CN106534143A - Method and system capable of realizing cross-application authentication authorization - Google Patents
Method and system capable of realizing cross-application authentication authorization Download PDFInfo
- Publication number
- CN106534143A CN106534143A CN201611062187.3A CN201611062187A CN106534143A CN 106534143 A CN106534143 A CN 106534143A CN 201611062187 A CN201611062187 A CN 201611062187A CN 106534143 A CN106534143 A CN 106534143A
- Authority
- CN
- China
- Prior art keywords
- application
- user
- token information
- authorization code
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Abstract
The invention provides a method and a system capable of realizing cross-application authentication authorization. The method comprises steps that a user login request sent by a first application is received, when an authorization code of the first application is correct and a user account and a user cipher are in matching, the token information of the first application is generated, and the token information is returned to the first application; if jump from the first application to a second application occurs, a jump request sent by the second application is received; when an authorization code of the second application is correct, the first application and the second application are in one same application set, a present login state of the user is valid, the token information of the second application is generated, the token information is returned to the second application so as to maintain the login state when jump to the second application occurs. The method is advantaged in that the user is prevented from inputting a user name and the cipher for multiple times for login when jump among the associated applications occurs.
Description
Technical field
Embodiment of the present invention is related to application system technical field, more particularly to a kind of method across application authorization mandate and
System.
Background technology
The software being mounted in using (Application, APP) on intelligent terminal, user log in an application before,
Generally need to register corresponding account in this application, when login is applied, by being input into account and the password of registration, by testing
Just can login successfully after card.
As the development of science and technology, the functional requirement of intelligent terminal are more and more, the application of installation is also more and more, is associated
Application also with generation, when user is applied using one of them, it usually needs jump in other associated applications and process
Different business.For example move store, be framework on mobile Internet, based on mobile phone access terminal, merge the Internet, two
The dimension wireless technology such as bar code and voice, the enterprise-level Multifunctional mobile e-commerce platform built together with enterprise and businessman.Cloud account
The unified account platform system in high in the clouds is deployed in based on cloud computing technology, there is provided to the unified account system of multi-application system
System.
The auth method for being currently typically based on token (Token) carries out associated certification, so in service end just not
Need to store the login record of user.General flow process is as follows:Client is logged in password request using user name;Service end is received
To request, go to verify user name and password;After being proved to be successful, service end can sign and issue a Token, then this Token is sent
To client;Client after receiving Token stores it, is such as placed on small text file storage information (Cookie) inner
Or locally stored (Local Storage) is inner;What client was signed and issued with service end when asking resource to service end every time
Token;Service end receives request, go verify client request inside with Token, if be proved to be successful, just to client
Return the data of request.
In implementing the present invention, it may, inventor has found prior art, and at least there are the following problems:
Limited by current authentication licensing scheme, in a new application is jumped to, user needs to re-enter account
Number and password, when being passed through by new application authorization, the business function that can be just continuing with new application, so substantially meeting
The operation of user is become into complex.Additionally, existing Certificate Authority system, need to register in different applications different
Account, this is also extremely complex something for a user, is that user adds unnecessary operating procedure when in use.
It should be noted that above the introduction of technical background is intended merely to it is convenient technical scheme is carried out it is clear,
Complete explanation, and facilitate the understanding of those skilled in the art and illustrate.Can not be merely because these schemes be the present invention's
Background section is set forth and thinks that above-mentioned technical proposal is known to those skilled in the art.
The content of the invention
For the problems referred to above, the purpose of embodiment of the present invention is to provide a kind of method across application authorization mandate and be
System, when can redirect between associated application, it is to avoid user repeatedly input user name password and logged in, so that simplify use
The operating procedure at family.
For achieving the above object, embodiment of the present invention provides a kind of method across application authorization mandate, is applied to cloud account
The service end of family platform, including:User's log on request that the first application is sent is received, user's log on request includes described
The authorization code of the first application, user account and user cipher;When the authorization code of the described first application is correct and user's account
Number and the user cipher match when, generate it is described first application token information, and by described first application token information
It is back to first application;If redirected to the described second application from the described first application, receive second application and send
Jump request, the jump request include second application authorization code and first application token information;When described second
Using authorization code it is correct and first application detects that user currently steps on the described second application in the same application group, then
The effectiveness of record state;If user's current logged-on status are effectively, the token information of second application generated, and by described the
Two application token informations be back to it is described second application so that from described first application jump to described second using when protect
Hold logging status.
Further, methods described also includes:It is that the first application and the second application carry out applying registration in advance;Specially:
The application application for registration that the first application and the second application are sent is received respectively;According to the application application for registration, if described
One application and the described second application are then generated respectively and are stored with the described first application and described second using right without registering
The application identities answered and apply key;Correspondence is back to by the application identities, using key and the information that succeeds in registration
It is described first application and described second application.
Further, methods described also includes:It is that the first application and the second application carry out new user's registration in advance;Specifically
For:Receive the first application and the second authorization requests for sending of application respectively, the authorization requests include first application with
It is described second application application identities and apply key;If the application identities and the application cipher key match, generation is awarded
Weighted code, and the authorization code is back to into corresponding first application and the described second application;Receiving described first respectively should
Asked with the new user's registration sent with the described second application, the new user's registration request includes first application and institute
State authorization code, user account and the user cipher of the second application;If first application and the authorization code of the described second application
Correctly, and user account and user cipher meet preset rules, then the user account and the user cipher is preserved respectively,
And the user account and the information that succeeds in registration are back to into corresponding first application and the described second application.
Further, the token information includes head, load and signature;Generate it is described first application token information or
Person generates the token information of second application, including:Increase in the load it is described first application or it is described second application award
Weighted code and the user account, and the load that increased authorization code and user account is merged with the head and signature, shape
Into the described first application or the token information of second application.
Further, judge that first application is in same application group with the described second application, including:From described
The authorization code of the first application is obtained in the token information of one application;The authorization code decryption of the described first application is obtained first to apply
Mark, and judge it is described first application mark and second application identify whether in same application group.
For achieving the above object, embodiment of the present invention also provides a kind of system across application authorization mandate, is applied to cloud
The service end of account platform, including:Logging request receiving unit, for receiving user's log on request that the first application is sent, institute
Stating user's log on request includes authorization code, user account and the user cipher of first application;First token is believed
Breath signal generating unit, for when the described first application is when authorization code is correct and the user account and the user cipher are matched,
The token information of first application is generated, and the token information of the described first application is back to into first application;Redirect
Request reception unit, if for redirecting from the described first application to the described second application, receive what second application was sent
Jump request, the jump request include the token information of the authorization code of the second application and the first application;Sentence with group application
Disconnected unit, for when the authorization code of the described second application is correct and described first is in same application using with the described second application
In group, then detect the effectiveness of user's current logged-on status;Second token information generating unit, if current for user
Logging status effectively, generate the token information of second application, and the token information of the described second application are back to described
Second application so that from described first application jump to described second using when keep logging status.
Therefore, a kind of method and system across application authorization mandate that embodiment of the present invention is provided, by cloud account
Family platform is managed collectively to the application being associated, and when jumping to second and applying from the first application, cloud account platform can be with
Judge that the first application and the second application whether in same application group, that is, judge whether to be associated, if being in same application
In group, Entered state can be kept in the second application automatically, so as to only need according to user in the first token information using in
User can be shared in associated application for an associated application account of registration, the account of registration, it is to avoid
User needs to take in account and password again manually, reaches the purpose of the operating procedure of simplified user.
Description of the drawings
In order to be illustrated more clearly that embodiment of the present invention or technical scheme of the prior art, below will be to embodiment
Or accompanying drawing to be used simply is introduced one by one needed for description of the prior art, it should be apparent that, drawings in the following description are
Some embodiments of the present invention, for those of ordinary skill in the art, on the premise of not paying creative work, also
Other accompanying drawings can be obtained according to these accompanying drawings.
The schematic flow sheet of the method across application authorization mandate that Fig. 1 is provided for embodiment of the present invention;
The application framework schematic diagram that Fig. 2 is provided for embodiment of the present invention;
Fig. 3 for embodiment of the present invention provide be first application and second application carry out using registration flow process illustrate
Figure;
Fig. 4 for embodiment of the present invention provide be first application and second application carry out new user's registration flow process illustrate
Figure;
The high-level schematic functional block diagram of the system across application authorization mandate that Fig. 5 is provided for embodiment of the present invention.
Specific embodiment
For making purpose, technical scheme and the advantage of embodiment of the present invention clearer, below in conjunction with present invention enforcement
Accompanying drawing in mode, is clearly and completely described to the technical scheme in embodiment of the present invention, it is clear that described reality
The mode of applying is a part of embodiment of the invention, rather than the embodiment of whole.Based on the embodiment in the present invention, ability
The every other embodiment obtained under the premise of creative work is not made by domain those of ordinary skill, belongs to the present invention
The scope of protection.
Fig. 1 and Fig. 2 is referred to, embodiment of the present invention provides a kind of method across application authorization mandate, including following step
Suddenly:
Step S1:It is that the first application and the second application are carried out using registration and new user's registration in advance.
Fig. 3 is referred to, in the present embodiment, when carrying out using registration, the owner of application can be flat in cloud account
The particularss of application are filled in the enrollment page of platform, such as application A shown in Fig. 2, using B, using C and apply D.Its
In, particularss can be including Apply Names, using the range of information such as the owner, application introduction, application packet, these information
May be constructed cloud account platform is submitted to using application for registration.
Using A, using B, using C and using D and the communication of cloud account platform.Cloud account platform is receiving what application was sent
Using during application for registration, the legitimacy of this application is verified.Can for example verify whether the application being related in this application is noted
Volume.If be registered, the information of registration error can be returned.If be not registered, further can audit should
Related data.In examination & verification by afterwards, the application identities of the application can be generated and key is applied, and the application that will be generated
Identify and enter in data base using key storage.Then application identities, application can be returned in the application-oriented owner of registration page
Key and the information that succeeds in registration.
Fig. 4 is referred to, in the present embodiment, is registered using A, the new user using B, in using C and using D
When, application can initiate authorization requests to cloud account platform, can include the application identities using itself in the authorization requests
With apply key.So, cloud account platform is when the authorization requests of application are received, it can be determined that application identities and apply key
Whether stored in data base, and whether matched.If the stored and application identities and using close in data base
Key is also matched, then can generate authorization code.
The mode for generating authorization code can be that application identities are scaled encrypted characters string by AES, and will encryption
Character string is used as authorization code.Specifically, the AES can for example be AES (Advanced Encryption
Standard, Advanced Encryption Standard) algorithm, DES (Data Encryption Standard, symmetry algorithm), IDEA
(International Data Encryption Algorithm, IDEA), DSA (Digital
Signature Algorithm, Digital Signature Algorithm) etc..Preferably, cloud account platform is awarded with AES128 key encrypting and decryptings
Weighted code.
After the authorization code for generating application, the authorization code can be returned to application.So, application can be to cloud account
Platform initiates new user's registration request, can include authorization code, the user account of the application in the new user's registration request
And user cipher.
When new user's registration request is received, cloud account platform can detect whether the authorization code of application is correct first,
If correct, it can be determined that whether user account and user cipher meet preset rules.The preset rules can for example be the use
Family account is no in cloud account platform to be registered, and met the account substantive requirements of form (such as user that cloud account platform specifies
Account only can be made up of numeral and letter).If meeting preset rules, then the user account and the use can be preserved
Family password, and the user account and the information that succeeds in registration are returned to into application.So, registered by cloud account platform
Mode, ensure that the account of user is unique, and can share all applications being connected with cloud account platform.
Step S2:User's log on request that the first application is sent is received, user's log on request includes described first
Using authorization code, user account and user cipher.
In the present embodiment, user when logging in first and applying, the first application can initiate user to cloud account platform
Log on request, user's log on request include authorization code, user account and the user cipher of first application.
Step S3:When the authorization code of the described first application is correct and the user account and the user cipher are matched,
The token information of first application is generated, and the token information of the described first application is back to into first application.
In the present embodiment, cloud account platform can be tested after user's log on request that the first application is sent is received
Whether the authorization code for demonstrate,proving first application is correct.
Specifically, can using with authorize code encryption when algorithm identical decipherment algorithm, authorization code is decrypted, from
And obtain the application identities of the first application.If the application identities that decryption is obtained are stored in cloud account platform, show
First application has been registered with, and is legal.Can so continue to verify the user account and the user cipher whether
Match somebody with somebody, the token information of first application if matching, can be generated, and the token information of the described first application is back to described
First application.
Present embodiment can generate token information by JSON Web Tokens (JWT) mechanism.What JWT mechanism was generated
Tri- part of Header, Payload and Signature can be included in token information.In the present embodiment, in Payload
Increase the authorization code and the user account of first application in part, and authorization code and user account will be increased
Payload parts are merged with Header parts and Signature parts, form the token information of first application.This
Sample, user just can log in first according to token information and apply, it is possible to which the access for obtaining other resources in cloud account platform is awarded
Power.
Step S4:If redirected from the described first application to the described second application, the jump that second application is sent is received
Turn request, the jump request includes the token information of the authorization code of the second application and the first application.
In the present embodiment, when user's needs jump to second from the first application to be applied, the first application can be by certainly
The token information of body is sent to the second application.So, the second application can initiate jump request to cloud account platform, described to redirect
Request includes the token information of the authorization code of the second application and the first application.
Step S5:When the authorization code of the described second application is correct and described first applies with the described second application in same
In using group, then detect the effectiveness of user's current logged-on status.
In the present embodiment, cloud account platform can verify institute after the jump request that the second application is sent is received
Whether the authorization code for stating the second application is correct, if correctly, it can be determined that whether first application is in the described second application
In same application group, such as shown in Fig. 2, apply in group at one using A, using B, group is applied using C and using D at one
In.
Specifically, cloud account platform can extract the authorization code of the first application from the token information of the described first application,
And by the application identities that the authorization code decryption of the described first application is the first application, and judge the application identities of first application
Whether it is in same application group with the application identities of the second application.If in same application group, showing the two
Using being associated, such that it is able to continue to detect the effectiveness of user's current logged-on status.
Step S6:If user's current logged-on status are effectively, the token information of second application generated, and by described the
Two application token informations be back to it is described second application so that from described first application jump to described second using when protect
Hold logging status.
In the present embodiment, if the current Entered state of user effectively, can generate the token of second application
Information, wherein, the process for generating the token information of the second application is similar with the process of the token information for generating the first application, here
Just repeat no more.
The token information of the described second application is back to into second application, so can jumped to from the first application
Second application in keep logging status.
Fig. 5 is referred to, embodiment of the present invention provides a kind of system across application authorization mandate, is applied to cloud account platform
Service end, including:
Logging request receiving unit, for receiving user's log on request that the first application is sent, user's log on request
Include authorization code, user account and the user cipher of first application;
First token information generating unit, for when the authorization code of the described first application is correct and the user account
The token information of first application when matching with the user cipher, is generated, and the token information of the described first application is returned
It is back to first application;
Jump request receiving unit, if for redirecting from the described first application to the described second application, receive described the
The jump request that two applications are sent, the jump request include the token information of the authorization code of the second application and the first application;
With group application judging unit, for when the authorization code of the described second application is correct and first application with it is described
Second application then detects the effectiveness of user's current logged-on status in same application group;
Second token information generating unit, generating described second should if for user's current logged-on status effectively
Token information, and the token information of the described second application is back to into second application, so that should from described first
With jump to described second using when keep logging status.
Additionally,
The system also includes:
Using registering unit, for carrying out applying registration with the second application for the first application in advance;Specially:Receive respectively
The application application for registration that first application and the second application are sent;According to the application application for registration, if first application and
Second application is then generated respectively and is stored with the described first application and described second using corresponding application without registering
Identify and apply key;Corresponding described is back to by the application identities, using key and the information that succeeds in registration
One application and the described second application.
The application registering unit, is additionally operable to be that the first application and the second application carry out new user's registration in advance;Specially:
Receive the first application and the second authorization requests for sending of application respectively, the authorization requests include first application with it is described
Second application application identities and apply key;If the application identities and the application cipher key match, generate authorization code,
And the authorization code is back to into corresponding first application and the described second application;First application and institute is received respectively
The new user's registration request that the second application is sent is stated, the new user's registration request includes first application and described second
Using authorization code, user account and user cipher;If the authorization code of first application and the described second application is correct, and
And user account and user cipher meet preset rules, then the user account and the user cipher is preserved respectively, and by institute
State user account and the information that succeeds in registration is back to corresponding first application and the described second application.
Additionally,
First token information generating unit generates the token information of first application or the second token letter
Breath signal generating unit generates the token information of second application, specially:First token information generating unit or second should
Increase authorization code and the institute of first application or second application in corresponding load with token information signal generating unit
User account is stated, and the load that increased authorization code and user account is merged with the head and signature, form described first
Using or it is described second application token information.
Same group application judging unit is stated, specifically for:First is obtained from the token information of the described first application to apply
Authorization code;The authorization code decryption of the described first application is obtained into the mark of the first application, and judges the mark of first application
Knowledge is identified whether in same application group with the second application.
The above-mentioned particular technique details in the system of application authorization mandate being related to and across application authorization mandate
It is similar in method, therefore no longer specifically repeat.
Therefore, a kind of method and system across application authorization mandate that embodiment of the present invention is provided, by cloud account
Family platform is managed collectively to the application being associated, and when jumping to second and applying from the first application, cloud account platform can be with
Judge that the first application and the second application whether in same application group, that is, judge whether to be associated, if being in same application
In group, Entered state can be kept in the second application automatically, so as to only need according to user in the first token information using in
User can be shared in associated application for an associated application account of registration, the account of registration, it is to avoid
User needs to take in account and password again manually, reaches the purpose of the operating procedure of simplified user.
Each embodiment in this specification is described by the way of progressive, identical similar between each embodiment
Part mutually referring to what each embodiment was stressed is the difference with other embodiment.
Finally it should be noted that:Description to the various embodiments of the present invention is supplied to ability with the purpose for describing above
Field technique personnel.It is not intended to exhaustion or be not intended to limit the invention to single disclosed embodiment.As above institute
State, the various replacements of the present invention and change are will be apparent for above-mentioned technology one of ordinary skill in the art.Therefore,
Although specifically discuss the embodiment of some alternatives, other embodiment will be apparent, or ability
Field technique personnel relatively easily draw.It is contemplated that all replacements, modification and change including the present invention, and fall upper
State the other embodiment in the spirit and scope of application.
Claims (10)
1. a kind of method across application authorization mandate, is applied to the service end of cloud account platform, it is characterised in that include:
User's log on request that the first application is sent is received, user's log on request includes the mandate of first application
Code, user account and user cipher;
When the authorization code of the described first application is correct and the user account and the user cipher are matched, described first is generated
Using token information, and by described first application token information be back to it is described first application;
If redirected from the described first application to the described second application, the jump request that second application is sent is received, it is described
Jump request includes the token information of the authorization code of the second application and the first application;
When the authorization code of the described second application is correct and described first applies with the described second application in same application group, then
The effectiveness of detection user's current logged-on status;
If user's current logged-on status effectively, generate the token information of second application, and the order that described second is applied
Board information be back to it is described second application so that from described first application jump to described second using when keep log in shape
State.
2. the method across application authorization mandate according to claim 1, it is characterised in that methods described also includes:In advance
It is that the first application and the second application carry out applying registration;
Specially:
The application application for registration that the first application and the second application are sent is received respectively;
According to the application application for registration, if first application and the described second application are generated respectively without registering
And storage is applied corresponding application identities with the described first application and described second and applies key;
Corresponding described first is back to by the application identities, using key and the information that succeeds in registration to apply and described
Second application.
3. the method across application authorization mandate according to claim 2, it is characterised in that methods described also includes:In advance
It is that the first application and the second application carry out new user's registration;
Specially:
Receive the first application and the second authorization requests for sending of application respectively, the authorization requests include first application with
It is described second application application identities and apply key;
If the application identities and the application cipher key match, authorization code is generated, and the authorization code is back to into correspondence
It is described first application and described second application;
The new user's registration request that first application and the described second application are sent, the new user's registration request is received respectively
Include authorization code, user account and the user cipher of first application and the described second application;
If the authorization code of first application and the described second application is correct, and user account and user cipher meet default
Rule, then preserve the user account and the user cipher respectively, and by the user account and the information that succeeds in registration
It is back to corresponding first application and the described second application.
4. the method across application authorization mandate according to claim 1, it is characterised in that the token information includes head
Portion, load and signature;
The token information for generating first application or the token information for generating second application, including:
Increase the authorization code and the user account of first application or second application in the load, and will increased
The load of authorization code and user account is merged with the head and signature, forms the order of first application or second application
Board information.
5. the method across application authorization mandate according to claim 1, it is characterised in that judge first application and institute
State the second application to be in same application group, including:
The authorization code of the first application is obtained from the token information of the described first application;
The authorization code decryption of the described first application is obtained into the mark of the first application, and judges the mark and the of first application
Two application identify whether in same application group.
6. a kind of system across application authorization mandate, is applied to the service end of cloud account platform, it is characterised in that include:
Logging request receiving unit, for receiving user's log on request that the first application is sent, wraps in user's log on request
Include authorization code, user account and the user cipher of first application;
First token information generating unit, for when the authorization code of the described first application is correct and the user account and institute
The token information of first application when stating user cipher matching, is generated, and the token information of the described first application is back to
First application;
Jump request receiving unit, if for redirecting from the described first application to the described second application, receiving described second should
With the jump request sent, the jump request includes the token information of the authorization code of the second application and the first application;
With group application judging unit, for when the authorization code of the described second application is correct and described first applies and described second
Using in same application group, then the effectiveness of user's current logged-on status is detected;
Second token information generating unit, generates second application if for user's current logged-on status effectively
Token information, and the token information of the described second application is back to into second application, so that jumping from the described first application
Go to described second using when keep logging status.
7. the system across application authorization mandate according to claim 6, it is characterised in that the system also includes:
Using registering unit, for carrying out applying registration with the second application for the first application in advance;
Specially:
The application application for registration that the first application and the second application are sent is received respectively;
According to the application application for registration, if first application and the described second application are generated respectively without registering
And storage is applied corresponding application identities with the described first application and described second and applies key;
Corresponding described first is back to by the application identities, using key and the information that succeeds in registration to apply and described
Second application.
8. the system across application authorization mandate according to claim 7, it is characterised in that the application registering unit, also
For carrying out new user's registration for the first application with the second application in advance;
Specially:
Receive the first application and the second authorization requests for sending of application respectively, the authorization requests include first application with
It is described second application application identities and apply key;
If the application identities and the application cipher key match, authorization code is generated, and the authorization code is back to into correspondence
It is described first application and described second application;
The new user's registration request that first application and the described second application are sent, the new user's registration request is received respectively
Include authorization code, user account and the user cipher of first application and the described second application;
If the authorization code of first application and the described second application is correct, and user account and user cipher meet default
Rule, then preserve the user account and the user cipher respectively, and by the user account and the information that succeeds in registration
It is back to corresponding first application and the described second application.
9. the system across application authorization mandate according to claim 6, it is characterised in that the token information includes head
Portion, load and signature;
First token information generating unit generates the token information of first application or the life of the second token information
The token information of second application is generated into unit, specially:
First token information generating unit or the second token information generating unit increase described in corresponding load
First application or the authorization code and the user account of second application, and the negative of authorization code and user account will be increased
Carry and merge with the head and signature, form the token information of first application or second application.
10. the system across application authorization mandate according to claim 6, it is characterised in that the same group application judges
Unit, specifically for:
The authorization code of the first application is obtained from the token information of the described first application;
The authorization code decryption of the described first application is obtained into the mark of the first application, and judges the mark and the of first application
Two application identify whether in same application group.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611062187.3A CN106534143A (en) | 2016-11-28 | 2016-11-28 | Method and system capable of realizing cross-application authentication authorization |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611062187.3A CN106534143A (en) | 2016-11-28 | 2016-11-28 | Method and system capable of realizing cross-application authentication authorization |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106534143A true CN106534143A (en) | 2017-03-22 |
Family
ID=58357010
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611062187.3A Pending CN106534143A (en) | 2016-11-28 | 2016-11-28 | Method and system capable of realizing cross-application authentication authorization |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106534143A (en) |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107135218A (en) * | 2017-05-04 | 2017-09-05 | 腾讯科技(深圳)有限公司 | Log in state acquisition, sending method, voucher collocation method, client and server |
| CN107147496A (en) * | 2017-04-28 | 2017-09-08 | 广东网金控股股份有限公司 | Under a kind of service-oriented technological frame between different application unified authorization certification method |
| CN107193671A (en) * | 2017-05-26 | 2017-09-22 | 山东浪潮云服务信息科技有限公司 | One kind is served by interoperability methods and system |
| CN107222495A (en) * | 2017-06-29 | 2017-09-29 | 绿网天下(福建)网络科技股份有限公司 | A kind of school user system authentication method and system |
| CN107241361A (en) * | 2017-08-07 | 2017-10-10 | 中国石油工程建设有限公司 | A kind of unified identity authentication method based on cloud environment |
| CN107273528A (en) * | 2017-06-28 | 2017-10-20 | 努比亚技术有限公司 | A kind of front and back end separation method, mobile terminal and computer-readable recording medium |
| CN108245132A (en) * | 2018-01-15 | 2018-07-06 | 浙江大学 | A kind of medical wearable device intelligent interactive method based on bluetooth |
| CN108964918A (en) * | 2017-05-19 | 2018-12-07 | 北京京东尚科信息技术有限公司 | A kind of verification method and device of identifying code |
| CN109104432A (en) * | 2018-09-26 | 2018-12-28 | 深圳竹云科技有限公司 | A kind of information transmitting safety method based on JWT agreement |
| CN109428891A (en) * | 2017-08-31 | 2019-03-05 | 佳能株式会社 | Permission transfer system and its control method and client |
| CN109525561A (en) * | 2018-10-26 | 2019-03-26 | 深圳点猫科技有限公司 | It is a kind of for educating the authorization login method and device of operating system |
| CN109547422A (en) * | 2018-11-09 | 2019-03-29 | 福建天泉教育科技有限公司 | A kind of method and terminal that logging state is renewed a contract automatically |
| CN109639433A (en) * | 2018-12-05 | 2019-04-16 | 珠海格力电器股份有限公司 | The method of mutual authorization, storage medium and processor between multiple system accounts |
| CN109756336A (en) * | 2017-11-03 | 2019-05-14 | 中国移动通信有限公司研究院 | A kind of authentication method, V2X computing system and V2X calculate node |
| CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
| CN110489957A (en) * | 2019-08-05 | 2019-11-22 | 精硕科技(北京)股份有限公司 | The management method and computer storage medium of access request |
| CN110519296A (en) * | 2019-09-17 | 2019-11-29 | 焦点科技股份有限公司 | A kind of single-sign-on of isomery web system and publish method |
| CN110535884A (en) * | 2019-09-26 | 2019-12-03 | 招商局金融科技有限公司 | Method, apparatus and storage medium across access control between business system |
| CN110612528A (en) * | 2017-05-10 | 2019-12-24 | 微软技术许可有限责任公司 | Securely authenticating an automated program user |
| CN110691099A (en) * | 2019-10-28 | 2020-01-14 | 浪潮云信息技术有限公司 | System and method for realizing cascade authorization under micro-service architecture |
| CN110704820A (en) * | 2019-09-30 | 2020-01-17 | 北京金山云网络技术有限公司 | Login processing method and device, electronic equipment and computer readable storage medium |
| CN111355583A (en) * | 2018-12-20 | 2020-06-30 | 中移(杭州)信息技术有限公司 | Service providing system, method, device, electronic equipment and storage medium |
| CN112883361A (en) * | 2021-01-29 | 2021-06-01 | 平安科技(深圳)有限公司 | Function jump method and device of application program, computer equipment and storage medium |
| CN113422752A (en) * | 2020-10-30 | 2021-09-21 | 阿里巴巴集团控股有限公司 | User login processing method and device and electronic equipment |
| CN113630363A (en) * | 2020-05-06 | 2021-11-09 | 福建省天奕网络科技有限公司 | Distributed token authentication method and storage medium |
| EP3975500A1 (en) * | 2020-09-24 | 2022-03-30 | Toshiba Tec Kabushiki Kaisha | Image forming apparatus and controlling method |
| CN114285658A (en) * | 2021-12-28 | 2022-04-05 | 苏州小棉袄信息技术股份有限公司 | System mutual-hop login-free method based on WeChat authorized login |
| CN115118454A (en) * | 2022-05-25 | 2022-09-27 | 四川中电启明星信息技术有限公司 | Cascade authentication system and method based on mobile application |
| CN115630125A (en) * | 2022-12-22 | 2023-01-20 | 成都智元汇信息技术股份有限公司 | Method and system for synchronizing accounts of users in systems |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104113533A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Login authorization method and device |
| CN104660557A (en) * | 2013-11-19 | 2015-05-27 | 腾讯科技(深圳)有限公司 | Operation processing method and device |
| CN105282126A (en) * | 2014-07-24 | 2016-01-27 | 腾讯科技(北京)有限公司 | Login authentication method, terminal and server |
| CN105827658A (en) * | 2016-05-30 | 2016-08-03 | 无锡天脉聚源传媒科技有限公司 | Method and device for multi-application synchronization login |
-
2016
- 2016-11-28 CN CN201611062187.3A patent/CN106534143A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104660557A (en) * | 2013-11-19 | 2015-05-27 | 腾讯科技(深圳)有限公司 | Operation processing method and device |
| CN104113533A (en) * | 2014-07-02 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Login authorization method and device |
| CN105282126A (en) * | 2014-07-24 | 2016-01-27 | 腾讯科技(北京)有限公司 | Login authentication method, terminal and server |
| CN105827658A (en) * | 2016-05-30 | 2016-08-03 | 无锡天脉聚源传媒科技有限公司 | Method and device for multi-application synchronization login |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107147496A (en) * | 2017-04-28 | 2017-09-08 | 广东网金控股股份有限公司 | Under a kind of service-oriented technological frame between different application unified authorization certification method |
| CN107135218A (en) * | 2017-05-04 | 2017-09-05 | 腾讯科技(深圳)有限公司 | Log in state acquisition, sending method, voucher collocation method, client and server |
| CN110612528B (en) * | 2017-05-10 | 2023-07-14 | 微软技术许可有限责任公司 | Method, system and computer storage medium for securely authenticating an automated program user |
| CN110612528A (en) * | 2017-05-10 | 2019-12-24 | 微软技术许可有限责任公司 | Securely authenticating an automated program user |
| CN108964918A (en) * | 2017-05-19 | 2018-12-07 | 北京京东尚科信息技术有限公司 | A kind of verification method and device of identifying code |
| CN107193671A (en) * | 2017-05-26 | 2017-09-22 | 山东浪潮云服务信息科技有限公司 | One kind is served by interoperability methods and system |
| CN107273528A (en) * | 2017-06-28 | 2017-10-20 | 努比亚技术有限公司 | A kind of front and back end separation method, mobile terminal and computer-readable recording medium |
| CN107222495A (en) * | 2017-06-29 | 2017-09-29 | 绿网天下(福建)网络科技股份有限公司 | A kind of school user system authentication method and system |
| CN107222495B (en) * | 2017-06-29 | 2020-02-21 | 绿网天下(福建)网络科技股份有限公司 | School user system authentication method and system |
| CN107241361A (en) * | 2017-08-07 | 2017-10-10 | 中国石油工程建设有限公司 | A kind of unified identity authentication method based on cloud environment |
| CN109428891B (en) * | 2017-08-31 | 2022-05-10 | 佳能株式会社 | Authority transfer system, control method thereof and client |
| CN109428891A (en) * | 2017-08-31 | 2019-03-05 | 佳能株式会社 | Permission transfer system and its control method and client |
| CN109756336A (en) * | 2017-11-03 | 2019-05-14 | 中国移动通信有限公司研究院 | A kind of authentication method, V2X computing system and V2X calculate node |
| CN109756336B (en) * | 2017-11-03 | 2021-09-10 | 中国移动通信有限公司研究院 | Authentication method, V2X computing system and V2X computing node |
| CN108245132B (en) * | 2018-01-15 | 2020-07-14 | 浙江大学 | Bluetooth-based intelligent interaction method for medical wearable equipment |
| CN108245132A (en) * | 2018-01-15 | 2018-07-06 | 浙江大学 | A kind of medical wearable device intelligent interactive method based on bluetooth |
| CN109104432A (en) * | 2018-09-26 | 2018-12-28 | 深圳竹云科技有限公司 | A kind of information transmitting safety method based on JWT agreement |
| CN109525561A (en) * | 2018-10-26 | 2019-03-26 | 深圳点猫科技有限公司 | It is a kind of for educating the authorization login method and device of operating system |
| CN109525561B (en) * | 2018-10-26 | 2021-08-20 | 深圳点猫科技有限公司 | Authorized login method and device for education operating system |
| CN109547422A (en) * | 2018-11-09 | 2019-03-29 | 福建天泉教育科技有限公司 | A kind of method and terminal that logging state is renewed a contract automatically |
| CN109639433A (en) * | 2018-12-05 | 2019-04-16 | 珠海格力电器股份有限公司 | The method of mutual authorization, storage medium and processor between multiple system accounts |
| CN111355583A (en) * | 2018-12-20 | 2020-06-30 | 中移(杭州)信息技术有限公司 | Service providing system, method, device, electronic equipment and storage medium |
| CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
| CN110489957A (en) * | 2019-08-05 | 2019-11-22 | 精硕科技(北京)股份有限公司 | The management method and computer storage medium of access request |
| CN110489957B (en) * | 2019-08-05 | 2021-09-14 | 北京秒针人工智能科技有限公司 | Management method of access request and computer storage medium |
| CN110519296A (en) * | 2019-09-17 | 2019-11-29 | 焦点科技股份有限公司 | A kind of single-sign-on of isomery web system and publish method |
| CN110519296B (en) * | 2019-09-17 | 2021-10-15 | 焦点科技股份有限公司 | Single sign-on and sign-off method of heterogeneous web system |
| CN110535884A (en) * | 2019-09-26 | 2019-12-03 | 招商局金融科技有限公司 | Method, apparatus and storage medium across access control between business system |
| CN110704820A (en) * | 2019-09-30 | 2020-01-17 | 北京金山云网络技术有限公司 | Login processing method and device, electronic equipment and computer readable storage medium |
| CN110691099A (en) * | 2019-10-28 | 2020-01-14 | 浪潮云信息技术有限公司 | System and method for realizing cascade authorization under micro-service architecture |
| CN110691099B (en) * | 2019-10-28 | 2021-12-10 | 浪潮云信息技术股份公司 | System and method for realizing cascade authorization under micro-service architecture |
| CN113630363B (en) * | 2020-05-06 | 2023-09-08 | 福建省天奕网络科技有限公司 | Distributed token authentication method and storage medium |
| CN113630363A (en) * | 2020-05-06 | 2021-11-09 | 福建省天奕网络科技有限公司 | Distributed token authentication method and storage medium |
| EP3975500A1 (en) * | 2020-09-24 | 2022-03-30 | Toshiba Tec Kabushiki Kaisha | Image forming apparatus and controlling method |
| US11582236B2 (en) | 2020-09-24 | 2023-02-14 | Toshiba Tec Kabushiki Kaisha | Image forming apparatus and controlling method |
| CN113422752A (en) * | 2020-10-30 | 2021-09-21 | 阿里巴巴集团控股有限公司 | User login processing method and device and electronic equipment |
| CN113422752B (en) * | 2020-10-30 | 2024-03-26 | 阿里巴巴集团控股有限公司 | User login processing method and device and electronic equipment |
| CN112883361A (en) * | 2021-01-29 | 2021-06-01 | 平安科技(深圳)有限公司 | Function jump method and device of application program, computer equipment and storage medium |
| CN112883361B (en) * | 2021-01-29 | 2023-10-27 | 平安科技(深圳)有限公司 | Function jump method and device of application program, computer equipment and storage medium |
| CN114285658A (en) * | 2021-12-28 | 2022-04-05 | 苏州小棉袄信息技术股份有限公司 | System mutual-hop login-free method based on WeChat authorized login |
| CN114285658B (en) * | 2021-12-28 | 2024-01-02 | 苏州小棉袄信息技术股份有限公司 | System mutual jump login-free method based on WeChat authorization login |
| CN115118454A (en) * | 2022-05-25 | 2022-09-27 | 四川中电启明星信息技术有限公司 | Cascade authentication system and method based on mobile application |
| CN115118454B (en) * | 2022-05-25 | 2023-06-30 | 四川中电启明星信息技术有限公司 | Cascade authentication system and authentication method based on mobile application |
| CN115630125A (en) * | 2022-12-22 | 2023-01-20 | 成都智元汇信息技术股份有限公司 | Method and system for synchronizing accounts of users in systems |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106534143A (en) | Method and system capable of realizing cross-application authentication authorization | |
| EP2304636B1 (en) | Mobile device assisted secure computer network communications | |
| CN107239688B (en) | The purview certification method and system in Docker mirror image warehouse | |
| CN103391197B (en) | A kind of web identity authentication based on handset token and NFC technique | |
| Czeskis et al. | Strengthening user authentication through opportunistic cryptographic identity assertions | |
| CN101227468B (en) | Method, device and system for authenticating user to network | |
| US9197420B2 (en) | Using information in a digital certificate to authenticate a network of a wireless access point | |
| CN106790183A (en) | Logging on authentication method of calibration, device | |
| CN106657068A (en) | Login authorization method and device, login method and device | |
| CN106330850A (en) | Biological characteristic-based security verification method, client and server | |
| CN107040513A (en) | A kind of credible access registrar processing method, user terminal and service end | |
| CN103685282A (en) | Identity authentication method based on single sign on | |
| CN106060078B (en) | User information encryption method, register method and verification method applied to cloud platform | |
| CN106230838A (en) | A kind of third-party application accesses the method and apparatus of resource | |
| CN105430014B (en) | A kind of single-point logging method and its system | |
| US20160381001A1 (en) | Method and apparatus for identity authentication between systems | |
| US20120159169A1 (en) | Bidirectional entity authentication method with introduction of online third party | |
| CN206212040U (en) | A kind of real-name authentication system for express delivery industry | |
| CN106302606B (en) | Across the application access method and device of one kind | |
| US20160241536A1 (en) | System and methods for user authentication across multiple domains | |
| CN105447715A (en) | Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party | |
| CN107360125A (en) | Access authentication method, WAP and user terminal | |
| CN108418812A (en) | A kind of intelligent terminal security message method of servicing based on credible performing environment | |
| CN110213195A (en) | A kind of login authentication method, server and user terminal | |
| CN106101064A (en) | Account login method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170322 |