the request processing module 640 in the embodiment of the present invention can also comprise:
Multidate information nullifies unit 643, for when described signature verification module is successful to the signature verification of the signing messages in described web-page requests, nullifies described dynamically verifying information.
In specific implementation, after signature verification unit 641 uses the signing messages sending to the dynamically verifying information of client and fixing authorization information to carry the web-page requests that client sends in advance to carry out signature verification success, multidate information nullifies the dynamically verifying information cancellation that this can use by unit 643, it is invalid such as to be deleted or be set to, so just ensure that same dynamically verifying information only can use once, if the signing messages that client is generated by identical dynamically verifying information again sends web-page requests, signature verification unit 641 device will confirm that this signing messages is illegal.In other embodiment, described dynamically verifying information also can be not only effective access times once or certain term of validity, multidate information nullifies unit 643 can judge whether this dynamically verifying information reaches effective access times upper limit or exceeded the term of validity, if then nullify this dynamically verifying information.
In an alternative embodiment, after multidate information cancellation unit 643 nullifies described dynamically verifying information, described multidate information sending module 610 can be triggered and generate and issue new dynamically verifying information to client.
Fig. 9 is the structural representation of a kind of web-page requests system in the embodiment of the present invention, and the web-page requests system as shown in the figure in the embodiment of the present invention comprises client 910 and web page server 920, wherein:
Client as claimed in claims 6 or 7 and the web page server according to any one of claim 8 ~ 12, wherein:
Described client 910 can be the client realizing web-page requests of embodiment composition graphs 4 and Fig. 5 introduction above, for obtaining dynamically verifying information; The login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server 920 and client 910 generates signing messages; Send web-page requests to described web page server 920, in described web-page requests, carry described signing messages;
Described web page server 920 can be the web page server of embodiment composition graphs 6 ~ Fig. 8 introduction above, for generating and issuing dynamically verifying information to client 910, obtain the web-page requests that client 910 sends, signature verification is carried out to signing messages and after signature verification success, described web-page requests is processed.
The embodiment of the present invention is passed through to carry the signing messages generated according to dynamically verifying information and fixing authorization information in the web-page requests sent to web page server in client, ensure that client sends the fail safe of web-page requests to web page server, guarantee that the privacy of the webpage private content of user is protected.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
Above disclosedly be only present pre-ferred embodiments, certainly can not limit the interest field of the present invention with this, therefore according to the equivalent variations that the claims in the present invention are done, still belong to the scope that the present invention is contained.

Claims (13)

1. a web-page requests method, is characterized in that, described web-page requests method comprises:
Client obtains the dynamically verifying information that web page server generates;
The login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client of described client generates signing messages;
Described client sends web-page requests to described web page server, carries described signing messages in described web-page requests, to verify and process described web-page requests after being proved to be successful to make described web page server to signing messages.
2. web-page requests method as claimed in claim 1, is characterized in that, described web page server carries out signature verification to signing messages and carry out process to described web-page requests after signature verification success comprising:
Described web page server carries out signature verification according to the fixing authorization information preset and described dynamically verifying information to the signing messages in described web-page requests, if signature verification success, then web page server returns to client the web data that described web-page requests asks.
3. web-page requests method as claimed in claim 2, is characterized in that, after described web page server carries out signature verification to the signing messages in described web-page requests, if described signature verification success, then described web page server nullifies described dynamically verifying information.
4. web-page requests method as claimed in claim 3, it is characterized in that, described web page server also comprises after nullifying described dynamically verifying information:
Generate and send new dynamically verifying information to described client.
5. web-page requests method as claimed in claim 1, is characterized in that, described client obtains dynamically verifying information and comprises:
Client sends dynamically verifying information request message to web page server;
Client obtains web page server and generates and the described dynamically verifying information returned according to described dynamically verifying information request message.
6. realize a client for web-page requests, it is characterized in that, described client comprises:
Multidate information acquisition module, for obtaining the dynamically verifying information that web page server generates;
Signing messages generation module, generates signing messages for the login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client;
Web-page requests sending module, for sending web-page requests to described web page server, carry described signing messages in described web-page requests, to make described web page server signature verification carried out to signing messages and after signature verification success, described web-page requests processed.
7. client as claimed in claim 6, it is characterized in that, described multidate information acquisition module comprises:
Dynamic Information Requests unit, for sending dynamically verifying information request message to web page server, generates dynamically verifying information to make described web page server according to described dynamically verifying information request message;
Multidate information acquiring unit, for obtaining the described dynamically verifying information that web page server returns.
8. a web page server, is characterized in that, described web page server comprises:
Multidate information sending module, for generating and issuing dynamically verifying information to client;
Authorization information preserves module, for the fixing authorization information corresponding with described web page server of preserving described dynamically verifying information and preset;
Web-page requests acquisition module, for obtaining the web-page requests that described client sends, described web-page requests comprises the signing messages that the login user identify label current according to described dynamically verifying information, described fixing authorization information and client of described client generates;
Request processing module, for carrying out signature verification to signing messages and processing described web-page requests after signature verification success.
9. web page server as claimed in claim 8, it is characterized in that, described request processing module comprises:
Signature verification unit, for carrying out signature verification according to the fixing authorization information preset and described dynamically verifying information to the signing messages in described web-page requests;
Web data returns unit, for when described signature verification unit is to the signature verification of the signing messages in described web-page requests success, returns to client the web data that described web-page requests asks.
10. web page server as claimed in claim 9, it is characterized in that, described request processing module also comprises:
Multidate information nullifies unit, for when described signature verification module is successful to the signature verification of the signing messages in described web-page requests, nullifies described dynamically verifying information.
11. web page servers as claimed in claim 10, is characterized in that, described multidate information nullify unit also for:
After the described dynamically verifying information of cancellation, trigger described multidate information sending module and generate and issue new dynamically verifying information to client.
12. web page servers as claimed in claim 8, it is characterized in that, described multidate information sending module comprises:
Dynamic requests acquiring unit, for obtaining the dynamically verifying information request message that described client sends;
Multidate information generation unit, for generating according to described dynamically verifying information request message and returning described dynamically verifying information to described client.
13. 1 kinds of web-page requests systems, is characterized in that, described web-page requests system comprises client as claimed in claims 6 or 7 and the web page server according to any one of claim 8 ~ 12, wherein:
The dynamically verifying information that described client generates for obtaining described web page server; The login user identify label current according to described dynamically verifying information, the default fixing authorization information corresponding with described web page server and client generates signing messages; Send web-page requests to described web page server, in described web-page requests, carry described signing messages;
Described web page server is used for generating and issuing dynamically verifying information to client, obtains the web-page requests that client sends, and carries out signature verification and process described web-page requests after signature verification success signing messages.
CN201310362417.8A 2013-08-19 2013-08-19 A kind of web-page requests method, client, server and system Active CN104426834B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310362417.8A CN104426834B (en) 2013-08-19 2013-08-19 A kind of web-page requests method, client, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310362417.8A CN104426834B (en) 2013-08-19 2013-08-19 A kind of web-page requests method, client, server and system

Publications (2)

Publication Number Publication Date
CN104426834A true CN104426834A (en) 2015-03-18
CN104426834B CN104426834B (en) 2019-06-28

Family

ID=52974797

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310362417.8A Active CN104426834B (en) 2013-08-19 2013-08-19 A kind of web-page requests method, client, server and system

Country Status (1)

Country Link
CN (1) CN104426834B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106034134A (en) * 2015-03-19 2016-10-19 腾讯科技(深圳)有限公司 Method and device and auxiliary method and device for implementing identity authentication request in webpage application
CN106209748A (en) * 2015-05-08 2016-12-07 阿里巴巴集团控股有限公司 The means of defence of internet interface and device
CN107147675A (en) * 2017-06-25 2017-09-08 深圳市成星自动化系统有限公司 The auth method and system of feature based code
CN107846415A (en) * 2017-12-11 2018-03-27 北京奇虎科技有限公司 A kind of server log method and device
CN113590346A (en) * 2021-06-30 2021-11-02 荣耀终端有限公司 Method and electronic equipment for processing service request

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101197677A (en) * 2007-12-27 2008-06-11 腾讯科技(深圳)有限公司 Internet product login method and apparatus supporting extra parameter login
CN101286848A (en) * 2008-05-23 2008-10-15 杨筑平 Login authentication method and login signature procedure
CN101441689A (en) * 2007-11-23 2009-05-27 杨筑平 Login protection method
CN101527722A (en) * 2009-04-23 2009-09-09 腾讯科技(北京)有限公司 Method for logging in online game and system and login server
CN101651546A (en) * 2009-09-11 2010-02-17 福建天晴在线互动科技有限公司 Method for off-line generation of dynamic password and debarkation authentication and synchronization of server
US20120179539A1 (en) * 2005-10-06 2012-07-12 International Business Machines Corporation Pay-per-click fraud protection
CN102638346A (en) * 2012-05-12 2012-08-15 杭州迪普科技有限公司 Method and device for authorizing subscriber digital certificate
CN103117854A (en) * 2012-12-10 2013-05-22 涂国坚 Safe internet bank implementation method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120179539A1 (en) * 2005-10-06 2012-07-12 International Business Machines Corporation Pay-per-click fraud protection
CN101441689A (en) * 2007-11-23 2009-05-27 杨筑平 Login protection method
CN101197677A (en) * 2007-12-27 2008-06-11 腾讯科技(深圳)有限公司 Internet product login method and apparatus supporting extra parameter login
CN101286848A (en) * 2008-05-23 2008-10-15 杨筑平 Login authentication method and login signature procedure
CN101527722A (en) * 2009-04-23 2009-09-09 腾讯科技(北京)有限公司 Method for logging in online game and system and login server
CN101651546A (en) * 2009-09-11 2010-02-17 福建天晴在线互动科技有限公司 Method for off-line generation of dynamic password and debarkation authentication and synchronization of server
CN102638346A (en) * 2012-05-12 2012-08-15 杭州迪普科技有限公司 Method and device for authorizing subscriber digital certificate
CN103117854A (en) * 2012-12-10 2013-05-22 涂国坚 Safe internet bank implementation method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106034134A (en) * 2015-03-19 2016-10-19 腾讯科技(深圳)有限公司 Method and device and auxiliary method and device for implementing identity authentication request in webpage application
CN106034134B (en) * 2015-03-19 2019-12-20 腾讯科技(深圳)有限公司 Method, auxiliary method and device for carrying out identity authentication request in webpage application program
CN106209748A (en) * 2015-05-08 2016-12-07 阿里巴巴集团控股有限公司 The means of defence of internet interface and device
CN106209748B (en) * 2015-05-08 2019-10-01 阿里巴巴集团控股有限公司 The means of defence and device of internet interface
CN107147675A (en) * 2017-06-25 2017-09-08 深圳市成星自动化系统有限公司 The auth method and system of feature based code
CN107846415A (en) * 2017-12-11 2018-03-27 北京奇虎科技有限公司 A kind of server log method and device
CN113590346A (en) * 2021-06-30 2021-11-02 荣耀终端有限公司 Method and electronic equipment for processing service request

Also Published As

Publication number Publication date
CN104426834B (en) 2019-06-28

Similar Documents

Publication Publication Date Title
US11539687B2 (en) Message right management method, device and storage medium
CN106682028B (en) Method, device and system for acquiring webpage application
US20210117517A1 (en) Systems for Secure Enterprise-Wide Fine-Grained Role-Based Access Control of Organizational Assets
CN108632253B (en) Client data security access method and device based on mobile terminal
US9607143B2 (en) Provisioning account credentials via a trusted channel
US10171449B2 (en) Account login method and device
US9769654B2 (en) Method of implementing a right over a content
CN106487763B (en) Data access method based on cloud computing platform and user terminal
CN104580074A (en) Logging method of client end application and corresponding server of logging method
CN113347206A (en) Network access method and device
CN104572263A (en) Page data interaction method, related device and system
CN106953831A (en) A kind of authorization method of user resources, apparatus and system
US11470067B1 (en) Secure authentication of devices
CN103561040A (en) File downloading method and system
CN106254319B (en) Light application login control method and device
CN104426834A (en) Webpage requesting method, client, server and system
CN104348895A (en) Method and device for sharing data among programs in mobile terminal
CN105577619B (en) Client login method, client and system
CN113542201A (en) Access control method and device for Internet service
CN113259342A (en) Login verification method, device, computer equipment and medium
CN101702724A (en) Safe control method and device of network access
US20120284781A1 (en) System and method for user friendly detection of spammers
CN104009955B (en) A kind of processing method of associated person information, device and system
CN104113511A (en) IMS network access method, system, and correlative device
CN104702650A (en) Method and device for acquiring application pages

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant