CN105592083A - Method and device for terminal to have access to server by using token - Google Patents
Method and device for terminal to have access to server by using token Download PDFInfo
- Publication number
- CN105592083A CN105592083A CN201510959278.6A CN201510959278A CN105592083A CN 105592083 A CN105592083 A CN 105592083A CN 201510959278 A CN201510959278 A CN 201510959278A CN 105592083 A CN105592083 A CN 105592083A
- Authority
- CN
- China
- Prior art keywords
- token
- terminal
- primitive
- candidate
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Abstract
The invention discloses a method and device for a terminal to have access to a server by using a token and relates to the technical field of Internet. The method and the device may solve a problem that the terminal cannot successfully have access to the server if not successively saving a new token issued by a server side in the prior art. The method mainly comprises steps of: setting, after a new token corresponding to an original token is generated, the new token as a candidate token, wherein the token is used for uniquely identifying a terminal and is an access certificate required by the terminal having access to the server; sending the candidate token to the terminal; replacing the original token by the candidate token as an valid token if an acknowledge character sent by the terminal is received in order that the terminal may successfully have access to the server by using the candidate token; and retaining the validity of the of the original token if the acknowledge character sent by the terminal is not received in order that the terminal may successfully have access to the server by using the original token. The method and the device are mainly suitable for a scene where the terminal has access to a network security server by using the token.
Description
Technical field
The present invention relates to Internet technical field, particularly relate to a kind of terminal and utilize token access serviceThe method and apparatus of device.
Background technology
In actual applications, terminal, before server sends request of data, needs first to server ShenPlease be used for the corresponding token of this terminal of unique identification, then send to server according to the token of applicationRequest of data. Server receives after request of data, can first verify that whether token is correct, if checking justReally just to the response of the corresponding data of terminal return data request, thereby ensure the safety of server.
In the prior art, user may to use ghost software clone to go out multiple identical with known systemSystem, the phenomenon that therefore can exist multiple terminals to contain identical token, and multiple terminal is utilized identicalToken can successful access server. For fear of the phenomenon of the corresponding multiple terminals of a token, clothesBusiness device side is usually regularly upgraded token, and issues new token to terminal, new so that terminal is usedToken access server.
But in prior art, but usually there is following problem: when server issues to terminal after new token,Terminal may not receive this new token, although or successfully receive new token, but preserve and loseLose. In this case, terminal, in the time sending request of data to server, can be carried local storagePrimitive token sends request of data to server, and primitive token had lost efficacy, thereby terminal cannot becomeMerit obtains the data response corresponding with this request of data. Hence one can see that, how to preserve new token in terminalIn failed situation, still ensure that this terminal can successful access server be current a great problem.
Summary of the invention
In view of this, the invention provides a kind of terminal and utilize the method and apparatus of token access server,Can solve the new token issuing when the unsuccessful preservation server side of terminal in prior art time, Wu FachengThe problem of merit access services device.
On the one hand, the invention provides a kind of terminal and utilize the method for token access server, described sideMethod comprises:
Generating after the new token that primitive token is corresponding, described new token is set to candidate token, instituteState token for unique identification terminal, and the needed access while being terminal access server of described tokenVoucher;
Send described candidate token to terminal;
If receive the acknowledge character that described terminal sends, described candidate token is replaced described originalToken is as effective token, so that described terminal utilizes the described candidate token can successful access server,Described acknowledge character is used to indicate described terminal and successfully preserves described candidate token;
If do not receive the acknowledge character that described terminal sends, retain the validity of described primitive token,So that described terminal utilize described primitive token can successful access described in server.
On the other hand, the invention provides a kind of terminal and utilize the device of token access server, described inDevice comprises:
Setting unit, for generating after the new token that primitive token is corresponding, by described new token settingFor candidate token, described token is for unique identification terminal, and described token is terminal access serverTime needed access credentials;
Transmitting element, the described candidate token arranging for send described setting unit to terminal;
Replacement unit, in the time receiving the acknowledge character of described terminal transmission, by described candidate orderBoard is replaced described primitive token as effective token, so that described terminal utilizes the described candidate token canSuccessful access server, described acknowledge character is used to indicate described terminal and successfully preserves described candidate orderBoard;
Stick unit, in the time not receiving the acknowledge character of described terminal transmission, retains described formerThe validity of beginning token, so that described terminal utilizes described primitive token to serve described in successful accessDevice.
By technique scheme, terminal provided by the invention utilize token access server method andDevice, can generate after the new token that primitive token is corresponding, and first this new token is set to candidate orderBoard, then send this candidate token to terminal, if receive the acknowledge character that terminal sends, can determineTerminal is successfully preserved candidate token, and candidate token is replaced to primitive token as effective token, withJust terminal utilizes the candidate token can successful access server, and if do not receive the confirmation that terminal sendsCharacter, can determine the unsuccessful preservation candidate of terminal token, and still retains the validity of primitive token,So that terminal utilizes the primitive token can successful access server. Hence one can see that, with straight in prior artConnect new token compared as effective token, the present invention guarantee terminal successfully preserve new token after just willNew token is as effective token, and in the time of the new token of the unsuccessful preservation of terminal, still primitive token doneFor effective token, thereby effective token of end side storage and effective order of server side storage are ensuredBoard is identical, and then in the time of the new token of the unsuccessful preservation of terminal, also can ensure terminal successful access server.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, of the present invention in order to better understandTechnological means, and can being implemented according to the content of description, and for allow of the present invention above-mentioned andOther objects, features and advantages can become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description of the drawings
By reading below detailed description of the preferred embodiment, various other advantage and benefit forIt is cheer and bright that those of ordinary skill in the art will become. Accompanying drawing is only for illustrating the order of preferred embodiment, and do not think limitation of the present invention. And in whole accompanying drawing, with identical reference symbolNumber represent identical parts. In the accompanying drawings:
A kind of terminal that Fig. 1 shows the embodiment of the present invention to be provided is utilized the method for token access serverFlow chart;
A kind of terminal that Fig. 2 shows the embodiment of the present invention to be provided is utilized the device of token access serverComposition frame chart;
The another kind of terminal that Fig. 3 shows the embodiment of the present invention to be provided is utilized the dress of token access serverThe composition frame chart of putting.
Detailed description of the invention
Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail. Although aobvious in accompanying drawingShow exemplary embodiment of the present disclosure, but should be appreciated that and can realize the disclosure with various formsAnd the embodiment that should do not set forth here limits. On the contrary, providing these embodiment is for can be moreThoroughly understand the disclosure, and can be by the technology that conveys to this area complete the scope of the present disclosurePersonnel.
A kind of method that the embodiment of the present invention provides terminal to utilize token access server, the method masterBe applied to server side, as shown in Figure 1, the method mainly comprises:
101, generating after the new token that primitive token is corresponding, new token is set to candidate token.
Wherein, token is for unique identification terminal, and token is needed while being terminal access serverAccess credentials. In actual applications, when terminal is for the first time when access services device, can be by application tokenAPI (ApplicationProgrammingInterface, application programming interface) to serverSend token request, server receives after token request, can from token request, obtain terminalEnd message, and according to end message, current time and other information, generating one can be uniqueIdentify the token of this terminal, and the token of generation is fed back to corresponding terminal, so that terminal utilization orderBoard access services device. That is to say, whether server can carry out verification terminal by token is legal,Thereby avoid illegal terminal invasion server.
Owing to there being the situation of ghost system, so server meeting regular update token is avoided ghostTerminal corresponding to system used the token successful access server in the terminal that primal system is corresponding. This stepIn rapid, when generating after the new token that primitive token is corresponding, terminal can be set to candidate order by new tokenBoard, the candidate token by new token as primitive token, to successfully preserve new order in follow-up terminalBridge queen, newer token is replaced to primitive token as effective token.
Wherein, end message comprise IP (InternetProtocolAddress, IP(Internet Protocol)) address,The information such as MAC (MediaAccessControl, media interviews control) address and user name. OrderBoard can be the cryptographic Hash of 32, and primitive token is current effective token.
102, send candidate token to terminal.
Concrete, in the time that server generates token corresponding to certain terminal for the first time, can record this token withThe corresponding relation of the end message of this terminal. In the time obtaining candidate token corresponding to primitive token, serviceDevice can obtain IP address and the MAC Address of terminal from end message corresponding to candidate token, and toThe terminal of corresponding IP address and MAC Address sends this candidate token, so that terminal is upgraded local storagePrimitive token.
If 103 receive terminal send acknowledge character, using candidate token replace primitive token asEffectively token, so that terminal utilizes the candidate token can successful access server.
Wherein, ACK (Acknowledgement, acknowledge character) is used to indicate terminal and successfully preservesCandidate token. In actual applications, can be for comprising candidate token and successfully preserving candidate in ACKThe mark of token.
Concrete, in the time that server receives the acknowledge character of terminal transmission, can determine this terminalCandidate token is preserved in success, and after this terminal, extended meeting utilizes this candidate token access server. Now,Server can using candidate token replace primitive token as effective token, thereby ensure server side withEffective token of end side storage is candidate token, and then this terminal is utilized the service of candidate token accessWhen device, this candidate token of server authentication is correct, and this terminal can successful access server thus.
If 104 do not receive the acknowledge character that terminal sends, retain the validity of primitive token, withJust terminal utilizes the primitive token can successful access server.
Concrete, in the time that server does not receive the acknowledge character of terminal transmission in Preset Time section,Can determine that the unsuccessful preservation candidate of this terminal token (comprises and do not receive the candidate order that server sendsThough board and receive that candidate token is unsuccessful is saved in local two kinds of situations), and this terminal is follow-upStill can utilize primitive token access services device. Now, server can retain the effective of primitive tokenProperty, and candidate token is still invalid token, and play candidate effect, thus ensure server side and endEffective token of distolateral storage is primitive token, and then this terminal is utilized primitive token access services deviceTime, this primitive token of server authentication is correct, and this terminal can successful access server thus.
The terminal that the embodiment of the present invention provides is utilized the method for token access server, can be former in generationAfter new token corresponding to beginning token, first this new token is set to candidate token, then send to terminal shouldCandidate token, if receive the acknowledge character that terminal sends, can determine that terminal successfully preserves candidateToken, and candidate token is replaced to primitive token as effective token, so that terminal is utilized candidate tokenCan successful access server, and if do not receive the acknowledge character that terminal sends, can determine terminalUnsuccessful preservation candidate token, and still retain the validity of primitive token, original so that terminal is utilizedToken can successful access server. Hence one can see that, with in prior art directly using new token as havingEffect token is compared, the present invention guarantee terminal successfully preserve new token after just using new token as effective orderBoard, and in the time of the new token of the unsuccessful preservation of terminal, still using primitive token as effective token, therebyEnsure that effective token of end side storage is identical with effective token of server side storage, and then at endWhile holding the new token of unsuccessful preservation, also can ensure terminal successful access server.
Further, in the time that server is determined the unsuccessful preservation candidate of terminal token, still by original writBoard, as current effective token, still also can send candidate token to terminal, again so that terminal is timelyUpgrade local token. In actual applications, again main to the implementation of terminal transmission candidate tokenCan be divided into following two kinds:
Mode one: the request of data of carrying primitive token that server receiving terminal sends, and according to numberAccording to request, send the data response of carrying candidate token to terminal, so that terminal is preserved candidate order againBoard.
Concrete, in the time of the unsuccessful preservation candidate of terminal token, the follow-up primitive token that still can utilize is visitedAsk server. When server receives after the request of data of carrying primitive token of terminal transmission, due toEffective token of the local storage of server is primitive token, so the token carrying in request of data is correct.But in order to allow the terminal local token that upgrades in time, server is sending number according to request of data to terminalAccording to when response, for example, except sending to terminal its content of asking (virus base), can also be toTerminal sends candidate token, so that local token is updated to candidate token by notification terminal. If terminal becomesMerit is preserved candidate token, and terminal can send acknowledge character to server, so that server makes candidateBoard is set to effective token; If the unsuccessful preservation candidate of terminal token, terminal can not sent out to serverSend acknowledge character, so that server is still using primitive token as effective token.
Mode two: server sends candidate token again to terminal, sends really until receive terminalThe symbol of reading, replaces primitive token as effective token using candidate token.
Concrete, if server does not receive the acknowledge character that terminal sends in Preset Time section,Server can be determined the unsuccessful preservation candidate of terminal token. In this case, server can be againInferior to terminal transmission candidate token, so that terminal is preserved candidate token again, until server receivesThe acknowledge character that terminal sends, server just can determine that terminal successfully preserves candidate token, and is connecingReceive after acknowledge character, just candidate token is replaced to primitive token as effective token.
That further, in above-mentioned steps 103, mentions replaces primitive token as effectively using candidate tokenThe specific implementation of token can be: server is that candidate token is added with criterion knowledge; Delete originalToken, or effective mark that primitive token is carried is replaced by invalidated identification.
Concrete, when server receives after the acknowledge character of terminal transmission, can determine this terminalThe candidate token of its transmission is preserved in success, and follow-up this terminal can utilize this candidate token to visit serviceDevice. Therefore, server can be known for candidate token is added with criterion, and removes the effective of primitive tokenProperty. Wherein, the validity of removing primitive token can have two kinds of methods: (1) is directly by primitive tokenDelete, only retain candidate token; (2) retain primitive token, but need to be by the criterion that has of primitive tokenKnow and be replaced by invalidated identification.
The specific implementation of the new token that further, server side generation primitive token is corresponding is passableFor the end message of the terminal that whois lookup primitive token is corresponding, and according to end message and work asThe front time, generate new token corresponding to primitive token.
Concrete, due to token difference corresponding to each terminal, so when generating order corresponding to certain terminalWhen board, server can record the corresponding relation of token and end message, so that whether subsequent authentication tokenCorrectly, and according to end message corresponding to primitive token and current time, generation primitive token pairThe new token of answering.
Further, according to said method embodiment, an alternative embodiment of the invention also provides onePlant terminal and utilize the device of token access server, as shown in Figure 2, this device mainly comprises: arrangeUnit 21, transmitting element 22, replacement unit 23 and stick unit 24. Wherein,
Setting unit 21, for generating after the new token that primitive token is corresponding, new token is set toCandidate token, token is for unique identification terminal, and token is needed while being terminal access serverAccess credentials;
Transmitting element 22, for sending to terminal the candidate token that setting unit 21 arranges;
Replacement unit 23, in the time receiving the acknowledge character of terminal transmission, replaces candidate tokenPrimitive token is as effective token, so that terminal utilizes the candidate token can successful access server, reallyThe symbol of reading is used to indicate terminal and successfully preserves candidate token;
Stick unit 24, in the time not receiving the acknowledge character of terminal transmission, retains primitive tokenValidity so that terminal utilizes the primitive token can successful access server.
The terminal that the embodiment of the present invention provides is utilized the device of token access server, can be former in generationAfter new token corresponding to beginning token, first this new token is set to candidate token, then send to terminal shouldCandidate token, if receive the acknowledge character that terminal sends, can determine that terminal successfully preserves candidateToken, and candidate token is replaced to primitive token as effective token, so that terminal is utilized candidate tokenCan successful access server, and if do not receive the acknowledge character that terminal sends, can determine terminalUnsuccessful preservation candidate token, and still retain the validity of primitive token, original so that terminal is utilizedToken can successful access server. Hence one can see that, with in prior art directly using new token as havingEffect token is compared, the present invention guarantee terminal successfully preserve new token after just using new token as effective orderBoard, and in the time of the new token of the unsuccessful preservation of terminal, still using primitive token as effective token, therebyEnsure that effective token of end side storage is identical with effective token of server side storage, and then at endWhile holding the new token of unsuccessful preservation, also can ensure terminal successful access server.
Further, as shown in Figure 3, this device also comprises:
Receiving element 25, if for the acknowledge character not receiving terminal transmission, retain original writAfter the validity of board, the request of data of carrying primitive token that receiving terminal sends;
Transmitting element 22, the also request of data for receiving according to receiving element 25, sends and takes to terminalData response with candidate token, so that terminal is preserved candidate token again.
Further, transmitting element 22, if also for the acknowledge character not receiving terminal transmission,After retaining the validity of primitive token, again send candidate token to terminal, until receive endThe acknowledge character that end sends, replaces primitive token as effective token using candidate token.
Further, as shown in Figure 3, replacement unit 23, comprising:
Add module 231, be used to candidate token to be added with criterion and know;
Removing module 232, for deleting primitive token;
Change module 233, be replaced by invalidated identification for effective mark that primitive token is carried.
Further, as shown in Figure 3, this device also comprises:
Generation unit 26, for generating the new token that primitive token is corresponding;
Generation unit 26, comprising:
Search module 261, for searching the end message of the terminal that primitive token is corresponding;
Generation module 262, searches for basis end message and the current time that module 261 finds,Generate new token corresponding to primitive token.
Further, protocol IP address, media interviews control MAC Address between terminating packet purse ropeAnd user name.
Embodiments of the invention disclose:
A1, a kind of terminal are utilized the method for token access server, it is characterized in that, described method bagDraw together:
Generating after the new token that primitive token is corresponding, described new token is set to candidate token, instituteState token for unique identification terminal, and the needed access while being terminal access server of described tokenVoucher;
Send described candidate token to terminal;
If receive the acknowledge character that described terminal sends, described candidate token is replaced described originalToken is as effective token, so that described terminal utilizes the described candidate token can successful access server,Described acknowledge character is used to indicate described terminal and successfully preserves described candidate token;
If do not receive the acknowledge character that described terminal sends, retain the validity of described primitive token,So that described terminal utilize described primitive token can successful access described in server.
A2, according to the method described in A1, it is characterized in that, if do not receive described terminal describedThe acknowledge character sending, after retaining the validity of described primitive token, described method is further wrappedDraw together:
Receive the request of data of carrying described primitive token that described terminal sends;
According to described request of data, send the data response of carrying described candidate token to described terminal,So that described terminal is preserved described candidate token again.
A3, according to the method described in A1, it is characterized in that, if do not receive described terminal describedThe acknowledge character sending, after retaining the validity of described primitive token, described method is further wrappedDraw together:
Again send described candidate token to described terminal, until receive the confirmation that described terminal sendsCharacter, replaces described primitive token as effective token using described candidate token.
A4, according to the method described in any one in A1 to A3, it is characterized in that, described by described timeMend token and replace described primitive token as effective token, comprising:
For being added with criterion, knows described candidate token;
Delete described primitive token, or effective mark that described primitive token is carried be replaced by invalidMark.
A5, according to the method described in any one in A1 to A3, it is characterized in that, described generation is originalThe new token that token is corresponding, comprising:
Search the end message of the terminal that described primitive token is corresponding;
According to described end message and current time, generate the new token that described primitive token is corresponding.
A6, according to the method described in A5, it is characterized in that, described terminating packet is drawn together IP(Internet Protocol)IP address, media interviews control MAC Address and user name.
B7, a kind of terminal are utilized the device of token access server, it is characterized in that, described device bagDraw together:
Setting unit, for generating after the new token that primitive token is corresponding, by described new token settingFor candidate token, described token is for unique identification terminal, and described token is terminal access serverTime needed access credentials;
Transmitting element, the described candidate token arranging for send described setting unit to terminal;
Replacement unit, in the time receiving the acknowledge character of described terminal transmission, by described candidate orderBoard is replaced described primitive token as effective token, so that described terminal utilizes the described candidate token canSuccessful access server, described acknowledge character is used to indicate described terminal and successfully preserves described candidate orderBoard;
Stick unit, in the time not receiving the acknowledge character of described terminal transmission, retains described formerThe validity of beginning token, so that described terminal utilizes described primitive token to serve described in successful accessDevice.
B8, according to the device described in B7, it is characterized in that, described device further comprises:
Receiving element, if for the acknowledge character not receiving described terminal transmission, described in retainingAfter the validity of primitive token, the data of carrying described primitive token that receive described terminal transmission pleaseAsk;
Described transmitting element, the also described request of data for receiving according to described receiving element, to instituteState terminal and send the data response of carrying described candidate token, so that described terminal is preserved described time againMend token.
B9, according to the device described in B7, it is characterized in that, described transmitting element, if also for notReceive the acknowledge character that described terminal sends, after retaining the validity of described primitive token, toDescribed terminal sends described candidate token again, until receive the acknowledge character that described terminal sends,Described candidate token is replaced to described primitive token as effective token.
B10, according to the device described in any one in B7 to B9, it is characterized in that, described replacement is singleUnit, comprising:
Add module, be used to described candidate token to be added with criterion and know;
Removing module, for deleting described primitive token;
Change module, be replaced by invalidated identification for effective mark that described primitive token is carried.
B11, according to the device described in any one in B7 to B9, it is characterized in that, described device entersOne step comprises:
Generation unit, for generating the new token that primitive token is corresponding;
Described generation unit, comprising:
Search module, for searching the end message of the terminal that described primitive token is corresponding;
Generation module, for searching described end message that module searches arrives and when current described in basisBetween, generate the new token that described primitive token is corresponding.
B12, according to the device described in B11, it is characterized in that, described terminating packet is drawn together IP(Internet Protocol)IP address, media interviews control MAC Address and user name.
In the above-described embodiments, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, do not haveThere is the part of detailed description, can be referring to the associated description of other embodiment.
Be understandable that the correlated characteristic reference mutually in said method and device. In addition," first ", " second " etc. in above-described embodiment are for distinguishing each embodiment, and do not represent eachThe quality of embodiment.
Those skilled in the art can be well understood to, for convenience and simplicity of description, above-mentionedThe system of describing, device and the specific works process of unit, can be with reference in preceding method embodimentCorresponding process, does not repeat them here.
Above-mentioned terminal utilizes the device of token access server to comprise memory and processor, above-mentioned settingUnit, transmitting element, replacement unit and stick unit etc. are all stored in memory as program unit,Carry out by processor the said procedure unit being stored in memory and realize corresponding function.
The algorithm providing at this and show not with any certain computer, virtual system or miscellaneous equipmentIntrinsic relevant. Various general-purpose systems also can with based on using together with this teaching. According to aboveDescribe, it is apparent constructing the desired structure of this type systematic. In addition, the present invention also not forAny certain programmed language. It should be understood that and can utilize various programming languages to realize described hereThe content of invention, and the description of above language-specific being done is of the present invention best real in order to discloseExecute mode.
In the description that provided herein, a large amount of details are described. But, can understand,Embodiments of the invention can be put into practice in the situation that there is no these details. In some instances,Be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, should be appreciated that in order to simplify the disclosure and to help to understand one in each inventive aspectIndividual or multiple, in the above in the description of exemplary embodiment of the present invention, each feature of the present inventionSometimes be grouped together into single embodiment, figure or in its description. But, should be byThe method of the disclosure is construed to the following intention of reflection: the present invention for required protection requires ratio eachThe more feature of feature of clearly recording in claim. Or rather, as right is below wantedAsk that book reflects like that, inventive aspect is to be less than all spies of disclosed single embodiment aboveLevy. Therefore claims of, following detailed description of the invention are incorporated to this specific embodiment party thus clearlyFormula, wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and can carry out the module in the equipment in embodimentAdaptively change and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, andIn addition can put them into multiple submodules or subelement or sub-component. Except such feature and/orAt least some in process or unit are, outside mutually repelling, can adopt any combination to illustrate thisDisclosed all features and so open in book (comprising claim, summary and the accompanying drawing followed)Any method or all processes or the unit of equipment combine. Unless clearly statement in addition, thisIn description (comprising claim, summary and the accompanying drawing followed), disclosed each feature can be by carryingFor identical, be equal to or the alternative features of similar object replaces.
In addition, although those skilled in the art will appreciate that embodiment more described herein compriseIncluded some feature instead of further feature in other embodiment, but the feature of different embodimentCombination mean within scope of the present invention and form different embodiment. For example, underIn claims of face, the one of any of embodiment required for protection can be to combine arbitrarilyMode is used.
All parts embodiment of the present invention can realize with hardware, or with at one or more placeThe software module of moving on reason device realizes, or realizes with their combination. Those skilled in the artShould be appreciated that and can use in practice microprocessor or digital signal processor (DSP) to realizeAccording to the condition detection method of the anti-lost equipment of accompanied electronic of the embodiment of the present invention, equipment, server andThe some or all functions of the some or all parts in system equipment. The present invention can also realizeFor part or all equipment or the device program (example for carrying out method as described hereinAs, computer program and computer program). Realizing program of the present invention and can be stored in like thisOn computer-readable medium, or can there is the form of one or more signal. Such signalCan download and obtain from internet website, or provide on carrier signal, or with any otherForm provides.
It should be noted above-described embodiment the present invention will be described instead of the present invention is limitSystem, and those skilled in the art can design in the case of not departing from the scope of claimsAlternative embodiment. In the claims, any reference symbol between bracket should be configured toLimitations on claims. Word " comprise " do not get rid of existence be not listed as element in the claims orStep. Being positioned at word " " before element or " one " does not get rid of and has multiple such elements.The present invention can be by means of including the hardware of some different elements and the calculating by means of suitable programmingMachine is realized. In the unit claim of having enumerated some devices, several in these devices canBeing to carry out imbody by same hardware branch. The use of word first, second and C gradeDo not represent any order. Can be title by these word explanations.
Claims (10)
1. terminal is utilized a method for token access server, it is characterized in that, described method comprises:
Generating after the new token that primitive token is corresponding, described new token is set to candidate token, instituteState token for unique identification terminal, and the needed access while being terminal access server of described tokenVoucher;
Send described candidate token to terminal;
If receive the acknowledge character that described terminal sends, described candidate token is replaced described originalToken is as effective token, so that described terminal utilizes the described candidate token can successful access server,Described acknowledge character is used to indicate described terminal and successfully preserves described candidate token;
If do not receive the acknowledge character that described terminal sends, retain the validity of described primitive token,So that described terminal utilize described primitive token can successful access described in server.
2. method according to claim 1, is characterized in that, if described in described not receivingThe acknowledge character that terminal sends, after retaining the validity of described primitive token, described method enters oneStep comprises:
Receive the request of data of carrying described primitive token that described terminal sends;
According to described request of data, send the data response of carrying described candidate token to described terminal,So that described terminal is preserved described candidate token again.
3. method according to claim 1, is characterized in that, if described in described not receivingThe acknowledge character that terminal sends, after retaining the validity of described primitive token, described method enters oneStep comprises:
Again send described candidate token to described terminal, until receive the confirmation that described terminal sendsCharacter, replaces described primitive token as effective token using described candidate token.
4. according to the method in any one of claims 1 to 3, it is characterized in that, described by instituteState candidate token and replace described primitive token as effective token, comprising:
For being added with criterion, knows described candidate token;
Delete described primitive token, or effective mark that described primitive token is carried be replaced by invalidMark.
5. according to the method in any one of claims 1 to 3, it is characterized in that described generationThe new token that primitive token is corresponding, comprising:
Search the end message of the terminal that described primitive token is corresponding;
According to described end message and current time, generate the new token that described primitive token is corresponding.
6. method according to claim 5, is characterized in that, between described terminating packet purse ropeProtocol IP address, media interviews control MAC Address and user name.
7. terminal is utilized a device for token access server, it is characterized in that, described device comprises:
Setting unit, for generating after the new token that primitive token is corresponding, by described new token settingFor candidate token, described token is for unique identification terminal, and described token is terminal access serverTime needed access credentials;
Transmitting element, the described candidate token arranging for send described setting unit to terminal;
Replacement unit, in the time receiving the acknowledge character of described terminal transmission, by described candidate orderBoard is replaced described primitive token as effective token, so that described terminal utilizes the described candidate token canSuccessful access server, described acknowledge character is used to indicate described terminal and successfully preserves described candidate orderBoard;
Stick unit, in the time not receiving the acknowledge character of described terminal transmission, retains described formerThe validity of beginning token, so that described terminal utilizes described primitive token to serve described in successful accessDevice.
8. device according to claim 7, is characterized in that, described device further comprises:
Receiving element, if for the acknowledge character not receiving described terminal transmission, described in retainingAfter the validity of primitive token, the data of carrying described primitive token that receive described terminal transmission pleaseAsk;
Described transmitting element, the also described request of data for receiving according to described receiving element, to instituteState terminal and send the data response of carrying described candidate token, so that described terminal is preserved described time againMend token.
9. device according to claim 7, is characterized in that, described transmitting element, also forIf at the acknowledge character that does not receive described terminal and send, retain described primitive token validity itAfter, again send described candidate token to described terminal, until receive the confirmation that described terminal sendsCharacter, replaces described primitive token as effective token using described candidate token.
10. according to the device described in any one in claim 7 to 9, it is characterized in that described replacingChange unit, comprising:
Add module, be used to described candidate token to be added with criterion and know;
Removing module, for deleting described primitive token;
Change module, be replaced by invalidated identification for effective mark that described primitive token is carried.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510959278.6A CN105592083B (en) | 2015-12-18 | 2015-12-18 | Method and device for terminal to access server by using token |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510959278.6A CN105592083B (en) | 2015-12-18 | 2015-12-18 | Method and device for terminal to access server by using token |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105592083A true CN105592083A (en) | 2016-05-18 |
| CN105592083B CN105592083B (en) | 2020-06-12 |
Family
ID=55931297
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510959278.6A Active CN105592083B (en) | 2015-12-18 | 2015-12-18 | Method and device for terminal to access server by using token |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105592083B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302546A (en) * | 2016-10-18 | 2017-01-04 | 青岛海信电器股份有限公司 | The method and apparatus realizing server access |
| CN108809991A (en) * | 2018-06-15 | 2018-11-13 | 北京云枢网络科技有限公司 | A method of the client side verification based on SDK dynamic watermarks |
| CN109802941A (en) * | 2018-12-14 | 2019-05-24 | 平安科技(深圳)有限公司 | A kind of login validation method, device, storage medium and server |
| CN114710295A (en) * | 2022-05-05 | 2022-07-05 | 阿波罗智联(北京)科技有限公司 | Token updating method, device, electronic equipment and medium |
| CN114745133A (en) * | 2018-03-27 | 2022-07-12 | 杭州蚂蚁聚慧网络技术有限公司 | Method and device for identifying uniqueness of equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101064695A (en) * | 2007-05-16 | 2007-10-31 | 杭州看吧科技有限公司 | P2P(Peer to Peer) safe connection method |
| CN101488179A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Authentication method and apparatus for wireless radio frequency recognition system |
| CN101729568A (en) * | 2009-12-11 | 2010-06-09 | 北京交通大学 | Safety access system and method for guaranteeing source address authenticity by using token mechanism |
| CN102378170A (en) * | 2010-08-27 | 2012-03-14 | 中国移动通信有限公司 | Method, device and system of authentication and service calling |
| CN104660641A (en) * | 2013-11-25 | 2015-05-27 | 中国直升机设计研究所 | Data transmission method in enterprise network |
| CN104980925A (en) * | 2015-06-01 | 2015-10-14 | 走遍世界(北京)信息技术有限公司 | Authentication method and authentication device for user request |
-
2015
- 2015-12-18 CN CN201510959278.6A patent/CN105592083B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101064695A (en) * | 2007-05-16 | 2007-10-31 | 杭州看吧科技有限公司 | P2P(Peer to Peer) safe connection method |
| CN101488179A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Authentication method and apparatus for wireless radio frequency recognition system |
| CN101729568A (en) * | 2009-12-11 | 2010-06-09 | 北京交通大学 | Safety access system and method for guaranteeing source address authenticity by using token mechanism |
| CN102378170A (en) * | 2010-08-27 | 2012-03-14 | 中国移动通信有限公司 | Method, device and system of authentication and service calling |
| CN104660641A (en) * | 2013-11-25 | 2015-05-27 | 中国直升机设计研究所 | Data transmission method in enterprise network |
| CN104980925A (en) * | 2015-06-01 | 2015-10-14 | 走遍世界(北京)信息技术有限公司 | Authentication method and authentication device for user request |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302546A (en) * | 2016-10-18 | 2017-01-04 | 青岛海信电器股份有限公司 | The method and apparatus realizing server access |
| CN106302546B (en) * | 2016-10-18 | 2019-09-13 | 青岛海信电器股份有限公司 | The method and apparatus for realizing server access |
| CN114745133A (en) * | 2018-03-27 | 2022-07-12 | 杭州蚂蚁聚慧网络技术有限公司 | Method and device for identifying uniqueness of equipment |
| CN108809991A (en) * | 2018-06-15 | 2018-11-13 | 北京云枢网络科技有限公司 | A method of the client side verification based on SDK dynamic watermarks |
| CN109802941A (en) * | 2018-12-14 | 2019-05-24 | 平安科技(深圳)有限公司 | A kind of login validation method, device, storage medium and server |
| CN114710295A (en) * | 2022-05-05 | 2022-07-05 | 阿波罗智联(北京)科技有限公司 | Token updating method, device, electronic equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105592083B (en) | 2020-06-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102713926B (en) | Confidential information is revealed and is prevented system and method | |
| CN106790156B (en) | Intelligent device binding method and device | |
| CN102137174B (en) | Method for caching of domain name system, authorized domain name server and cache domain name server | |
| CN105592083A (en) | Method and device for terminal to have access to server by using token | |
| CN108494755B (en) | Method and device for transmitting Application Programming Interface (API) request | |
| CN105472052A (en) | Login method and system of cross-domain server | |
| US20230247013A1 (en) | User authentication in communication systems | |
| CN111460458B (en) | Data processing method, related device and computer storage medium | |
| US9591030B1 (en) | Lock-free updates to a domain name blacklist | |
| CN105939347B (en) | Defend the method and device of domain name attack | |
| CN105337990A (en) | User identity verification method and device | |
| CN111064804B (en) | Network access method and device | |
| CN113886743B (en) | Method, device and system for refreshing cache resources | |
| CN110753037A (en) | Token management method, device and storage medium | |
| US9264399B1 (en) | Lock-free updates to a domain name blacklist | |
| CN105812503A (en) | Root server address update method and recursive server | |
| KR101846778B1 (en) | Method for ID Resolution Service and M2M System applying the same | |
| CN111988262B (en) | Authentication method, authentication device, server and storage medium | |
| CN109063461B (en) | Third-party password-free login method and system | |
| CN104009999A (en) | Method and device for preventing ARP cheating and network access server | |
| CN110943962B (en) | Authentication method, network equipment, authentication server and forwarding equipment | |
| CN103701844B (en) | The method and system of managing user information | |
| JP6233846B2 (en) | Variable-length nonce generation | |
| CN112182009B (en) | Block chain data updating method and device and readable storage medium | |
| JP4617898B2 (en) | ACCESS CONTROL METHOD AND METHOD, SERVER DEVICE, TERMINAL DEVICE, AND PROGRAM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |