CN104753960B - A kind of system configuration management method based on single-sign-on - Google Patents
A kind of system configuration management method based on single-sign-on Download PDFInfo
- Publication number
- CN104753960B CN104753960B CN201510191745.5A CN201510191745A CN104753960B CN 104753960 B CN104753960 B CN 104753960B CN 201510191745 A CN201510191745 A CN 201510191745A CN 104753960 B CN104753960 B CN 104753960B
- Authority
- CN
- China
- Prior art keywords
- configuration
- menu
- sign
- operation system
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Information Transfer Between Computers (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
The present invention relates to field of computer technology, specifically a kind of system configuration management method based on single-sign-on, the user authentication log-on message for participating in each operation system of collocation method is left concentratedly in a database or file system, and only single logging-on server can access the database or file system, all logins are all responsible for verification by single logging-on server, realize the unified management by single logging-on server;Present invention eliminates the time frequently switched between each operation system, the function of other operation systems can be directly opened by configuring system.The operating procedure of to master different business systems needs is not required to, can directly open the function of other business by configuring system, it is not necessary to could open some function menus according to the operating process of operation system.
Description
Technical field
The present invention relates to field of computer technology, specifically a kind of system configuration manager based on single-sign-on
Method.
Background technology
At present, as the fast development of information technology and network technology, the application system of enterprises are more and more.Such as
In West China region alliance platform, application system just have consultation system, tutoring system, reservation system, examination system, reporting system,
Management system, video conferencing system etc..Since these systems are independent mutually, user is necessary before using each application system
Logged according to corresponding system identity and grasp the operating method of system, user must remember the use of each system for this
Name in an account book and password, it is necessary to remember the different operating method of each system, this brings many fiber crops to user and system manager
It is tired.Administrator needs frequently between each system to switch when doing some configurations, statistical query, analysis.With system
Increasing, the possibility increase of error, the possibility illegally intercepted and captured and destroyed can also increase, and security will be reduced accordingly,
System cost is high, and work efficiency is low.Only log in once, can fast grasp in consideration of it, being necessary for people and providing a kind of can realize
Make the method for each operation system.
The existing improvement patent for single-sign-on correlation technique has:Number of patent application is 201410668869.3, application
Day is 2014.11.19, and entitled " the single-sign-on lightweight implementation method based on Cookie ", its technical solution is:This hair
It is bright to be related to field of computer technology, be claimed a kind of single-point logging method based on Cookie, user in system wherein
Seamless switching is carried out between multiple applications after being logged in any one application.When being switched between user applies in system,
The target Web to be switched is redirected in application, target Web applying units when user browser carries Cookie
LoginFilter reads to trust voucher and carry from Cookie trusts voucher to certificate server request validity check;Recognize
The log-on message that user is returned after service system is examined is demonstrate,proved, LoginFileter completes user in current application according to return information
Login mandate set.
For another example number of patent application is 201410588512.4, and applying date 2014.10.28, entitled " single-sign-on controls
The patent of invention of method and apparatus ", its technical solution are:The present invention relates to a kind of single-sign-on control method and device, including:
Bill agency center receives user name, password and the authentication mode of the first application system, and username and password is verified,
When being verified, master note is generated, and master note is roamed to the first application system, so that the first application system is by master note
Roam to the second application system, wherein, the second application system is the system where the objective function page, and the first application system is
Two application systems system for being jumped to when logging in, preserves master note in the cookies at the bill agency center;Receive the
The master note analysis request of two application systems, to parse the master note, generates the first sub- bill, and the first sub- bill is roamed
To second application system;The sub- bill analysis request of the second application system is received, to parse the described first sub- bill, generation
First user identifier, the objective function page of the second application system is signed in to the second application system according to the first user identifier
Face.
Above-mentioned patent is mainly the improvement carried out to how to realize the method for single-sign-on, without to based on single-sign-on
' In System Reconfiguration Method propose to improve, so the system of whole single-sign-on still can increase error with increasing for system
Possibility, and the problem of reduce security while can also make work efficiency low.
The content of the invention
In view of the deficiencies of the prior art, now provide a kind of enhancing multisystem collaboration use, reduce use cost and
The system configuration management method based on single-sign-on of practical value is improved,
To achieve the above object, the technical solution adopted by the present invention is as follows:
A kind of system configuration management method based on single-sign-on, it is characterised in that:
A. participate in each operation system of collocation method user authentication log-on message leave concentratedly in a database or
In file system, and only single logging-on server can access the database or file system, and all logins are all by single-point
Login service device is responsible for verification, realizes the unified management by single logging-on server;
B. each operation system for participating in collocation method configures unified single sign-on client-side, all single sign-on clients
The authentication information at end derives from the same single logging-on server, to realize that all login users log in any of which one
A operation system, which need not log on, accesses other operation systems;
C., one single configuration system is set, and the function connects configured in the configuration system are all in each operation system
Existing function;
Function in each operation system is all connected in configuration system, and each business system is retained in configuration system
Respective collocation method and data save method in system.Different user uses oneself common configuration side in each operation system
Method configures system.
D. the function menu for configuring system is the address of each operation system, or directly inputs menu identity and address.
The address of operation system refers to that user selects the address of operation system.
The entitled system of menu defines or user is according to personal use habitual definition.
The address of input refers to the address and parameter that user can directly input.
In the function in opening configuration system, its step is as follows:
When opening any function in configuration system in system A, according to the address of configuration system and parameter, user is first checked
Whether logged in using single-sign-on, such as had logged on, then configured the data that system reads corresponding function in system A,
And return to configuration system and be shown;If multiple users configuration system menu function at the same time access system A functions,
The data of system B functions, system C functions, then configure system and take corresponding data up in system A, system B, system C at the same time and return
Back to configuration system.
Single-sign-on is CAS single-sign-ons of increasing income, and realizes single-sign-on using Cookie.
The database is ldap database.
Role has operation system A, operation system B, operation system C, configuration system, single logging-on server and LDAP respectively
Database;Wherein operation system A, operation system B, operation system C, configuration system are provided with unified single sign-on client-side,
Its purpose is exactly when accessing each system, it is only necessary to logs in once, can access any one system.And operation system
A, operation system B, operation system C, configuration system only have login all without single login feature in single logging-on server
Function, takes ldap database to be verified, cookie can be stored in by logining successfully rear user's the proof of Register when verifying user information
In, the system for being configured with single sign-on client-side first judges that user's the proof of Register whether there is in cookie, and if so, directly
Tap into and accessed into system, otherwise into login page.And the function inside the direct access profile system of user can be achieved to access
Each operation system A, operation system B, operation system C all functions, and realize operation, check the purpose of operation system data.
Single-sign-on concrete methods of realizing can use existing method.The application lays particular emphasis on the implementation method of configuration system.
Configuration system is specially in the function menu method of configuration service system:Configuration system automatically extracts addressable each
Operation system function menu list, user select oneself common menu and preserve, and configuration system preserves one and operation system
The corresponding address of menu and menu mutually of the same name.
Concretely comprised the following steps in configuration system configuration operation system address and required parameter:In configuration, user oneself is defeated
Enter menu identity and one or more menu addresses, which can add required parameter as needed;When needing to match somebody with somebody multiple addresses,
The square size and location that each address is shown on the page can be adjusted.
Open configuration system menu extract an operation system method be specially:User is in the menu to configuring system
Configured in use, when the menu of one single address of opening, because the reason for single-sign-on, access all operation systems
It need not all log in, for the page of opening by the method for hide menu URL, it is the other systems opened to make user imperceptible.
The menu for opening configuration system extracts the methods of multiple operation systems and is specially:User is in the menu to configuring system
Configured in use, when opening has the menu of multiple addresses, by single-sign-on, each address challenges of extraction can be concentrated
In operation system data and position when being presented on configuration, and contrast the data for checking each operation system.
Advantages of the present invention:
1st, the time frequently switched between each operation system is eliminated, other industry can be directly opened by configuring system
The function of business system.
2nd, the operating procedure of to master different business systems needs is not required to, other business can be directly opened by configuring system
Function, it is not necessary to could open some function menus according to the operating process of operation system.
3rd, manage concentratedly different business systems common function, different role user need to only manage and using oneself to without
The function that operation system is concerned about;For example system statistics person only needs to manage the statistics of different business systems.
4th, system configuration is simple, quick, easy to operate, need to only grasp the collocation method of configuration system and can access oneself
Want the operation system function of seeing.
5th, this method is to rely on single-sign-on;Existing single-point logging method can be used in specific single-sign-on, and originally
It is the method safety of the management configuration system of method, simple, quick.
Brief description of the drawings
Fig. 1 is the present invention program schematic diagram.
Embodiment
Embodiment 1
A kind of system configuration management method based on single-sign-on, it is characterised in that:
A. participate in each operation system of collocation method user authentication log-on message leave concentratedly in a database or
In file system, and only single logging-on server can access the database or file system, and all logins are all by single-point
Login service device is responsible for verification, realizes the unified management by single logging-on server;
B. each operation system for participating in collocation method configures unified single sign-on client-side, all single sign-on clients
The authentication information at end derives from the same single logging-on server, to realize that all login users log in any of which one
A operation system, which need not log on, accesses other operation systems;
C., one single configuration system is set, and the function connects configured in the configuration system are all in each operation system
Existing function;
Function in each operation system is all connected in configuration system, and each business system is retained in configuration system
Respective collocation method and data save method in system.Different user uses oneself common configuration side in each operation system
Method configures system.
D. the function menu for configuring system is the address of each operation system, or directly inputs menu identity and address.
Present invention eliminates the time frequently switched between each operation system, it can be directly opened by configuring system
The function of his operation system.
The operating procedure of to master different business systems needs is not required to, other business can be directly opened by configuring system
Function, it is not necessary to could open some function menus according to the operating process of operation system.
Manage the common function of different business systems concentratedly, different role user need to only manage and using oneself to without industry
The function that business system is concerned about;For example system statistics person only needs to manage the statistics of different business systems.
System configuration is simple, quick, easy to operate, need to only grasp the collocation method of configuration system and can access and oneself think
The operation system function of seeing.This method is to rely on single-sign-on;Existing single-sign-on side can be used in specific single-sign-on
Method, and it is the method safety of the management configuration system of this method, simple, quick.
Embodiment 2
A kind of system configuration management method based on single-sign-on, it is characterised in that:
A. participate in each operation system of collocation method user authentication log-on message leave concentratedly in a database or
In file system, and only single logging-on server can access the database or file system, and all logins are all by single-point
Login service device is responsible for verification, realizes the unified management by single logging-on server;
B. each operation system for participating in collocation method configures unified single sign-on client-side, all single sign-on clients
The authentication information at end derives from the same single logging-on server, to realize that all login users log in any of which one
A operation system, which need not log on, accesses other operation systems;
C., one single configuration system is set, and the function connects configured in the configuration system are all in each operation system
Existing function;
Function in each operation system is all connected in configuration system, and each business system is retained in configuration system
Respective collocation method and data save method in system.Different user uses oneself common configuration side in each operation system
Method configures system.
D. the function menu for configuring system is the address of each operation system, or directly inputs menu identity and address.
The address of operation system refers to that user selects the address of operation system.
The entitled system of menu defines or user is according to personal use habitual definition.
The address of input refers to the address and parameter that user can directly input.
In the function in opening configuration system, its step is as follows:
When opening any function in configuration system in system A, according to the address of configuration system and parameter, user is first checked
Whether logged in using single-sign-on, such as had logged on, then configured the data that system reads corresponding function in system A,
And return to configuration system and be shown;If multiple users configuration system menu function at the same time access system A functions,
The data of system B functions, system C functions, then configure system and take corresponding data up in system A, system B, system C at the same time and return
Back to configuration system.
Single-sign-on is CAS single-sign-ons of increasing income, and realizes single-sign-on using Cookie.
The database is ldap database.
Role in Fig. 1 has operation system A, operation system B, operation system C, configuration system, single-sign-on services respectively
Device and ldap database;Wherein operation system A, operation system B, operation system C, configuration system are provided with unified single-sign-on
Client, its purpose are exactly when accessing each system, it is only necessary to log in once, can access any one system.And
Operation system A, operation system B, operation system C, configuration system are all without single login feature, only in single-sign-on services
Device has login feature, takes ldap database to be verified when verifying user information, logining successfully rear user's the proof of Register can preserve
In cookie, the system for being configured with single sign-on client-side first judges that user's the proof of Register whether there is in cookie, if
Accessed in the presence of system is then directly entered, otherwise into login page.And the function inside the direct access profile system of user
Realize and access each operation system A, operation system B, operation system C all functions, and realize operation, check operation system data
Purpose.Single-sign-on concrete methods of realizing can use existing method.The application lays particular emphasis on the implementation method of configuration system.
Configuration system is specially in the function menu method of configuration service system:Configuration system automatically extracts addressable each
Operation system function menu list, user select oneself common menu and preserve, and configuration system preserves one and operation system
The corresponding address of menu and menu mutually of the same name.
Concretely comprised the following steps in configuration system configuration operation system address and required parameter:In configuration, user oneself is defeated
Enter menu identity and one or more menu addresses, which can add required parameter as needed;When needing to match somebody with somebody multiple addresses,
The square size and location that each address is shown on the page can be adjusted.
Open configuration system menu extract an operation system method be specially:User is in the menu to configuring system
Configured in use, when the menu of one single address of opening, because the reason for single-sign-on, access all operation systems
It need not all log in, for the page of opening by the method for hide menu URL, it is the other systems opened to make user imperceptible.
The menu for opening configuration system extracts the methods of multiple operation systems and is specially:User is in the menu to configuring system
Configured in use, when opening has the menu of multiple addresses, by single-sign-on, each address challenges of extraction can be concentrated
In operation system data and position when being presented on configuration, and contrast the data for checking each operation system.
Present invention eliminates the time frequently switched between each operation system, it can be directly opened by configuring system
The function of his operation system.
The operating procedure of to master different business systems needs is not required to, other business can be directly opened by configuring system
Function, it is not necessary to could open some function menus according to the operating process of operation system.
Manage the common function of different business systems concentratedly, different role user need to only manage and using oneself to without industry
The function that business system is concerned about;For example system statistics person only needs to manage the statistics of different business systems.
System configuration is simple, quick, easy to operate, need to only grasp the collocation method of configuration system and can access and oneself think
The operation system function of seeing.This method is to rely on single-sign-on;Existing single-sign-on side can be used in specific single-sign-on
Method, and it is the method safety of the management configuration system of this method, simple, quick.
Claims (3)
- A kind of 1. system configuration management method based on single-sign-on, it is characterised in that:A. the user authentication log-on message for participating in each operation system of collocation method is left concentratedly in a database or file In system, and only single logging-on server can access the database or file system, and all logins are all by single-sign-on Server is responsible for verification, realizes the unified management by single logging-on server;B. each operation system for participating in collocation method configures unified single sign-on client-side, all single sign-on clients Authentication information derives from the same single logging-on server, to realize that all login users log in one industry of any of which Business system, which need not log on, accesses other operation systems;C., one single configuration system is set, and the function connects configured in the configuration system are all to exist in each operation system Function;Function in each operation system is all connected in configuration system, is retained in configuration system in each operation system each Collocation method and data save method;D. the function menu for configuring system is the address of each operation system, or directly inputs menu identity and address;The address of operation system refers to that user selects the address of operation system;The entitled system definition of menu or user make according to individual Use habitual definition;The address of input refers to the address and parameter that user directly inputs;In the function in opening configuration system, its step is as follows:When opening any function in configuration system in system A, according to the address of configuration system and parameter, first whether user is checked Logged in using single-sign-on, such as had logged on, then configured system and read the data of corresponding function in system A, and return It is shown back to configuration system;Multiple users access system A functions, system B work(at the same time on the menu function of configuration system Energy, the data of system C functions, then configure system and take corresponding data up in system A, system B, system C at the same time and return to and match somebody with somebody Put system;Configuration system is specially in the function menu method of configuration service system:Configuration system automatically extracts addressable each business Systemic-function menu list, user select oneself common menu and preserve, and configuration system preservation one is identical with operation system The corresponding address of menu and menu of name;Concretely comprised the following steps in configuration system configuration operation system address and required parameter:In configuration, user oneself inputs dish Single-character given name and one or more menu addresses, which can add required parameter as needed;, can be with when needing to match somebody with somebody multiple addresses Adjust the square size and location that each address is shown on the page;Open configuration system menu extract an operation system method be specially:User carries out in the menu to configuring system Configuration, because the reason for single-sign-on, accesses all operation systems not in use, when the menu of one single address of opening Need to log in, for the page of opening by the method for hide menu URL, it is the other systems opened to make user imperceptible;The menu for opening configuration system extracts the methods of multiple operation systems and is specially:User carries out in the menu to configuring system Configuration, by single-sign-on, can concentrate the business for extracting each address challenges in use, when opening has the menu of multiple addresses On system data and position when being presented on configuration, and contrast the data for checking each operation system.
- A kind of 2. system configuration management method based on single-sign-on according to claim 1, it is characterised in that:Single-point is stepped on Record as CAS single-sign-ons of increasing income, and single-sign-on is realized using Cookie;The database is ldap database.
- A kind of 3. system configuration management method based on single-sign-on according to claim 2, it is characterised in that:Role point There are not operation system A, operation system B, operation system C, configuration system, single logging-on server and ldap database;Business system System A, operation system B, operation system C, configuration system are provided with unified single sign-on client-side, its purpose is exactly to access respectively During a system, it is only necessary to log in once, any one system can be accessed;Operation system A, operation system B, operation system C, Configuration system all without single login feature, only has login feature in single logging-on server, is taken when verifying user information Ldap database is verified that logining successfully rear user's the proof of Register can be stored in cookie, be configured with single-sign-on client The system at end first judges that user's the proof of Register whether there is in cookie, and if so, be directly entered system access, otherwise into Enter login page;Function inside the direct access profile system of user can be achieved to access each operation system A, operation system B, Operation system C all functions, and realize operation, check the purpose of operation system data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510191745.5A CN104753960B (en) | 2015-04-22 | 2015-04-22 | A kind of system configuration management method based on single-sign-on |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510191745.5A CN104753960B (en) | 2015-04-22 | 2015-04-22 | A kind of system configuration management method based on single-sign-on |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104753960A CN104753960A (en) | 2015-07-01 |
| CN104753960B true CN104753960B (en) | 2018-04-27 |
Family
ID=53593064
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510191745.5A Active CN104753960B (en) | 2015-04-22 | 2015-04-22 | A kind of system configuration management method based on single-sign-on |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104753960B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105930330A (en) * | 2015-12-28 | 2016-09-07 | 中国银联股份有限公司 | Portal system page display method and apparatus |
| CN106548298A (en) * | 2016-11-27 | 2017-03-29 | 合肥汉腾信息技术有限公司 | Management information system is multiplexed, isolation is independent is cooperateed with fusion |
| CN107563206A (en) * | 2017-07-18 | 2018-01-09 | 北京奥鹏远程教育中心有限公司 | Unified rights method of servicing and system |
| CN109600342B (en) * | 2017-09-30 | 2021-12-24 | 广东亿迅科技有限公司 | Unified authentication method and device based on single-point technology |
| CN109543376B (en) * | 2018-11-30 | 2021-04-23 | 高新兴科技集团股份有限公司 | Login authentication method, computer storage medium and electronic device |
| CN110286823A (en) * | 2019-06-20 | 2019-09-27 | 西安西拓电气股份有限公司 | Information processing method and device |
| CN112330444A (en) * | 2020-12-31 | 2021-02-05 | 北京快成科技股份公司 | Platform multi-bank access calling method, system and device |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
-
2015
- 2015-04-22 CN CN201510191745.5A patent/CN104753960B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
Non-Patent Citations (2)
| Title |
|---|
| "单点登录和统一身份认证的研究与实现";张苗苗;《中国优秀硕士论文》;20130501;正文第27页至第30页,图4.1 * |
| 《基于门户单点登录系统的设计与实现》;王炳举等;《Magnificant Writing》;20121231;第2.2小节 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104753960A (en) | 2015-07-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104753960B (en) | A kind of system configuration management method based on single-sign-on | |
| CN103023918B (en) | The mthods, systems and devices logged in are provided for multiple network services are unified | |
| CN107332808B (en) | Cloud desktop authentication method, server and terminal | |
| US9021570B2 (en) | System, control method therefor, service providing apparatus, relay apparatus and computer-readable medium | |
| CN101369893B (en) | Method for local area network access authentication of casual user | |
| CN104735066B (en) | A kind of single-point logging method of object web page application, device and system | |
| CN103001974B (en) | Log-in control method based on Quick Response Code, system and device | |
| CN106330816B (en) | A kind of method and system logging in cloud desktop | |
| CN104320423A (en) | Single sign-on light weight implementation method based on Cookie | |
| CN104539615B (en) | Cascade connection authentication method based on CAS | |
| CN112468481B (en) | Single-page and multi-page web application identity integrated authentication method based on CAS | |
| CN104301316A (en) | Single sign-on system and implementation method thereof | |
| CN107172054A (en) | A kind of purview certification method based on CAS, apparatus and system | |
| US9332433B1 (en) | Distributing access and identification tokens in a mobile environment | |
| US20150149530A1 (en) | Redirecting Access Requests to an Authorized Server System for a Cloud Service | |
| CN106506433A (en) | Login authentication method, certificate server, Authentication Client and login client | |
| CN105049427B (en) | The management method and device of application system login account | |
| CN108092988B (en) | Non-perception authentication and authorization network system and method based on dynamic temporary password creation | |
| US9231940B2 (en) | Credential linking across multiple services | |
| CN102984169A (en) | Single sign-on method, equipment and system | |
| JP2007264835A (en) | Authentication method and system | |
| CN105516171B (en) | Portal keep-alive system and method, Verification System and method based on authentication service cluster | |
| US9787678B2 (en) | Multifactor authentication for mail server access | |
| CN106161364A (en) | A kind of personal authentication's credential management method and system based on mobile terminal | |
| CN107835155A (en) | A kind of double authentication protection methods and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |