CN104821940A - Method and equipment for sending portal redirected address - Google Patents
Method and equipment for sending portal redirected address Download PDFInfo
- Publication number
- CN104821940A CN104821940A CN201510182334.XA CN201510182334A CN104821940A CN 104821940 A CN104821940 A CN 104821940A CN 201510182334 A CN201510182334 A CN 201510182334A CN 104821940 A CN104821940 A CN 104821940A
- Authority
- CN
- China
- Prior art keywords
- terminal
- portal
- http request
- redirect address
- access device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
An embodiment of the invention provides a method and equipment for sending a portal redirected address, and is used for solving the problem existing in the prior art that a portal authentication method of sending a portal redirected address to a user terminal by an AC reduces the efficiency of portal authentication. The method includes: an access device intercepts and captures an HTTP request; and according to terminal authentication state information of a terminal corresponding to the HTTP request received from the AC, when determining that a portal redirected address is required to be sent to a terminal, the access device sends the portal redirected address to the terminal. By adoption of the method provided by the invention, the data processing amount of the AC is reduced, and network congestion is avoided, thereby improving the efficiency of portal authentication.
Description
Technical field
The present invention relates to wireless communication technology field, particularly a kind of method and apparatus sending portal Redirect Address.
Background technology
Portal (door) certification is usually also referred to as Web (network) certification, this authentication mode has following features: when user terminal is by Web browser accessed web page, if this user terminal is not through certification, this user terminal will receive forces portal certification page, thus make this user terminal enter portal identifying procedure, make user terminal only could accesses network resource after by certification.
The general flow of portal certification as shown in Figure 1, as can be known from Fig. 1, portal identifying procedure comprises the steps:
Step one, user terminal, by Web browser, initiate HTTP (Hyper Text TransportProtocol, Hypertext Transfer Protocol) request;
Step 2, AC (Access Controller, access controller) intercept and capture the HTTP request of user terminal, this user terminal of empirical tests is not through certification, AC just needs to force this user terminal to carry out certification to portal server, and now AC sends portal Redirect Address to this user terminal;
Step 3, user terminal, after receiving portal Redirect Address, initiate portal redirect request to portal server;
Step 4, portal server push portal certification page to the user terminal of initiating portal redirect request;
The information such as account number, password is submitted to portal server by portal certification page by step 5, user terminal;
Step 6, portal server are after receiving the information such as the account number of user terminal, password, user terminal information inquiry request is sent to radius (Remote Authentication Dial-In User Service, remote validation subscriber dialing access service) user end certification server;
In step 6, user terminal information inquiry request can be UserInfo Request;
The password of the user terminal in step 7, radius user end certification server authentication user terminal information inquiry request, when password is correct, inquiring user end message, and the set meal residual time length information (Available Time) connecting maximum duration (Session Timeout), cell phone user terminal or card user terminal to the single that portal server returns Query Result and system configuration;
Step 8, after user terminal information successful inquiring, portal server asks Challenge according to CHAP (ChallengeHandshake Authentication Protocol, inquiry Challenge-Handshake Authentication Protocol) flow process to AC;
In step 8, request Challenge can be REQ_CHALLENGE; If user terminal information is inquired about unsuccessfully, portal server returns information directly to user terminal, and flow process so far terminates;
Step 9, AC return Challenge (inquiry) to portal server, and the Challenge wherein returned comprises Challenge ID (inquiry mark) and Challenge;
In step 9, returning Challenge can be ACK_CHALLENGE;
The password of user terminal, Challenge ID and Challenge are MD5 (Message Digest Algorithm 5 by step 10, portal server, message digest algorithm the 5th edition) calculate after, the Challenge-Password generated, the Challenge-Password (inquiry password) generated and the account number of user terminal are submitted to AC together, initiates certification;
In step 10, comprising for the information initiating certification: the Challenge-Password of generation and the account number of user terminal, can be REQ_AUTH for initiating the information of certification;
Challenge ID, Challenge, Challenge-Password, Called-Station-ID (are by MAC (Medium Access Control by step 11, AC, medium education): SSID (Service Set Identifier, service set) mark for representing access website that forms) and the account number of user terminal be sent to radius user end certification server together, carry out certification by radius user end certification server;
In step 11, the authentication information that AC sends to radius user end certification server comprises: the account number of Challenge ID, Challenge, Challenge-Password, Called-Station-ID and user terminal, and authentication information can be ACCESS_REQUEST;
According to the above-mentioned user terminal information received, step 12, radius user end certification server judge that whether this user terminal is legal;
In step 12, the whether legal information of user terminal can be ACCESS_ACCEPT or ACCESS_REJECT; Radius user end certification server carries out static password certification and dynamic cipher verification respectively to the password of user terminal, if wherein arbitrary cipher authentication success, radius user end certification server is to the successful message of AC return authentication, and protocol parameter is carried in this message, and the related service attribute of user terminal, to be user terminal mandate; If twice cipher authentication is all failed, radius user end certification server is to AC return authentication failure message;
Authentication result is returned to portal server by step 13, AC;
In step 13, the information of return authentication result can be ACK_AUTH;
Step 14, portal server, according to authentication result, push the corresponding authentication result page to user terminal;
In step 14, if authentication result is authentication success, portal server judges the ownership place of the account of user terminal according to coding rule, according to the ownership place determined to propelling movement user terminal personal page, and the single of authentication result, system configuration connected maximum duration, set meal residual time length and insert in personal page from service option, the personal page inserting information is pushed to user terminal together with portal website, starts reverse countdown simultaneously and remind; If authentication result is unsuccessfully, push the page of prompting authentification failure reason to user terminal;
Step 15, portal server response AC receive the message of authentication result.
In step 15, responding the information receiving authentication result can be AFF_ACK_AUTH.
From foregoing, existing Portal identifying procedure, AC is after the HTTP request intercepting and capturing user terminal initiation, need the authentication state judging user terminal, if this user terminal is not through certification, need to send portal Redirect Address to this user terminal, force users terminal carries out certification to portal server.In above process, AC needs the HTTP request of constantly process user terminal, if the quantity initiating the user terminal of HTTP request is comparatively large, and the quantity of unverified user terminal is also larger simultaneously, AC needs to send portal Redirect Address to each unverified user terminal; In redirection process, AC needs to set up tcp with each user terminal and is connected, and adds the data processing amount of AC, consumes too much resource, and then cause network congestion, reduce the efficiency of portal certification.
In sum, current AC sends the portal authentication method of portal Redirect Address to user terminal, reduces the efficiency of portal certification.
Summary of the invention
The invention provides a kind of method and apparatus sending portal Redirect Address, to send the portal authentication method of portal Redirect Address in order to solve the AC that exists in prior art to user terminal, reduce the problem of the efficiency of portal certification.
The embodiment of the present invention provides a kind of method sending portal Redirect Address, comprising:
Access device intercepts and captures Hypertext Transfer Protocol HTTP request;
Portal Redirect Address, according to the terminal authentication state information of terminal corresponding to the described HTTP request received from access controller AC, when determining to need to send portal Redirect Address to described terminal, is sent to described terminal by described access device.
The terminal authentication state information fed back according to AC due to embodiment of the present invention access device is when determining to need to send portal Redirect Address to terminal, portal Redirect Address is sent to terminal, do not need to make AC to carry out portal re-orientation processes to unverified terminal, decrease the data processing amount of AC, avoid network congestion, and then improve the efficiency of portal certification.
Preferably, described access device determines described terminal authentication state information according to following method:
Described access device is after intercepting and capturing HTTP request, and send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal;
Described access device receives the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
Because embodiment of the present invention access device is to AC transmitting terminal authentication state Query Information, AC returns terminal authentication state information to access device, these two kinds of information do not need to set up TCP and connect, decrease the consumption of resource, decrease the probability of network congestion, and then improve the efficiency of portal certification.
Preferably, described access device judges whether to need to send portal Redirect Address to described terminal according to following manner:
If described terminal authentication state information is terminal certification, then described access device is determined not need to send portal Redirect Address to described terminal;
If described terminal authentication state information is that terminal is unverified, then described access device is determined to need to send portal Redirect Address to described terminal.
Preferably, described access device is according to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need, to after described terminal sends portal Redirect Address, before portal Redirect Address is sent to described terminal, also to comprise:
Described access device is determined to comprise specific fields in described HTTP request.
Because the embodiment of the present invention is being determined to need to after terminal sends portal Redirect Address, and when comprising specific fields in HTTP request, just portal Redirect Address is sent to terminal, access device is made only to need the HTTP request to comprising specific fields to carry out re-orientation processes, decrease the waste of access device to system resource, and then improve the efficiency of portal certification.
Preferably, the method also comprises:
If do not comprise specific fields in described HTTP request, then described access device abandons described HTTP request.
Because the embodiment of the present invention is being determined to need to after terminal sends portal Redirect Address, when not comprising specific fields in HTTP request, abandon this HTTP request, making access device only need the HTTP request to comprising specific fields to carry out re-orientation processes, improve the efficiency of portal certification.
Preferably, described access device determines portal Redirect Address according to following manner:
If there is multiple portal server, the service set SSID of multiple portal Redirect Address that described access device issues according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
The SSID of the multiple portal Redirect Address issued according to AC due to embodiment of the present invention access device and terminal corresponding to HTTP request determines the portal Redirect Address of the portal server that terminal is corresponding, to make terminal initiate portal redirect request according to the portal Redirect Address determined to the portal server of correspondence, carry out portal certification.
The embodiment of the present invention provides a kind of equipment sending door portal Redirect Address, comprising:
Interception module, for intercepting and capturing Hypertext Transfer Protocol HTTP request;
Sending module, for the terminal authentication state information according to terminal corresponding to the described HTTP request received from access controller AC, when determining to need to send portal Redirect Address to described terminal, sends to described terminal by portal Redirect Address.
Preferably, described sending module also for:
After intercepting and capturing HTTP request, send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal; Receive the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
Preferably, described sending module also for:
If described terminal authentication state information is terminal certification, then determine not need to send portal Redirect Address to described terminal; If described terminal authentication state information is that terminal is unverified, then determine to need to send portal Redirect Address to described terminal.
Preferably, described sending module also for:
According to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need to send portal Redirect Address to described terminal, and after determining to comprise specific fields in described HTTP request, portal Redirect Address is sent to described terminal.
Preferably, described sending module also for:
If do not comprise specific fields in described HTTP request, then abandon described HTTP request.
Preferably, described sending module also for:
If there is multiple portal server, the service set SSID of the multiple portal Redirect Address issued according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
The terminal authentication state information fed back according to AC due to embodiment of the present invention access device is when determining to need to send portal Redirect Address to terminal, portal Redirect Address is sent to terminal, do not need to make AC to carry out portal re-orientation processes to unverified terminal, decrease the data processing amount of AC, avoid network congestion, and then improve the efficiency of portal certification.
Accompanying drawing explanation
Fig. 1 is the general flow schematic diagram of the portal certification in background technology;
Fig. 2 is the method flow schematic diagram that the embodiment of the present invention one sends portal Redirect Address;
Fig. 3 is the method flow schematic diagram that the embodiment of the present invention two sends portal Redirect Address;
Fig. 4 is the embodiment of the present invention three portal identifying procedure schematic diagram;
Fig. 5 is the device structure schematic diagram that the embodiment of the present invention four sends portal Redirect Address.
Embodiment
Embodiment of the present invention access device intercepts and captures HTTP request; Portal Redirect Address, according to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, when determining to need to send portal Redirect Address to described terminal, is sent to described terminal by described access device.The terminal authentication state information fed back according to AC due to embodiment of the present invention access device is when determining to need to send portal Redirect Address to terminal, portal Redirect Address is sent to terminal, do not need to make AC to carry out portal re-orientation processes to unverified terminal, decrease the data processing amount of AC, avoid network congestion, and then improve the efficiency of portal certification.
Wherein, embodiment of the present invention access device includes but not limited to following equipment: AP (Access Point, access point), router etc.
If embodiment of the present invention access device is AP, then it is the method based on the transmission portal Redirect Address under thin AP structure;
If embodiment of the present invention access device is router, then it is the method based on the transmission portal Redirect Address under fat AP structure.
As shown in Figure 2, the method that the embodiment of the present invention one sends portal Redirect Address comprises:
Step 100, access device intercept and capture HTTP request;
Portal Redirect Address, according to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, when determining to need to send portal Redirect Address to described terminal, is sent to described terminal by step 101, described access device.
Embodiment of the present invention HTTP request can be the HTTP request that terminal is initiated by Web (webpage) browser, also can be the HTTP request (such as some antivirus software can initiate HTTP request by HTTP/HTTPS, to obtain automatic upgrade information to upgrade server) that terminal running background is initiated.
Embodiment of the present invention access device is according to the terminal authentication state information of terminal corresponding to the HTTP request received from AC, and when determining not need to send portal Redirect Address to terminal, this access device forwards this HTTP request.
Such as: AP receives the terminal authentication state information of terminal corresponding to this HTTP request 1 after intercepting and capturing the HTTP request of terminal 1 initiation from AC; Portal Redirect Address is sent to terminal 1 after determining to need to send portal Redirect Address to terminal 1 according to the terminal authentication state information received by AP.
Again such as: router receives the terminal authentication state information of terminal corresponding to this HTTP request 2 after intercepting and capturing the HTTP request of terminal 2 initiation from AC; This HTTP request forwards after determining not need to send portal Redirect Address to terminal 2 according to the terminal authentication state information received by router.
Embodiment of the present invention access device determines described terminal authentication state information according to following method:
Described access device is after intercepting and capturing HTTP request, and send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal;
Described access device receives the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
Embodiment of the present invention AC is after receiving the terminal authentication status poll information from access device, and the terminal that can store according to self and the corresponding relation of terminal authentication state, determine the terminal authentication state of the terminal that this terminal authentication status poll information is corresponding.
Such as: AP is after the HTTP request intercepting and capturing terminal 1 initiation, the terminal authentication status poll information of terminal corresponding to this HTTP request 1 is sent to AC, AC receives this terminal authentication status poll information, the terminal stored according to self and the corresponding relation of terminal authentication state, determine the terminal authentication state of the terminal 1 that this terminal authentication status poll information is corresponding, will the information feed back of terminal authentication state be comprised to AP.
Embodiment of the present invention access device judges whether to need to send portal Redirect Address to described terminal according to following manner:
If described terminal authentication state information is terminal certification, then described access device is determined not need to send portal Redirect Address to described terminal;
If described terminal authentication state information is that terminal is unverified, then described access device is determined to need to send portal Redirect Address to described terminal.
Whether the embodiment of the present invention can comprise specific fields according in HTTP request, does different process to HTTP request:
Mode one:
Preferably, described access device is according to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need, to after described terminal sends portal Redirect Address, before portal Redirect Address is sent to described terminal, also to comprise:
Described access device is determined to comprise specific fields in described HTTP request.
Embodiment of the present invention specific fields can be, but not limited to following field: GET (for the behavioral approach keyword of in http protocol) field etc.
Such as: AP is according to the terminal authentication state information of terminal 1 corresponding to the HTTP request received from AC, determining to need to after terminal 1 sends portal Redirect Address, and AP determines to comprise GET field in HTTP request, and portal Redirect Address is sent to terminal 1.
Mode two:
Preferably, the method also comprises:
If do not comprise specific fields in described HTTP request, then described access device abandons described HTTP request.
Embodiment of the present invention specific fields can be, but not limited to following field: GET field etc.
Such as: router is according to the terminal authentication state information of terminal 2 corresponding to the HTTP request received from AC, determining to need to after terminal 2 sends portal Redirect Address, do not comprise specific fields (such as: do not comprise GET field) in router determination HTTP request, router abandons this HTTP request.
Embodiment of the present invention access device determines portal Redirect Address according to following manner:
If there is multiple portal server, the SSID of multiple portal Redirect Address that described access device issues according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
Embodiment of the present invention access device can determine according to HTTP request the terminal initiating this HTTP request, according to the terminal determined at the MAC self inquiring about this terminal, determines the SSID of this terminal association according to the MAC inquired.
Such as: there are 3 portal servers, be respectively portal server 1, portal server 2 and portal server 3.AP, according to the SSID of terminal 1 corresponding to HTTP request, determines the portal Redirect Address of the portal server 1 of terminal 1 correspondence.
As shown in Figure 3, the method that the embodiment of the present invention two sends portal Redirect Address comprises:
Step 200, terminal initiate HTTP request.
Step 201, access device intercept and capture this HTTP request.
Step 202, access device are to AC transmitting terminal authentication state Query Information.
Step 203, AC, according to the corresponding relation of terminal and terminal authentication state, determine the terminal authentication state of the terminal that terminal authentication status poll information is corresponding, and the terminal authentication state information comprising terminal authentication state are sent to access device.
Step 204, access device determine whether to send portal Redirect Address to terminal according to terminal authentication state information, if so, then perform step 205; If not, then step 207 is performed.
In step 204, if terminal authentication state information is terminal certification, then access device is determined not need to send portal Redirect Address to terminal; If terminal authentication state information is that terminal is unverified, then access device is determined to need to send portal Redirect Address to described terminal.
Step 205, access device judge whether comprise specific fields in HTTP request, if then perform step 206; If not, then step 208 is performed.
In step 205, specific fields can be GET field.
The terminal that portal Redirect Address sends to HTTP request corresponding by step 206, access device, initiates portal redirect request to make terminal according to portal Redirect Address.
Step 207, access device forward HTTP request.
Step 208, access device abandon HTTP request.
As shown in Figure 4, the embodiment of the present invention three portal identifying procedure schematic diagram, known from Fig. 4, this portal identifying procedure comprises the following steps:
Step one, user terminal, by Web browser, initiate HTTP request;
Step 2, AP intercept and capture the HTTP request of user terminal, this user terminal of empirical tests is not through certification, and this HTTP request is not the HTTP request that user terminal backstage is initiated, AP just needs to force this user terminal to carry out certification to portal server, and now AP sends portal Redirect Address to this user terminal;
In step 2, AP is after the HTTP request intercepting and capturing user terminal, to AC transmitting terminal authentication state Query Information, AC is according to the corresponding relation of terminal and terminal authentication state, determine the terminal authentication state of the terminal that terminal authentication status poll information is corresponding, and the terminal authentication state information comprising terminal authentication state is sent to AP, verify that whether this user terminal is through certification to make AP according to this terminal authentication state information; Whether AP comprises specific fields according in HTTP request, determines that this HTTP request is the HTTP request that user terminal backstage is initiated; If comprise specific fields in HTTP request, determine that this HTTP request is not the HTTP request that user terminal backstage is initiated; If do not comprise specific fields in HTTP request, determine that this HTTP request is the HTTP request that user terminal backstage is initiated.
Step 3, user terminal, after receiving portal Redirect Address, initiate portal redirect request to portal server;
Step 4, portal server push portal certification page to the user terminal of initiating portal redirect request;
The information such as account number, password is submitted to portal server by portal certification page by step 5, user terminal;
Step 6, portal server, after receiving the information such as the account number of user terminal, password, send user terminal information inquiry request to radius user end certification server;
In step 6, user terminal information inquiry request can be UserInfo Request;
The password of the user terminal in step 7, radius user end certification server authentication user terminal information inquiry request, when password is correct, inquiring user end message, and the set meal residual time length information (Available Time) connecting maximum duration (Session Timeout), cell phone user terminal or card user terminal to the single that portal server returns Query Result and system configuration;
Step 8, after user terminal information successful inquiring, portal server asks Challenge according to CHAP flow process to AC;
In step 8, request Challenge can be REQ_CHALLENGE; If user terminal information is inquired about unsuccessfully, portal server returns information directly to user terminal, and flow process so far terminates;
Step 9, AC return Challenge to portal server, and the Challenge wherein returned comprises Challenge ID and Challenge;
In step 9, returning Challenge can be ACK_CHALLENGE;
After the password of user terminal, Challenge ID and Challenge are done MD5 calculating by step 10, portal server, the Challenge-Password generated, the Challenge-Password of generation is submitted to AC together with the account number of user terminal, initiates certification;
In step 10, comprising for the information initiating certification: the Challenge-Password of generation and the account number of user terminal, can be REQ_AUTH for initiating the information of certification;
Challenge ID, Challenge, Challenge-Password, Called-Station-ID are sent to radius user end certification server by step 11, AC together with the account number of user terminal, carry out certification by radius user end certification server;
In step 11, the authentication information that AC sends to radius user end certification server comprises: the account number of Challenge ID, Challenge, Challenge-Password, Called-Station-ID and user terminal, and authentication information can be ACCESS_REQUEST;
According to the above-mentioned user terminal information received, step 12, radius user end certification server judge that whether this user terminal is legal;
In step 12, the whether legal information of user terminal can be ACCESS_ACCEPT or ACCESS_REJECT; Radius user end certification server carries out static password certification and dynamic cipher verification respectively to the password of user terminal, if wherein arbitrary cipher authentication success, radius user end certification server is to the successful message of AC return authentication, and protocol parameter is carried in this message, and the related service attribute of user terminal, to be user terminal mandate; If twice cipher authentication is all failed, radius user end certification server is to AC return authentication failure message;
Authentication result is returned to portal server by step 13, AC;
In step 13, the information of return authentication result can be ACK_AUTH;
Step 14, portal server, according to authentication result, push the corresponding authentication result page to user terminal;
In step 14, if authentication result is authentication success, portal server judges the ownership place of the account of user terminal according to coding rule, according to the ownership place determined to propelling movement user terminal personal page, and the single of authentication result, system configuration connected maximum duration, set meal residual time length and insert in personal page from service option, the personal page inserting information is pushed to user terminal together with portal website, starts reverse countdown simultaneously and remind; If authentication result is unsuccessfully, push the page of prompting authentification failure reason to user terminal;
Step 15, portal server response AC receive the message of authentication result.
In step 15, responding the information receiving authentication result can be AFF_ACK_AUTH.
Based on same inventive concept, a kind of equipment sending portal Redirect Address is additionally provided in the embodiment of the present invention, because the method that the equipment of the transmission portal Redirect Address of Fig. 5 is corresponding is a kind of method sending portal Redirect Address of the embodiment of the present invention, therefore the enforcement of embodiment of the present invention equipment see the enforcement of system, can repeat part and repeats no more.
As shown in Figure 5, the equipment that the embodiment of the present invention four sends portal Redirect Address comprises:
Interception module 400, for intercepting and capturing HTTP request;
Sending module 401, for the terminal authentication state information according to terminal corresponding to the described HTTP request received from AC, when determining to need to send portal Redirect Address to described terminal, sends to described terminal by portal Redirect Address.
Preferably, described sending module 401 also for:
After intercepting and capturing HTTP request, send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal; Receive the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
Preferably, described sending module 401 also for:
If described terminal authentication state information is terminal certification, then determine not need to send portal Redirect Address to described terminal; If described terminal authentication state information is that terminal is unverified, then determine to need to send portal Redirect Address to described terminal.
Preferably, described sending module 401 also for:
According to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need to send portal Redirect Address to described terminal, and after determining to comprise specific fields in described HTTP request, portal Redirect Address is sent to described terminal.
Preferably, described sending module 401 also for:
If do not comprise specific fields in described HTTP request, then abandon described HTTP request.
Preferably, described sending module 401 also for:
If there is multiple portal server, the SSID of the multiple portal Redirect Address issued according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
In sum, the terminal authentication state information fed back according to AC due to embodiment of the present invention access device is when determining to need to send portal Redirect Address to terminal, portal Redirect Address is sent to terminal, do not need to make AC to carry out portal re-orientation processes to unverified terminal, decrease the data processing amount of AC, avoid network congestion, and then improve the efficiency of portal certification.
Those skilled in the art should understand, embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect.And the present invention can adopt in one or more form wherein including the upper computer program implemented of computer-usable storage medium (including but not limited to magnetic disc store, CD-ROM, optical memory etc.) of computer usable program code.
The present invention describes with reference to according to the flow chart of the method for the embodiment of the present invention, equipment (system) and computer program and/or block diagram.Should understand can by the combination of the flow process in each flow process in computer program instructions realization flow figure and/or block diagram and/or square frame and flow chart and/or block diagram and/or square frame.These computer program instructions can being provided to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, making the instruction performed by the processor of computer or other programmable data processing device produce device for realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be stored in can in the computer-readable memory that works in a specific way of vectoring computer or other programmable data processing device, the instruction making to be stored in this computer-readable memory produces the manufacture comprising command device, and this command device realizes the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, make on computer or other programmable devices, to perform sequence of operations step to produce computer implemented process, thus the instruction performed on computer or other programmable devices is provided for the step realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
Although describe the preferred embodiments of the present invention, those skilled in the art once obtain the basic creative concept of cicada, then can make other change and amendment to these embodiments.So claims are intended to be interpreted as comprising preferred embodiment and falling into all changes and the amendment of the scope of the invention.
Obviously, those skilled in the art can carry out various change and modification to the present invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.
Claims (12)
1. send a method for door portal Redirect Address, it is characterized in that, the method comprises:
Access device intercepts and captures Hypertext Transfer Protocol HTTP request;
Portal Redirect Address, according to the terminal authentication state information of terminal corresponding to the described HTTP request received from access controller AC, when determining to need to send portal Redirect Address to described terminal, is sent to described terminal by described access device.
2. the method for claim 1, is characterized in that, described access device determines described terminal authentication state information according to following method:
Described access device is after intercepting and capturing HTTP request, and send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal;
Described access device receives the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
3. the method for claim 1, is characterized in that, described access device judges whether to need to send portal Redirect Address to described terminal according to following manner:
If described terminal authentication state information is terminal certification, then described access device is determined not need to send portal Redirect Address to described terminal;
If described terminal authentication state information is that terminal is unverified, then described access device is determined to need to send portal Redirect Address to described terminal.
4. the method as described in as arbitrary in claims 1 to 3, it is characterized in that, described access device is according to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need to after described terminal sends portal Redirect Address, before portal Redirect Address is sent to described terminal, also comprise:
Described access device is determined to comprise specific fields in described HTTP request.
5. method as claimed in claim 4, it is characterized in that, the method also comprises:
If do not comprise specific fields in described HTTP request, then described access device abandons described HTTP request.
6. the method as described in as arbitrary in claims 1 to 3, it is characterized in that, described access device determines portal Redirect Address according to following manner:
If there is multiple portal server, the service set SSID of multiple portal Redirect Address that described access device issues according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
7. send an equipment for door portal Redirect Address, it is characterized in that, this equipment comprises:
Interception module, for intercepting and capturing Hypertext Transfer Protocol HTTP request;
Sending module, for the terminal authentication state information according to terminal corresponding to the described HTTP request received from access controller AC, when determining to need to send portal Redirect Address to described terminal, sends to described terminal by portal Redirect Address.
8. equipment as claimed in claim 7, is characterized in that, described sending module also for:
After intercepting and capturing HTTP request, send the terminal authentication status poll information of terminal corresponding to described HTTP request to AC, wherein said terminal authentication status poll information is the information of the terminal authentication state for inquiring about described terminal; Receive the terminal authentication state information from described terminal corresponding to the described terminal authentication status poll information of AC.
9. equipment as claimed in claim 7, is characterized in that, described sending module also for:
If described terminal authentication state information is terminal certification, then determine not need to send portal Redirect Address to described terminal; If described terminal authentication state information is that terminal is unverified, then determine to need to send portal Redirect Address to described terminal.
10. the equipment as described in as arbitrary in claim 7 ~ 9, is characterized in that, described sending module also for:
According to the terminal authentication state information of terminal corresponding to the described HTTP request received from AC, determining to need to send portal Redirect Address to described terminal, and after determining to comprise specific fields in described HTTP request, portal Redirect Address is sent to described terminal.
11. equipment as claimed in claim 10, is characterized in that, described sending module also for:
If do not comprise specific fields in described HTTP request, then abandon described HTTP request.
12. as arbitrary in claim 7 ~ 9 as described in equipment, it is characterized in that, described sending module also for:
If there is multiple portal server, the service set SSID of the multiple portal Redirect Address issued according to described AC and terminal corresponding to described HTTP request, determines the portal Redirect Address of the portal server that described terminal is corresponding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510182334.XA CN104821940A (en) | 2015-04-16 | 2015-04-16 | Method and equipment for sending portal redirected address |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510182334.XA CN104821940A (en) | 2015-04-16 | 2015-04-16 | Method and equipment for sending portal redirected address |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104821940A true CN104821940A (en) | 2015-08-05 |
Family
ID=53732103
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510182334.XA Pending CN104821940A (en) | 2015-04-16 | 2015-04-16 | Method and equipment for sending portal redirected address |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104821940A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105072129A (en) * | 2015-08-27 | 2015-11-18 | 北京星网锐捷网络技术有限公司 | Authentication method and system |
| CN105450643A (en) * | 2015-11-17 | 2016-03-30 | 深圳市深信服电子科技有限公司 | Network access authentication method, apparatus and system |
| CN105554039A (en) * | 2016-02-25 | 2016-05-04 | 上海斐讯数据通信技术有限公司 | Portal certification method and certification system for wireless network |
| CN105764056A (en) * | 2016-04-13 | 2016-07-13 | 北京国创富盛通信股份有限公司 | web certification system and method for public wifi access |
| CN105979521A (en) * | 2016-06-23 | 2016-09-28 | 福建富士通信息软件有限公司 | Method for no-perception authentication free Internet access of fat WiFi AP and thin WiFi AP |
| CN106603491A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Portal authentication method based on https protocol, and router |
| WO2017177691A1 (en) * | 2016-04-11 | 2017-10-19 | 上海斐讯数据通信技术有限公司 | Portal authentication method and system |
| CN107360180A (en) * | 2017-08-01 | 2017-11-17 | 上海斐讯数据通信技术有限公司 | A kind of portal authentication method and system based on radio reception device monitoring |
| CN107517189A (en) * | 2016-06-17 | 2017-12-26 | 中兴通讯股份有限公司 | Method, the equipment that a kind of WLAN user access authentication and configuration information issue |
| CN111526152A (en) * | 2016-08-12 | 2020-08-11 | 阿里巴巴集团控股有限公司 | Authentication method, authentication equipment and authentication client |
| CN113949562A (en) * | 2021-10-15 | 2022-01-18 | 迈普通信技术股份有限公司 | Portal authentication method, device and system, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101873329A (en) * | 2010-06-29 | 2010-10-27 | 迈普通信技术股份有限公司 | Portal compulsory authentication method and access equipment |
| US20130268666A1 (en) * | 2012-04-04 | 2013-10-10 | David Wilson | Captive portal redirection using display layout information |
| CN104104516A (en) * | 2014-07-30 | 2014-10-15 | 杭州华三通信技术有限公司 | Portal authentication method and device |
| CN104144491A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Method and system used for positioning WiFi terminal in real time |
| CN104283848A (en) * | 2013-07-03 | 2015-01-14 | 杭州华三通信技术有限公司 | Terminal access method and device |
-
2015
- 2015-04-16 CN CN201510182334.XA patent/CN104821940A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101873329A (en) * | 2010-06-29 | 2010-10-27 | 迈普通信技术股份有限公司 | Portal compulsory authentication method and access equipment |
| US20130268666A1 (en) * | 2012-04-04 | 2013-10-10 | David Wilson | Captive portal redirection using display layout information |
| CN104144491A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Method and system used for positioning WiFi terminal in real time |
| CN104283848A (en) * | 2013-07-03 | 2015-01-14 | 杭州华三通信技术有限公司 | Terminal access method and device |
| CN104104516A (en) * | 2014-07-30 | 2014-10-15 | 杭州华三通信技术有限公司 | Portal authentication method and device |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105072129A (en) * | 2015-08-27 | 2015-11-18 | 北京星网锐捷网络技术有限公司 | Authentication method and system |
| CN105072129B (en) * | 2015-08-27 | 2018-08-03 | 北京星网锐捷网络技术有限公司 | authentication method and system |
| CN105450643B (en) * | 2015-11-17 | 2019-07-02 | 深信服科技股份有限公司 | The authentication method of network insertion, apparatus and system |
| CN105450643A (en) * | 2015-11-17 | 2016-03-30 | 深圳市深信服电子科技有限公司 | Network access authentication method, apparatus and system |
| CN105554039A (en) * | 2016-02-25 | 2016-05-04 | 上海斐讯数据通信技术有限公司 | Portal certification method and certification system for wireless network |
| CN105554039B (en) * | 2016-02-25 | 2018-10-12 | 上海斐讯数据通信技术有限公司 | A kind of portal authentication method and Verification System of wireless network |
| WO2017177691A1 (en) * | 2016-04-11 | 2017-10-19 | 上海斐讯数据通信技术有限公司 | Portal authentication method and system |
| CN105764056A (en) * | 2016-04-13 | 2016-07-13 | 北京国创富盛通信股份有限公司 | web certification system and method for public wifi access |
| CN105764056B (en) * | 2016-04-13 | 2020-04-24 | 趣增信息科技(上海)有限公司 | Web authentication system and method for public wifi access |
| CN107517189B (en) * | 2016-06-17 | 2022-03-29 | 中兴通讯股份有限公司 | Method and equipment for WLAN user access authentication and configuration information issuing |
| CN107517189A (en) * | 2016-06-17 | 2017-12-26 | 中兴通讯股份有限公司 | Method, the equipment that a kind of WLAN user access authentication and configuration information issue |
| CN105979521A (en) * | 2016-06-23 | 2016-09-28 | 福建富士通信息软件有限公司 | Method for no-perception authentication free Internet access of fat WiFi AP and thin WiFi AP |
| CN105979521B (en) * | 2016-06-23 | 2019-07-16 | 福建富士通信息软件有限公司 | The method of fat or thin WiFi AP unaware certification free Internet access |
| CN111526152A (en) * | 2016-08-12 | 2020-08-11 | 阿里巴巴集团控股有限公司 | Authentication method, authentication equipment and authentication client |
| CN106603491B (en) * | 2016-11-10 | 2020-09-25 | 深圳维盟科技股份有限公司 | Portal authentication method based on https protocol and router |
| CN106603491A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Portal authentication method based on https protocol, and router |
| CN107360180A (en) * | 2017-08-01 | 2017-11-17 | 上海斐讯数据通信技术有限公司 | A kind of portal authentication method and system based on radio reception device monitoring |
| CN113949562A (en) * | 2021-10-15 | 2022-01-18 | 迈普通信技术股份有限公司 | Portal authentication method, device and system, electronic equipment and storage medium |
| CN113949562B (en) * | 2021-10-15 | 2023-11-17 | 迈普通信技术股份有限公司 | Portal authentication method, device, system, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104821940A (en) | Method and equipment for sending portal redirected address | |
| CN104092811A (en) | Mobile terminal information download method, system, terminal device and server | |
| CN104901925A (en) | End-user identity authentication method, device and system and terminal device | |
| CN107086979B (en) | User terminal verification login method and device | |
| CN107241336B (en) | Identity verification method and device | |
| EP2779477A1 (en) | Method, device and system for establishing conversation relation | |
| CN110266642A (en) | Identity identifying method and server, electronic equipment | |
| CN105450582A (en) | Business processing method, terminal, server and system | |
| CN110505188B (en) | Terminal authentication method, related equipment and authentication system | |
| CN111194035B (en) | Network connection method, device and storage medium | |
| CN204376941U (en) | Outer net middleware, inner net middleware and middleware system | |
| CN103905399A (en) | Account registration management method and apparatus | |
| CN102143177A (en) | Portal authentication method, Portal authentication device,Portal authentication equipment and Portal authentication system | |
| CN104837134B (en) | A kind of web authentication user login method, equipment and system | |
| CN111491351B (en) | Method and system for sensing online of WiFi terminal based on authentication information | |
| CN105681258A (en) | Session method and session device based on third-party server | |
| CN111241523B (en) | Authentication processing method, device, equipment and storage medium | |
| CN105812413B (en) | Communication method and device | |
| CN111831513A (en) | Log query method and device, electronic equipment and storage medium | |
| CN114338130B (en) | Information processing method, device, server and storage medium | |
| CN113691520B (en) | Method and device for acquiring streaming media information, storage medium and electronic device | |
| CN104936177A (en) | Access authentication method and access authentication system | |
| CN105812380A (en) | Verification method and device | |
| CN110446197B (en) | Communication control method, device, equipment and storage medium of intelligent equipment | |
| CN105635060B (en) | It is a kind of to obtain method, authentication server and the gateway for applying data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20180222 Address after: 510663 Shenzhou Road, Guangzhou Science City, Guangzhou, Guangzhou economic and Technological Development Zone, Guangdong Province, No. 10 Applicant after: Comba Telecom System (China) Co., Ltd. Applicant after: Comba Telecom Systems (Guangzhou) Co., Ltd. Applicant after: Jingxin Communication Technology (Guangzhou) Co., Ltd. Applicant after: TIANJIN COMBA TELECOM SYSTEMS CO., LTD. Address before: 510663 Guangdong city of Guangzhou Province Economic and Technological Development Zone Jinbi Road No. 6 Applicant before: Jingxin Communication Technology (Guangzhou) Co., Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150805 |
|
| RJ01 | Rejection of invention patent application after publication |