CN104468592B - Login method and login system - Google Patents
Login method and login system Download PDFInfo
- Publication number
- CN104468592B CN104468592B CN201410773177.5A CN201410773177A CN104468592B CN 104468592 B CN104468592 B CN 104468592B CN 201410773177 A CN201410773177 A CN 201410773177A CN 104468592 B CN104468592 B CN 104468592B
- Authority
- CN
- China
- Prior art keywords
- login
- host application
- sessions information
- server
- browser
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of login method and system, wherein this method includes:Load the first host application in the terminal, and by browser loading page, there is login module in the page;When receiving the page progress trigger action that user loads to browser, login module sends request message to the first host application, and browser sends polling request to server, and request message has identification string;First host application wakes up the second host application, and identification string is sent to the second host application;Second host application obtains the login sessions information of user, and login sessions information and identification string are sent to server to set up the corresponding relation of the two;And server obtains login sessions information according to PollingRequest message and above-mentioned corresponding relation and sent to browser, so that browser loads login sessions information.The method of the embodiment of the present invention can lift the sign-in experience of the user on the mobile Web page.
Description
Technical field
The present invention relates to Internet technical field, more particularly to a kind of login method and login system.
Background technology
At present, using Web app, (what it is based on Web is in the browser (such as mobile phone browser) of user on mobile terminals
System and application) when, if Web app need to log in, mobile terminal can be loaded by page reorientation, or by floating layer, or logical
Cross new browser window of opening and the unified login provided by the user account number system of the Web app service providers is provided
The page, user is on this page by inputting the authentication informations such as account name, account password and submitting logon form to complete user
The certification and login of account number.
It presently, there are following problem:
(1) it is required for loading the Web page that User logs in interface is once provided when due to each log in, it is very slow in network speed
In environment, under such as 2G networks, the speed of loading Web page can be very slow so that the sign-in experience extreme difference of user;
(2) most of mobile browsers are because the limitation of the screen size of mobile device in itself, being typically all difficult to will be current
URL (Uniform Resource Locator, URL) address of the Web page of loading is intactly presented to use
Family sees that partial view device will not even show this URL addresses on one's own initiative, and this is also provided to most of fishing website done evil
It is convenient, will be because of on the fishing page when user is strayed into fishing website and is directed into a login page forged
Input account authentication information (such as user name, password) and cause account to be revealed, and then cause irremediable property loss or use
Family privacy leakage;
(3) when some Mobile solution has Native app (APP based on local (operating system) operation) and Web app
During both forms, if user is in wherein Native app in the case of login, then used in mobile browser
Wherein Web app and when needing to log in, it is still desirable to pass through in the Web log in page that the corresponding server of the Mobile solution is provided
Defeated user name, the mode of password, i.e., at least try again register, increases the operating procedure of user, causes Consumer's Experience to become
Difference.
The content of the invention
The purpose of the present invention is intended at least solve one of above-mentioned technical problem to a certain extent.
Therefore, first purpose of the present invention is to propose a kind of login method.This method can be primary by being multiplexed movement
Repeated using upper existing login sessions information with reducing, for Web page, eliminate offer User logs in interface
Operating procedure, so as to improve the loading velocity of login interface, and then improve the login body of the user on the mobile Web page
Test.
Second object of the present invention is to propose a kind of login system.
To achieve these goals, the login method of first aspect present invention embodiment, including:Load in the terminal
First host application, and by browser loading page, wherein, there is login module in the page;When receiving use
When the page that family is loaded to browser carries out trigger action, the login module sends to first host application and asked
Message, and the browser sends polling request to server, wherein, the request message has identification string;Described first
Host application wakes up the second host application, and the identification string is sent to second host application;Institute
State the second host application and obtain login sessions information of the user in second host application, and logged in described
Session information and the identification string send to the server to set up between the login sessions information and the identification string
Corresponding relation;And the server is according to the PollingRequest message and the login sessions information and pair of the identification string
Login sessions information described in Relation acquisition is answered to send to the browser, so that the browser loads the login sessions letter
Breath.
The login method of the embodiment of the present invention, loads the first host application, and pass through browser in the terminal
There is login module in loading page, the page, when receiving the page progress trigger action that user loads to browser, log in
Module sends request message to the first host application, and browser sends polling request, request message tool to server
There is an identification string, the first host application wakes up the second host application, and identification string is sent to the second host apply journey
Sequence, the second host application obtains login sessions information of the user in the second host application, and login sessions are believed
Breath and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, and server is according to poll
The corresponding relation of request message and login sessions information and identification string obtains login sessions information and sent to browser, so as to browse
Device loads login sessions information, with the register for the page for completing browser loading, i.e., when the page that user loads in browser
When face carries out trigger action, the first host application and the second host are directly passed through by the login module in the page of loading
Application program, obtains the subscriber sign-in conversation information of the second host application preserved in server, mobile former by being multiplexed
The raw upper existing login sessions information of application is repeated with reducing, for Web page, eliminates offer User logs in circle
The operating procedure in face, so as to improve the loading velocity of login interface, and then improves the login of the user on the mobile Web page
Experience.
To achieve these goals, the login system of second aspect of the present invention embodiment, including:Mobile terminal, the first place
Primary application program, server and the second host application, wherein, the mobile terminal, for adding in the mobile terminal
First host application is carried, and by browser loading page, wherein, with login module in the page, and
When receiving the page that user loads to browser and carrying out trigger action, the login module is to first host application
Request message is sent, and the browser sends polling request to the server, wherein, there is mark in the request message
Know string;First host application, sends to institute for waking up second host application, and by the identification string
State the second host application;Second host application, for obtaining user in second host application
Login sessions information, and the login sessions information and the identification string are sent to the server to set up the login
Corresponding relation between session information and the identification string;And the server, for according to the PollingRequest message and
The corresponding relation of the login sessions information and the identification string obtains the login sessions information and sent to the browser, with
The browser is set to load the login sessions information.
The login system of the embodiment of the present invention, loads the first host application, and pass through browser in the terminal
There is login module in loading page, the page, when receiving the page progress trigger action that user loads to browser, log in
Module sends request message to the first host application, and browser sends polling request, request message tool to server
There is an identification string, the first host application wakes up the second host application, and identification string is sent to the second host apply journey
Sequence, the second host application obtains login sessions information of the user in the second host application, and login sessions are believed
Breath and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, and server is according to poll
The corresponding relation of request message and login sessions information and identification string obtains login sessions information and sent to browser, so as to browse
Device loads login sessions information, with the register for the page for completing browser loading, i.e., when the page that user loads in browser
When face carries out trigger action, the first host application and the second host are directly passed through by the login module in the page of loading
Application program, obtains the subscriber sign-in conversation information of the second host application preserved in server, mobile former by being multiplexed
The raw upper existing login sessions information of application is repeated with reducing, for Web page, eliminates offer User logs in circle
The operating procedure in face, so as to improve the loading velocity of login interface, and then improves the login of the user on the mobile Web page
Experience.
The additional aspect of the present invention and advantage will be set forth in part in the description, and will partly become from the following description
Obtain substantially, or recognized by the practice of the present invention.
Brief description of the drawings
Of the invention above-mentioned and/or additional aspect and advantage will become from the following description of the accompanying drawings of embodiments
Substantially and be readily appreciated that, wherein,
Fig. 1 is the flow chart of login method according to an embodiment of the invention;
Fig. 2 is the exemplary plot of login method according to an embodiment of the invention;
Fig. 3 is the flow chart of login method in accordance with another embodiment of the present invention;And
Fig. 4 is the structural representation of login system according to an embodiment of the invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, it is intended to for explaining the present invention, and be not considered as limiting the invention.
Below with reference to the accompanying drawings the login method and login system of the embodiment of the present invention described.
The embodiment of the present invention proposes a kind of login method, including:The first host application is loaded in the terminal,
And by browser loading page, wherein, there is login module in the page;Enter when receiving the page that user loads to browser
During row trigger action, login module sends request message to the first host application, and browser sends to server and taken turns
Request is ask, wherein, request message has identification string;First host application wakes up the second host application, and will mark
String is sent to the second host application;Second host application obtains login meeting of the user in the second host application
Information is talked about, and login sessions information and identification string are sent to server to set up pair between login sessions information and identification string
It should be related to;And server obtains login sessions according to the corresponding relation of PollingRequest message and login sessions information and identification string
Information is sent to browser, so that browser loads login sessions information.
Fig. 1 is the flow chart of login method according to an embodiment of the invention.Fig. 2 is according to one embodiment of the invention
Login method exemplary plot.The login method of the embodiment of the present invention is described with reference to Fig. 1 and Fig. 2.Such as Fig. 1 and figure
Shown in 2, the login method can include:
S101, loads the first host application in the terminal, and by browser loading page, wherein, the page
In have login module.
Wherein, in an embodiment of the present invention, mobile terminal can be the tool such as mobile phone, tablet personal computer, personal digital assistant
There is the hardware device of various operating systems.
Specifically, after detecting user the first host application is installed and activated on mobile terminals, it can move
First host application is loaded in dynamic terminal, and Web page is loaded by browser.Wherein, in embodiments of the invention
In, there is login module in the Web page.
S102, when receiving the page that user loads to browser and carrying out trigger action, login module is to the first host
Application program sends request message, and browser sends polling request to server, wherein, request message has identification string.
Wherein, in an embodiment of the present invention, the first host application can have server module.That is, the
There can be built-in local HTTP (Hypertext transfer protocol, hypertext transmission association in one host application
View) server module, the first host application can be by the built-in local HTTP server module in default LAN
Network intercepting is carried out on network port to receive the HTTP request message transmitted by the browser on mobile terminal.
Specifically, trigger action (such as register, purchase are carried out when receiving the Web page that user loads to browser
Operation, upload operation, down operation etc.) when, the login module in the Web page of the loading can pass through the first host application
In local HTTP server module opening local HTTP interface, into the first host application local HTTP clothes
Device module of being engaged in sends HTTP request message (S1 in such as Fig. 2).Wherein, in an embodiment of the present invention, the HTTP request message
In can carry the encrypted characters string that the corresponding server of the Web page is output in the Web page.In addition, in this hair
In bright embodiment, the URL address formats of above-mentioned local HTTP interface can be " http://127.0.0.1:{ default LAN
Network port }/{ url paths }{ url parameters } ".And Web page is in the local HTTP server to the first host application
Module is sent after HTTP request message, to server can send identification string to obtain subscriber sign-in conversation information by polling request
(S2 in such as Fig. 2).
It should be appreciated that in an embodiment of the present invention, polling request can be regarded as being sent from browser to server timing
Whether inquiry request, inquiry server needs it to service, and has to give and services.
S103, the first host application wake up the second host application, and by identification string send to the second host should
Use program.
Wherein, in an embodiment of the present invention, the second host application can have single-sign-on module.
Specifically, when the first host application by built-in local HTTP server module in default local network
Carried out on port after HTTP request message of the network intercepting to receive login module transmission, the first host application can be obtained first
The identification string in the HTTP request bag is taken, can be sent afterwards by the communication mechanism built in the operating system of mobile terminal to system
Wake up in the request (S3 in such as Fig. 2) of the single-sign-on module built in the second host application, the required parameter and carry
Identification string.Wherein, in an embodiment of the present invention, the first host application can wake up the second host application, and please
Message is asked to send to the single-sign-on module of the second host application.
It should be noted that due to having the second host application of built-in single-sign-on module may in mobile terminal
Have multiple, specifically arouse the single-sign-on module in which host application, local HTTP server module can be passed through
Interior default configuration parameter is specified, and can also be joined by the URL being sent in the HTTP request of local HTTP server module
Count to specify.
S104, the second host application obtains login sessions information of the user in the second host application, and will
Login sessions information and identification string send to server to set up the corresponding relation between login sessions information and identification string.
Further, in one embodiment of the invention, user is obtained in the second host in the second host application
Before login sessions information in application program, the login method may also include:Judge whether user logs in the second host application
Program;If it is determined that user has logged in the second host application, then the second host application obtains user in the second host
Login sessions information in application program, and login sessions information and identification string are sent to server to set up login sessions letter
Corresponding relation between breath and identification string;If it is determined that user is not logged in the second host application, then user is guided to be stepped on
Record.Thereby it is ensured that the login sessions information of the user of the second host application can be got.
Specifically, after the single-sign-on module in the second host application is invoked, first active user can be judged whether
The second host application has been logged in, if having logged in, login sessions information of the user in the second host application has been obtained
(such as session id (IDentity, the identification number of session), ID (IDentity, the identity number of user), user
Name/account name, password etc.), otherwise first guiding user is logged in (S4 in such as Fig. 2) in the second host application, and
The login sessions information (S5 in such as Fig. 2) of user is being obtained after logining successfully, then by login sessions information and by calling out
Rise single-sign-on module request bag transmission come in identification string send to server to set up its corresponding relation (in Fig. 2
S6)。
S105, server obtains according to the corresponding relation of PollingRequest message and login sessions information and identification string and logs in meeting
Words information is sent to browser, so that browser loads login sessions information.
Specifically, in an embodiment of the present invention, server can first obtain the identification string in PollingRequest message, afterwards
Login sessions information can be inquired about according to identification string and corresponding login sessions information, Ran Hougen are obtained with the corresponding relation of identification string
According to the login sessions information automated log on page, and the login sessions information after logging in is obtained, and by the login meeting after login
Words information is sent to browser by the response of polling request, so that browser loads the login sessions information.
More specifically, server is when receiving the polling request that Web page is sent, the PollingRequest message can be first obtained
In identification string, corresponding login sessions are obtained from the database or buffer service in server according to the identification string afterwards and believed
Breath, is then that user completes the automated log on processing in Web page according to login sessions information, and generation one is applied to
The new login sessions information of Web page is simultaneously returned to Web page (S7 in such as Fig. 2).
Web page on browser is set Web page after the login sessions information of server return is received
Corresponding to the domain name of place user Cookie (its in order to distinguish user identity, conversate tracking and be stored in user locally eventually
Data on end) in, and the work of the respective handling after User logs in is completed, for example, needing what user saw after jumping to login
In Web page.
It should be noted that in an embodiment of the present invention, the first host application and the second host application can
To be a mobile native application or 2 independent mobile native applications.
The login method of the embodiment of the present invention, loads the first host application, and pass through browser in the terminal
There is login module in loading page, the page, when receiving the page progress trigger action that user loads to browser, log in
Module sends request message to the first host application, and browser sends polling request, request message tool to server
There is an identification string, the first host application wakes up the second host application, and identification string is sent to the second host apply journey
Sequence, the second host application obtains login sessions information of the user in the second host application, and login sessions are believed
Breath and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, and server is according to poll
The corresponding relation of request message and login sessions information and identification string obtains login sessions information and sent to browser, so as to browse
Device loads login sessions information, with the register for the page for completing browser loading, i.e., when the page that user loads in browser
When face carries out trigger action, the first host application and the second host are directly passed through by the login module in the page of loading
Application program, obtains the subscriber sign-in conversation information of the second host application preserved in server, mobile former by being multiplexed
The raw upper existing login sessions information of application is repeated with reducing, for Web page, eliminates offer User logs in circle
The operating procedure in face, so as to improve the loading velocity of login interface, and then improves the login of the user on the mobile Web page
Experience.
Fig. 3 is the flow chart of login method in accordance with another embodiment of the present invention.
It should be noted that in an embodiment of the present invention, can have request source address (i.e. in polling request
Referer URL).In order to avoid fishing website forges request message, security is improved, in server according to PollingRequest message
Login sessions information is obtained with the corresponding relation of login sessions information and identification string to send to before browser, also can determine whether request
Whether source address is in the range of default white list, if further obtaining login sessions information and sending to browser.Tool
Body, as shown in figure 3, the login method can include:
S301, loads the first host application in the terminal, and by browser loading page, wherein, the page
In have login module.
S302, when receiving the page that user loads to browser and carrying out trigger action, login module is to the first host
Application program sends request message, and browser sends polling request to server, wherein, request message has identification string.
S303, the first host application wake up the second host application, and by identification string send to the second host should
Use program.
S304, the second host application obtains login sessions information of the user in the second host application, and will
Login sessions information and identification string send to server to set up the corresponding relation between login sessions information and identification string.
Whether S305, server judges request source address in the range of default white list.
Specifically, server can determine whether that the request of the polling request comes when receiving the polling request that Web page is sent
Whether source address (i.e. refer sources url domain name) is in the range of default white list.It should be noted that the present invention's
In embodiment, also it can judge whether the identification string in polling request is effective by the method such as decryption or parameters signatures verification, to sentence
Whether this polling request of breaking is legal, if illegal, returns to corresponding error message.
S306, if it is determined that request source address is in the range of default white list, then server is further according to poll
The corresponding relation of request message and login sessions information and identification string obtains login sessions information and sent to browser, so as to browse
Device loads login sessions information.
The login method of the embodiment of the present invention, in server according to PollingRequest message and login sessions information and identification string
Corresponding relation obtain login sessions information and send to before browser, also can determine whether request source address whether default white
In the range of list, if further obtaining login sessions information and sending to browser, efficiently avoid fishing website forgery
Request message, improves security.
In order to realize above-described embodiment, the invention also provides a kind of login system, including:Mobile terminal, the first host
Application program, server and the second host application, wherein, mobile terminal, for loading the first host in the terminal
Application program, and by browser loading page, wherein, there is login module, and receiving user to browser in the page
When the page of loading carries out trigger action, login module sends request message to the first host application, and browser to
Server sends polling request, wherein, there is identification string in request message;First host application, for waking up the second place
Primary application program, and identification string is sent to the second host application;Second host application, for obtaining user
Login sessions information in two host applications, and login sessions information and identification string are sent to server to set up login
Corresponding relation between session information and identification string;And server, for according to PollingRequest message and login sessions information
Login sessions information is obtained with the corresponding relation of identification string to send to browser, so that browser loads login sessions information.
Fig. 4 is the structural representation of login system according to an embodiment of the invention.As shown in figure 4, the login system
It can include:Mobile terminal 10, the first host application 20, the host application 40 of server 30 and second.Wherein, at this
In the embodiment of invention, mobile terminal 10 can be that mobile phone, tablet personal computer, personal digital assistant etc. have various operating systems
Hardware device.
Specifically, mobile terminal 10 can be used for loading the first host application 20 in the terminal, and by browsing
Device loading page, wherein, there is login module, and receiving the page progress triggering behaviour that user loads to browser in the page
When making, login module sends request message to the first host application 20, and browser sends poll to server 30 and asked
Ask, wherein, there is identification string in request message.
Wherein, in an embodiment of the present invention, the first host application 20 can have server module.That is,
There can be built-in local HTTP server module in first host application 20, the first host application 20 can be by this
Built-in local HTTP server module carries out network intercepting on default local network port and comes from mobile terminal to receive
The HTTP request message transmitted by browser on 10.
More specifically, after detecting user the first host application 20 are installed and activated on mobile terminal 10,
Mobile terminal 10 loads first host application 20 in mobile terminal 10, and by browser loading Web page, and
Receive Web page progress trigger action (such as register, purchase operation, upload operation, download that user loads to browser
Operation etc.) when, the login module in the Web page of the loading can be by the local HTTP service in the first host application 20
The local HTTP interface of device module opening, the local HTTP server module into the first host application 20 is sent
HTTP request message.Wherein, in an embodiment of the present invention, can to carry the Web page in the HTTP request message corresponding
Server is output to an encrypted characters string in the Web page.In addition, in an embodiment of the present invention, above-mentioned local HTTP
The URL address formats of interface can be " http://127.0.0.1:{ default local network port }/{ url paths }{ url joins
Number } ".And Web page to the local HTTP server module of the first host application 20 after HTTP request message is sent,
Identification string to server 30 can be sent to obtain subscriber sign-in conversation information by polling request.
It should be appreciated that in an embodiment of the present invention, polling request can be regarded as regularly being sent out from browser to server 30
Go out inquiry request, whether inquiry server needs it to service, have to give and service.
First host application 20 can be used for waking up the second host application 40, and identification string is sent to the second place
Primary application program 40.Wherein, in an embodiment of the present invention, the second host application 40 can have single-sign-on module.
More specifically, in the first host application 20 by built-in local HTTP server module default local
On the network port after HTTP request message of the progress network intercepting to receive login module transmission, the first host application 20
The identification string in the HTTP request bag can first be obtained, afterwards can by the communication mechanism built in the operating system of mobile terminal 10 to
System sends in the request for waking up the single-sign-on module built in the second host application 40, the required parameter and carries mark
String.Wherein, in an embodiment of the present invention, the first host application 20 can wake up the second host application 40, and please
Message is asked to send to the single-sign-on module of the second host application 40.
It should be noted that due to having the second host application 40 of built-in single-sign-on module in mobile terminal 10
It might have multiple, specifically arouse the single-sign-on module in which host application, local HTTP server can be passed through
Default configuration parameter is specified in module, can also by being sent in the HTTP request of local HTTP server module
URL parameter is specified.
Second host application 40 can be used for being used to obtain login sessions of the user in the second host application 40
Information, and login sessions information and identification string are sent to server 30 to set up pair between login sessions information and identification string
It should be related to.Further, in one embodiment of the invention, user is obtained in the second host in the second host application 40
Before login sessions information in application program 40, the second host application 40 can be additionally used in:Judge whether user logs in
Two host applications 40, and when judging that user has logged in the second host application 40, obtaining user should in the second host
Sent with the login sessions information in program 40, and by login sessions information and identification string to server 30 to set up login sessions
Corresponding relation between information and identification string, and when judging that user is not logged in the second host application 40, guide user
Logged in.
More specifically, after the single-sign-on module in the second host application 40 is invoked, can first judge active user
The second host application 40 whether has been logged in, if having logged in, login of the user in the second host application 40 has been obtained
Session information (such as session id, ID, user name/account name, password), otherwise first guiding user applies journey in the second host
Logged in sequence 40, and obtain after logining successfully the login sessions information of user, then by login sessions information and logical
Cross arouse single-sign-on module request bag transmission come in identification string be sent to server 30 with set up login sessions information with
Corresponding relation between identification string.
Server 30, which can be used for being obtained according to the corresponding relation of PollingRequest message and login sessions information and identification string, to be stepped on
Record session information is sent to browser, so that browser loads login sessions information.Specifically, in embodiments of the invention
In, server 30 can first obtain the identification string in PollingRequest message, and inquire about login sessions information and mark according to identification string
The corresponding relation of string is to obtain corresponding login sessions information, and according to the login sessions information automated log on page, and obtains
Login sessions information after login, and the login sessions information after login is sent to browsing by the response of polling request
Device.
More specifically, server 30 is when receiving the polling request that Web page is sent, it can first obtain the polling request and disappear
Identification string in breath, obtains corresponding login meeting according to the identification string from the database or buffer service in server 30 afterwards
Information is talked about, is then that user completes the automated log on processing in Web page according to login sessions information, and generation one is applicable
In Web page new login sessions information and be returned to Web page.
Web page on browser is set Web page after the login sessions information of the return of server 30 is received
In user Cookie where face corresponding to domain name, and the work of the respective handling after User logs in is completed, for example, jumping to login
Need afterwards in the Web page that user sees.
Further, in one embodiment of the invention, there can be request source address in polling request, in server
30 obtain login sessions information according to the corresponding relation of PollingRequest message and login sessions information and identification string sends to browsing
Before device, server 30 can be additionally used in:Request source address is judged whether in the range of default white list, and is judging request
When source address is in the range of default white list, further according to PollingRequest message and login sessions information and identification string
Corresponding relation obtains login sessions information and sent to browser.
More specifically, server 30 is when receiving the polling request that Web page is sent, asking for the polling request can determine whether
Source address (i.e. refer sources url domain name) is sought whether in the range of default white list.It should be noted that in this hair
In bright embodiment, also it can judge whether the identification string in polling request is effective by the method such as decryption or parameters signatures verification,
To judge whether this polling request is legal, if illegal, corresponding error message is returned to.If legal, further obtain and log in
Session information is sent to browser, so that browser loads login sessions information.Thus, it efficiently avoid fishing website forgery
Request message, improves security.
It should be noted that in an embodiment of the present invention, the first host application 20 and the second host application
40 can be a mobile native application or 2 independent mobile native applications.
The login system of the embodiment of the present invention, loads the first host application, and pass through browser in the terminal
There is login module in loading page, the page, when receiving the page progress trigger action that user loads to browser, log in
Module sends request message to the first host application, and browser sends polling request, request message tool to server
There is an identification string, the first host application wakes up the second host application, and identification string is sent to the second host apply journey
Sequence, the second host application obtains login sessions information of the user in the second host application, and login sessions are believed
Breath and identification string are sent to server to set up the corresponding relation between login sessions information and identification string, and server is according to poll
The corresponding relation of request message and login sessions information and identification string obtains login sessions information and sent to browser, so as to browse
Device loads login sessions information, with the register for the page for completing browser loading, i.e., when the page that user loads in browser
When face carries out trigger action, the first host application and the second host are directly passed through by the login module in the page of loading
Application program, obtains the subscriber sign-in conversation information of the second host application preserved in server, mobile former by being multiplexed
The raw upper existing login sessions information of application is repeated with reducing, for Web page, eliminates offer User logs in circle
The operating procedure in face, so as to improve the loading velocity of login interface, and then improves the login of the user on the mobile Web page
Experience.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means to combine specific features, structure, material or the spy that the embodiment or example are described
Point is contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not
Identical embodiment or example must be directed to.Moreover, specific features, structure, material or the feature of description can be with office
Combined in an appropriate manner in one or more embodiments or example.In addition, in the case of not conflicting, the skill of this area
Art personnel can be tied the not be the same as Example or the feature of example and non-be the same as Example or example described in this specification
Close and combine.
In addition, term " first ", " second " are only used for describing purpose, and it is not intended that indicating or implying relative importance
Or the implicit quantity for indicating indicated technical characteristic.Thus, define " first ", the feature of " second " can express or
Implicitly include at least one this feature.In the description of the invention, " multiple " are meant that at least two, such as two, three
It is individual etc., unless otherwise specifically defined.
Any process described otherwise above or method description are construed as in flow chart or herein, represent to include
Module, fragment or the portion of the code of one or more executable instructions for the step of realizing specific logical function or process
Point, and the scope of the preferred embodiment of the present invention includes other realization, wherein can not be by shown or discussion suitable
Sequence, including according to involved function by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
Represent in flow charts or logic and/or step described otherwise above herein, for example, being considered use
In the order list for the executable instruction for realizing logic function, it may be embodied in any computer-readable medium, for
Instruction execution system, device or equipment (such as computer based system including the system of processor or other can be held from instruction
The system of row system, device or equipment instruction fetch and execute instruction) use, or combine these instruction execution systems, device or set
It is standby and use.For the purpose of this specification, " computer-readable medium " can any can be included, store, communicate, propagate or pass
Defeated program is for instruction execution system, device or equipment or the dress for combining these instruction execution systems, device or equipment and using
Put.The more specifically example (non-exhaustive list) of computer-readable medium includes following:Electricity with one or more wirings
Connecting portion (electronic installation), portable computer diskette box (magnetic device), random access memory (RAM), read-only storage
(ROM), erasable edit read-only storage (EPROM or flash memory), fiber device, and portable optic disk is read-only deposits
Reservoir (CDROM).In addition, can even is that can be in the paper of printing described program thereon or other are suitable for computer-readable medium
Medium, because can then enter edlin, interpretation or if necessary with it for example by carrying out optical scanner to paper or other media
His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combinations thereof.Above-mentioned
In embodiment, the software that multiple steps or method can in memory and by suitable instruction execution system be performed with storage
Or firmware is realized.If, and in another embodiment, can be with well known in the art for example, realized with hardware
Any one of row technology or their combination are realized:With the logic gates for realizing logic function to data-signal
Discrete logic, the application specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are appreciated that to realize all or part of step that above-described embodiment method is carried
Rapid to can be by program to instruct the hardware of correlation to complete, described program can be stored in a kind of computer-readable storage medium
In matter, the program upon execution, including one or a combination set of the step of embodiment of the method.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing module, can also
That unit is individually physically present, can also two or more units be integrated in a module.Above-mentioned integrated mould
Block can both be realized in the form of hardware, it would however also be possible to employ the form of software function module is realized.The integrated module is such as
Fruit is realized using in the form of software function module and as independent production marketing or in use, can also be stored in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only storage, disk or CD etc..Although having been shown and retouching above
Embodiments of the invention are stated, it is to be understood that above-described embodiment is exemplary, it is impossible to be interpreted as the limit to the present invention
System, one of ordinary skill in the art can be changed to above-described embodiment, change, replace and become within the scope of the invention
Type.
Claims (10)
1. a kind of login method, it is characterised in that comprise the following steps:
The first host application is loaded in the terminal, and by browser loading page, wherein, have in the page
Login module;
When receiving the page progress trigger action that user loads to browser, the login module should to first host
Request message is sent with program, and the browser sends polling request to server, wherein, the request message has mark
Know string;
First host application wakes up the second host application, and the identification string is sent to second host
Application program;
Second host application obtains login sessions information of the user in second host application, and by institute
Login sessions information is stated to send to the server to set up the login sessions information and the identification string with the identification string
Between corresponding relation;And
The server obtains institute according to the polling request and the login sessions information and the corresponding relation of the identification string
State login sessions information to send to the browser, so that the browser loads the login sessions information.
2. login method as claimed in claim 1, it is characterised in that there is request source address in the polling request,
The server is stepped on according to being obtained the corresponding relation of the polling request and the login sessions information and the identification string
Record session information is sent to before the browser, and methods described also includes:
Whether the server judges the request source address in the range of default white list;
If it is determined that the request source address is in the range of the default white list, then the server is further according to institute
State polling request and the login sessions information and the identification string corresponding relation obtain the login sessions information send to
The browser.
3. login method as claimed in claim 1, it is characterised in that obtain user in institute in second host application
State before the login sessions information in the second host application, methods described also includes:
Judge whether the user logs in second host application;
If it is determined that the user has logged in second host application, then second host application obtains user
Login sessions information in second host application, and by the login sessions information and the identification string send to
The server is to set up the corresponding relation between the login sessions information and the identification string;
If it is determined that the user is not logged in second host application, then the user is guided to be logged in.
4. login method as claimed in claim 1, it is characterised in that first host application has server mould
Block, second host application has single-sign-on module, wherein, the login module by the request message send to
The server module of first host application, first host application wakes up second host application
And send the request message to the single-sign-on module of second host application.
5. login method as claimed in claim 1, it is characterised in that the server is according to the polling request and described steps on
The corresponding relation acquisition login sessions information of record session information and the identification string, which is sent to the browser, to be specifically included:
The server obtains the identification string in the polling request;
The server inquires about the login sessions information with the corresponding relation of the identification string to obtain according to the identification string
Corresponding login sessions information;And
Server page according to the login sessions information automated log on, and obtain the login sessions letter after logging in
Breath, and the login sessions information after login is sent to the browser by the response of the polling request.
6. a kind of login system, it is characterised in that including:Mobile terminal, the first host application, server and the second host
Application program, wherein,
The mobile terminal, for loading first host application in the mobile terminal, and is added by browser
The page is carried, wherein, there is login module, and receiving the page progress triggering behaviour that user loads to browser in the page
When making, the login module sends request message to first host application, and the browser is to the service
Device sends polling request, wherein, there is identification string in the request message;
First host application, sends to institute for waking up second host application, and by the identification string
State the second host application;
Second host application, for obtaining login sessions information of the user in second host application,
And the login sessions information and the identification string are sent to the server with set up the login sessions information with it is described
Corresponding relation between identification string;And
The server, for being obtained according to the polling request and the login sessions information and the corresponding relation of the identification string
The login sessions information is taken to send to the browser, so that the browser loads the login sessions information.
7. login system as claimed in claim 6, it is characterised in that there is request source address in the polling request,
The server is stepped on according to being obtained the corresponding relation of the polling request and the login sessions information and the identification string
Record session information is sent to before the browser, and the server is additionally operable to:Judge the request source address whether pre-
If white list in the range of, and judge it is described request source address in the range of the default white list when, further root
The login sessions information is obtained according to the corresponding relation of the polling request and the login sessions information and the identification string to send out
Deliver to the browser.
8. login system as claimed in claim 6, it is characterised in that obtain user in institute in second host application
State before the login sessions information in the second host application, second host application is additionally operable to:Judge described use
Whether family logs in second host application, and when judging that the user has logged in second host application,
Obtain login sessions information of the user in second host application, and by the login sessions information and the mark
String sends to the server to set up the corresponding relation between the login sessions information and the identification string, and is judging
When the user is not logged in second host application, the user is guided to be logged in.
9. login system as claimed in claim 6, it is characterised in that first host application has server mould
Block, second host application has single-sign-on module, wherein, the login module by the request message send to
The server module of first host application, first host application wakes up second host application
And send the request message to the single-sign-on module of second host application.
10. login system as claimed in claim 6, it is characterised in that the server specifically for:Obtaining the poll please
Identification string in asking, and inquire about the login sessions information with the corresponding relation of the identification string to obtain according to the identification string
Corresponding login sessions information, and the page according to the login sessions information automated log on, and obtain login after
Login sessions information, and the login sessions information after login is sent to described by the response of the polling request browsed
Device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410773177.5A CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410773177.5A CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104468592A CN104468592A (en) | 2015-03-25 |
CN104468592B true CN104468592B (en) | 2017-10-31 |
Family
ID=52913964
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410773177.5A Active CN104468592B (en) | 2014-12-12 | 2014-12-12 | Login method and login system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104468592B (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106549907B (en) * | 2015-09-17 | 2019-10-11 | 阿里巴巴集团控股有限公司 | A kind of web app access method, device and system |
CN105812350B (en) * | 2016-02-03 | 2020-05-19 | 北京中搜云商网络技术有限公司 | Cross-platform single sign-on system |
EP3236637B1 (en) * | 2016-04-22 | 2020-12-09 | Siemens Aktiengesellschaft | Communication over a wide area network by means of an application-specific protocol |
CN107786528B (en) * | 2016-08-31 | 2020-09-22 | 阿里巴巴集团控股有限公司 | Application login method and device and communication system |
CN107979575A (en) * | 2016-10-25 | 2018-05-01 | 中华电信股份有限公司 | Certificate server and on-line identification method on line |
CN107995245B (en) * | 2016-10-27 | 2019-03-15 | 腾讯科技(深圳)有限公司 | A kind of method and terminal of resource-sharing |
CN109558739B (en) * | 2017-09-26 | 2022-04-15 | 腾讯科技(深圳)有限公司 | Program running method and device, terminal and readable medium |
CN110297663B (en) * | 2018-03-21 | 2022-10-04 | 阿里巴巴集团控股有限公司 | Application program awakening method, device, terminal and medium |
CN109450777B (en) * | 2018-12-28 | 2021-09-17 | 苏州开心盒子软件有限公司 | Session information extraction method, device, equipment and medium |
CN110826035A (en) * | 2019-10-08 | 2020-02-21 | 云深互联(北京)科技有限公司 | Method, device and system for rapidly logging in browser and storage medium |
CN112787829B (en) * | 2019-11-05 | 2023-10-10 | 盒马(中国)有限公司 | Task processing method and device and electronic equipment |
CN111885152B (en) * | 2020-07-21 | 2022-08-19 | 上海连尚网络科技有限公司 | Promotion information processing method, electronic device and computer-readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378400A (en) * | 2007-08-30 | 2009-03-04 | 国际商业机器公司 | Method, server and system for polymerizing desktop application and Web application |
CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
CN102638454A (en) * | 2012-03-14 | 2012-08-15 | 武汉理工大学 | Plug-in type SSO (single signon) integration method oriented to HTTP (hypertext transfer protocol) identity authentication protocol |
CN103188237A (en) * | 2011-12-30 | 2013-07-03 | 盛大计算机(上海)有限公司 | Single sign-on system and single sign-on method |
CN104113534A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | System and method for logging in applications (APPs) |
-
2014
- 2014-12-12 CN CN201410773177.5A patent/CN104468592B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378400A (en) * | 2007-08-30 | 2009-03-04 | 国际商业机器公司 | Method, server and system for polymerizing desktop application and Web application |
CN101656608A (en) * | 2008-08-21 | 2010-02-24 | 北京亿企通信息技术有限公司 | Method and system for single login of Web end of instant messaging device |
CN101504616A (en) * | 2009-03-23 | 2009-08-12 | 金蝶软件(中国)有限公司 | Method and apparatus for login of Windows application program through Web application |
CN103188237A (en) * | 2011-12-30 | 2013-07-03 | 盛大计算机(上海)有限公司 | Single sign-on system and single sign-on method |
CN102638454A (en) * | 2012-03-14 | 2012-08-15 | 武汉理工大学 | Plug-in type SSO (single signon) integration method oriented to HTTP (hypertext transfer protocol) identity authentication protocol |
CN104113534A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | System and method for logging in applications (APPs) |
Non-Patent Citations (2)
Title |
---|
"基于CAS的跨平台安全单点登录服务的设计与实现";雷传锐;《中国优秀硕士学位论文全文数据库(信息科技辑)》;20130515;I138-1578 * |
"基于Web的单点登录技术在企业集成中的应用";吴茂传 等;《淮海工学院学报(自然科学版)》;20080315;第29-32页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104468592A (en) | 2015-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104468592B (en) | Login method and login system | |
CN104394133B (en) | Login method and login system | |
CN104519050B (en) | Login method and login system | |
US9264435B2 (en) | Apparatus and methods for access solutions to wireless and wired networks | |
CN104335523B (en) | A kind of authority control method, client and server | |
CN104113551B (en) | A kind of platform authorization method, platform service end and applications client and system | |
CN104426862B (en) | Realize method, system and browser that cross-domain request logs in | |
CN104735066B (en) | A kind of single-point logging method of object web page application, device and system | |
CN103856446B (en) | A kind of login method, device and open platform system | |
US10778680B2 (en) | Method and apparatus for accessing website | |
CN104113533B (en) | Log in authorization method and device | |
CN106682028A (en) | Method, device and system for obtaining web application | |
CN106341234A (en) | Authorization method and device | |
CN103607385A (en) | Method and apparatus for security detection based on browser | |
CN104660409B (en) | The method of system login and certificate server cluster under cluster environment | |
US8028089B2 (en) | On-deck detection for a web site | |
CN106953831A (en) | A kind of authorization method of user resources, apparatus and system | |
CN105430102A (en) | Integration method and system of SaaS (Software as a Service) website and third-party system and device thereof | |
CN108667770A (en) | A kind of loophole test method, server and the system of website | |
CN107104924A (en) | The verification method and device of website backdoor file | |
CN107124430A (en) | Pagejack monitoring method, device, system and storage medium | |
CN107562548A (en) | The method and apparatus for transmitting data | |
CN107770189A (en) | Reverse proxy method, system, proxy server and storage medium | |
CN104869135B (en) | The method and terminal of data interaction | |
CN104767614A (en) | Information authentication method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |