CN105049444A - Method and client for controlling browser user login - Google Patents
Method and client for controlling browser user login Download PDFInfo
- Publication number
- CN105049444A CN105049444A CN201510494864.8A CN201510494864A CN105049444A CN 105049444 A CN105049444 A CN 105049444A CN 201510494864 A CN201510494864 A CN 201510494864A CN 105049444 A CN105049444 A CN 105049444A
- Authority
- CN
- China
- Prior art keywords
- browser
- synchronization server
- another
- notice
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
Abstract
The invention discloses a method and client for controlling browser user login. The method comprises the following steps: establishing connection with a synchronization server through the adoption of a browser user account, and logging in the synchronization server; receiving a notification that another browser uses the same browse user account to perform the user login sent by the synchronization server; detecting that the login operation in the another browser does not meet a preset security setting according to the notification; indicating the synchronization server to break the connection with the another browser. Through the adoption of the method disclosed by the invention, the problem that the browser user account is not protected by effective measures when the browser user account is illegally used is solved.
Description
Technical field
The present invention relates to computer network field, be specifically related to a kind ofly browser client be logged in the method and client that control.
Background technology
Browser refers to can HTML (HTML, the HyperTextMarkupLanguage) file content of display web page server or file system, and allows a kind of device of user and these file interactions.Web browser is mainly through HTTP (HTTP, HyperTextTransportProtocol) agreement and web page server are alternately and obtain webpage, these webpages are by URL (URL(uniform resource locator), UniformResourceLocator) specify, file format is generally HTML, and indicated in http protocol by MIME (multipurpose internet mail extensions, MultipurposeInternetMailExtensions).Multiple document can be comprised in a webpage, and each document can be obtained from server.
In prior art, browser can realize browser client account and log in.Owing to may occur that same browser client account logs in the situation of browser in different terminals, such as, after browser client account is stolen, disabled user uses the browser client account stolen to log in, at this moment, when legal user is carrying out browser use, will find that the browser client account of oneself is illegally used.In prior art, after above-mentioned situation occurs, effective measures are not had to protect browser client account.
Summary of the invention
In view of the above problems, propose the present invention in case provide a kind of overcome the problems referred to above or solve the problem at least in part the method and client that control are logged in browser client.
According to one aspect of the present invention, provide and a kind ofly browser client logged in the method controlled, comprising:
Use browser client account and synchronization server to connect, log in this synchronization server;
Another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Detect that in another described browser, register does not meet preset security setting according to described notice;
Described synchronization server is indicated to disconnect the connection with another browser described.
Alternatively, described use browser client account and synchronization server connect, and log in this synchronous service implement body and comprise:
Send to distribution server connecting request, described in connect and ask to comprise the information of described browser client account;
Be received as the server identification SID of synchronization server for logging in that described browser client account is distributed;
Connect according to the SID received and described synchronization server and log in.
Alternatively, described notice comprises the relevant information using same browser user account to carry out another browser of user's login;
Described relevant information at least comprises one of following message: IP address, machine identification and login time.
Alternatively, described preset security arranges and comprises: the secure IP addresses arranged in default white list and/or secure machine mark;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that IP address and/or the machine identification of another browser in described notice are not present in described default white list.
Alternatively, described preset security arranges and comprises: preset security interval duration;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that the IP address of another browser in described notice is different from local ip address, and user's login time of another browser in described notice and the time difference of local user's login time are less than described preset security interval duration.
Alternatively, at least one in operating as follows is also comprised after the disconnection of described instruction described synchronization server and the connection of another browser described:
The cookie arranged in another browser described under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account described in another browser described and information deletion;
Instruction synchronization server is forbidden using described browser client account in the terminal at another browser described.
Alternatively, receive described in after another browser that synchronization server sends uses same browser user account to carry out the notice of user's login and also comprise:
Described notice is presented in browser this locality by bullet window and/or plug-in unit.
Alternatively, describedly present described notice by plug-in unit and specifically comprise:
In the login management plug-in unit of browser, correspond to described browser client account show described notice.
Alternatively, described method also comprises:
When logging in abnormal, by replying authorization information to synchronization server, make synchronization server forbid the use of described browser client account, and after the described authorization information of confirmation is correct, complete described login.
Alternatively, described method also comprises:
When logging in abnormal, by replying authorization information to synchronization server, make synchronization server after the described authorization information of confirmation is correct, complete described login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of described browser client account to be connected with synchronization server.
According to a further aspect in the invention, provide and a kind ofly browser client logged in the client controlled, comprising:
Connection establishment module, is suitable for using browser client account and synchronization server to connect, logs in this synchronization server;
Notice receiver module, another browser being suitable for receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Malice logs in detection module, is suitable for detecting that in another described browser, register does not meet preset security setting according to described notice;
Malice login process module, is suitable for indicating described synchronization server to disconnect the connection with another browser described.
Alternatively, described connection establishment module, is specifically suitable for sending to distribution server connecting request, described in connect and ask to comprise the information of described browser client account; Be received as the server identification SID of synchronization server for logging in that described browser client account is distributed; Connect according to the SID received and described synchronization server and log in.
Alternatively, described notice comprises the relevant information using same browser user account to carry out another browser of user's login;
Described relevant information at least comprises one of following message: IP address, machine identification and login time.
Alternatively, described preset security arranges and comprises: the secure IP addresses arranged in default white list and/or secure machine mark;
Described malice logs in detection module, is specifically suitable for detecting that the IP address of another browser in described notice and/or machine identification are not present in described default white list.
Alternatively, described preset security arranges and comprises: preset security interval duration;
Described malice logs in detection module, specifically be suitable for detecting that the IP address of another browser in described notice is different from local ip address, and user's login time of another browser in described notice and the time difference of local user's login time are less than described preset security interval duration.
Alternatively, described malice login process module be also suitable for proceeding as follows at least one:
The cookie arranged in another browser described under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account described in another browser described and information deletion;
Instruction synchronization server is forbidden using described browser client account in the terminal at another browser described.
Alternatively, described notice receiver module, is also suitable for presenting described notice by bullet window and/or plug-in unit in browser this locality.
Alternatively, described notice receiver module, is specifically suitable in the login management plug-in unit of browser, correspond to described browser client account and shows described notice.
Alternatively, described client also comprises:
Abnormal restoring module, is suitable for, when logging in abnormal, by replying authorization information to synchronization server, making synchronization server forbid the use of described browser client account, and after the described authorization information of confirmation is correct, completes described login.
Alternatively, described client also comprises:
Abnormal restoring module; be suitable for when logging in abnormal; by replying authorization information to synchronization server; make synchronization server after the described authorization information of confirmation is correct; complete described login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of described browser client account to be connected with synchronization server.
According to technical scheme of the present invention: use browser client account and synchronization server to connect, log in this synchronization server; Another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login; Detect that in another browser, register does not meet preset security setting according to this notice; Instruction synchronization server disconnects the connection with another browser.Can the illegal use of Timeliness coverage browser client account; and pass through the connection of the browser disconnecting synchronization server and this illegal use browser client account; browser client account is avoided to be illegally used; solve thus when browser client account is illegally used, do not have effective measures can protect the problem of browser client account.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to technological means of the present invention can be better understood, and can be implemented according to the content of specification, and can become apparent, below especially exemplified by the specific embodiment of the present invention to allow above and other objects of the present invention, feature and advantage.
Accompanying drawing explanation
By reading hereafter detailed description of the preferred embodiment, various other advantage and benefit will become cheer and bright for those of ordinary skill in the art.Accompanying drawing only for illustrating the object of preferred implementation, and does not think limitation of the present invention.And in whole accompanying drawing, represent identical parts by identical reference symbol.In the accompanying drawings:
Fig. 1 shows the structure chart according to an embodiment of the invention browser client being logged in the client controlled;
Fig. 2 shows the schematic diagram that synchronization server and client according to an embodiment of the invention connect;
Fig. 3 shows the structure chart in accordance with another embodiment of the present invention browser client being logged in the client controlled;
Fig. 4 shows the operation chart according to an embodiment of the invention browser client being logged in the system controlled;
Fig. 5 shows the flow chart according to an embodiment of the invention browser client being logged in the method controlled;
The flow chart of operation that Fig. 6 shows according to an embodiment of the invention and connects between synchronization server; And
Fig. 7 shows the flow chart in accordance with another embodiment of the present invention browser client being logged in the method controlled.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
See Fig. 1, show the structure chart according to an embodiment of the invention browser client being logged in the client 100 controlled.This client 100 comprises: connection establishment module 110, notice receiver module 120, malice log in detection module 130 and malice login process module 140.
Connection establishment module 110, is suitable for using browser client account and synchronization server 200 to connect, logs in this synchronization server 200.
Further, connection establishment module 110 is specifically suitable for sending to distribution server 300 request of connecting, and this request of connecting comprises the information of browser client account; Be received as the server identification SID of synchronization server 200 for logging in that this browser client account is distributed; Connect according to the SID received and synchronization server 200 and log in.
See Fig. 2, show the schematic diagram that synchronization server 200 and client 100 according to an embodiment of the invention connect.Connection establishment module 110 utilizes the IP address in ICP/IP protocol and port to send to distribution server 300 request of connecting, this request of connecting comprises: the information of browser client account, such as, the user ID QID produced according to browser client account and password.Distribution server 300 is that client 100 distributes synchronization server 200 according to the information of browser client account, and the SID of this synchronization server 200 is returned to connection establishment module 110.Connection establishment module 110 recycles IP address in ICP/IP protocol and port, connects according to the SID received and this synchronization server 200 and logs in.The record of the login corresponding to browser client account is preserved in synchronization server 200, such as, corresponding to a browser client account, the IP address that record uses this browser client account to carry out logging in and login time.The implementation that synchronization server 200 shown in Fig. 2 and client 100 connect is only exemplary illustration; the implementation that in the present invention, synchronization server 200 and client 100 connect is not limited thereto, and any mode that can realize connection establishment between synchronization server 200 and client 100 is all within protection scope of the present invention.
Notice receiver module 120, another browser being suitable for receiving synchronization server 200 transmission uses same browser user account to carry out the notice of user's login.
For example, notice comprises the relevant information using same browser user account to carry out another browser of user's login.Relevant information at least comprises one of following message: IP address, machine identification MID and login time.Wherein, MID is the device id of browser place terminal.
Further, notify that receiver module 120 presents the notice of reception by bullet window and/or plug-in unit in browser this locality.For example, receiver module 120 is notified in the login management plug-in unit of browser corresponding to the notice that the browser client account display carrying out logging in receives.Login management plug-in unit is the feature card that can load in browser, wherein presents the browser client account that each logs in, and manages the browser client account logged in.In this citing, in the management information of this browser client account presented at login management plug-in unit, present the notice of reception, in login management plug-in unit, namely present the relevant information using this browser client account to carry out another browser of user's login.
Thus, user can Timeliness coverage browser client account be illegally used, and obtains the relevant information of another browser using this browser client account, such as, and IP address, MID and login time etc.And then effective monitoring browser client account being logged in situation can be realized.
Malice logs in detection module 130, is suitable for detecting that in another browser, register does not meet preset security setting according to notice.
It is for example, a kind of that to detect that register in another browser does not meet the mode that preset security arranges as described below.Preset security arranges and comprises: the secure IP addresses arranged in default white list and/or safe MID.Malice logs in detection module 130 and detects that the IP address of another browser in notice and/or MID are not present in default white list.Such as, secure IP addresses can be set to the IP address used of terminal in company and shelter; Safe MID can be set to the MID of terminal in company and shelter, and the MID of personal portable terminals, as the MID etc. of PAD and cell phone.Thus; when browser client account does not use in the safe range of above-mentioned setting; just judge that the register using this browser client account to carry out in another browser does not meet preset security and arranges, and then start to carry out safeguard protection operation by malice login process module 140.
For example, to detect that register in another browser does not meet the mode that preset security arranges as described below for another kind.Preset security arranges and comprises: preset security interval duration.Malice log in detection module 130 detect that the IP address of another browser in notice is different from local ip address, and notify in user's login time of another browser and the time difference of local user's login time be less than preset security interval duration.Because in the condition of normal use, browser client account can not log in the client 100 of two different IP addresses usually within a short period of time respectively, so can detect that in another browser, register does not meet preset security setting accordingly.
Above-mentioned two kinds of implementations are only the exemplary illustration detecting that register in another browser does not meet preset security and arranges, and detect register in another browser and do not meet the mode that preset security arranges and be not limited thereto in the present invention.
Log in detection module 130 by malice and automatically can judge that in another browser, whether register is legal, and then when judging register non-legally in another browser, realize the safeguard protection to browser client account by malice login process module 140.
Malice login process module 140, is suitable for indicating synchronization server 200 to disconnect the connection with this another browser.
Further, described malice login process module 140 be also suitable for proceeding as follows at least one.
The cookie arranged in another browser under domain name deletes by instruction synchronization server 200.
Instruction synchronization server 200 is by the record of browser client account in another browser and information deletion.
Instruction synchronization server 200 is forbidden using this browser client account in the terminal at another browser.
Adopt technical scheme in the present embodiment; can the illegal use of Timeliness coverage browser client account; and pass through the connection of the browser disconnecting synchronization server and this illegal use browser client account; browser client account is avoided to be illegally used; solve thus when browser client account is illegally used, do not have effective measures can protect the problem of browser client account.
On the other hand, when disabled user first uses browser client account to log in, when validated user uses browser client account to log in, there will be disabled user indicates synchronization server 200 to disconnect the connection with the validated user of rear login, or causes validated user cannot realize the generation of login abnormal conditions such as logging in because disabled user revises user cipher.For solving disabled user's preemption browser client account, the problem causing validated user normally to log in, the invention provides another embodiment.See Fig. 3, show the structure chart in accordance with another embodiment of the present invention browser client being logged in the client controlled.Described client 100 comprises: connection establishment module 110, notice receiver module 120, malice log in detection module 130, malice login process module 140 and abnormal restoring module 150.
Wherein, connection establishment module 110 is suitable for using browser client account and synchronization server 200 to connect, and logs in this synchronization server 200.Another browser that notice receiver module 120 is suitable for receiving synchronization server 200 transmission uses same browser user account to carry out the notice of user's login.Malice logs in detection module 130 and is suitable for detecting that in another browser, register does not meet preset security setting according to notice.Malice login process module 140 is suitable for indicating synchronization server 200 to disconnect the connection with this another browser.Described connection establishment module 110, notice receiver module 120, malice log in the explanation of concrete operations see the concrete operations to each functional module in Fig. 1 of detection module 130 and malice login process module 140.
In the present embodiment, abnormal restoring module 150, is suitable for, when logging in abnormal, by replying authorization information to synchronization server 200, making synchronization server 200 forbid the use of this browser client account, and after confirmation authorization information is correct, completes this login.
For example, in the present embodiment, when occurring to log in abnormal, synchronization server 200 sends problem to abnormal restoring module 150, as " whom you favorite author is? " abnormal restoring module 150 replys the answer of this problem.With the answer of this problem for authorization information.Synchronization server 200 is after receiving authorization information, forbid that browser client account uses in each browser, and by this authorization information and the information comparison that pre-sets, if identical, then complete the login providing the client 100 of authorization information to use this browser client account to carry out.
Above-mentioned explanation is only a kind of implementation of abnormal restoring module 150 in the present embodiment.In the another kind of implementation of the present embodiment; abnormal restoring module 150 is suitable for by replying authorization information to synchronization server 200; make synchronization server 200 after confirmation authorization information is correct; complete login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of this browser client account to be connected with synchronization server 200.
For example, in the present embodiment, when occurring to log in abnormal, synchronization server 200 sends problem, as " whom you favorite author is? "Abnormal restoring module 150 replys the answer of this problem.With the answer of this problem for authorization information.Synchronization server 200, after receiving authorization information, by this authorization information and the information comparison pre-set, if identical, then completes the login providing the client 100 of authorization information to use this browser client account.Meanwhile, synchronization server 200 recovers the authority that provides the browser of authorization information to disconnect other to use the browser of this browser client account to be connected with synchronization server 200.Like this, validated user can indicate synchronization server 200 to disconnect the connection of the browser used with disabled user.
Thus; by abnormal restoring module 150; make when use browser client account of trying to be the first because of disabled user logs in and causes validated user to log in abnormal; validated user also can complete login by the authorization information arranged, and can indicate the connection between synchronization server 200 disconnects and disabled user uses browser.
Adopt the present embodiment, further increase the fail safe using browser client account in a browser, and can ensure that browser client account logs in the interference from abnormal conditions.Validated user can be made all can normally to log in all cases, and forbid that disabled user uses this browser client account.
Browser client logged in except the client that controls except above-mentioned, present invention also offers and a kind ofly browser client is logged in the system controlled.
This system comprises: synchronization server 200 and multiple above-mentioned client 100.
Synchronization server 200, be suitable for connecting with client 100, complete browser client account to log in, and send to client 100 notice that another browser use same browser user account carries out user's login, and indicate the connection disconnected with another browser according to client 100.
Further, synchronization server 200, is also suitable for after receiving authorization information, forbids the use of browser client account, and after confirmation authorization information is correct, completes the login of browser client account in the browser providing authorization information.Or, synchronization server 200, also be suitable for after confirmation authorization information is correct, complete the login of browser client account in the browser that authorization information is provided, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of this browser client account to be connected with synchronization server 200.
Herein, synchronization server 200 can be connected with client 100 by network, also directly can be connected with client 100, be not particularly limited at this.
See Fig. 4, show the operation chart according to an embodiment of the invention browser client being logged in the system controlled.Wherein, the first client 100A is the client 100 that uses for disabled user of client 100, second client 100B that validated user uses.
As shown in Figure 4, the first client 100A uses browser client account and synchronization server 200 to connect, and logs in this synchronization server 200.Second client 100B uses identical browser client account and synchronization server 200 to connect, and logs in this synchronization server 200.After synchronization server 200 finds that the second client 100B uses same browser client account to log in, send another browser to the first client 100A and use same browser user account to carry out the notice logged in.According to notice, first client 100A detects that in another browser, register does not meet preset security setting.First client 100A indicates synchronization server 200 to disconnect the connection with this another browser.Synchronization server 200 disconnects the connection with browser in the second client 100B after receiving instruction.
In addition, except operation shown in Fig. 4, in the present embodiment, when the second client 100B try to be the first use browser client account to log in, when the first client 100A uses same browser client account to log in, there will be log in abnormal.Now, the first client 100A sends authorization information to synchronization server 200.Synchronization server 200, after receiving authorization information, forbids that browser client account uses in the second client 100B, and after confirmation authorization information is correct, completes the login of browser client account in the first client 100A.Or, synchronization server 200 is after confirmation authorization information is correct, complete the login of browser client account in the first client 100A, and recover the first client 100A and disconnect other authorities using the browser of this browser client account to be connected with synchronization server 200.
See Fig. 5, show the flow chart according to an embodiment of the invention browser client being logged in the method controlled.Described method comprises the steps.
Step S510, uses browser client account and synchronization server to connect, logs in this synchronization server.
A kind of embodiment of described step S510 is as described below.
See Fig. 6, the flow chart of operation showing according to an embodiment of the invention and connect between synchronization server.Described step S510 specifically comprises the steps.
Step S610, sends to distribution server the request of connecting, and the request of connecting comprises the information of browser client account.
Step S620, is received as the server identification SID of synchronization server for logging in that browser client account is distributed.
Step S630, connects according to the SID received and synchronization server and logs in.
For example, first, utilize the IP address in ICP/IP protocol and port to send to distribution server the request of connecting, this request of connecting comprises: the information of browser client account, such as, the user ID QID produced according to browser client account and password.Subsequently, distribution server is that browser client account distributes synchronization server according to the information of browser client account, returns the SID of this synchronization server.Then, the IP address in recycling ICP/IP protocol and port, connect according to the SID received and this synchronization server and log in.The record of the login corresponding to browser client account is preserved in synchronization server, such as, corresponding to a browser client account, the IP address that record uses this browser client account to carry out logging in and login time.The described herein implementation connected with synchronization server is only exemplary illustration; the implementation connected with synchronization server in the present invention is not limited thereto, and anyly can realize with the mode of synchronization server connection establishment all within protection scope of the present invention.
Step S520, another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login.
For example, notice comprises the relevant information using same browser user account to carry out another browser of user's login.Relevant information at least comprises one of following message: IP address, machine identification MID and login time.Wherein, MID is the device id of browser place terminal.
Further, the notice of reception is presented by bullet window and/or plug-in unit in browser this locality.For example, in the login management plug-in unit of browser, show corresponding to the browser client account of carrying out logging in the notice received.Login management plug-in unit is the feature card that can load in browser, wherein presents the browser client account that each logs in, and manages the browser client account logged in.In this citing, in the management information of this browser client account presented at login management plug-in unit, present the notice of reception, in login management plug-in unit, namely present the relevant information using this browser client account to carry out another browser of user's login.
Thus, user can Timeliness coverage browser client account be illegally used, and obtains the relevant information of another browser using this browser client account, such as, and IP address, MID and login time etc.And then effective monitoring browser client account being logged in situation can be realized.
According to notice, step S530, detects that in another browser, register does not meet preset security setting.
It is for example, a kind of that to detect that register in another browser does not meet the mode that preset security arranges as described below.Preset security arranges and comprises: the secure IP addresses arranged in default white list and/or safe MID.Describedly to detect in another browser that register does not meet preset security and arranges and specifically comprise according to notice: detect that the IP address of another browser in notice and/or machine identification are not present in this default white list.Such as, secure IP addresses can be set to the IP address used of terminal in company and shelter; Safe MID can be set to the MID of terminal in company and shelter, and the MID of personal portable terminals, as the MID etc. of PAD and cell phone.Thus, when browser client account does not use in the safe range of above-mentioned setting, just judge that using the register of this browser client account not meet preset security in another browser is arranged, and then start to carry out safeguard protection operation by step S540.
For example, to detect that register in another browser does not meet the mode that preset security arranges as described below for another kind.Preset security arranges and comprises: preset security interval duration.Describedly to detect in another browser that register does not meet preset security and arranges and specifically comprise according to notice: detect that the IP address of another browser in notice is different from local ip address, and user's login time of another browser in notifying and the time difference of local user's login time are less than this preset security interval duration.Because in the condition of normal use, browser client account can not log at the browser of two different IP addresses usually within a short period of time respectively, so can detect that in another browser, register does not meet preset security setting accordingly.
Above-mentioned two kinds of implementations are only the exemplary illustration detecting that register in another browser does not meet preset security and arranges, and detect register in another browser and do not meet the mode that preset security arranges and be not limited thereto in the present invention.
Thereby, it is possible to automatically judge that in another browser, whether register is legal, and then when judging register non-legally in another browser, realize the safeguard protection to browser client account by step S540.
Step S540, instruction synchronization server disconnects the connection with another browser.
Described instruction synchronization server also comprises at least one in operating as follows after disconnecting the connection with another browser:
The cookie arranged in another browser under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account in another browser and information deletion;
Instruction synchronization server is forbidden using this browser client account in the terminal at another browser.
Adopt technical scheme in the present embodiment; can the illegal use of Timeliness coverage browser client account; and pass through the connection of the browser disconnecting synchronization server and this illegal use browser client account; browser client account is avoided to be illegally used; solve thus when browser client account is illegally used, do not have effective measures can protect the problem of browser client account.
In addition, because after disabled user first uses browser client account to log in, when validated user uses browser client account to log in, there will be disabled user indicates synchronization server to disconnect the connection with the validated user of rear login, or causes validated user cannot realize the generation of login abnormal conditions such as logging in because disabled user revises user cipher.For solving disabled user's preemption browser client account, the problem causing validated user normally to log in, the invention provides another embodiment.Fig. 7 shows the flow chart in accordance with another embodiment of the present invention browser client being logged in the method controlled.
Step S710, uses browser client account and synchronization server to connect, logs in this synchronization server.
Step S720, judges whether to login successfully, and if so, performs step S730, otherwise, perform step S760.
Step S730, another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login.
According to notice, step S740, detects that in another browser, register does not meet preset security setting.
Step S750, instruction synchronization server disconnects the connection with another browser.
Step S760, when logging in abnormal, replys authorization information to synchronization server.
In a kind of embodiment of this embodiment, when logging in abnormal, by replying authorization information to synchronization server, make synchronization server forbid the use of this browser client account, and after confirmation authorization information is correct, complete this login.
For example, in the present embodiment, when occurring to log in abnormal, synchronization server sends problem, as " whom you favorite author is? "The answer of this problem replied by browser.With the answer of this problem for authorization information.Synchronization server is after receiving authorization information, forbid that browser client account uses in each browser, and by this authorization information and the information comparison pre-set, if identical, then completing browser client account providing the login of browser of authorization information, allowing the browser providing authorization information to use this browser client account.
In the another kind of embodiment of the present embodiment, when logging in abnormal, by replying authorization information to synchronization server, make synchronization server after confirmation authorization information is correct, complete this login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of this browser client account to be connected with synchronization server.
For example, in the present embodiment, when occurring to log in abnormal, synchronization server sends problem, as " whom you favorite author is? "The answer of this problem replied by browser.With the answer of this problem for authorization information.Synchronization server is after receiving authorization information, by this authorization information and the information comparison pre-set, if identical, then complete the login of browser client account at the browser of transmission authorization information, allow the browser sending authorization information to use this browser client account.Meanwhile, synchronization server recovers the authority that provides the browser of authorization information to disconnect other to use the browser of this browser client account to be connected with synchronization server.Like this, validated user can indicate synchronization server to disconnect the connection of the browser used with disabled user.
Thus, make when use browser client account of trying to be the first because of disabled user logs in and causes validated user to log in abnormal, validated user also by the authorization information arranged, and can complete login, and the connection between the browser that synchronization server disconnection and disabled user can be indicated to use.Adopt the present embodiment, further increase the fail safe using browser client account in a browser, and can ensure that browser client account logs in the interference from abnormal conditions.Validated user can be made all can normally to log in all cases, and forbid that disabled user uses this browser client account.
Intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment with display at this algorithm provided.Various general-purpose system also can with use based on together with this teaching.According to description above, the structure constructed required by this type systematic is apparent.In addition, the present invention is not also for any certain programmed language.It should be understood that and various programming language can be utilized to realize content of the present invention described here, and the description done language-specific is above to disclose preferred forms of the present invention.
In specification provided herein, describe a large amount of detail.But can understand, embodiments of the invention can be put into practice when not having these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires feature more more than the feature clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary compound mode.
The present invention will be described instead of limit the invention to it should be noted above-described embodiment, and those skilled in the art can design alternative embodiment when not departing from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and does not arrange element in the claims or step.Word "a" or "an" before being positioned at element is not got rid of and be there is multiple such element.The present invention can by means of including the hardware of some different elements and realizing by means of the computer of suitably programming.In the unit claim listing some devices, several in these devices can be carry out imbody by same hardware branch.Word first, second and third-class use do not represent any order.Can be title by these word explanations.
The invention discloses A1, a kind ofly browser client logged in the method controlled, comprising:
Use browser client account and synchronization server to connect, log in this synchronization server;
Another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Detect that in another described browser, register does not meet preset security setting according to described notice;
Described synchronization server is indicated to disconnect the connection with another browser described.
A2, method according to A1, is characterized in that,
Described use browser client account and synchronization server connect, and log in this synchronous service implement body and comprise:
Send to distribution server connecting request, described in connect and ask to comprise the information of described browser client account;
Be received as the server identification SID of synchronization server for logging in that described browser client account is distributed;
Connect according to the SID received and described synchronization server and log in.
A3, method according to A1 or A2, is characterized in that,
Described notice comprises the relevant information using same browser user account to carry out another browser of user's login;
Described relevant information at least comprises one of following message: IP address, machine identification and login time.
A4, method according to A3, is characterized in that,
Described preset security arranges and comprises: the secure IP addresses arranged in default white list and/or secure machine mark;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that IP address and/or the machine identification of another browser in described notice are not present in described default white list.
A5, method according to A3, is characterized in that,
Described preset security arranges and comprises: preset security interval duration;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that the IP address of another browser in described notice is different from local ip address, and user's login time of another browser in described notice and the time difference of local user's login time are less than described preset security interval duration.
A6, method according to A1 or A2, is characterized in that,
The described synchronization server of described instruction also comprises at least one in operating as follows after disconnecting the connection with another browser described:
The cookie arranged in another browser described under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account described in another browser described and information deletion;
Instruction synchronization server is forbidden using described browser client account in the terminal at another browser described.
A7, method according to A1 or A2, is characterized in that,
Also comprise after described another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login:
Described notice is presented in browser this locality by bullet window and/or plug-in unit.
A8, method described in root A7, is characterized in that,
Describedly present described notice by plug-in unit and specifically comprise:
In the login management plug-in unit of browser, correspond to described browser client account show described notice.
A9, method according to A1 or A2, is characterized in that,
Described method also comprises:
When logging in abnormal, by replying authorization information to synchronization server, make synchronization server forbid the use of described browser client account, and after the described authorization information of confirmation is correct, complete described login.
A10, method according to A1 or A2, is characterized in that,
Described method also comprises:
When logging in abnormal, by replying authorization information to synchronization server, make synchronization server after the described authorization information of confirmation is correct, complete described login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of described browser client account to be connected with synchronization server.
B11, a kind ofly browser client is logged in the client controlled, comprising:
Connection establishment module, is suitable for using browser client account and synchronization server to connect, logs in this synchronization server;
Notice receiver module, another browser being suitable for receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Malice logs in detection module, is suitable for detecting that in another described browser, register does not meet preset security setting according to described notice;
Malice login process module, is suitable for indicating described synchronization server to disconnect the connection with another browser described.
B12, client according to B11, is characterized in that,
Described connection establishment module, is specifically suitable for sending to distribution server connecting request, described in connect and ask to comprise the information of described browser client account; Be received as the server identification SID of synchronization server for logging in that described browser client account is distributed; Connect according to the SID received and described synchronization server and log in.
B13, client according to B11 or B12, is characterized in that,
Described notice comprises the relevant information using same browser user account to carry out another browser of user's login;
Described relevant information at least comprises one of following message: IP address, machine identification and login time.
B14, client according to B13, is characterized in that,
Described preset security arranges and comprises: the secure IP addresses arranged in default white list and/or secure machine mark;
Described malice logs in detection module, is specifically suitable for detecting that the IP address of another browser in described notice and/or machine identification are not present in described default white list.
B15, client according to B13, is characterized in that,
Described preset security arranges and comprises: preset security interval duration;
Described malice logs in detection module, specifically be suitable for detecting that the IP address of another browser in described notice is different from local ip address, and user's login time of another browser in described notice and the time difference of local user's login time are less than described preset security interval duration.
B16, client according to B11 or B12, is characterized in that,
At least one during described malice login process module is also suitable for proceeding as follows:
The cookie arranged in another browser described under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account described in another browser described and information deletion;
Instruction synchronization server is forbidden using described browser client account in the terminal at another browser described.
B17, client according to B11 or B12, is characterized in that,
Described notice receiver module, is also suitable for presenting described notice by bullet window and/or plug-in unit in browser this locality.
B18, client according to B17, is characterized in that,
Described notice receiver module, is specifically suitable in the login management plug-in unit of browser, correspond to described browser client account and shows described notice.
B19, client according to B11 or B12, is characterized in that,
Described client also comprises:
Abnormal restoring module, is suitable for, when logging in abnormal, by replying authorization information to synchronization server, making synchronization server forbid the use of described browser client account, and after the described authorization information of confirmation is correct, completes described login.
B20, client according to B11 or B12, is characterized in that,
Described client also comprises:
Abnormal restoring module; be suitable for when logging in abnormal; by replying authorization information to synchronization server; make synchronization server after the described authorization information of confirmation is correct; complete described login, and the authority that recovery provides the browser of authorization information to disconnect other uses the browser of described browser client account to be connected with synchronization server.
Claims (10)
1. browser client is logged in the method controlled, comprising:
Use browser client account and synchronization server to connect, log in this synchronization server;
Another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Detect that in another described browser, register does not meet preset security setting according to described notice;
Described synchronization server is indicated to disconnect the connection with another browser described.
2. method according to claim 1, is characterized in that,
Described use browser client account and synchronization server connect, and log in this synchronous service implement body and comprise:
Send to distribution server connecting request, described in connect and ask to comprise the information of described browser client account;
Be received as the server identification SID of synchronization server for logging in that described browser client account is distributed;
Connect according to the SID received and described synchronization server and log in.
3. method according to claim 1 and 2, is characterized in that,
Described notice comprises the relevant information using same browser user account to carry out another browser of user's login;
Described relevant information at least comprises one of following message: IP address, machine identification and login time.
4. method according to claim 3, is characterized in that,
Described preset security arranges and comprises: the secure IP addresses arranged in default white list and/or secure machine mark;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that IP address and/or the machine identification of another browser in described notice are not present in described default white list.
5. method according to claim 3, is characterized in that,
Described preset security arranges and comprises: preset security interval duration;
Describedly to detect in another described browser that register does not meet preset security and arranges and specifically comprise according to described notice:
Detect that the IP address of another browser in described notice is different from local ip address, and user's login time of another browser in described notice and the time difference of local user's login time are less than described preset security interval duration.
6. method according to claim 1 and 2, is characterized in that,
The described synchronization server of described instruction also comprises at least one in operating as follows after disconnecting the connection with another browser described:
The cookie arranged in another browser described under domain name deletes by instruction synchronization server;
Instruction synchronization server is by the record of browser client account described in another browser described and information deletion;
Instruction synchronization server is forbidden using described browser client account in the terminal at another browser described.
7. method according to claim 1 and 2, is characterized in that,
Also comprise after described another browser receiving synchronization server transmission uses same browser user account to carry out the notice of user's login:
Described notice is presented in browser this locality by bullet window and/or plug-in unit.
8. method according to claim 7, is characterized in that,
Describedly present described notice by plug-in unit and specifically comprise:
In the login management plug-in unit of browser, correspond to described browser client account show described notice.
9. method according to claim 1 and 2, is characterized in that,
Described method also comprises:
When logging in abnormal, by replying authorization information to synchronization server, make synchronization server forbid the use of described browser client account, and after the described authorization information of confirmation is correct, complete described login.
10. browser client is logged in the client controlled, comprising:
Connection establishment module, is suitable for using browser client account and synchronization server to connect, logs in this synchronization server;
Notice receiver module, another browser being suitable for receiving synchronization server transmission uses same browser user account to carry out the notice of user's login;
Malice logs in detection module, is suitable for detecting that in another described browser, register does not meet preset security setting according to described notice;
Malice login process module, is suitable for indicating described synchronization server to disconnect the connection with another browser described.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510494864.8A CN105049444B (en) | 2012-11-13 | 2012-11-13 | The method and client that are controlled are logged in browser client |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210455302.9A CN102984222B (en) | 2012-11-13 | 2012-11-13 | Browser client is logged in the method and client that control |
| CN201510494864.8A CN105049444B (en) | 2012-11-13 | 2012-11-13 | The method and client that are controlled are logged in browser client |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210455302.9A Division CN102984222B (en) | 2012-11-13 | 2012-11-13 | Browser client is logged in the method and client that control |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105049444A true CN105049444A (en) | 2015-11-11 |
| CN105049444B CN105049444B (en) | 2018-10-19 |
Family
ID=47857957
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210455302.9A Active CN102984222B (en) | 2012-11-13 | 2012-11-13 | Browser client is logged in the method and client that control |
| CN201510494864.8A Active CN105049444B (en) | 2012-11-13 | 2012-11-13 | The method and client that are controlled are logged in browser client |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210455302.9A Active CN102984222B (en) | 2012-11-13 | 2012-11-13 | Browser client is logged in the method and client that control |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN102984222B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103248489B (en) * | 2013-05-17 | 2016-06-15 | 刘子腾 | Method, server and the intelligent terminal that client logs in is realized by intelligent terminal |
| CN104901924B (en) * | 2014-03-05 | 2020-04-24 | 腾讯科技(深圳)有限公司 | Internet account verification method and device |
| CN105162805B (en) * | 2015-09-30 | 2018-10-30 | 北京奇虎科技有限公司 | User account login method and device |
| CN108961711B (en) * | 2018-04-28 | 2020-06-02 | 深圳市牛鼎丰科技有限公司 | Control method and device for remotely controlling mobile device, computer equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101159624A (en) * | 2007-10-31 | 2008-04-09 | 中兴通讯股份有限公司 | Account use monitoring method |
| CN101552780A (en) * | 2009-04-30 | 2009-10-07 | 用友软件股份有限公司 | Verification method and verification device |
| CN102739686A (en) * | 2012-07-05 | 2012-10-17 | 无锡中科泛在信息技术研发中心有限公司 | Method for restricting users to login at multiple locations simultaneously |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1783137A (en) * | 2004-11-30 | 2006-06-07 | 鸿富锦精密工业(深圳)有限公司 | Bidding safety control system and method |
| JP2007174062A (en) * | 2005-12-20 | 2007-07-05 | Canon Inc | Data communication apparatus, data communication system, data communication method, and program thereof |
| CN101588344A (en) * | 2008-05-20 | 2009-11-25 | 中兴通讯股份有限公司 | System and method for controlling same account login in network system |
-
2012
- 2012-11-13 CN CN201210455302.9A patent/CN102984222B/en active Active
- 2012-11-13 CN CN201510494864.8A patent/CN105049444B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101159624A (en) * | 2007-10-31 | 2008-04-09 | 中兴通讯股份有限公司 | Account use monitoring method |
| CN101552780A (en) * | 2009-04-30 | 2009-10-07 | 用友软件股份有限公司 | Verification method and verification device |
| CN102739686A (en) * | 2012-07-05 | 2012-10-17 | 无锡中科泛在信息技术研发中心有限公司 | Method for restricting users to login at multiple locations simultaneously |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105049444B (en) | 2018-10-19 |
| CN102984222A (en) | 2013-03-20 |
| CN102984222B (en) | 2015-09-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102970360B (en) | Browser client is logged in the system being controlled | |
| CN104092542B (en) | A kind of account login method, Apparatus and system | |
| CN102413221B (en) | Method for protecting privacy information and mobile terminal | |
| CN105721426B (en) | Access authorization methods, server, target terminal equipment and the system of terminal device | |
| CN108737327A (en) | Intercept method, apparatus, system, processor and the memory of malicious websites | |
| CN101257678A (en) | Method, terminal and system for realizing mobile terminal software safe detection | |
| CN1939035B (en) | Method and apparatus for communicating data between computer devices | |
| CN105392136A (en) | Method and device for access to router based on two-dimensional code | |
| CN105407074A (en) | Authentication method, apparatus and system | |
| CN102394838A (en) | IM (instant messaging) method, server and IM system | |
| CN105307169A (en) | Access method, device and system for guest network | |
| CN102984222B (en) | Browser client is logged in the method and client that control | |
| CN104023336A (en) | Mobile terminal and wireless access method thereof | |
| CN105577662A (en) | Terminal environmental security control method and server | |
| EP2040497B1 (en) | Tracking mobile communication devices | |
| CN105100048A (en) | WiFi network security identification method, server, client device and system | |
| CN103634935A (en) | WPS (Wi-Fi protected setup) or QSS (quick secure setup)-based network accessing method and device | |
| CN101540681A (en) | Method and system for monitoring computer network connection statuses | |
| CN102752289A (en) | Master station for power utilization information collecting system | |
| CN102238039A (en) | NAT (Network Address Translation) event reporting and IP (Internet Protocol) address tracing method and network device | |
| CN108111516A (en) | Based on WLAN safety communicating method, device and electronic equipment | |
| CN103476025B (en) | Progress management method, progress management system and mobile terminal | |
| US8441348B2 (en) | Multiple device loss status retrieval without ID provision | |
| CN102170630A (en) | Method and system for preventing network locking of mobile terminal from being illegally cracked | |
| CN103501334B (en) | Data transmission method, equipment and network system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220728 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right |