CN104468592A - Login method and system - Google Patents
Login method and system Download PDFInfo
- Publication number
- CN104468592A CN104468592A CN201410773177.5A CN201410773177A CN104468592A CN 104468592 A CN104468592 A CN 104468592A CN 201410773177 A CN201410773177 A CN 201410773177A CN 104468592 A CN104468592 A CN 104468592A
- Authority
- CN
- China
- Prior art keywords
- host application
- login
- sessions information
- login sessions
- identification string
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a login method and system. The method includes the steps that a first host application program is loaded in a mobile terminal, a page is loaded through a browser, and a login module is arranged in the page; when the operation that a user triggers the page loaded through the browser is received, the login module sends a request message to the first host application program, the browser sends a poll request to a server, and the request message has an identification string; the first host application program awakens a second host application program and sends the identification string to the second host application program; the second host application program obtains login session information of the user and sends the login session information and the identification string to the server so that the corresponding relation between the login session information and the identification string can be established; the server obtains the login session information according to the poll request message and the corresponding relation and sends the login session information to the browser so that the browser can load the login session information. Login experience of the user on the mobile Web page can be promoted through the method.
Description
Technical field
The present invention relates to Internet technical field, particularly relate to a kind of login method and login system.
Background technology
At present, when using Web app (system of sing on web and application) in user's browser on mobile terminals (as mobile phone browser), if Web app needs to log in, then mobile terminal can pass through page reorientation, or loaded by floating layer, or the unified login page provided by the user account number system of described Web app service provider is provided by new open any browser window, user is on this page by inputting the authentication information such as account name, account password and submitting to logon form with the certification of completing user account number and login.
There is following problem at present:
(1) all need time owing to logging at every turn to load the Web page once providing user's login interface, in the environment that network speed is very slow, as under 2G network, the speed loading Web page can be very slow, makes the sign-in experience extreme difference of user;
(2) most of mobile browser is because the restriction of the screen size of mobile device itself, generally all be difficult to the URL of the Web page of current loading (Uniform Resource Locator, URL(uniform resource locator)) address is intactly presented to user and sees, partial view device even can not show this URL address on one's own initiative, this fishing website of also doing evil to major part is provided convenience, when user is strayed into fishing website and is directed into the login page of a forgery, account authentication information will be inputted (as user name because of on this fishing page, password) and cause account to be revealed, and then cause irremediable property loss or privacy of user to be revealed,
(3) when certain Mobile solution has Native app (APP based on local (operating system) is run) and this two kinds of forms of Web app, if when user logs in Native app wherein, use in mobile browser wherein Web app and need log in time, mode by defeated user name, password in the Web log in page that provides at the server that this Mobile solution is corresponding is still provided, namely at least try again register, the operating procedure of adding users, causes Consumer's Experience to be deteriorated.
Summary of the invention
Object of the present invention is intended to solve one of above-mentioned technical problem at least to a certain extent.
For this reason, first object of the present invention is to propose a kind of login method.The method by login sessions information existing in multiplexing mobile native applications to reduce repetitive operation, for Web page, eliminate the operating procedure that user's login interface is provided, thus improve the loading velocity of login interface, and then improve the sign-in experience of the user on the mobile Web page.
Second object of the present invention is to propose a kind of login system.
To achieve these goals, the login method of first aspect present invention embodiment, comprising: load the first host application in the terminal, and by browser load page, wherein, has login module in the described page; When receiving user and carrying out trigger action to the page that browser loads, described login module sends a request message to described first host application, and described browser sends polling request to server, and wherein, described request message has identification string; Described first host application wakes the second host application up, and described identification string is sent to described second host application; Described second host application obtains the login sessions information of user in described second host application, and described login sessions information and described identification string is sent to described server to set up the corresponding relation between described login sessions information and described identification string; And described server obtains described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string and is sent to described browser, load described login sessions information to make described browser.
The login method of the embodiment of the present invention, load the first host application in the terminal, and by browser load page, in the page, there is login module, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, request message has identification string, first host application wakes the second host application up, and identification string is sent to the second host application, second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, login sessions information is loaded to make browser, to complete the register of the page that browser loads, namely when user carries out trigger action at the page that browser loads, directly pass through the first host application and the second host application by the login module in the page of loading, obtain the subscriber sign-in conversation information of second host application of preserving in server, by login sessions information existing in multiplexing mobile native applications to reduce repetitive operation, for Web page, eliminate the operating procedure that user's login interface is provided, thus improve the loading velocity of login interface, and then improve the sign-in experience of the user on the mobile Web page.
To achieve these goals, the login system of second aspect present invention embodiment, comprise: mobile terminal, first host application, server and the second host application, wherein, described mobile terminal, for loading described first host application in described mobile terminal, and by browser load page, wherein, in the described page, there is login module, and when receiving user and carrying out trigger action to the page that browser loads, described login module sends a request message to described first host application, and described browser sends polling request to described server, wherein, in described request message, there is identification string, described first host application, for waking described second host application up, and is sent to described second host application by described identification string, described second host application, for obtaining the login sessions information of user in described second host application, and described login sessions information and described identification string are sent to described server to set up the corresponding relation between described login sessions information and described identification string, and described server, being sent to described browser for obtaining described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string, loading described login sessions information to make described browser.
The login system of the embodiment of the present invention, load the first host application in the terminal, and by browser load page, in the page, there is login module, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, request message has identification string, first host application wakes the second host application up, and identification string is sent to the second host application, second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, login sessions information is loaded to make browser, to complete the register of the page that browser loads, namely when user carries out trigger action at the page that browser loads, directly pass through the first host application and the second host application by the login module in the page of loading, obtain the subscriber sign-in conversation information of second host application of preserving in server, by login sessions information existing in multiplexing mobile native applications to reduce repetitive operation, for Web page, eliminate the operating procedure that user's login interface is provided, thus improve the loading velocity of login interface, and then improve the sign-in experience of the user on the mobile Web page.
The aspect that the present invention adds and advantage will part provide in the following description, and part will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
The present invention above-mentioned and/or additional aspect and advantage will become obvious and easy understand from the following description of the accompanying drawings of embodiments, wherein,
Fig. 1 is the flow chart of login method according to an embodiment of the invention;
Fig. 2 is the exemplary plot of login method according to an embodiment of the invention;
Fig. 3 is the flow chart of login method in accordance with another embodiment of the present invention; And
Fig. 4 is the structural representation of login system according to an embodiment of the invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Be exemplary below by the embodiment be described with reference to the drawings, be intended to for explaining the present invention, and can not limitation of the present invention be interpreted as.
Below with reference to the accompanying drawings login method and the login system of the embodiment of the present invention are described.
The embodiment of the present invention proposes a kind of login method, comprising: load the first host application in the terminal, and by browser load page, wherein, has login module in the page; When receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, and wherein, request message has identification string; First host application wakes the second host application up, and identification string is sent to the second host application; Second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string is sent to server to set up the corresponding relation between login sessions information and identification string; And server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, load login sessions information to make browser.
Fig. 1 is the flow chart of login method according to an embodiment of the invention.Fig. 2 is the exemplary plot of login method according to an embodiment of the invention.Below in conjunction with Fig. 1 and Fig. 2, the login method of the embodiment of the present invention is described.As depicted in figs. 1 and 2, this login method can comprise:
S101, loads the first host application in the terminal, and by browser load page, wherein, has login module in the page.
Wherein, in an embodiment of the present invention, mobile terminal can be the hardware device that mobile phone, panel computer, personal digital assistant etc. have various operating system.
Particularly, when detecting that user installs on mobile terminals and after starting the first host application, can load this first host application in the terminal, and load Web page by browser.Wherein, in an embodiment of the present invention, in this Web page, there is login module.
S102, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, and wherein, request message has identification string.
Wherein, in an embodiment of the present invention, the first host application can have server module.That is, built-in local HTTP (Hypertext transfer protocol can be had in first host application, HTTP) server module, the first host application carries out network intercepting to receive the HTTP request message sent from the browser on mobile terminal by this built-in local http server module on the local network port preset.
Particularly, when receiving user and carrying out trigger action (as register, buying operation, upload operation, down operation etc.) to the Web page that browser loads, login module in the Web page of this loading, by the local HTTP interface of the local http server module opening in the first host application, sends HTTP request message (S1 as in Fig. 2) to the local http server module in the first host application.Wherein, in an embodiment of the present invention, server corresponding to this Web page can be carried in this HTTP request message and output to an encrypted characters string in this Web page.In addition, in an embodiment of the present invention, the URL address format of above-mentioned local HTTP interface can be " http: // 127.0.0.1:{ preset local network port }/{ url path }? { url parameter } ".And Web page is after sending HTTP request message to the local http server module of the first host application, send identification string to obtain subscriber sign-in conversation information (S2 as in Fig. 2) by polling request to server.
Should be appreciated that in an embodiment of the present invention, polling request can be regarded as and sends inquiry request by browser to server timing, and inquiry server is served the need of it, has and namely serves.
S103, the first host application wakes the second host application up, and identification string is sent to the second host application.
Wherein, in an embodiment of the present invention, the second host application can have single-sign-on module.
Particularly, when the first host application by built-in local http server module preset local network port on carry out network intercepting with receives login module transmission HTTP request message after, first host application first can obtain the identification string in this HTTP request bag, send by the communication mechanism that the operating system of mobile terminal is built-in the request (S3 as in Fig. 2) waking the built-in single-sign-on module of the second host application up to system afterwards, in this required parameter, carry identification string.Wherein, in an embodiment of the present invention, the first host application can wake the second host application up, and request message is sent to the single-sign-on module of the second host application.
It should be noted that, because second host application in mobile terminal with built-in single-sign-on module may have multiple, specifically arouse the single-sign-on module in which host application, can be specified by the configuration parameter preset in local http server module, can also be specified by the URL parameter be sent in the HTTP request of local http server module.
S104, the second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string is sent to server to set up the corresponding relation between login sessions information and identification string.
Further, in one embodiment of the invention, before the second host application obtains the login sessions information of user in the second host application, this login method also can comprise: judge whether user logs in the second host application; If judge that user has logged in the second host application, then the second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string is sent to server to set up the corresponding relation between login sessions information and identification string; If judge that user does not log in the second host application, then user is guided to log in.Thus, ensure that the login sessions information of the user that can get the second host application.
Particularly, after single-sign-on module in second host application is aroused, first can judge whether active user has logged in the second host application, if log in, then obtain the login sessions information of user in the second host application (as session id (IDentity, the identification number of session), user ID (IDentity, the identify label number of user), user name/account name, password etc.), otherwise first guide user to carry out logging in (S4 as in Fig. 2) in the second host application, and after logining successfully, obtain the login sessions information (S5 as in Fig. 2) of user, then server is sent to set up its corresponding relation (S6 as in Fig. 2) by login sessions information and by the identification string that the request bag transmission arousing single-sign-on module is come in.
S105, server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, loads login sessions information to make browser.
Specifically, in an embodiment of the present invention, server first can obtain the identification string in PollingRequest message, the corresponding relation of login sessions information and identification string can be inquired about to obtain corresponding login sessions information afterwards according to identification string, then according to the automatic login page of login sessions information, and obtain the login sessions information after logging in, and the login sessions information after logging in is sent to browser by the response of polling request, load this login sessions information to make browser.
More specifically, server is when receiving the polling request that Web page sends, first can obtain the identification string in this PollingRequest message, from the database server or buffer service, corresponding login sessions information is obtained afterwards according to this identification string, then be that user completes the automatic login process in Web page according to login sessions information, and generate one and be applicable to the new login sessions information of Web page and returned to Web page (S7 as in Fig. 2).
Web page on browser is after receiving the login sessions information that server returns, be set in user Cookie corresponding to the domain name of Web page place (its in order to distinguish user identity, conversate and follow the tracks of and the data that are stored on user local terminal), and the respective handling work after completing user login, such as, in the Web page needing user to see after jumping to login.
It should be noted that, in an embodiment of the present invention, the first host application and the second host application can be mobile native application, also can be 2 and independently move native application.
The login method of the embodiment of the present invention, load the first host application in the terminal, and by browser load page, in the page, there is login module, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, request message has identification string, first host application wakes the second host application up, and identification string is sent to the second host application, second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, login sessions information is loaded to make browser, to complete the register of the page that browser loads, namely when user carries out trigger action at the page that browser loads, directly pass through the first host application and the second host application by the login module in the page of loading, obtain the subscriber sign-in conversation information of second host application of preserving in server, by login sessions information existing in multiplexing mobile native applications to reduce repetitive operation, for Web page, eliminate the operating procedure that user's login interface is provided, thus improve the loading velocity of login interface, and then improve the sign-in experience of the user on the mobile Web page.
Fig. 3 is the flow chart of login method in accordance with another embodiment of the present invention.
It should be noted that in an embodiment of the present invention, request address, source (i.e. RefererURL) in polling request, can be had.In order to avoid fishing website forges request message, improve fail safe, to obtain before login sessions information is sent to browser according to the corresponding relation of PollingRequest message and login sessions information and identification string at server, also can judge to ask address, source whether within the scope of the white list preset, if, then obtain login sessions information further and be sent to browser.Particularly, as shown in Figure 3, this login method can comprise:
S301, loads the first host application in the terminal, and by browser load page, wherein, has login module in the page.
S302, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, and wherein, request message has identification string.
S303, the first host application wakes the second host application up, and identification string is sent to the second host application.
S304, the second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string is sent to server to set up the corresponding relation between login sessions information and identification string.
S305, whether server judges to ask address, source within the scope of the white list preset.
Particularly, server, when receiving the polling request that Web page sends, can judge that the address, request source (i.e. refer originate the domain name of url) of this polling request is whether within the scope of default white list.It should be noted that, in an embodiment of the present invention, also judge whether effectively identification string in polling request by deciphering or the method such as parameters signatures verification, whether legal to judge this polling request, if illegal, then return corresponding error message.
S306, if judge that address, request source is within the scope of the white list preset, then server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string further and is sent to browser, loads login sessions information to make browser.
The login method of the embodiment of the present invention, to obtain before login sessions information is sent to browser according to the corresponding relation of PollingRequest message and login sessions information and identification string at server, also can judge to ask address, source whether within the scope of the white list preset, if, then obtain login sessions information further and be sent to browser, efficiently avoid fishing website and forge request message, improve fail safe.
In order to realize above-described embodiment, the invention allows for a kind of login system, comprise: mobile terminal, first host application, server and the second host application, wherein, mobile terminal, for loading the first host application in the terminal, and by browser load page, wherein, in the page, there is login module, and when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, wherein, in request message, there is identification string, first host application, for waking the second host application up, and is sent to the second host application by identification string, second host application, for obtaining the login sessions information of user in the second host application, and is sent to server to set up the corresponding relation between login sessions information and identification string by login sessions information and identification string, and server, being sent to browser for obtaining login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string, loading login sessions information to make browser.
Fig. 4 is the structural representation of login system according to an embodiment of the invention.As shown in Figure 4, this login system can comprise: mobile terminal 10, first host application 20, server 30 and the second host application 40.Wherein, in an embodiment of the present invention, mobile terminal 10 can be the hardware device that mobile phone, panel computer, personal digital assistant etc. have various operating system.
Particularly, mobile terminal 10 can be used for loading the first host application 20 in the terminal, and by browser load page, wherein, in the page, there is login module, and when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application 20, and browser sends polling request to server 30, wherein, in request message, there is identification string.
Wherein, in an embodiment of the present invention, the first host application 20 can have server module.That is, can have built-in local http server module in first host application 20, the first host application 20 carries out network intercepting to receive the HTTP request message sent from the browser on mobile terminal 10 by this built-in local http server module on the local network port preset.
More specifically, when detecting that user installs and after starting the first host application 20 on mobile terminal 10, mobile terminal 10 loads this first host application 20 in mobile terminal 10, and load Web page by browser, and trigger action is carried out (as register to the Web page that browser loads receiving user, buy operation, upload operation, down operation etc.) time, login module in the Web page of this loading is by the local HTTP interface of the local http server module opening in the first host application 20, HTTP request message is sent to the local http server module in the first host application 20.Wherein, in an embodiment of the present invention, server corresponding to this Web page can be carried in this HTTP request message and output to an encrypted characters string in this Web page.In addition, in an embodiment of the present invention, the URL address format of above-mentioned local HTTP interface can be " http: // 127.0.0.1:{ preset local network port }/{ url path }? { url parameter } ".And Web page, after sending HTTP request message to the local http server module of the first host application 20, sends identification string to obtain subscriber sign-in conversation information by polling request to server 30.
Should be appreciated that in an embodiment of the present invention, polling request can be regarded as and sends inquiry request by browser to server 30 timing, and inquiry server is served the need of it, has and namely serves.
First host application 20 can be used for waking the second host application 40 up, and identification string is sent to the second host application 40.Wherein, in an embodiment of the present invention, the second host application 40 can have single-sign-on module.
More specifically, the first host application 20 by built-in local http server module preset local network port on carry out network intercepting with receives login module transmission HTTP request message after, first host application 20 first can obtain the identification string in this HTTP request bag, send by the communication mechanism that the operating system of mobile terminal 10 is built-in the request waking the built-in single-sign-on module of the second host application 40 up to system afterwards, in this required parameter, carry identification string.Wherein, in an embodiment of the present invention, the first host application 20 can wake the second host application 40 up, and request message is sent to the single-sign-on module of the second host application 40.
It should be noted that, because second host application 40 in mobile terminal 10 with built-in single-sign-on module may have multiple, specifically arouse the single-sign-on module in which host application, can be specified by the configuration parameter preset in local http server module, can also be specified by the URL parameter be sent in the HTTP request of local http server module.
Second host application 40 can be used for for obtaining the login sessions information of user in the second host application 40, and login sessions information and identification string is sent to server 30 to set up the corresponding relation between login sessions information and identification string.Further, in one embodiment of the invention, before the second host application 40 obtains the login sessions information of user in the second host application 40, second host application 40 also can be used for: judge whether user logs in the second host application 40, and when judging that user has logged in the second host application 40, obtain the login sessions information of user in the second host application 40, and login sessions information and identification string are sent to server 30 to set up the corresponding relation between login sessions information and identification string, and when judging that user does not log in the second host application 40, user is guided to log in.
More specifically, after single-sign-on module in second host application 40 is aroused, first can judge whether active user has logged in the second host application 40, if log in, then obtain the login sessions information of user in the second host application 40 (as session id, user ID, user name/account name, password etc.), otherwise first guide user to log in the second host application 40, and after logining successfully, obtain the login sessions information of user, then send to server 30 to set up the corresponding relation between login sessions information and identification string by login sessions information and by the identification string that the request bag transmission arousing single-sign-on module is come in.
Server 30 can be used for obtaining login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, loads login sessions information to make browser.Specifically, in an embodiment of the present invention, server 30 first can obtain the identification string in PollingRequest message, and according to the corresponding relation of identification string inquiry login sessions information and identification string to obtain corresponding login sessions information, and according to the automatic login page of login sessions information, and obtain the login sessions information after logging in, and the login sessions information after logging in is sent to browser by the response of polling request.
More specifically, server 30 is when receiving the polling request that Web page sends, first can obtain the identification string in this PollingRequest message, from the database server 30 or buffer service, corresponding login sessions information is obtained afterwards according to this identification string, then be that user completes the automatic login process in Web page according to login sessions information, and generate one and be applicable to the new login sessions information of Web page and returned to Web page.
Web page on browser is after receiving the login sessions information that server 30 returns, be set in the user Cookie corresponding to the domain name of Web page place, and the respective handling work after completing user login, such as, in the Web page needing user to see after jumping to login.
Further, in one embodiment of the invention, address, request source can be had in polling request, to obtain before login sessions information is sent to browser according to the corresponding relation of PollingRequest message and login sessions information and identification string at server 30, whether server 30 also can be used for: judge to ask address, source within the scope of the white list preset, and when judging that address, request source is within the scope of the white list preset, obtaining login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string further and being sent to browser.
More specifically, server 30, when receiving the polling request that Web page sends, can judge that the address, request source (i.e. refer originate the domain name of url) of this polling request is whether within the scope of default white list.It should be noted that, in an embodiment of the present invention, also judge whether effectively identification string in polling request by deciphering or the method such as parameters signatures verification, whether legal to judge this polling request, if illegal, then return corresponding error message.If legal, then obtain login sessions information further and be sent to browser, load login sessions information to make browser.Thus, efficiently avoid fishing website and forge request message, improve fail safe.
It should be noted that, in an embodiment of the present invention, the first host application 20 and the second host application 40 can be mobile native application, also can be 2 and independently move native application.
The login system of the embodiment of the present invention, load the first host application in the terminal, and by browser load page, in the page, there is login module, when receiving user and carrying out trigger action to the page that browser loads, login module sends a request message to the first host application, and browser sends polling request to server, request message has identification string, first host application wakes the second host application up, and identification string is sent to the second host application, second host application obtains the login sessions information of user in the second host application, and login sessions information and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, server obtains login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string and is sent to browser, login sessions information is loaded to make browser, to complete the register of the page that browser loads, namely when user carries out trigger action at the page that browser loads, directly pass through the first host application and the second host application by the login module in the page of loading, obtain the subscriber sign-in conversation information of second host application of preserving in server, by login sessions information existing in multiplexing mobile native applications to reduce repetitive operation, for Web page, eliminate the operating procedure that user's login interface is provided, thus improve the loading velocity of login interface, and then improve the sign-in experience of the user on the mobile Web page.
In the description of this specification, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not must for be identical embodiment or example.And the specific features of description, structure, material or feature can combine in one or more embodiment in office or example in an appropriate manner.In addition, when not conflicting, the feature of the different embodiment described in this specification or example and different embodiment or example can carry out combining and combining by those skilled in the art.
In addition, term " first ", " second " only for describing object, and can not be interpreted as instruction or hint relative importance or imply the quantity indicating indicated technical characteristic.Thus, be limited with " first ", the feature of " second " can express or impliedly comprise at least one this feature.In describing the invention, the implication of " multiple " is at least two, such as two, three etc., unless otherwise expressly limited specifically.
Describe and can be understood in flow chart or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.
In flow charts represent or in this logic otherwise described and/or step, such as, the sequencing list of the executable instruction for realizing logic function can be considered to, may be embodied in any computer-readable medium, for instruction execution system, device or equipment (as computer based system, comprise the system of processor or other can from instruction execution system, device or equipment instruction fetch and perform the system of instruction) use, or to use in conjunction with these instruction execution systems, device or equipment.With regard to this specification, " computer-readable medium " can be anyly can to comprise, store, communicate, propagate or transmission procedure for instruction execution system, device or equipment or the device that uses in conjunction with these instruction execution systems, device or equipment.The example more specifically (non-exhaustive list) of computer-readable medium comprises following: the electrical connection section (electronic installation) with one or more wiring, portable computer diskette box (magnetic device), random access memory (RAM), read-only memory (ROM), erasablely edit read-only memory (EPROM or flash memory), fiber device, and portable optic disk read-only memory (CDROM).In addition, computer-readable medium can be even paper or other suitable media that can print described program thereon, because can such as by carrying out optical scanner to paper or other media, then carry out editing, decipher or carry out process with other suitable methods if desired and electronically obtain described program, be then stored in computer storage.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If described integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.
The above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.Although illustrate and describe embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, and those of ordinary skill in the art can change above-described embodiment within the scope of the invention, revises, replace and modification.
Claims (10)
1. a login method, is characterized in that, comprises the following steps:
Load the first host application in the terminal, and by browser load page, wherein, in the described page, there is login module;
When receiving user and carrying out trigger action to the page that browser loads, described login module sends a request message to described first host application, and described browser sends polling request to server, and wherein, described request message has identification string;
Described first host application wakes the second host application up, and described identification string is sent to described second host application;
Described second host application obtains the login sessions information of user in described second host application, and described login sessions information and described identification string is sent to described server to set up the corresponding relation between described login sessions information and described identification string; And
Described server obtains described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string and is sent to described browser, loads described login sessions information to make described browser.
2. login method as claimed in claim 1, it is characterized in that, there is in described polling request address, request source, to obtain before described login sessions information is sent to described browser according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string at described server, described method also comprises:
Described server judges that address, described request source is whether within the scope of the white list preset;
If judge that address, described request source is within the scope of described default white list, then described server obtains described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string further and is sent to described browser.
3. login method as claimed in claim 1, is characterized in that, before described second host application obtains the login sessions information of user in described second host application, described method also comprises:
Judge whether described user logs in described second host application;
If judge that described user has logged in described second host application, then described second host application obtains the login sessions information of user in described second host application, and described login sessions information and described identification string is sent to described server to set up the corresponding relation between described login sessions information and described identification string;
If judge that described user does not log in described second host application, then described user is guided to log in.
4. login method as claimed in claim 1, it is characterized in that, described first host application has server module, described second host application has single-sign-on module, wherein, described request message is sent to the server module of described first host application by described login module, and described first host application is waken described second host application up and described request message is sent to the single-sign-on module of described second host application.
5. login method as claimed in claim 1, is characterized in that, described server obtains described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string and is sent to described browser and specifically comprises:
Described server obtains the identification string in described PollingRequest message;
Described server inquires about the corresponding relation of described login sessions information and described identification string to obtain corresponding login sessions information according to described identification string; And
Described server logs in the described page automatically according to described login sessions information, and obtains the login sessions information after logging in, and the login sessions information after logging in is sent to described browser by the response of described polling request.
6. a login system, is characterized in that, comprising: mobile terminal, the first host application, server and the second host application, wherein,
Described mobile terminal, for loading described first host application in described mobile terminal, and by browser load page, wherein, in the described page, there is login module, and when receiving user and carrying out trigger action to the page that browser loads, described login module sends a request message to described first host application, and described browser sends polling request to described server, wherein, has identification string in described request message;
Described first host application, for waking described second host application up, and is sent to described second host application by described identification string;
Described second host application, for obtaining the login sessions information of user in described second host application, and described login sessions information and described identification string are sent to described server to set up the corresponding relation between described login sessions information and described identification string; And
Described server, being sent to described browser for obtaining described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string, loading described login sessions information to make described browser.
7. login system as claimed in claim 6, it is characterized in that, there is in described polling request address, request source, to obtain before described login sessions information is sent to described browser according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string at described server, described server also for: judge that address, described request source is whether within the scope of the white list preset, and when judging that address, described request source is within the scope of described default white list, obtain described login sessions information according to the corresponding relation of described PollingRequest message and described login sessions information and described identification string further and be sent to described browser.
8. login system as claimed in claim 6, it is characterized in that, before described second host application obtains the login sessions information of user in described second host application, described second host application also for: judge whether described user logs in described second host application, and when judging that described user has logged in described second host application, obtain the login sessions information of user in described second host application, and described login sessions information and described identification string are sent to described server to set up the corresponding relation between described login sessions information and described identification string, and when judging that described user does not log in described second host application, described user is guided to log in.
9. login system as claimed in claim 6, it is characterized in that, described first host application has server module, described second host application has single-sign-on module, wherein, described request message is sent to the server module of described first host application by described login module, and described first host application is waken described second host application up and described request message is sent to the single-sign-on module of described second host application.
10. login system as claimed in claim 6, it is characterized in that, described server specifically for: obtain the identification string in described PollingRequest message, and inquire about the corresponding relation of described login sessions information and described identification string to obtain corresponding login sessions information according to described identification string, and automatically log in the described page according to described login sessions information, and obtain the login sessions information after logging in, and the login sessions information after logging in is sent to described browser by the response of described polling request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410773177.5A CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410773177.5A CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104468592A true CN104468592A (en) | 2015-03-25 |
| CN104468592B CN104468592B (en) | 2017-10-31 |
Family
ID=52913964
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410773177.5A Active CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104468592B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105812350A (en) * | 2016-02-03 | 2016-07-27 | 北京中搜云商网络技术有限公司 | Cross-platform single-point registration system |
| WO2017045563A1 (en) * | 2015-09-17 | 2017-03-23 | 阿里巴巴集团控股有限公司 | Web app access method, apparatus, and system |
| CN107306268A (en) * | 2016-04-22 | 2017-10-31 | 西门子公司 | Communicated by wide area network by using specific agreement |
| CN107786528A (en) * | 2016-08-31 | 2018-03-09 | 阿里巴巴集团控股有限公司 | The login method and device of application, communication system |
| CN107979575A (en) * | 2016-10-25 | 2018-05-01 | 中华电信股份有限公司 | Certificate server and on-line identification method on line |
| CN107995245A (en) * | 2016-10-27 | 2018-05-04 | 腾讯科技(深圳)有限公司 | The method and terminal of a kind of resource-sharing |
| CN109450777A (en) * | 2018-12-28 | 2019-03-08 | 苏州开心盒子软件有限公司 | Session information extracting method, device, equipment and medium |
| CN109558739A (en) * | 2017-09-26 | 2019-04-02 | 腾讯科技(深圳)有限公司 | Program operating method, device, terminal and readable medium |
| CN110297663A (en) * | 2018-03-21 | 2019-10-01 | 阿里巴巴集团控股有限公司 | Awakening method, device, terminal and the medium of application program |
| CN110826035A (en) * | 2019-10-08 | 2020-02-21 | 云深互联(北京)科技有限公司 | Method, device and system for rapidly logging in browser and storage medium |
| CN111885152A (en) * | 2020-07-21 | 2020-11-03 | 上海连尚网络科技有限公司 | Promotion information processing method, electronic device and computer-readable storage medium |
| CN112787829A (en) * | 2019-11-05 | 2021-05-11 | 阿里巴巴集团控股有限公司 | Task processing method and device and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101378400A (en) * | 2007-08-30 | 2009-03-04 | 国际商业机器公司 | Method, server and system for polymerizing desktop application and Web application |
| CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
| CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
| CN102638454A (en) * | 2012-03-14 | 2012-08-15 | 武汉理工大学 | Plug-in type SSO (single signon) integration method oriented to HTTP (hypertext transfer protocol) identity authentication protocol |
| CN103188237A (en) * | 2011-12-30 | 2013-07-03 | 盛大计算机(上海)有限公司 | Single sign-on system and single sign-on method |
| CN104113534A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | System and method for logging in applications (APPs) |
-
2014
- 2014-12-12 CN CN201410773177.5A patent/CN104468592B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101378400A (en) * | 2007-08-30 | 2009-03-04 | 国际商业机器公司 | Method, server and system for polymerizing desktop application and Web application |
| CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
| CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
| CN103188237A (en) * | 2011-12-30 | 2013-07-03 | 盛大计算机(上海)有限公司 | Single sign-on system and single sign-on method |
| CN102638454A (en) * | 2012-03-14 | 2012-08-15 | 武汉理工大学 | Plug-in type SSO (single signon) integration method oriented to HTTP (hypertext transfer protocol) identity authentication protocol |
| CN104113534A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | System and method for logging in applications (APPs) |
Non-Patent Citations (2)
| Title |
|---|
| 吴茂传 等: ""基于Web的单点登录技术在企业集成中的应用"", 《淮海工学院学报(自然科学版)》 * |
| 雷传锐: ""基于CAS的跨平台安全单点登录服务的设计与实现"", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017045563A1 (en) * | 2015-09-17 | 2017-03-23 | 阿里巴巴集团控股有限公司 | Web app access method, apparatus, and system |
| CN105812350A (en) * | 2016-02-03 | 2016-07-27 | 北京中搜云商网络技术有限公司 | Cross-platform single-point registration system |
| CN107306268B (en) * | 2016-04-22 | 2020-08-07 | 西门子公司 | Communicating via application specific protocols over wide area networks |
| CN107306268A (en) * | 2016-04-22 | 2017-10-31 | 西门子公司 | Communicated by wide area network by using specific agreement |
| CN107786528A (en) * | 2016-08-31 | 2018-03-09 | 阿里巴巴集团控股有限公司 | The login method and device of application, communication system |
| CN107786528B (en) * | 2016-08-31 | 2020-09-22 | 阿里巴巴集团控股有限公司 | Application login method and device and communication system |
| CN107979575A (en) * | 2016-10-25 | 2018-05-01 | 中华电信股份有限公司 | Certificate server and on-line identification method on line |
| CN107995245B (en) * | 2016-10-27 | 2019-03-15 | 腾讯科技(深圳)有限公司 | A kind of method and terminal of resource-sharing |
| CN107995245A (en) * | 2016-10-27 | 2018-05-04 | 腾讯科技(深圳)有限公司 | The method and terminal of a kind of resource-sharing |
| CN109558739A (en) * | 2017-09-26 | 2019-04-02 | 腾讯科技(深圳)有限公司 | Program operating method, device, terminal and readable medium |
| CN109558739B (en) * | 2017-09-26 | 2022-04-15 | 腾讯科技(深圳)有限公司 | Program running method and device, terminal and readable medium |
| CN110297663A (en) * | 2018-03-21 | 2019-10-01 | 阿里巴巴集团控股有限公司 | Awakening method, device, terminal and the medium of application program |
| CN110297663B (en) * | 2018-03-21 | 2022-10-04 | 阿里巴巴集团控股有限公司 | Application program awakening method, device, terminal and medium |
| CN109450777A (en) * | 2018-12-28 | 2019-03-08 | 苏州开心盒子软件有限公司 | Session information extracting method, device, equipment and medium |
| CN109450777B (en) * | 2018-12-28 | 2021-09-17 | 苏州开心盒子软件有限公司 | Session information extraction method, device, equipment and medium |
| CN110826035A (en) * | 2019-10-08 | 2020-02-21 | 云深互联(北京)科技有限公司 | Method, device and system for rapidly logging in browser and storage medium |
| CN112787829A (en) * | 2019-11-05 | 2021-05-11 | 阿里巴巴集团控股有限公司 | Task processing method and device and electronic equipment |
| CN112787829B (en) * | 2019-11-05 | 2023-10-10 | 盒马(中国)有限公司 | Task processing method and device and electronic equipment |
| CN111885152A (en) * | 2020-07-21 | 2020-11-03 | 上海连尚网络科技有限公司 | Promotion information processing method, electronic device and computer-readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104468592B (en) | 2017-10-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104468592A (en) | Login method and system | |
| CN104519050A (en) | Login method and login system | |
| CN104394133A (en) | Login method and login system | |
| US9264435B2 (en) | Apparatus and methods for access solutions to wireless and wired networks | |
| CN106682028B (en) | Method, device and system for acquiring webpage application | |
| US9219787B1 (en) | Stateless cookie operations server | |
| US11509537B2 (en) | Internet of things device discovery and deployment | |
| EP3203709B1 (en) | Cloud service server and method for managing cloud service server | |
| WO2016070689A1 (en) | Method and system for sharing application, and application service platform | |
| CN105430102A (en) | Integration method and system of SaaS (Software as a Service) website and third-party system and device thereof | |
| CN106341234A (en) | Authorization method and device | |
| US9942764B1 (en) | System and method for accessing a membership-based service | |
| CN103607290A (en) | Method and device for setting network connection parameters | |
| CN104852919A (en) | Method and apparatus for realizing portal authentication | |
| CN109819033A (en) | A kind of resource file loading method and system | |
| CN109344345A (en) | Data access system and access method, terminal and storage medium based on block chain | |
| CN105827406A (en) | Identity verification method, identity verification device, and identity verification system | |
| CN109218389A (en) | The method, apparatus and storage medium and electronic equipment of processing business request | |
| CN104580380A (en) | Synchronization method and system for logging status | |
| WO2016146007A1 (en) | Method and device for checking verification code | |
| CN104065674A (en) | Terminal device and information processing method | |
| US9778968B1 (en) | Programatic implementations generated from an API call log | |
| CN107277803A (en) | Wireless network authentication method, apparatus and system based on iOS terminals | |
| CN105530232A (en) | Account login method and device | |
| CN110034979A (en) | A kind of proxy resources monitoring method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |