CN106487744A - A kind of Shiro verification method based on Redis storage - Google Patents

A kind of Shiro verification method based on Redis storage Download PDF

Info

Publication number
CN106487744A
CN106487744A CN201510526960.6A CN201510526960A CN106487744A CN 106487744 A CN106487744 A CN 106487744A CN 201510526960 A CN201510526960 A CN 201510526960A CN 106487744 A CN106487744 A CN 106487744A
Authority
CN
China
Prior art keywords
redis
user
shiro
expired time
caching
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510526960.6A
Other languages
Chinese (zh)
Other versions
CN106487744B (en
Inventor
王素达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201510526960.6A priority Critical patent/CN106487744B/en
Publication of CN106487744A publication Critical patent/CN106487744A/en
Application granted granted Critical
Publication of CN106487744B publication Critical patent/CN106487744B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The present invention provides a kind of Shiro verification method based on Redis storage, by session is positioned over caching in Redis, can reduce memory consumption, to solve the problems, such as internal memory spilling;Introduce expired time algorithm automatically to remove caching, improve efficiency and the hit rate of caching, thus ensureing data efficient, reliably being stored.The method includes:According to the login parameters of user, the identification information of user is packaged, generates unique mark;Whether according to described unique mark, searching in Redis server has corresponding caching;If there are described corresponding caching, then obtain described uniquely identified log-on message, and encapsulate the information of logining successfully;Without described corresponding caching, then calling login validation method and method for verifying authority to be verified, if being verified, encapsulation logins successfully information, if authentication failed, pointing out login authentication failure.

Description

A kind of Shiro verification method based on Redis storage
Technical field
The present invention relates to field of computer technology, particularly a kind of based on Redis storage Shiro verification method.
Background technology
With the birth of the series of new internet product such as ecommerce, social networkies, microblogging, Internet, applications based on Web environment are more and more extensive.During IT application in enterprises various should With being all erected on Web platform, Web service develop the strong pass also causing hackers rapidly Note, come one after another is exactly highlighting of Web security threat.Hacker utilizes website operation system The modes such as the SQL injection loophole of leak and Web service program, obtain the control of Web server Authority processed, gently then distorts web page contents, heavy then steal important internal data, even more serious then It is to implant malicious code in webpage so that website caller is encroached on.For developer For be badly in need of an authoritative security framework, to carry out simple and safe functional development.
ApacheShiro is a powerful easy-to-use Java security framework, there is provided certification, award The functions such as power, encryption and session management.For any one application program, Shiro can carry For comprehensive security management services.And with respect to other security frameworks, Shiro is simply many.
Three core components of Shiro are Subject, SecurityManager and Realm respectively. Subject is an abstract conception, represents current operation user, can be people or Third party's process, backstage account or other similar things.SecurityManager is a safety Manager, manages all Yu security-related operation, and Shiro is managed by SecurityManager Reason intraware example, and the various services of safety management are provided by it.Realm act as " bridge " or " adapter " between Shiro and application secure data.That is, when right When user's execution certification (login) and mandate (access control) checking, Shiro can join from application User and its authority information is searched in the Realm putting.In this sense, Realm essence On be a safety-related DAO:It encapsulates the joint detail of data source, and When needed related data such as user, role, authority etc. are supplied to Shiro.As configuration Shiro When it is necessary at least specify a Realm, for certification and (or) mandate.
That is, simplest Shiro application:
1st, application code is authenticated by Subject and authorizes, and Subject entrusts to SecurityManager;
2nd, we need to inject Realm to the SecurityManager of Shiro, thus allowing SecurityManager can obtain legal user and its authority is judged.
The built-in Realm that can connect a large amount of secure source (also known as catalogue) of Shiro, such as Light Directory Access Protocol (LDAP) catalogue, relational database (JDBC), similar INI Text configuration resource and property file etc..Wherein, for a large amount of, complex data storages, Shiro framework supports that two kinds of Realm storage modes carry out safety verification, and one kind is based on pass coefficient According to the storage mode in storehouse safety verification (as shown in figure 1, for Shiro framework be based on relation data The safety verification flow process figure of the Realm storage in storehouse), another kind is that (one is pure based on EhCache Cache Framework in the process of Java) storage mode safety verification.
, the mass data of the proof rule storage according to Shiro in data base is believed taking Fig. 1 as a example Breath is verified, after starting (step S11), user input systems log in required information;It Afterwards, the log-on message according to user input generates user object (step S12);According to generate User object obtains corresponding Realm object (step S13) from data base;Carrying out Realm During object acquisition, first, it is determined that this Realm object whether there is (step S14);If deposited (step S15) is being verified by the SecurityManager of Shiro framework, to judge Whether the log-on message of input is correct, otherwise terminates.Similarly, the storage based on EhCache The safety verification of mode is similar, and difference is only that the position of Realm object storage is different, phase It is to obtain corresponding Realm object from EhCache in step S13 answered.
However, finding in use, existing technical scheme is only capable of supporting in relationship type In data base and EhCache storage data carry out safety verification, exist obvious defect and Not enough.
1st, the safety verification based on relation data library storage:
Conventional relational database such as Oracle and MySQL etc., all exist access speed slow, The shortcomings of data structure is single, concurrent capability is low and cluster difficulty is big.Based on relational database Data storage and reading, not only need to increase substantial amounts of database table in data base, exist simultaneously In storage and reading process, response speed is slow, causes to service overall performance decline.In high concurrent system In system, frequent visit data base, will lead to database deadlocks, thus causing system in a large number Collapse.
2nd, the safety verification based on EhCache storage:
EhCache is Cache Framework in the process of a pure Java, and it is based on JVM (Java Virtual Machine, Java Virtual Machine) internal memory carries out data storage.JVM memory headroom is very Little, when needing to enter row cache to excessive excessive object, it will cause internal memory to overflow, lead to take Business is unavailable.
To sum up, data base has become the key factor of large-scale website performance bottleneck, a lot of the Internets Company in a large number using caching technology, to reduce the access pressure of data base;EhCache due to The restriction of memory headroom size, a lot of scenes are all unavailable.Therefore, need a kind of new Realm badly Storage mode, to solve the problems, such as above.
Content of the invention
In view of this, the present invention provides a kind of Shiro verification method based on Redis storage, base Carry out data storage in Redis caching technology, storage mode is more flexible, by placing session Cache in Redis, memory consumption can be reduced, to solve the problems, such as internal memory spilling;Introduced Phase time algorithm to remove caching automatically, improves efficiency and the hit rate of caching, thus ensureing Data efficient, reliably stored.
For achieving the above object, the invention provides a kind of Shiro based on Redis storage verifies Method.
The a kind of of the present invention is included based on the Shiro verification method of Redis storage:According to user's Login parameters, the identification information of user is packaged, and generates unique mark;According to described only Whether one mark, searching in Redis server has corresponding caching;If there are described corresponding slow Deposit, then obtain described uniquely identified log-on message, and encapsulate the information of logining successfully;If not yet There is described corresponding caching, then call login validation method and method for verifying authority to be verified, If being verified, encapsulation logins successfully information, if authentication failed, points out login authentication failure.
Alternatively, the identification information of described user includes:The user name of user, domain name and according to The specific identifier that pre-defined rule generates.
Alternatively, after obtaining described uniquely identified log-on message, also include:Update described Uniquely identified expired time.
Alternatively, update described uniquely identified expired time to include:By calling expired time Algorithm is calculated, and obtains described uniquely identified expired time and is updated.
Alternatively, described expired time algorithm includes:Judge whether have during login authentication twice Access times;If there are access times, then judge whether described access times exceed maximum access Number of times;If described access times exceed maximum access times, take maximum expired time conduct Expired time;Otherwise, obtain expired time increment size, and according to described expired time increment size, Access times and default aging time calculate expired time;Without access times, then will write from memory Recognize expired time as described expired time.
Alternatively, described login validation method includes:According to described unique mark from Redis Obtain correct user name and verify user input user name whether legal;If user input User name legal, then correct password is obtained from Redis according to described unique mark and verifies Whether the password of user input is legal;If the password of user input is legal, point out login authentication Success;Otherwise, prompting login authentication failure;If the user name of user input is illegal, The user name mistake of prompting user input.
Alternatively, described method for verifying authority includes:According to described unique mark from Redis Obtain corresponding Role Information and carry out role authorization;Obtained from Redis according to described unique mark Take corresponding authority information and carry out permission grant.
Technology according to the present invention scheme, by being encapsulated as unique mark, Ke Yifang by user name Just carry out the accessing operation of data from Redis server;Session is positioned over caching in Redis, Both decreased memory consumption, and solved the problems, such as that internal memory overflows, log-on message is being carried out simultaneously During checking, if there is this unique mark in the caching of Redis server, login need not be called to test Card method and method for verifying authority are verified, proof procedure can be made to simplify, thus improve testing Card efficiency;Automatically remove caching by introducing expired time algorithm, solve manual removing and delay The redundancy data deviation that deposit data brings, thus improve efficiency and the hit rate of caching, protects Demonstrate,prove data efficient, reliably stored.
Brief description
Accompanying drawing is used for more fully understanding the present invention, does not constitute inappropriate limitation of the present invention.Wherein:
Fig. 1 is the peace of the Realm storage based on relational database for the Shiro framework in prior art Full checking flow chart;
Fig. 2 is a kind of Shiro verification method based on Redis storage according to embodiments of the present invention Key step schematic diagram;
Fig. 3 is that the Shiro according to embodiment of the present invention verifies flow chart;
Fig. 4 is the flowchart of the login validation method according to embodiment of the present invention;
Fig. 5 is the flowchart of the method for verifying authority according to embodiment of the present invention;
Fig. 6 is the flowchart of the expired time algorithm according to embodiment of the present invention;
Fig. 7 is the flowchart of the acquisition caching method according to embodiment of the present invention.
Specific embodiment
Below in conjunction with accompanying drawing, the one exemplary embodiment of the present invention is explained, including this The various details of bright embodiment are to help understanding it should they are thought only exemplary. Therefore, it will be appreciated by those of ordinary skill in the art that, the embodiments described herein can be done Go out various changes and modifications, without departing from scope and spirit of the present invention.Equally, in order to clear Chu, with concisely, eliminates the description to known function and structure in description below.
The present invention is the secondary development that Shiro framework is carried out, by provide to Shiro framework Some core classes in application programming interface are reequiped so that the support of Shiro framework is right Redis carries out Realm storage.
Fig. 2 is a kind of Shiro verification method based on Redis storage according to embodiments of the present invention Key step schematic diagram.As shown in Fig. 2 a kind of Shiro based on Redis storage of the present invention Verification method mainly includes steps S21 to S24.
Step S21:According to the login parameters of user, the identification information of user is packaged, Generate unique mark.Wherein, the identification information of user can include the user name of user, domain name And the specific identifier according to pre-defined rule generation etc..The value of the specific identifier in the present invention is one Definite value character string is (for example:" login "), and this value will not change.When user is logged in During operation, you can obtain the information such as user name, the domain name of user.In the identification information to user When being packaged, different methods can be chosen as needed, for example, can be selected for hash algorithm pair The identification information of user enters row operation, to generate the character string of regular length, as unique mark Deng.By being packaged to user name and relevant information so that the identification information such as user name becomes Unique mark, subsequently to carry out the accessing operation of data from Redis server.
Step S22:According to described unique mark, whether have corresponding in lookup Redis server Caching.In Redis, data is to be preserved in the form of Key-Value, is marked with unique Know and enter line retrieval as Key, you can obtain corresponding other information.By right CachingSessionDAO class is transformed, and the session information of unique mark Key is positioned over Enter row cache in Redis, unified Cross-Server Manage can be carried out to session, realize same use Family multiserver uniform permission administration.Simultaneously, it is to avoid session is stored in and brings in cookie Safety problem.
Step S23:If there are corresponding caching, then obtain described uniquely identified log-on message, And encapsulate the information of logining successfully.After finding the cache information corresponding to unique mark, therefrom obtain Take log-on message, for example:Login time, login times and the greeting showing when logining successfully Deng, and this log-on message is carried out being converted into discernible character being shown to user, afterwards, will The information that this logins successfully is packaged, and checking terminates.
Wherein, after getting log-on message, this uniquely identified expired time can also be updated. Calculated by calling expired time algorithm, obtain described uniquely identified expired time and go forward side by side Row updates.Expired time algorithm, mainly includes below step:First determine whether to log in twice and test Whether access times are had during card.If there are access times, then whether judge described access times Exceed maximum access times;If described access times exceed maximum access times, take maximum Expired time is as expired time;Otherwise, obtain expired time increment size, and according to described mistake Phase incremental time value, access times and default aging time calculate expired time, when herein expired Between=default aging time+expired time increment size * access times.Without access times, then Using default aging time as expired time.
By introducing expired time, can be set, the automatic removing that expire is delayed the time of data buffer storage Deposit data, solves the data cached redundancy data deviation brought of manual removing, thus improving The efficiency of caching and correctness, and then improve the hit rate of caching.
Step S24:Without described corresponding caching, then call login validation method and power Limit verification method is verified, if being proved to be successful, encapsulation logins successfully information, if authentication failed, Prompting login authentication failure.Wherein, described login validation method, including:According to described unique Mark obtain from Redis correct user name and verify user input user name whether legal; If the user name of user input is legal, obtained from Redis correctly according to described unique mark Password and verify user input password whether legal;If the password of user input is legal, Prompting login authentication success;Otherwise, prompting login authentication failure;And if user input User name is illegal, then point out the user name mistake of user input.
Can be seen that by user name is encapsulated as unique mark by step S21 to step S24, The accessing operation carrying out data from Redis server can be facilitated;Session is positioned over Redis Middle caching, both decreased memory consumption, solved the problems, such as that internal memory overflows, simultaneously to login When information is verified, if there is this unique mark in the caching of Redis server, need not adjust Verified with login validation method and method for verifying authority, proof procedure can be made to simplify, thus Improve verification efficiency;By introducing expired time algorithm automatically to remove caching, solve handss The data cached redundancy data deviation brought of dynamic removing, thus improve efficiency and the life of caching Middle rate is it is ensured that data efficient, reliably stored.
Fig. 3 is that the Shiro according to embodiment of the present invention verifies flow chart;Fig. 4 is according to this The flowchart of the login validation method of bright embodiment;Fig. 5 is according to embodiment party of the present invention The flowchart of the method for verifying authority of formula;Fig. 6 is expired according to embodiment of the present invention The flowchart of time algorithm;Fig. 7 is the side obtaining caching according to embodiment of the present invention The flowchart of method.Below with reference to these accompanying drawings, the implementation process of the present invention is carried out in detail Introduction.
The login method that the Subject class of Shiro framework provides is logged on the entrance verified, this side Method can transmit the login parameters information of user, such as username and password etc..As shown in figure 3, using Family input login parameters (step S31), for example:User name (can be cell-phone number, mailbox or Person's self-defined title) and password after, login method is by user name, domain name and specific identifier (value For a definite value character string, for example:" login ", this value will not change), uniquely marked Know encapsulation (step S32), subsequently to carry out the accessing operation of data from Redis server. Afterwards, start to verify (step S33).With unique mark as key word of the inquiry, from Redis Search whether caching (step S34), if there are data cached, then obtain the login in caching Information (step S36), and encapsulate the information of logining successfully (step S37), otherwise, call and step on Record verification method and method for verifying authority are verified (step S35), if be proved to be successful, hold Row step S37, otherwise, points out authentication failed.In particular cases, crucial in some comparisons of access Content of pages when, even if having encapsulated the information of logining successfully, also may require that and log-on message carried out Checking, now, can start to execute from step S33 again.
Fig. 4 is the idiographic flow of the login validation method in step S35 as shown in Figure 3. The method of the login authentication that the AuthorizingRealm class of Shiro framework provides is DoGetAuthenticationInfo method, the registering service of system all will complete in the method. As Fig. 4, after user input login parameters (user name, password) (step S41), login Method can packaged unique mark, login validation method just obtains from Redis according to unique mark True user name (step S42), and compare with the user name of user input, to judge input User name whether legal (step S43), if illegal, login authentication failure (step S47);Otherwise, continue checking, correct password (step is obtained from Redis according to unique mark Rapid S44), and the password whether legal (step S45) of multilevel iudge input, if legal, Login authentication success (step S46), otherwise login authentication failure (step S47).
Fig. 5 is the idiographic flow of the method for verifying authority in step S35 as shown in Figure 3. The method of the Authority Verification that the AuthorizingRealm class of Shiro framework provides is DoGetAuthorizationInfo method, is after login authentication completes, the authority to user Carry out authentication vs. authorization.As Fig. 5, after login authentication success, obtain legal parameters (user name, Password) (step S51), that is, the login parameters of input before, afterwards, marked according to unique Know and obtain Role Information (step S52) from Redis, and carry out role authorization (step S53). Then, authority information (step S54) is obtained from Redis according to unique mark, and weighed Limit authorizes (step S55), after the completion of the Authority Verification to user and mandate, User logs in success, Encapsulation logins successfully information.
Fig. 7 is the detailed of the log-on message in acquisition caching in step S36 as shown in Figure 3 Step.In an embodiment of the present invention, introduce expired time algorithm to CacheManager class Getcache method is transformed, by the way of expired time management is carried out to key name Key, solution Certainly remove the data cached redundancy data deviation brought manually, the hit rate improving caching is eased up Deposit efficiency.Flow chart as described in Figure 7, is to judge in caching, whether key name Key deposits first In (step S71), key name Key herein refers to unique mark, if it does not exist, then End operation, otherwise, obtains data (step S72) according to key name Key from Redis, this The data at place refers to the information needing to use, for example:Login successfully identifier, user name, Expired time etc., afterwards, expired by calling expired time algorithm (step S73) to be calculated Time, and update the expired time (step S74) of key name Key.Afterwards, carry out data to turn Change (step S75), the data obtaining in step S72 is converted to the information that can be shown to user.
Fig. 6 is the expired time algorithm flow of the present invention.First, it is determined that in login authentication twice Whether period has access times (step S61), if it is not, obtaining default aging time (step Rapid S62) as expired time to update expired time (step S67);If it has, then continuing Judge whether the access times during login authentication exceed maximum access times (step S63) twice, If it does, it is expired to update as expired time then to obtain maximum expired time (step S64) Time (step S67);Otherwise obtain expired time increment size (step S65), and calculated Time phase (step S66), expired time=default aging time+expired increment size * access times. Default aging time of occurring in this algorithm, maximum access times, maximum expired time, expired Incremental time value all can be preset according to the requirement of systemic-function.For example, it is assumed that root According to needing to arrange default aging time for 30 minutes, maximum access times are 50 times, serious offense Time phase is 3 hours, and expired time increment size is 2 minutes, during login authentication twice There are 5 access, then corresponding expired time=30+2*5=40 minute;If login authentication twice There are 51 access period, has exceeded maximum access times, then take maximum expired time as expired Time, now, expired time becomes 3 hours.
Technical scheme according to embodiments of the present invention, by user name is encapsulated as unique mark, The accessing operation carrying out data from Redis server can be facilitated;Session is positioned over Redis Middle caching, both decreased memory consumption, solved the problems, such as that internal memory overflows, simultaneously to login When information is verified, if there is this unique mark in the caching of Redis server, need not adjust Verified with login validation method and method for verifying authority, proof procedure can be made to simplify, thus Improve verification efficiency;By introducing expired time algorithm automatically to remove caching, solve handss The data cached redundancy data deviation brought of dynamic removing, thus improve efficiency and the life of caching Middle rate is it is ensured that data efficient, reliably stored.
Above-mentioned specific embodiment, does not constitute limiting the scope of the invention.This area Technical staff, it is to be understood that depending on design requirement and other factors, can occur various The modification of various kinds, combination, sub-portfolio and replacement.Any within the spirit and principles in the present invention Modification, equivalent and improvement of being made etc., should be included within the scope of the present invention.

Claims (7)

1. a kind of Shiro verification method based on Redis storage is it is characterised in that include:
According to the login parameters of user, the identification information of user is packaged, generates unique marking Know;
Whether according to described unique mark, searching in Redis server has corresponding caching;
If there are described corresponding caching, then obtain described uniquely identified log-on message, and seal Dress logins successfully information;
Without described corresponding caching, then call login validation method and method for verifying authority Being verified, if being verified, encapsulation logins successfully information, if authentication failed, pointing out to log in Authentication failed.
2. a kind of Shiro verification method based on Redis storage according to claim 1, It is characterized in that, the identification information of described user includes:The user name of user, domain name and according to The specific identifier that pre-defined rule generates.
3. a kind of Shiro verification method based on Redis storage according to claim 1, It is characterized in that, after obtaining described uniquely identified log-on message, also include:Update described Uniquely identified expired time.
4. a kind of Shiro verification method based on Redis storage according to claim 3, It is characterized in that, update described uniquely identified expired time and include:
Calculated by calling expired time algorithm, obtained described uniquely identified expired time And be updated.
5. a kind of Shiro verification method based on Redis storage according to claim 4, It is characterized in that, described expired time algorithm includes:
Judge whether there is access times during login authentication twice;
If there are access times, then judge whether described access times exceed maximum access times;
If described access times exceed maximum access times, maximum expired time is taken to make For expired time;
Otherwise, obtain expired time increment size, and according to described expired time increment size, Access times and default aging time calculate expired time;
Without access times, then using default aging time as described expired time.
6. a kind of Shiro verification method based on Redis storage according to claim 1, It is characterized in that, described login validation method includes:
Correct user name is obtained from Redis according to described unique mark and verifies user input User name whether legal;
If the user name of user input is legal, obtained from Redis according to described unique mark Take correct password and verify user input password whether legal;
If the password of user input is legal, point out login authentication success;
Otherwise, prompting login authentication failure;
If the user name of user input is illegal, point out the user name mistake of user input.
7. a kind of Shiro verification method based on Redis storage according to claim 1, It is characterized in that, described method for verifying authority includes:
Corresponding Role Information is obtained from Redis according to described unique mark and carries out role and award Power;
Corresponding authority information is obtained from Redis according to described unique mark and carries out authority and award Power.
CN201510526960.6A 2015-08-25 2015-08-25 Shiro verification method based on Redis storage Active CN106487744B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510526960.6A CN106487744B (en) 2015-08-25 2015-08-25 Shiro verification method based on Redis storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510526960.6A CN106487744B (en) 2015-08-25 2015-08-25 Shiro verification method based on Redis storage

Publications (2)

Publication Number Publication Date
CN106487744A true CN106487744A (en) 2017-03-08
CN106487744B CN106487744B (en) 2020-06-05

Family

ID=58233159

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510526960.6A Active CN106487744B (en) 2015-08-25 2015-08-25 Shiro verification method based on Redis storage

Country Status (1)

Country Link
CN (1) CN106487744B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147659A (en) * 2017-06-01 2017-09-08 上海斐讯数据通信技术有限公司 A kind of method and system for preventing to repeat
CN107766708A (en) * 2017-10-19 2018-03-06 深圳市金立通信设备有限公司 Nullify method, terminal and the computer-readable recording medium of account Entered state
CN108449364A (en) * 2018-05-08 2018-08-24 北京明朝万达科技股份有限公司 A kind of distributed identity authentication method and cloud certification node
CN108566433A (en) * 2018-05-03 2018-09-21 珠海横琴盛达兆业科技投资有限公司 A method of the SSM systems realization being integrated with Shiro rights managements is locally configured
CN108615062A (en) * 2018-04-19 2018-10-02 洛阳独角兽农业科技有限公司 A kind of storage of field cultivation location information and verification method
CN108629191A (en) * 2018-03-30 2018-10-09 四川长虹电器股份有限公司 The method that cross-system based on shiro and redis forces user offline
CN109033877A (en) * 2018-08-02 2018-12-18 杭州启博科技有限公司 A kind of distributed user permission processing method and system
CN109246140A (en) * 2018-10-26 2019-01-18 平安科技(深圳)有限公司 Domain right management method, device, computer equipment and storage medium
CN109361714A (en) * 2018-12-18 2019-02-19 中国移动通信集团江苏有限公司 User logs in method for authenticating, device, equipment and computer storage medium
CN110381031A (en) * 2019-06-21 2019-10-25 中国平安财产保险股份有限公司 Single-point logging method, device, equipment and computer readable storage medium
CN113254893A (en) * 2020-02-13 2021-08-13 百度在线网络技术(北京)有限公司 Identity verification method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976362A (en) * 2010-09-30 2011-02-16 中兴通讯股份有限公司 Radio frequency identification tag access method based on bitmap and device
US20120265990A1 (en) * 2009-11-26 2012-10-18 China Mobile Communications Corporation Authentication system, method and device
US20150081777A1 (en) * 2013-09-18 2015-03-19 SharpShooter/Spectrum Venture LLC Dynamic content aggregation
CN104580226A (en) * 2015-01-15 2015-04-29 上海瀚之友信息技术服务有限公司 Session data sharing system and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120265990A1 (en) * 2009-11-26 2012-10-18 China Mobile Communications Corporation Authentication system, method and device
CN101976362A (en) * 2010-09-30 2011-02-16 中兴通讯股份有限公司 Radio frequency identification tag access method based on bitmap and device
US20150081777A1 (en) * 2013-09-18 2015-03-19 SharpShooter/Spectrum Venture LLC Dynamic content aggregation
CN104580226A (en) * 2015-01-15 2015-04-29 上海瀚之友信息技术服务有限公司 Session data sharing system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
君君要上天: "《Shiro学习笔记(2)——身份验证之Realm》", 《HTTPS://BLOG.CSDN.NET》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147659A (en) * 2017-06-01 2017-09-08 上海斐讯数据通信技术有限公司 A kind of method and system for preventing to repeat
CN107766708A (en) * 2017-10-19 2018-03-06 深圳市金立通信设备有限公司 Nullify method, terminal and the computer-readable recording medium of account Entered state
CN108629191A (en) * 2018-03-30 2018-10-09 四川长虹电器股份有限公司 The method that cross-system based on shiro and redis forces user offline
CN108615062B (en) * 2018-04-19 2020-12-15 柳亚军 Method for storing and verifying information of field culture position
CN108615062A (en) * 2018-04-19 2018-10-02 洛阳独角兽农业科技有限公司 A kind of storage of field cultivation location information and verification method
CN108566433A (en) * 2018-05-03 2018-09-21 珠海横琴盛达兆业科技投资有限公司 A method of the SSM systems realization being integrated with Shiro rights managements is locally configured
CN108449364A (en) * 2018-05-08 2018-08-24 北京明朝万达科技股份有限公司 A kind of distributed identity authentication method and cloud certification node
CN109033877A (en) * 2018-08-02 2018-12-18 杭州启博科技有限公司 A kind of distributed user permission processing method and system
CN109246140A (en) * 2018-10-26 2019-01-18 平安科技(深圳)有限公司 Domain right management method, device, computer equipment and storage medium
CN109246140B (en) * 2018-10-26 2022-05-03 平安科技(深圳)有限公司 Domain authority management method and device, computer equipment and storage medium
CN109361714A (en) * 2018-12-18 2019-02-19 中国移动通信集团江苏有限公司 User logs in method for authenticating, device, equipment and computer storage medium
CN110381031A (en) * 2019-06-21 2019-10-25 中国平安财产保险股份有限公司 Single-point logging method, device, equipment and computer readable storage medium
CN110381031B (en) * 2019-06-21 2023-02-14 中国平安财产保险股份有限公司 Single sign-on method, device, equipment and computer readable storage medium
CN113254893A (en) * 2020-02-13 2021-08-13 百度在线网络技术(北京)有限公司 Identity verification method and device, electronic equipment and storage medium
CN113254893B (en) * 2020-02-13 2023-09-19 百度在线网络技术(北京)有限公司 Identity verification method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN106487744B (en) 2020-06-05

Similar Documents

Publication Publication Date Title
CN106487744A (en) A kind of Shiro verification method based on Redis storage
US10055561B2 (en) Identity risk score generation and implementation
US20200285978A1 (en) Model training system and method, and storage medium
US10461939B2 (en) Secure device registration for multi-factor authentication
US11303449B2 (en) User device validation at an application server
US8549326B2 (en) Method and system for extending encrypting file system
US9811547B2 (en) Client computer for updating a database stored on a server via a network
US10484385B2 (en) Accessing an application through application clients and web browsers
US9736131B2 (en) Secure login for subscriber devices
US9495533B2 (en) Mobile application, identity relationship management
AU2019210633A1 (en) Mobile multifactor single-sign-on authentication
US11601414B2 (en) Contact consolidation across multiple services
CN103916244B (en) Verification method and device
US8590017B2 (en) Partial authentication for access to incremental data
US20050228981A1 (en) Globally trusted credentials leveraged for server access control
CN108632241B (en) Unified login method and device for multiple application systems
CN108810003B (en) Safety verification scheme for multi-service party message access
CN107145531B (en) Distributed file system and user management method of distributed file system
CN105354482A (en) Single sign-on method and device
CN109981677A (en) A kind of credit management method and device
CN108234122A (en) Token method of calibration and device
CN114915500B (en) Self-media account management method and device based on PC desktop client
CN111277595B (en) User and data management method suitable for multiple users and multiple terminals
Huang et al. Research on Single Sign-on Technology for Educational Administration Information Service Platform
CN110493199A (en) A kind of method and apparatus for preventing internet Web from attacking

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant