CN106330816B - A kind of method and system logging in cloud desktop - Google Patents

A kind of method and system logging in cloud desktop Download PDF

Info

Publication number
CN106330816B
CN106330816B CN201510337205.3A CN201510337205A CN106330816B CN 106330816 B CN106330816 B CN 106330816B CN 201510337205 A CN201510337205 A CN 201510337205A CN 106330816 B CN106330816 B CN 106330816B
Authority
CN
China
Prior art keywords
cloud desktop
user
account
server
sent
Prior art date
Application number
CN201510337205.3A
Other languages
Chinese (zh)
Other versions
CN106330816A (en
Inventor
张建军
高峰
苏砫
张德生
王秀娟
张晓琳
Original Assignee
北京神州泰岳软件股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京神州泰岳软件股份有限公司 filed Critical 北京神州泰岳软件股份有限公司
Priority to CN201510337205.3A priority Critical patent/CN106330816B/en
Publication of CN106330816A publication Critical patent/CN106330816A/en
Application granted granted Critical
Publication of CN106330816B publication Critical patent/CN106330816B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0815Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • H04L67/02Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP]
    • H04L67/025Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP] for remote control or remote monitoring of the application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • H04L67/08Network-specific arrangements or communication protocols supporting networked applications adapted for terminal emulation, e.g. telnet

Abstract

The present invention discloses a kind of method and system for logging in cloud desktop, it include: the 4A account for receiving user and being inputted in 4A login page, when cloud desktop login link is triggered, 4A account, which is sent to cloud desktop Account Administration server, authenticates it to received 4A account, 4A account information and corresponding cloud desktop access authority information in cloud desktop Account Administration server preservation user;By then according to 4A account and corresponding cloud desktop access authority information, generating the list of cloud desktop and being sent to cloud desktop server so that cloud desktop list is sent to user;Not by then sending authentification failure to cloud desktop server to send cloud desktop login failure result to user.The present invention makes user only need to input 4A account when logging in cloud desktop and is once authenticated, save identifying procedure, improve the user experience by carrying out unified management storage to user 4A account and its cloud desktop access authority information.

Description

A kind of method and system logging in cloud desktop
Technical field
The present invention relates to technical field of network security, and in particular to a kind of method and system for logging in cloud desktop.
Background technique
Cloud platform is a kind of application model for mutually separating user's desktop operating system with physical end equipment, it will be originally The desktop operating system and application program trustship run on the subscriber terminal is run to server end, and passes through net by terminal device Network remote access, and terminal itself only realizes input and output and interface display function.Cloud platform is broadly divided into from technology realization Virtual desktop and remote desktop.Virtual desktop: the personal operating system desktop provided based on server virtualization technology, is each User distributes independent virtual desktop, and user is connected remotely to independent virtual desktop, on the desktop that virtual desktop sum can be used Application program.Remote desktop: using the multi-user conversation sharing functionality of server operating system, one is provided for each user Desktop session-context.Multiple users are connected remotely to the same server operating system simultaneously, can possess the desktop configuration of oneself, The application program using server operating system can be shared.
4A safety control platform is the system that the account number to equipment and application, login, authorization and audit carry out centralized management. So-called 4A is exactly centralized and unified account number (Account) management, authorization (Authorization) management, certification (Authentication) management and security audit (Audit).Since cloud platform hardware device is more, the operation system carried thereon Also more many and diverse, it is higher to security requirement.In order to which the user to access cloud platform is managed and controls, guarantee cloud platform Safety needs a kind of security control mode to provide 4A using 4A platform for all resources of cloud platform and services.
But 4A platform and cloud platform independently manage respective login account number at present, user passes through 4A platform access When cloud platform (logging in cloud desktop), user is inputted first in the login page of 4A platform and is registered in 4A management server 4A account and password, the 4A account that user is inputted by 4A management server and password carry out first time certification, certification is logical Later, the 4A page comprising cloud desktop login link is sent to user, when user clicks cloud desktop login link, cloud platform The login page of cloud desktop is sent to user, receives cloud desktop account that user inputs on the login page of cloud desktop and close Code, cloud desktop server forward the cloud desktop account and password to carry out second to the Account Administration server of cloud desktop and authenticate; After certification passes through, the cloud desktop list that is authorized to use of user is sent to cloud desktop server, by cloud desktop server by cloud table Face list is sent to user.
To sum up, 4A account number and cloud desktop account number are two different account numbers at present, and user is by 4A platform access cloud platform quilt It at least needs to input two account numbers respectively when pipe resource, by double probate, verification process is cumbersome, poor user experience.
Summary of the invention
It is existing by 4A platform access cloud platform quilt to solve the present invention provides a kind of method and system for logging in cloud desktop The problem of verification process is cumbersome when pipe application resource, poor user experience.
In order to solve the above-mentioned technical problem, the technical scheme of the present invention is realized as follows:
According to an aspect of the invention, there is provided a kind of method for logging in cloud desktop, this method comprises:
4A management server receives the 4A account that user inputs on 4A login page;
When the cloud desktop login link being arranged on 4A login page is triggered, 4A management server is by the 4A account of user Number information is sent to cloud desktop Account Administration server, so that cloud desktop Account Administration server is to the 4A account received It is authenticated, the 4A account information and the corresponding cloud desktop of 4A account information of user is saved in cloud desktop Account Administration server Access authority information;
If certification passes through, cloud desktop Account Administration server is corresponding according to 4A account and the 4A account Cloud desktop access authority information generates the cloud desktop list that user is authorized to use and is sent to cloud desktop server, cloud desktop clothes Cloud desktop list is sent to user by business device;
If certification does not pass through, the result that cloud desktop Account Administration server sends authentification failure gives cloud desktop server, Cloud desktop server sends cloud desktop login failure result to user.
Optionally, this method further include:
Cloud desktop server receives the selection instruction that user inputs in cloud desktop list, according to selection instruction return pair The cloud desktop answered is to user.4A management server distributes 4A account information to user, and by the 4A account information and the 4A The corresponding cloud desktop access authority information of account information is sent to the cloud desktop Account Administration server;
Optionally, this method further include:
4A management server disposes proxy module on cloud desktop, and the return 4A that proxy module receives user's input manages clothes The request of business device, obtains the 4A account of user, which is sent to 4A management server;
4A account information is filled up to the corresponding position of 4A login page by 4A management server, and 4A login page is sent to User, and generate a random cipher and be sent to user;
4A management server receives the password of user's input and determines whether currently received password and random cipher are consistent;
If consistent, 4A administration page is sent to user;It is sent if inconsistent and logs in the failure of 4A management server The page is to user.
Optionally, this method further include: 4A management server by fort machine to log on to 4A management server offer The user of 4A login page is monitored and records.
Optionally, 4A account information includes: 4A account and static password;
The corresponding cloud desktop access authority information of 4A account information includes:
Whether the 4A account has the permission of access cloud desktop, and has 4A account when accessing cloud desktop permission addressable Cloud desktop list.
Corresponding with the method for above-mentioned login cloud desktop, the present invention also provides a kind of systems for logging in cloud desktop, are System includes:
Cloud desktop Account Administration server, the corresponding cloud table of 4A account information and 4A account information for saving user Face access authority information, and the 4A account received is authenticated, if certification passes through, according to 4A account with And the corresponding cloud desktop access authority information of the 4A account generates the cloud desktop list that user is authorized to use, by the cloud table Face list is sent to cloud desktop server;If certification does not pass through, the result of authentification failure is sent to the cloud desktop server;
4A management server, the 4A account information inputted on 4A login page for receiving user, when the 4A is logged in When the cloud desktop login link being arranged on the page is triggered, the 4A account of the user is sent to cloud by 4A management server Desktop Account Administration server;Cloud desktop server, for receiving the cloud desktop list of cloud desktop Account Administration server transmission And the cloud desktop list is sent to user, alternatively, receive cloud desktop Account Administration server send authentification failure as a result, And cloud desktop login failure result is sent to user.
Optionally, cloud desktop server is also used to receive the selection instruction that user inputs in cloud desktop list, according to this Selection instruction returns to corresponding cloud desktop to user.
Optionally, 4A management server includes: proxy module;
Proxy module is deployed on cloud desktop, and the request of the return 4A management server for receiving user's input obtains The 4A account is sent to 4A management server by the 4A account of user;
4A management server is also used to for 4A account information being filled up to the corresponding position of login page, and login page is sent To user, and generates a random cipher and be sent to user;
4A management server is also used to receive the password of user's input and determines that currently received password is with random cipher It is no consistent;
If consistent, 4A administration page is sent to user;It is sent if inconsistent and logs in the failure of 4A management server The page is to user.
Optionally, 4A management server further include: fort machine,
Fort machine is monitored and records for the user to the login page for logging on to the offer of 4A management server.
Optionally, 4A account information includes: 4A account and static password;
The corresponding cloud desktop access authority information of 4A account information includes:
Whether the 4A account has the permission of access cloud desktop, and has 4A account when accessing cloud desktop permission addressable Cloud desktop list.
The beneficial effects of the present invention are: 4A account number of the present invention by the storage user in cloud desktop account management server Information and the corresponding cloud desktop access permission of the 4A account, the cloud desktop on the 4A login page of 4A management server Login is when receiving user's trigger request, the 4A account that 4A management server inputs user on 4A login page It is sent to cloud desktop account management server, by cloud desktop account management server to 4A account and the 4A account Corresponding cloud desktop authority information is authenticated, raw according to the cloud desktop authority information of the 4A account if certification passes through The cloud desktop list being authorized to use at user, and be sent to cloud desktop server, cloud desktop server is by the cloud desktop list It is sent to user, user is facilitated to access cloud desktop.As a result, only when logging in cloud desktop to 4A account and corresponding cloud table Face permission is once authenticated, and is not authenticated to the 4A account for logging in 4A management server, and pass through in certification Afterwards, cloud desktop list that user is authorized to use can be just sent to user, be ensure that the safety that cloud desktop logs in, simplified and recognize Card process, improves user experience.
Detailed description of the invention
Fig. 1 is a kind of flow chart of the method for login cloud desktop of one embodiment of the invention;
Fig. 2 is a kind of flow chart of the method for login cloud desktop of another embodiment of the present invention;
Fig. 3 is a kind of block diagram of the system of login cloud desktop of one embodiment of the invention;
Fig. 4 is a kind of structural schematic diagram of the system of login cloud desktop of one embodiment of the invention.
Specific embodiment
Core of the invention thought is: by user 4A account in the prior art and the progress of cloud desktop account Integration logs in cloud desktop using the 4A account of user, and assigns corresponding cloud desktop access permission to 4A account number, so that User, which only needs to input a 4A account, directly to access cloud desktop according to its cloud desktop access permission, simplify and recognize Process is demonstrate,proved, authentication efficiency is improved.
Fig. 1 is a kind of flow chart of the method for login cloud desktop of one embodiment of the invention, and referring to Fig. 1, the present invention is real The method for applying this login cloud desktop of example includes:
Step S110,4A management server receives the 4A account that user inputs on 4A login page;
Step S120 believes the 4A account number of user when the cloud desktop login link being arranged on 4A login page is triggered Breath is sent to cloud desktop Account Administration server, so that cloud desktop Account Administration server carries out the 4A account received Certification, the 4A account information and the corresponding cloud desktop of 4A account information that user is saved in cloud desktop Account Administration server are visited Ask authority information;
Step S130, if certification passes through, cloud desktop Account Administration server is according to 4A account and the 4A account number The corresponding cloud desktop access authority information of information generates the cloud desktop list that user is authorized to use and is sent to cloud desktop services Cloud desktop list is sent to user by cloud desktop server by device;
Step S140, if certification does not pass through, the result that cloud desktop Account Administration server sends authentification failure gives cloud table Face server sends cloud desktop login failure result to user by cloud desktop server.
By method shown in FIG. 1, the 4A login page of 4A management server is linked equipped with cloud desktop login, when the cloud When desktop login link is triggered (for example, receiving the trigger request that user clicks cloud desktop login link), 4A management clothes Business device authenticates the 4A account information forwarding cloud desktop account management server that user inputs on 4A login page, and After certification passes through, cloud desktop account management server generates corresponding cloud desktop list and is sent to according to the authority information of user The cloud desktop list received is sent to user by cloud desktop server, cloud desktop server.Due in embodiments of the present invention, Only the 4A account information for logging in cloud desktop is once authenticated, the certification of 4A platform is omitted, simplifies verification process, is saved Certification waiting time of user, alleviate log-on message maintenance work;In addition, only in cloud desktop account management server pair After 4A account certification passes through, the cloud desktop list of user can be just sent to user, also ensures the safety of cloud desktop access.
In one embodiment of the invention, when user needs to access cloud desktop, first in the browser of operating terminal The login link of middle input 4A management server, opens the login page of 4A management server, inputs 4A account and password, In the login page of above-mentioned 4A management server, the login link equipped with cloud desktop;User clicks the cloud desktop on login page When logging in link, the 4A account information that the user received inputs is sent to cloud desktop account management service by 4A management server Device is authenticated, and after certification passes through, cloud desktop account management server returns to what user was authorized to use to cloud desktop server Cloud desktop list.
In the present embodiment, 4A account information includes 4A account and static password, and the corresponding cloud desktop of 4A account information is visited Ask that permission refers to, whether which has the permission of access cloud desktop, and when 4A account has access cloud desktop permission, protects Deposit the i.e. addressable cloud desktop the Resources list of the specific cloud desktop extent of competence of 4A account.Specifically, cloud desktop account management takes Business device, can be using 4A account as index, the corresponding cloud desktop access authority information of storage 4A account.
The embodiment of the present invention is able to access that cloud desktop by the way that 4A server to be distributed to the 4A account information imparting of user Attribute, i.e., using the 4A account information of user as user access cloud desktop cloud desktop account information, for a user, only need Remember that the 4A account information on 4A server does not need the account information of memorize cloud desktop server, improves user and use body It tests.Here cloud desktop server (cloud platform) is a big platform, the cloud desktop being authorized to use in cloud platform comprising user List, such as a shopping website can regard a cloud platform as, have various resources and system in cloud platform.The permission of user The cloud desktop of difference, acquisition is also different, for example, the cloud desktop that a certain user gets is to include according to the access authority of user Two men's clothing, women's dress Managed Resources, and the cloud desktop that another user gets only includes this Managed Resource of men's clothing, it is more A workable resource composition cloud desktop list.
In one embodiment of the invention, the selection that cloud desktop server receives that user inputs in cloud desktop list refers to It enables, corresponding cloud desktop is returned to user according to the selection instruction.It is right i.e. by user according to the needs of use in cloud desktop list Cloud desktop to be operated is selected, and cloud desktop server is after receiving the selection instruction of user, to selected by user's transmission Cloud desktop, realize access of the user to corresponding cloud desktop.
In one embodiment of the invention, this method further include: 4A management server is by fort machine to logging on to 4A The user for the 4A login page that management server provides is monitored and records.Ensure that user behavior is legal, safety assurance is provided. Fort machine in 4A management server being capable of O&M agreement such as SSH/FTP/Telnet/SFTP/Http/ to 4A management server The conversation procedures such as Https/RDP/X11/VNC are completely recorded, to meet the needs of later audit;Auditing result can record Picture and log mode are presented, and video information includes O&M user's name, target resource name, client ip, client computer The information such as title, protocol name, O&M time started, end time, O&M duration.
Fig. 2 is a kind of flow chart of the method for login cloud desktop of another embodiment of the present invention;Referring to fig. 2, in this hair In bright another embodiment, 4A management server includes: proxy module;Proxy module is deployed on cloud desktop, and proxy module is used In the request for the return 4A management server for receiving user's input, the 4A account of user is obtained, which is sent out Give 4A management server;
In the present embodiment, the cloud desktop list that cloud desktop Account Administration server returns is sent to use by cloud desktop server Family, and receive selection instruction of the user in the cloud desktop list, after receiving the selection instruction of user, cloud desktop server Corresponding cloud desktop is returned into user, while sending the proxy module for being deployed in the 4A management server of cloud desktop to user; Proxy module receives the request of the return 4A management server of user's input, and obtains the 4A account of user, by the 4A account Number information is sent to 4A management server and is verified to determine whether the user for logging in cloud desktop can directly return to 4A management The administration page of server.
Why the proxy module of 4A management server is arranged on cloud desktop in the embodiment of the present invention is due to existing skill 4A platform (4A management server) and cloud platform (cloud desktop server) not can be carried out direct return between the two in art, so working as User, which logs on to, to be disposed on the cloud desktop for when wanting to return to 4A platform, needing to use by user after the completion of the operation of cloud desktop The proxy module of 4A platform realizes that proxy module obtains the 4A account of the current user for logging in cloud desktop, and is sent to 4A management server is verified.4A management server is also used to for 4A account information being filled up to the corresponding position of login page, Login page is sent to user, and generates a random cipher and is sent to user;4A management server is also used to receive user defeated Whether the password and determining currently received password and random cipher entered be consistent;If consistent, send 4A administration page to Family;It is sent if inconsistent and logs in 4A management server failure page to user.
Specifically, when the user clicks the proxy module when, cloud desktop, which is sent, to be returned to request and gives 4A management server, 4A management The 4A account information for the user that server Receiving Agent module is sent;4A management server inputs the 4A account information of user to 4A The corresponding position of login page, and 4A login page is sent to user;Meanwhile 4A management server generates a random cipher, hair Give the random cipher to user;In embodiments of the present invention, when user 4A management server register when, fill in personal correspondent party Formula, such as: phone number and email address etc..4A management server generates correspondent party when random cipher is according to user's registration Formula sends random cipher to user.
4A management server when receiving the password of user's input, determine it is current receive password and random cipher whether one It causes;If consistent, 4A administration page is sent to user, so that user directly returns to 4A platform;Otherwise, it sends and logs in the mistake of 4A platform The page is lost to user.Wherein, when the password that user is when 4A management server fills in password, and 4A management server fills in user Be compared with the random cipher for being sent to user, if the two is completely the same, send 4A management server administration page to User;Otherwise it sends and logs in 4A management server failure page to user.
It follows that the administration page that user is returned directly to 4A platform by cloud desktop may be implemented in this way, It is convenient for users to operate.
Fig. 3 is a kind of block diagram of the system of login cloud desktop of one embodiment of the invention.Referring to Fig. 3, with above-mentioned login The method of cloud desktop is corresponding, and the present invention also provides a kind of system for logging in cloud desktop, system 300 includes:
Cloud desktop Account Administration server 310, the 4A account information and 4A account information for saving user are corresponding Cloud desktop access authority information, and the 4A account received is authenticated, if certification passes through, believed according to 4A account number Breath and the corresponding cloud desktop access authority information of the 4A account generate the cloud desktop list that user is authorized to use, by this Cloud desktop list is sent to cloud desktop server 330;If certification does not pass through, the result of authentification failure is sent to the cloud desktop Server 330;
4A management server 320, the 4A account information inputted on 4A login page for receiving user, when 4A log in page When the cloud desktop login link being arranged on face is triggered, the 4A account of user is sent to cloud table by 4A management server 320 Face Account Administration server 310;
Cloud desktop server 330, for receive cloud desktop Account Administration server 310 transmission the list of cloud desktop and should Cloud desktop list is sent to user, alternatively, receive cloud desktop Account Administration server 310 send authentification failure as a result, simultaneously Cloud desktop login failure result is sent to user.
In one embodiment of the invention, it is defeated in cloud desktop list to be also used to receive user for cloud desktop server 330 The selection instruction entered returns to corresponding cloud desktop to user according to the selection instruction.
In one embodiment of the invention, 4A management server 320 includes: proxy module;
Proxy module is deployed on cloud desktop, and the request of the return 4A management server 320 for receiving user's input obtains The 4A account is sent to 4A management server 320 by the 4A account for taking family;
4A management server 320 is also used to for 4A account information being filled up to the corresponding position of login page, by login page It is sent to user, and generates a random cipher and is sent to user;
4A management server 320, be also used to receive the password of user's input and determine currently received password with secret Whether code is consistent;
If consistent, 4A administration page is sent to user;It is sent if inconsistent and logs in the failure of 4A management server The page is to user.
Fig. 4 is a kind of structural schematic diagram of the system of login cloud desktop of one embodiment of the invention, referring to fig. 4, at this In one embodiment of invention, the system for logging in cloud desktop includes: 4A management server 420, cloud desktop Account Administration server 410 and cloud desktop server 430, wherein 4A management server includes: Account Administration (Account), authentication management (Authentication), empowerment management (Authorization) and audit management (Audit).Account Administration is specifically used for User distributes 4A account number, safeguards to the 4A account number, and empowerment management is used to distribute corresponding cloud desktop for the 4A account number of user Access authority is for example, if having access authority, and have which type of access authority etc..Authentication management is the one of 4A platform itself A certified component tentatively authenticates the user for logging in 4A platform.Audit management is to be managed by fort machine 4A is logged on to The user for the 4A login page that server 420 provides is monitored and records.4A management server 420 also provides 4A log in page Face is provided with the cloud desktop login link of cloud desktop server on the 4A login page.
Specifically, user inputs the network address of 4A management server in the browser of operating terminal, opens 4A management service The login page of device;Then the 4A account information that user is registered in the 4A management server is inputted in above-mentioned login page And password;When the cloud desktop login of above-mentioned 4A login page receives the trigger request of user, 4A management server should It is supplied to cloud desktop Account Administration server after 4A account and password to be authenticated, to determine whether active user has access The permission of cloud desktop.
In one embodiment of the invention, 4A account information includes: 4A account and static password;
The corresponding cloud desktop access authority information of 4A account information includes:
Whether the 4A account has the permission of access cloud desktop, and has 4A account when accessing cloud desktop permission addressable Cloud desktop list.
It should be noted that the system of this login cloud desktop of the invention is and the method phase above-mentioned for logging in cloud desktop It is corresponding, thus the course of work that the system of cloud desktop is logged in the present embodiment may refer to the aforementioned method portion for logging in cloud desktop That divides illustrates, and details are not described herein.
By Fig. 3 and system shown in Fig. 4, the 4A account of user is stored in the account management server of cloud desktop And the corresponding cloud desktop access permission of the 4A account, it is received when the cloud desktop login on the login page of 4A platform links When the 4A account inputted to user, which is sent to cloud desktop server, cloud desktop server is by the 4A Account information is sent to cloud desktop account management server, by cloud desktop account management server to 4A account and the 4A The corresponding cloud desktop authority information of account is authenticated, if certification passes through, according to the corresponding cloud table of the 4A account Face authority information generates the cloud desktop list that user is authorized to use, and is sent to cloud desktop server, and cloud desktop server will The cloud desktop list is sent to user, and user is facilitated to access cloud desktop.As a result, only when logging in cloud desktop to 4A account pair The cloud desktop permission answered once is authenticated, and is not authenticated to the 4A account for logging in 4A platform, and logical in certification Later, cloud desktop list that user is authorized to use can be just sent to user, ensure that cloud desktop logs in safety, letter, which is changed, to be recognized Card process, improves user experience.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all Any modification, equivalent replacement, improvement and so within the spirit and principles in the present invention, are all contained in protection scope of the present invention It is interior.

Claims (10)

1. a kind of method for logging in cloud desktop, which is characterized in that this method comprises:
4A management server receives what user inputted on 4A login page, what user was registered in the 4A management server 4A account;
When the cloud desktop login link being arranged on the 4A login page is triggered by user, 4A management server is by the user 4A account be sent to cloud desktop Account Administration server so that the cloud desktop Account Administration server is to receiving The 4A account is authenticated, and 4A account information and the institute of user are preserved in the cloud desktop Account Administration server State the corresponding cloud desktop access authority information of 4A account information;
If certification passes through, the cloud desktop Account Administration server is according to the 4A account and the 4A account pair The cloud desktop access authority information answered generates the cloud desktop list that user is authorized to use and is sent to cloud desktop server, described The cloud desktop list is sent to user by cloud desktop server;
If certification does not pass through, the cloud desktop Account Administration server sends the result of authentification failure to the cloud desktop services Device, the cloud desktop server send cloud desktop login failure result to user.
2. the method as described in claim 1, which is characterized in that this method further include:
The cloud desktop server receives the selection instruction that user inputs in the cloud desktop list, is returned according to the selection instruction Corresponding cloud desktop is returned to user.
3. the method as described in claim 1, which is characterized in that this method further include:
4A management server disposes proxy module on cloud desktop, and the return 4A that the proxy module receives user's input manages clothes The request of business device, obtains the 4A account of user, which is sent to the 4A management server;
The 4A account information is filled up to the corresponding position of 4A login page by the 4A management server, by the 4A log in page Face is sent to user, and generates a random cipher and be sent to user;
Whether the password and determining currently received password and the random cipher that the 4A management server reception user inputs Unanimously;
If consistent, 4A administration page is sent to user;It is sent if inconsistent and logs in 4A management server failure page To user.
4. method as claimed in claim 3, which is characterized in that this method further include: 4A management server passes through fort machine pair The user for logging on to the 4A login page of 4A management server offer is monitored and records.
5. the method as described in claim 1, which is characterized in that the 4A account information includes: 4A account and static password;
The corresponding cloud desktop access authority information of the 4A account information includes:
Whether the 4A account has the permission of access cloud desktop, and has the 4A account addressable cloud table when accessing cloud desktop permission Face list.
6. a kind of system for logging in cloud desktop, which is characterized in that the system comprises:
Cloud desktop Account Administration server, for saving the 4A account information and the corresponding cloud table of the 4A account information of user Face access authority information;And the 4A account received is authenticated, if certification passes through, according to the 4A account number Information and the corresponding cloud desktop access authority information of the 4A account generate the cloud desktop list that user is authorized to use, will The cloud desktop list is sent to the cloud desktop server;If certification does not pass through, the result of authentification failure is sent to the cloud Desktop server;
4A management server is inputted on 4A login page for receiving user, user institute in the 4A management server The 4A account information of registration, when the cloud desktop login link being arranged on the 4A login page is triggered, 4A management server The 4A account of the user is sent to cloud desktop Account Administration server;
Cloud desktop server, for receiving the cloud desktop list of cloud desktop Account Administration server transmission and by the cloud desktop list It is sent to the user, alternatively, receiving the result for the authentification failure that cloud desktop Account Administration server is sent and stepping on cloud desktop Record failure result is sent to the user.
7. system as claimed in claim 6, which is characterized in that the cloud desktop server is also used to receive user in the cloud The selection instruction inputted in desktop list returns to corresponding cloud desktop to user according to the selection instruction.
8. system as claimed in claim 6, which is characterized in that the 4A management server includes: proxy module;
The proxy module is deployed on cloud desktop, and the request of the return 4A management server for receiving user's input obtains The 4A account is sent to the 4A management server by the 4A account of user;
4A management server is also used to for the 4A account information being filled up to the corresponding position of 4A login page, and the 4A is logged in The page is sent to user, and generates a random cipher and be sent to user;
The 4A management server is also used to receive the password of user's input and determines currently received password and described with secret Whether code is consistent;
If consistent, 4A administration page is sent to user;It is sent if inconsistent and logs in 4A management server failure page To user.
9. system as claimed in claim 8, which is characterized in that the 4A management server further include: fort machine,
The fort machine is monitored and records for the user to the 4A login page for logging on to the offer of 4A management server.
10. system as claimed in claim 6, which is characterized in that the 4A account information includes: 4A account and static password;
The corresponding cloud desktop access authority information of the 4A account information includes:
Whether the 4A account has the permission of access cloud desktop, and has the 4A account addressable cloud table when accessing cloud desktop permission Face list.
CN201510337205.3A 2015-06-17 2015-06-17 A kind of method and system logging in cloud desktop CN106330816B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510337205.3A CN106330816B (en) 2015-06-17 2015-06-17 A kind of method and system logging in cloud desktop

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510337205.3A CN106330816B (en) 2015-06-17 2015-06-17 A kind of method and system logging in cloud desktop

Publications (2)

Publication Number Publication Date
CN106330816A CN106330816A (en) 2017-01-11
CN106330816B true CN106330816B (en) 2019-09-27

Family

ID=57733223

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510337205.3A CN106330816B (en) 2015-06-17 2015-06-17 A kind of method and system logging in cloud desktop

Country Status (1)

Country Link
CN (1) CN106330816B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109302414A (en) * 2018-11-08 2019-02-01 山西省农村信用社联合社 Desktop cloud login method, terminal, SDN controller and system based on software defined network SDN

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571359A (en) * 2012-04-06 2012-07-11 上海凯卓信息科技有限公司 Method for certificating cloud desktop based on smart card
CN102833238A (en) * 2012-08-14 2012-12-19 上海聚力传媒技术有限公司 Method, device, equipment and system for assisting network equipment to carry out user authentication
CN102882947A (en) * 2011-09-14 2013-01-16 微软公司 Automation desktop service supply
CN103023918A (en) * 2012-12-26 2013-04-03 百度在线网络技术(北京)有限公司 Method, system and device for uniformly providing login for multiple network services
CN103037004A (en) * 2012-12-21 2013-04-10 曙光信息产业(北京)有限公司 Implement method and device of cloud storage system operation
CN103118030A (en) * 2013-02-22 2013-05-22 浪潮电子信息产业股份有限公司 Desktop cloud based identity authentication method
CN103731432A (en) * 2014-01-11 2014-04-16 西安电子科技大学昆山创新研究院 Multi-user supported searchable encryption system and method
CN104144172A (en) * 2013-05-06 2014-11-12 上海宏第网络科技有限公司 Cloud platform system and method based on desktop virtualization technology

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611721B (en) * 2011-01-24 2015-06-17 鸿富锦精密工业(深圳)有限公司 Access gateway and method thereof for providing cloud storage service
TWI476627B (en) * 2012-05-11 2015-03-11 Chunghwa Telecom Co Ltd The management system and method of network service level and function of cloud virtual desktop application

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102882947A (en) * 2011-09-14 2013-01-16 微软公司 Automation desktop service supply
CN102571359A (en) * 2012-04-06 2012-07-11 上海凯卓信息科技有限公司 Method for certificating cloud desktop based on smart card
CN102833238A (en) * 2012-08-14 2012-12-19 上海聚力传媒技术有限公司 Method, device, equipment and system for assisting network equipment to carry out user authentication
CN103037004A (en) * 2012-12-21 2013-04-10 曙光信息产业(北京)有限公司 Implement method and device of cloud storage system operation
CN103023918A (en) * 2012-12-26 2013-04-03 百度在线网络技术(北京)有限公司 Method, system and device for uniformly providing login for multiple network services
CN103118030A (en) * 2013-02-22 2013-05-22 浪潮电子信息产业股份有限公司 Desktop cloud based identity authentication method
CN104144172A (en) * 2013-05-06 2014-11-12 上海宏第网络科技有限公司 Cloud platform system and method based on desktop virtualization technology
CN103731432A (en) * 2014-01-11 2014-04-16 西安电子科技大学昆山创新研究院 Multi-user supported searchable encryption system and method

Also Published As

Publication number Publication date
CN106330816A (en) 2017-01-11

Similar Documents

Publication Publication Date Title
US10686655B2 (en) Proximity and context aware mobile workspaces in enterprise systems
US20200252394A1 (en) Multifactor Contextual Authentication and Entropy from Device or Device Input or Gesture Authentication
JP6301534B2 (en) Virtualization server
JP6397956B2 (en) Provision of mobile device management functions
US9509692B2 (en) Secured access to resources using a proxy
US9628448B2 (en) User and device authentication in enterprise systems
CN105993146B (en) Method and apparatus for establishing secured session with client device
Chu et al. Security concerns in popular cloud storage services
EP3008877B1 (en) User authentication in a cloud environment
US10027714B2 (en) Secure web container for a secure online user environment
KR102036758B1 (en) Fast smart card logon and federated full domain logon
JP2017168111A (en) Providing managed browser
CN110011866B (en) Providing device as a service
US10742520B2 (en) Providing mobile device management functionalities
JP6348661B2 (en) Company authentication through third-party authentication support
EP2608486B1 (en) A computer implemented system and method for providing users with secured access to application servers
CN106471783B (en) Via the business system certification and authorization of gateway
US9787659B2 (en) Techniques for secure access management in virtual environments
US9942224B2 (en) Management and authentication in hosted directory service
US9521117B2 (en) Providing virtualized private network tunnels
US9729514B2 (en) Method and system of a secure access gateway
US9954664B2 (en) Micro VPN tunneling for mobile platforms
US20160337862A1 (en) Associating services to perimeters
US20150249660A1 (en) Authenticating linked accounts
CN104969201B (en) For calling the safe interface of privileged operation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: Room 818, 8 / F, 34 Haidian Street, Haidian District, Beijing 100080

Patentee after: BEIJING ULTRAPOWER SOFTWARE Co.,Ltd.

Address before: 100089 Beijing city Haidian District wanquanzhuang Road No. 28 Wanliu new building 6 storey block A Room 601

Patentee before: BEIJING ULTRAPOWER SOFTWARE Co.,Ltd.

CP02 Change in the address of a patent holder