CN106612246A - Unified authentication method for simulation identity - Google Patents
Unified authentication method for simulation identity Download PDFInfo
- Publication number
- CN106612246A CN106612246A CN201510682091.6A CN201510682091A CN106612246A CN 106612246 A CN106612246 A CN 106612246A CN 201510682091 A CN201510682091 A CN 201510682091A CN 106612246 A CN106612246 A CN 106612246A
- Authority
- CN
- China
- Prior art keywords
- user
- operation system
- application
- application system
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a unified authentication method for a simulation identity, and belongs to the technical field of computer application. The unified authentication method is characterized by comprising the steps of 1, multi-source system unified processing, 2, system integration and 3, unified authentication for the user identity. The advantages are that the method in the embodiment of the invention adopts a corresponding means of identity authentication and a means of performing unified processing on systems with different architectures so as to enable a user to log in a plurality of related systems to perform business processing by only a single user name and a single password when the user logs in the associated systems. Unified management, authority setting and the like are performed on the user. The unified authentication method lays a foundation for construction of an information service system through standardized administration of an information-based means, the safeguard service ability is improved in continuous promotion for the information-based infrastructure construction, a platform support is provided for comprehensively promoting the information construction, and a foundation is laid for the timeliness and the integrity of information resources.
Description
Technical field
The present invention relates to Computer Applied Technology field, it is specifically a kind of by all users are only needed to log in unified network address when related operation system is logged in, only need to carry out business handling during multiple related service systems are signed in by carrying out single username and password.A kind of uniform authentication method of simulation identity that user and rights management are managed collectively.
Background technology
Identity is the symbol that user shows identity to Internet Service Provider, and authentication is used for the legitimacy and effectiveness for verifying User Identity.User should recognize identity through identity authorization system before Internet resources are accessed first, according to the identity of user and authorization database, authentication server determines whether user is able to access that certain Internet resources.It can be said that identity authorization system is first critical point of whole network security system, the security service such as access control, audit all relies on the subscriber identity information provided by it.
Under current network environment, the access behavior of the user on the Internet and main frame effectively to be controlled, there are problems that some are insoluble, one of them important problem is exactly the global authentication of internet host system and access mandate problem.On the one hand, internet host is anonymous mostly, and identity cannot effectively be recognized and be verified, encourage the randomness of networks congestion control.On the other hand, access of the user to heterogeneous networks resource depends on the access control of these resources application layer of itself mostly, lacks a kind of unified mandate and access control mechanisms.
Additionally, existing identity there is also certain shortcoming with authentication system, major embodiment is in the following areas:
1st, existing application system or operation system independently use respective identity and Verification System, and interoperability is difficult.User Identity is combined together with specific application service, various Verification Systems can only independent operating, user accesses different Internet resources and must carry out repeatedly different certifications, lacks global unified User Identity and authentication mechanism.
2nd, existing various identity authorization systems are able to validate only whether user has the authority for accessing Internet resources, and the various actions of user cannot be tracked.Under existing security mechanism, when there is network safety event to occur, various tracing systems can only navigate to the source address that causes event and cannot determine rapidly corresponding person liable.
3rd, under heterogeneous system applied environment, complete the Data Integration of multiple heterogeneous applications modules, it is important to the Verify Your Identity questions during Data Integration are ensured, that is, ensure that correct people or identity get correct data using correct mode in the correct time.
Due to the framework difference of each system, Identity Authentication Mode is different, even and if same Identity Authentication Mode, the such as certification of usemame/password mode, same user be also likely to be present in the different situation of different system identity documents, same user has different username and passwords in different system.Therefore, when traditionally solving the data integration issues between heterogeneous module, need the authentication module for being adapted to its framework and certification mode individually to be developed for each specific application module, and then complete the acquisition to the module data final unified integration.
In order to solve the problems, such as the above, the present invention devises the uniform authentication method that a kind of user simulates identity, with reference to corresponding authentication means, the system of different frameworks is carried out into unitized process, realizes that user carries out business handling in multiple related systems being signed in by only needing to carry out single username and password when associated system is logged in.The problem of the aspects such as unified management and priority assignation is carried out to user.
The content of the invention
The drawbacks of in order to overcome prior art, the present invention devises the uniform authentication method that a kind of user simulates identity, unitized processing means are carried out using corresponding authentication means and to the system of different frameworks, realize that user carries out business handling in multiple related systems being signed in by only needing to carry out single username and password when associated system is logged in.The problem of the aspects such as unified management and priority assignation is carried out to user.By the standardized administration of information-based means, place mat is carried out for information service system construction, lifted in capital construction of persistently promoting IT application and ensure service ability, place mat is carried out to push forward informatization comprehensively and providing the real-time of platform and information resources, integrity.Change the life of people, promote the development of commercial production, urban construction and national defense industry, reach real electronic information and mutually merge with geographical information technology, so as to realize the popularization of smart city concept with application.
A kind of uniform authentication method of simulation identity, wherein, the method comprises the steps:
Step one, multi-source system is unitized to be processed:Interface in the application system and/or operation system of multiple different platforms is carried out into function of unity transformation, unified login authentication mode is formed;
Step 2, the system integration:All application systems and/or operation system carried out after function modificationses are managed concentratedly, unified landing platform are provided to access user;
Step 3, the unified certification of user identity:Unification authentication platform carries out unified user's checking to all of application system and/or operation system.
A kind of uniform authentication method of simulation identity, wherein, the unitize concrete steps of process of step one multi-source system include:
1.1, receive solicited message:The solicited message of the protocol type in different application systems and/or operation system is received;
1.2, form conversion:And different types of solicited message is carried out processing the message request information for being converted to consolidation form;
1.3, information inquiry:The data message inquired about in each application system and/or operation system by data-interface;
1.4, unitize and process:Isomorphism in application system and/or operation system, heterogeneous data information are carried out into unitized process, unified login authentication mode is formed, and is carried out data transmission according to demand.
A kind of uniform authentication method of simulation identity, wherein, the unitize concrete steps of process of step one multi-source system include:
1.1, reverse proxy service is added, unitized process is formed:Reverse proxy service is added before each application system and/or operation system;Solicited message to application system and/or operation system is sent on agent platform, then is forwarded to Jing after agent platform is processed in corresponding application system and/or operation system, form unified user log-in authentication mode;
1.2, agent rule configuration is carried out to reverse proxy:The login link that application system and/or operation system are provided is configured in reverse proxy.
A kind of uniform authentication method of simulation identity, wherein, the concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, user management:The application system and/or operation system user that participate in transformation are managed concentratedly,
2.3, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
2.4, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed;
2.5, empowerment management:According to role function, each application system and/or operation system authority are authorized on single role;User is authorized by the role after process according to user class, the access rights of user are divided;
2.6, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
A kind of uniform authentication method of simulation identity, wherein, the concrete steps of the step 2.1 system centralized management include:
A, system connection is added in authentication platform:Application system and/or operation system link are added in the authentication platform of current application;
B, chained address is changed:Former chained address is changed when user accesses, and the agent address after conversion is conducted interviews;
C, system user authority is managed concentratedly:The direct access entrance of each operation system is blocked, user authority management interface is blocked, all application systems and/or operation system user authority management are focused in the authentication platform of current application.
A kind of uniform authentication method of simulation identity, wherein, the concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, data sharing:Related data in user management in the application system and/or operation system of participation transformation is shared;
2.3, function is integrated:User role authority is carried out managing concentratedly, the centralized management:Comprising the addition to user role authority, modification, delete, with related application system and/or the real-time synchronization of operation system;
2.4, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
A kind of uniform authentication method of simulation identity, wherein, the step 2.2, the concrete steps of data sharing include:
2.2.1, user management:The application system and/or operation system user that participate in transformation are managed concentratedly;
2.2.2, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
2.23, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed.
A kind of uniform authentication method of simulation identity, wherein, the concrete steps of the unified certification of the step 3 user identity include:
3.1, user log-in authentication platform:Unique identity code is provided using user to application system and/or operation system, user logs in current unification authentication platform with identity code, and authentication platform generates User Token according to the user profile for logging in and the User Token is saved in the caching of browser;
3.2, user has access to corresponding system by authentication platform:User finds single application system and/or operation system from authentication platform and enters application system and/or during operation system, and the service of the browser of client according to corresponding address to application system and/or operation system conducts interviews;
3.3, system of users is accessed and is processed:The access request of the reverse proxy service for user of application system and/or operation system is forwarded and is processed accordingly.
A kind of uniform authentication method of simulation identity, wherein, the step system accesses the concrete steps for being processed to user to be included:
A, judges whether user is logged in system by authentication platform:Operation system verifies whether the access request is signed in in application system and/or operation system, if access request is not logged in current application system and/or operation system, then the access request is jumped in the certification page of unification authentication platform, if access request has been signed in in application system and/or operation system, current request is not intercepted;
B, authentication service:Certification page has logged in the User Token of unification authentication platform in obtaining current browser, and User Token is returned in the authentication service on unification authentication platform;
C, is turned browser in system by authentication service:Authentication service is spliced to User Token after the request of original application system and/or operation system, and browser is jumped in the request of respective application system and/or operation system;
D, verifies to User Token:After application system and/or operation system receive new request, User Token is got from solicited message User Token is verified by the interface of authentication service;
E, again certification:User authentication service verified to user with the corresponding relation of User Token according to the user in authentication platform, and the new User Token that the current user name for logging in is mutually matched with application system and/or operation system is returned after being proved to be successful;
F, realizes user's automated log on:Application system and/or operation system realize the automated log on of application system and/or operation system according to user name and new User Token by automated log on interface;
G, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
A kind of uniform authentication method of simulation identity, wherein, the concrete steps of the unified certification of the step 3 user identity include:
3.1, inquire about and extract user profile:User from unification authentication platform log in when, unification authentication platform verifies the effectiveness of the user, if validated user enter unification authentication platform, while generating the unified certification token of the user;
3.2, request is processed:User clicks on application system and/or operation system entrance, and unified certification token is merged by unification authentication platform with the access request of user;
3.3, safe handling is carried out to system:Safe handling is carried out to the information in application system and/or operation system;Partial information in application system and/or operation system is encrypted;
3.4, request forwarding:Solicited message after encryption is forwarded in the reverse proxy of corresponding service system;
3.5, decryption:After reverse proxy receives solicited message, solicited message is decrypted;
3.6, the checking of unified certification token:Reverse proxy is verified to unification authentication platform by interface after obtaining unified certification token, and obtains the user name of currently logged on user's correspondence application system and/or operation system;
3.7, automated log on:Row automated log on is tapped into according to the Login chain that application system and/or operation system are provided;
3.8, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
A kind of uniform authentication method of simulation identity, wherein, the method also includes step 4, and multi-user carries out system login process:When multi-user is logged in system simultaneously, unification authentication platform is carried out user profile using differential technique and is matched with application system and/or operation system, completes user's automated log on.
A kind of uniform authentication method of simulation identity, wherein, the uniform authentication method of the simulation identity is applied by Mobile exhibiting platform.
A kind of uniform authentication method of simulation identity, wherein, the uniform authentication method of the simulation identity is applied by fixed display platform.
A kind of uniform authentication method of simulation identity, wherein, the form between the application system and/or operation system is converted to by different files, can clearly write the call relation between service;By the form and specification of changing message, make between different system, to carry out message transmission.
A kind of uniform authentication method of simulation identity, wherein, the information in the application system and/or operation system, wherein information include:Spatial information, business information, attribute information, workflow information, important document information, user profile.
A kind of uniform authentication method of simulation identity, wherein, the spatial information is related to ground region, subterranean zone, public territory, commerce area, information processing, fusion is carried out in the region in enterprises and institutions, synergetic office work, is applied in presentation.
A kind of uniform authentication method of simulation identity, wherein, business information feature is classified by operation function, category of employment, region characteristic feature.
As can be seen here:
Method in the embodiment of the present invention carries out unitized processing means using corresponding authentication means and to the system of different frameworks, realizes that user carries out business handling in signing in multiple related systems by only needing to carry out single username and password when associated system is logged in.The problem of the aspects such as unified management and priority assignation is carried out to user.By the standardized administration of information-based means, place mat is carried out for information service system construction, lifted in capital construction of persistently promoting IT application and ensure service ability, place mat is carried out to push forward informatization comprehensively and providing the real-time of platform and information resources, integrity.Change the life of people, promote the development of commercial production, urban construction and national defense industry, reach real electronic information and mutually merge with geographical information technology, so as to realize the popularization of smart city concept with application.
Description of the drawings
One of schematic flow sheet performance of the uniform authentication method step of the simulation identity that Fig. 1 is provided for embodiments of the invention;
Fig. 2 is one of schematic flow sheet form of expression of the unitized process step of the multi-source system that provides in embodiments of the invention;
Fig. 3 is one of schematic flow sheet form of expression of the unitized process step of the multi-source system that provides in embodiments of the invention;
Fig. 4 is one of schematic flow sheet form of expression of system integration step in the embodiment of the present invention;
Fig. 5 manages the schematic flow sheet of step concentratedly for the system in the embodiment of the present invention;
One of the schematic flow sheet form of expression of the step of Fig. 6 is the unified certification of the user identity in the embodiment of the present invention;
Fig. 7 accesses the schematic flow sheet of the step of being processed for the system of users in the embodiment of the present invention;
One of the schematic flow sheet form of expression of the step of Fig. 8 is the unified certification of the user identity in the embodiment of the present invention;
One of schematic flow sheet form of expression of uniform authentication method step of simulation identity that Fig. 9 is provided for embodiments of the invention;
Figure 10 is one of schematic flow sheet form of expression of system integration step in the embodiment of the present invention.
Specific embodiment
In order that those skilled in the art more fully understand the present invention program, the present invention is described below in conjunction with accompanying drawing and specific embodiment in detail, the illustrative examples of the here present invention and illustrate for explaining the present invention but not as a limitation of the invention.
Embodiment 1:
The schematic flow sheet of the uniform authentication method of the simulation identity that Fig. 1 is provided for the present embodiment, as shown in figure 1, a kind of uniform authentication method of simulation identity, the method comprises the steps:
Step one, multi-source system is unitized to be processed:Interface in the application system and/or operation system of multiple different platforms is carried out into function of unity transformation, unified login authentication mode is formed;
Step 2, the system integration:All application systems and/or operation system carried out after function modificationses are managed concentratedly, unified landing platform are provided to access user;
Step 3, the unified certification of user identity:Unification authentication platform carries out unified user's checking to all of application system and/or operation system.
A kind of uniform authentication method of simulation identity as shown in Figure 2, wherein, the unitize concrete steps of process of step one multi-source system include:
1.1, receive solicited message:The solicited message of the protocol type in different application systems and/or operation system is received;
1.2, form conversion:And different types of solicited message is carried out processing the message request information for being converted to consolidation form;
1.3, information inquiry:The data message inquired about in each application system and/or operation system by data-interface;
1.4, unitize and process:Isomorphism in application system and/or operation system, heterogeneous data information are carried out into unitized process, unified login authentication mode is formed, and is carried out data transmission according to demand.
A kind of uniform authentication method of simulation identity as shown in Figure 4, wherein, the concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, user management:The application system and/or operation system user that participate in transformation are managed concentratedly,
2.3, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
2.4, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed;
2.5, empowerment management:According to role function, each application system and/or operation system authority are authorized on single role;User is authorized by the role after process according to user class, the access rights of user are divided;
2.6, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
A kind of uniform authentication method of simulation identity as shown in Figure 5, wherein, the concrete steps of the step 2.1 system centralized management include:
A, system connection is added in authentication platform:Application system and/or operation system link are added in the authentication platform of current application;
B, system user authority is managed concentratedly:The direct access entrance of each operation system is blocked, user authority management interface is blocked, all application systems and/or operation system user authority management are focused in the authentication platform of current application.
A kind of uniform authentication method of simulation identity as shown in Figure 6, wherein, the concrete steps of the unified certification of the step 3 user identity include:
3.1, user log-in authentication platform:Unique identity code is provided using user to application system and/or operation system, user logs in current unification authentication platform with identity code, and authentication platform generates User Token according to the user profile for logging in and the User Token is saved in the caching of browser;
3.2, user has access to corresponding system by authentication platform:User finds single application system and/or operation system from authentication platform and enters application system and/or during operation system, and the service of the browser of client according to corresponding address to application system and/or operation system conducts interviews;
3.3, system of users is accessed and is processed:Application system and/or operation system are processed accordingly to the access request of user.
A kind of uniform authentication method of simulation identity as shown in Figure 7, wherein, the step system accesses the concrete steps for being processed to user to be included:
A, judges whether user is logged in system by authentication platform:Operation system verifies whether the access request is signed in in application system and/or operation system, if access request is not logged in current application system and/or operation system, then the access request is jumped in the certification page of unification authentication platform, if access request has been signed in in application system and/or operation system, current request is not intercepted;
B, authentication service:Certification page has logged in the User Token of unification authentication platform in obtaining current browser, and User Token is returned in the authentication service on unification authentication platform;
C, is turned browser in system by authentication service:Authentication service is spliced to User Token after the request of original application system and/or operation system, and browser is jumped in the request of respective application system and/or operation system;
D, verifies to User Token:After application system and/or operation system receive new request, User Token is got from solicited message User Token is verified by the interface of authentication service;
E, again certification:User authentication service verified to user with the corresponding relation of User Token according to the user in authentication platform, and the new User Token that the current user name for logging in is mutually matched with application system and/or operation system is returned after being proved to be successful;
F, realizes user's automated log on:Application system and/or operation system realize the automated log on of application system and/or operation system according to user name and new User Token by automated log on interface;
G, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
In specific embodiment:The uniform authentication method of the simulation identity is applied by Mobile exhibiting platform.
In specific embodiment:The uniform authentication method of the simulation identity is applied by fixed display platform.
In specific embodiment:Form between the application system and/or operation system is converted to by different files, can clearly write the call relation between service;By the form and specification of changing message, make between different system, to carry out message transmission.
In specific embodiment:Information in the application system and/or operation system, wherein information include:Spatial information, business information, attribute information, workflow information, important document information, user profile.
In specific embodiment:The spatial information is related to ground region, subterranean zone, public territory, commerce area, information processing, fusion is carried out in the region in enterprises and institutions, synergetic office work, is applied in presentation.
In specific embodiment:Business information feature is classified by operation function, category of employment, region characteristic feature.
Below with a specific embodiment illustrating, implementation is as follows:
The communication protocol that each operation system of combing is used, and each quasi-protocol is changed using ESB on unification authentication platform, realize support of the unification authentication platform to each quasi-protocol.
Transformation operation system, comprises the following steps that:
1st, blocker is increased newly in the original system the superiors, intercept all system requests, and whether checking request has signed in system, as being not logged in, request is jumped to into the user's checking page of unification authentication platform;
2nd, the interface specification provided according to unification authentication platform, the user right information form of each operation system of unification, is that unified user authority management is laid the groundwork.
3rd, data-query interfaces are provided, realizes the real-time query in unification authentication platform to information such as each operation system Operation Logs.
4th, automated log on interface is provided, and is supplied to the user's information of operation system to be verified by unification authentication platform, realize automated log on, unification authentication platform returns to the user profile of operation system mainly user name, password, active client ip etc..
The information such as systematic name, the reference address of the operation system of transformation will be participated in be registered on unification authentication platform by the management function that unification authentication platform is provided, unification authentication platform provides the unified system list page and is shown;Unification authentication platform can generate unique ID of the operation system according to system registration information, and the user of concentration, role, rights management are organized in units of system according to the ID.
By the configuration of DNS or gateway device, blocking accesses the direct access of the operation system of unification authentication platform, and in the authority of operation system recovery user authority management, is that the unified management of user right is layed foundation.
The automated log on mode that the system of different agreement is provided is integrated using ESB or other protocol conversion instruments, the unified certification mode for all operation systems is formed, unification authentication platform is externally provided the unified interface that user's checking is carried out by http agreements.
The user of operation system, role, authority and authorization message are synchronized to by unification authentication platform data base by data base or routine interface, and unification authentication platform and operation system data syn-chronization function are realized using database trigger or routine interface;Unification authentication platform provides unified administration interface for all operation systems, realizes that user, role, the addition of authority, modification, deletion etc. are operated, and provides the Authorized operation to each operation system;After the completion of data syn-chronization, unification authentication platform is that each operation system user distributes unique account, and the association generation unification authentication platform account and the corresponding relation of operation system account by related data, user is with the unique account login unification authentication platform of unification authentication platform and can sign in other operation systems.
When unique account password login unification authentication platform of the user with unification authentication platform, whether platform validation user is effective, after user's checking passes through, unification authentication platform can generate this corresponding with the account and log in token, the token can be stored in the session and client browser cookie of unified certification service respectively, and is returned unification authentication platform and logined successfully the page.
When user accesses application system from the system list of unification authentication platform,Operation system first verifies that after being connected to access request whether current request logs in,I.e. current request whether there is corresponding server session,If session has been logged in,Then the request is not processed,As being not logged in, the request is jumped to into the user's checking page of unification authentication platform,Whether there is unified certification token in user's checking page check browser,If do not existed,Then by the login page of page jump to unification authentication platform,As existed,Then the user authentication page obtains the User Token information in browser,And the token is spliced to after former operation system request,Certification page is redirected requests in operation system again,Operation system blocker is after request is connected to,Obtain the User Token in request,By the token authentication interface that unification authentication platform is provided, operation system verifies whether the token has signed in unification authentication platform,After unification authentication platform is proved to be successful,By the user name of the current corresponding operation system of user for logging in unification authentication platform、The user profile such as the ip of password and active user return to operation system,Operation system is using the user profile of current system by calling the automated log on of automated log on Interface for System,And return system homepage.
Embodiment 2:
The schematic flow sheet of the uniform authentication method of the simulation identity that Fig. 9 is provided for the present embodiment, as shown in figure 9, a kind of uniform authentication method of simulation identity, the method comprises the steps:
Step one, multi-source system is unitized to be processed:Interface in the application system and/or operation system of multiple different platforms is carried out into function of unity transformation, unified login authentication mode is formed;
Step 2, the system integration:All application systems and/or operation system carried out after function modificationses are managed concentratedly, unified landing platform are provided to access user;
Step 3, the unified certification of user identity:Unification authentication platform carries out unified user's checking to all of application system and/or operation system;
Step 4, multi-user carry out system login process:When multi-user is logged in system simultaneously, unification authentication platform is carried out user profile using differential technique and is matched with application system and/or operation system, completes user's automated log on.
A kind of uniform authentication method of simulation identity as shown in Figure 3, wherein, the unitize concrete steps of process of step one multi-source system include:
1.1, reverse proxy service is added, unitized process is formed:Reverse proxy service is added before each application system and/or operation system;Solicited message to application system and/or operation system is sent on agent platform, then is forwarded to Jing after agent platform is processed in corresponding application system and/or operation system, form unified user log-in authentication mode;
1.2, agent rule configuration is carried out to reverse proxy:The login link that application system and/or operation system are provided is configured in reverse proxy.
A kind of uniform authentication method of simulation identity as shown in Figure 10, wherein, the concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, data sharing:Related data in user management in the application system and/or operation system of participation transformation is shared;
2.3, function is integrated:User role authority is carried out managing concentratedly, the centralized management:Comprising the addition to user role authority, modification, delete, with related application system and/or the real-time synchronization of operation system;
2.4, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
In specific embodiment, described 2.2, the concrete steps of data sharing include:
2.2.1, user management:The application system and/or operation system user that participate in transformation are managed concentratedly;
2.2.2, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
2.23, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed;
A kind of uniform authentication method of simulation identity as shown in Figure 5, wherein, the concrete steps of the step 2.1 system centralized management include:
A, system connection is added in authentication platform:Application system and/or operation system link are added in the authentication platform of current application;
B, chained address is changed:Former chained address is changed when user accesses, and the agent address after conversion is conducted interviews;
C, system user authority is managed concentratedly:The direct access entrance of each operation system is blocked, user authority management interface is blocked, all application systems and/or operation system user authority management are focused in the authentication platform of current application.
A kind of uniform authentication method of simulation identity as shown in Figure 8, wherein, the concrete steps of the unified certification of the step 3 user identity include:
3.1, inquire about and extract user profile:User from unification authentication platform log in when, unification authentication platform verifies the effectiveness of the user, if validated user enter unification authentication platform, while generating the unified certification token of the user;
3.2, request is processed:User clicks on application system and/or operation system entrance, and unified certification token is merged by unification authentication platform with the access request of user;
3.3, safe handling is carried out to system:Safe handling is carried out to the information in application system and/or operation system;Partial information in application system and/or operation system is encrypted;
3.4, request forwarding:Solicited message after encryption is forwarded in the reverse proxy of corresponding service system;
3.5, decryption:After reverse proxy receives solicited message, solicited message is decrypted;
3.6, the checking of unified certification token:Reverse proxy is verified to unification authentication platform by interface after obtaining unified certification token, and obtains the user name of currently logged on user's correspondence application system and/or operation system;
3.7, automated log on:Row automated log on is tapped into according to the Login chain that application system and/or operation system are provided;
3.8, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
In specific embodiment:The uniform authentication method of the simulation identity is applied by Mobile exhibiting platform.
In specific embodiment:The uniform authentication method of the simulation identity is applied by fixed display platform.
In specific embodiment:Form between the application system and/or operation system is converted to by different files, can clearly write the call relation between service;By the form and specification of changing message, make between different system, to carry out message transmission.
In specific embodiment:Information in the application system and/or operation system, wherein information include:Spatial information, business information, attribute information, workflow information, important document information, user profile.
In specific embodiment:The spatial information is related to ground region, subterranean zone, public territory, commerce area, information processing, fusion is carried out in the region in enterprises and institutions, synergetic office work, is applied in presentation.
In specific embodiment:Business information feature is classified by operation function, category of employment, region characteristic feature.
Below with a specific embodiment illustrating:
The technology design of the present embodiment is identical with the technology design of technical scheme and embodiment 1, therefore the constructed part that will not be described here.
Below with a specific embodiment illustrating, implementation is as follows:
The service arrangement situation and network architecture situation of each operation system of combing first, unification authentication platform client is equipped with as reverse proxy for each operation system, reverse proxy is configured to monitor domain name, the port of original system, all access Jing to operation system are by agency's forwarding.
The configuration feature provided using reverse proxy, the reverse proxy rule of configuration service system, addition need not carry out request address, automated log on request address of user's checking etc..
The realization of reverse proxy is based on network communication, when client sends request to operation system service, when request is arrived first in acting on behalf of, agency service can be filtered to request by the rule of configuration, when request is matched with the rule for configuring, agency service can carry out processing forward to request by corresponding configuration;
Operation system title and reference address are registered on unification authentication platform by the management function that unification authentication platform is provided, unification authentication platform can generate unique system identifier, and the user of concentration, role, rights management are organized in units of system according to the ID.
The user of each operation system, role, authority and authorization message are synchronized in unification authentication platform data base by the data syn-chronization instrument that agency service is provided;The data syn-chronization instrument of agency service can directly by configuring the specify information read in operation system data base, and by information by unification authentication platform message structure requirement, by the data base of agency service and the interface synchronization to unification authentication platform of unification authentication platform;Simultaneously, when user carries out user right operation by unification authentication platform to operation system, unification authentication platform is synchronized to associative operation in operation system using the message communication with agency service, realizes the real time data synchronization of unification authentication platform and operation system.
Unification authentication platform is according to the synchronous user right data of each operation system, in units of operation system, all data are provided with unified administration interface, and realizes the utilitarian functions such as the duplication addition of user between unification authentication platform user and operation system user, operation system, incidence relation generation.
The configuration application of operation system reverse proxy is come into force, realize blocking operation system direct access and the direct operation in operation system to user right, force user using unification authentication platform as built-in system sole inlet.
When user is with unification authentication platform User logs in unification authentication platform, unification authentication platform is contrasted with existing user in data base, the effectiveness of checking user, the information such as the user name to user, password, common IP end are needed to verify according to system requirements, after being verified, unification authentication platform can generate unique unified certification token corresponding with active user, and on the one hand platform is cached to token in unified certification service, on the other hand token is sent in user browser and is cached;After User logs in success, the operation system list that user has permission to access can be showed user, user access corresponding operation system by the list according to the authority of active user by unification authentication platform.
When user clicks on access service system in the operation system list of unification authentication platform, unification authentication platform is by unified certification token with the interim token character string of the Form generation of token=value, Jing after DES algorithm for encryption, after the access link of encrypted result string-concatenation to operation system;Reverse proxy is when access request is received, the request is intercepted by the rule of configuration, after unified certification token after encryption is obtained, the unified certification token after encrypting is sent to unification authentication platform by interface and is verified by agency service, unification authentication platform is verified to token according to the information in system cache after obtaining the unified certification token after decryption, and token corresponding user profile is returned to into operation system agency, agency realizes the automated log on of operation system with the user profile by the link that operation system is provided, login successfully rear operation system main interface and will return to user, realization is once logged in, the whole network is roamed.
Aforesaid system description and structural representation are provided only as exemplary example and which is not intended to need or imply the step of must performing aforesaid operations or various aspects with given order.As it will be appreciated by those skilled in the art that, the order of the frame in aforementioned aspect can be performed in any order.Such as " thereafter ", " and then ", the word of " following " or the like be not intended to limit the order of operation or step;These words are only used for the description for guiding reader's traversal to method.Additionally, any singular reference to claim element, for example, be not construed as the element being limited to odd number using article " ", " one " or " being somebody's turn to do ".
Various illustrative box, module, circuit and algorithm steps with reference to aspect disclosed herein description can be implemented as electronic hardware, computer software or its combination.In order to clearly show that the interchangeability between hardware and software, overall description is carried out around its function to various illustrative components, frame, module, circuit and step above.Hardware is implemented as this function and is also implemented as software, the design constraint applied depending on specific application and to whole system.Those skilled in the art can be directed to each specific application, and described function is realized in the way of accommodation, but, it is this to realize that decision-making should not be interpreted as causing disengaging protection scope of the present invention.
Method in the embodiment of the present invention carries out unitized processing means using corresponding authentication means and to the system of different frameworks, realizes that user carries out business handling in signing in multiple related systems by only needing to carry out single username and password when associated system is logged in.The problem of the aspects such as unified management and priority assignation is carried out to user.By the standardized administration of information-based means, place mat is carried out for information service system construction, lifted in capital construction of persistently promoting IT application and ensure service ability, place mat is carried out to push forward informatization comprehensively and providing the real-time of platform and information resources, integrity.Change the life of people, promote the development of commercial production, urban construction and national defense industry, reach real electronic information and mutually merge with geographical information technology, so as to realize the popularization of smart city concept with application.
The described above of disclosed aspect is provided, so that any person skilled in the art can realize or using the present invention.To those skilled in the art, the various modifications in terms of these will be apparent, and general principles defined herein can also be applied to other embodiments in the case of without deviating from the spirit and scope of the disclosed invention.Therefore, the present invention is not intended to be limited to aspect given herein, but with meet the most wide scope consistent with principle disclosed herein and novel feature.
Claims (12)
1. it is a kind of simulation identity uniform authentication method, it is characterised in that:The method comprises the steps:
Step one, multi-source system is unitized to be processed:Interface in the application system and/or operation system of multiple different platforms is carried out into function of unity transformation, unified login authentication mode is formed;
Step 2, the system integration:All application systems and/or operation system carried out after function modificationses are managed concentratedly, unified landing platform are provided to access user;
Step 3, the unified certification of user identity:Unification authentication platform carries out unified user's checking to all of application system and/or operation system.
2. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The unitize concrete steps of process of step one multi-source system include:
1.1, receive solicited message:The solicited message of the protocol type in different application systems and/or operation system is received;
1.2, form conversion:And different types of solicited message is carried out processing the message request information for being converted to consolidation form;
1.3, information inquiry:The data message inquired about in each application system and/or operation system by data-interface;
1.4, unitize and process:Isomorphism in application system and/or operation system, heterogeneous data information are carried out into unitized process, unified login authentication mode is formed, and is carried out data transmission according to demand.
3. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The unitize concrete steps of process of step one multi-source system include:
1.1, reverse proxy service is added, unitized process is formed:Reverse proxy service is added before each application system and/or operation system;Solicited message to application system and/or operation system is sent on agent platform, then is forwarded to Jing after agent platform is processed in corresponding application system and/or operation system, form unified user log-in authentication mode;
1.2, agent rule configuration is carried out to reverse proxy:The login link that application system and/or operation system are provided is configured in reverse proxy.
4. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, user management:The application system and/or operation system user that participate in transformation are managed concentratedly,
2.3, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
2.4, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed;
2.5, empowerment management:According to role function, each application system and/or operation system authority are authorized on single role;User is authorized by the role after process according to user class, the access rights of user are divided;
2.6, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
5. it is according to claim 4 it is a kind of simulation identity uniform authentication method, it is characterised in that:The concrete steps of the step 2.1 system centralized management include:
A, system connection is added in authentication platform:Application system and/or operation system link are added in the authentication platform of current application;
B, chained address is changed:Former chained address is changed when user accesses, and the agent address after conversion is conducted interviews;
C, system user authority is managed concentratedly:The direct access entrance of each operation system is blocked, user authority management interface is blocked, all application systems and/or operation system user authority management are focused in the authentication platform of current application.
6. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The concrete steps of the step 2 system integration include:
2.1, system centralized management:The entrance of each application system and/or operation system is carried out managing concentratedly, shown;
2.2, data sharing:Related data in user management in the application system and/or operation system of participation transformation is shared;
2.3, function is integrated:User role authority is carried out managing concentratedly, the centralized management:Comprising the addition to user role authority, modification, delete, with related application system and/or the real-time synchronization of operation system;
2.4, there is provided system integration interface:Different application systems and/or the integrated interface of operation system are provided the user according to user class, user right.
7. it is according to claim 6 it is a kind of simulation identity uniform authentication method, it is characterised in that:The step 2.2, the concrete steps of data sharing include:
2.2.1, user management:The application system and/or operation system user that participate in transformation are managed concentratedly;
2.2.2, Role Management:The application system and/or operation system role that participate in transformation are managed concentratedly, partition of the level is carried out to the manager of different rights;
23, rights management:The authority for participating in the application system module and/or operation system module of transformation is managed concentratedly, and all system modules are managed.
8. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The concrete steps of the unified certification of the step 3 user identity include:
3.1, user log-in authentication platform:Unique identity code is provided using user to application system and/or operation system, user logs in current unification authentication platform with identity code, and authentication platform generates User Token according to the user profile for logging in and the User Token is saved in the caching of browser;
3.2, user has access to corresponding system by authentication platform:User finds single application system and/or operation system from authentication platform and enters application system and/or during operation system, and the service of the browser of client according to corresponding address to application system and/or operation system conducts interviews;
3.3, system of users is accessed and is processed:The access request of the reverse proxy service for user of application system and/or operation system is forwarded and is processed accordingly.
9. it is according to claim 8 it is a kind of simulation identity uniform authentication method, it is characterised in that:The step system accesses the concrete steps for being processed to user to be included:
A, judges whether user is logged in system by authentication platform:Operation system verifies whether the access request is signed in in application system and/or operation system, if access request is not logged in current application system and/or operation system, then the access request is jumped in the certification page of unification authentication platform, if access request has been signed in in application system and/or operation system, current request is not intercepted;
B, authentication service:Certification page has logged in the User Token of unification authentication platform in obtaining current browser, and User Token is returned in the authentication service on unification authentication platform;
C, is turned browser in system by authentication service:Authentication service is spliced to User Token after the request of original application system and/or operation system, and browser is jumped in the request of respective application system and/or operation system;
D, verifies to User Token:After application system and/or operation system receive new request, User Token is got from solicited message User Token is verified by the interface of authentication service;
E, again certification:User authentication service verified to user with the corresponding relation of User Token according to the user in authentication platform, and the new User Token that the current user name for logging in is mutually matched with application system and/or operation system is returned after being proved to be successful;
F, realizes user's automated log on:Application system and/or operation system realize the automated log on of application system and/or operation system according to user name and new User Token by automated log on interface;
G, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
10. it is according to claim 1 it is a kind of simulation identity uniform authentication method, it is characterised in that:The concrete steps of the unified certification of the step 3 user identity include:
3.1, inquire about and extract user profile:User from unification authentication platform log in when, unification authentication platform verifies the effectiveness of the user, if validated user enter unification authentication platform, while generating the unified certification token of the user;
3.2, request is processed:User clicks on application system and/or operation system entrance, and unified certification token is merged by unification authentication platform with the access request of user;
3.3, safe handling is carried out to system:Safe handling is carried out to the information in application system and/or operation system;Partial information in application system and/or operation system is encrypted;
3.4, request forwarding:Solicited message after encryption is forwarded in the reverse proxy of corresponding service system;
3.5, decryption:After reverse proxy receives solicited message, solicited message is decrypted;
3.6, the checking of unified certification token:Reverse proxy is verified to unification authentication platform by interface after obtaining unified certification token, and obtains the user name of currently logged on user's correspondence application system and/or operation system;
3.7, automated log on:Row automated log on is tapped into according to the Login chain that application system and/or operation system are provided;
3.8, system interface is presented:After user's automated log on success, business interface is returned in browser for users to use by application system and/or operation system.
A kind of 11. uniform authentication methods of simulation identity according to claim 1, it is characterised in that:The method also includes step 4, and multi-user carries out system login process:When multi-user is logged in system simultaneously, unification authentication platform is carried out user profile using differential technique and is matched with application system and/or operation system, completes user's automated log on.
A kind of uniform authentication method of the 12. simulation identity according to claim 1-11, it is characterised in that:The uniform authentication method of the simulation identity is applied by Mobile exhibiting platform;The uniform authentication method of the simulation identity is applied by fixed display platform;Form between the application system and/or operation system is converted to by different files, can clearly write the call relation between service;By the form and specification of changing message, make between different system, to carry out message transmission;Information in the application system and/or operation system, wherein information include:Spatial information, business information, attribute information, workflow information, important document information, user profile;The spatial information is related to ground region, subterranean zone, public territory, commerce area, information processing, fusion is carried out in the region in enterprises and institutions, synergetic office work, is applied in presentation;Described its business information feature is classified by operation function, category of employment, region characteristic feature.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510682091.6A CN106612246A (en) | 2015-10-21 | 2015-10-21 | Unified authentication method for simulation identity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510682091.6A CN106612246A (en) | 2015-10-21 | 2015-10-21 | Unified authentication method for simulation identity |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106612246A true CN106612246A (en) | 2017-05-03 |
Family
ID=58610657
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510682091.6A Pending CN106612246A (en) | 2015-10-21 | 2015-10-21 | Unified authentication method for simulation identity |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106612246A (en) |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107172049A (en) * | 2017-05-19 | 2017-09-15 | 北京信安世纪科技有限公司 | A kind of intelligent identity identification system |
| CN107222523A (en) * | 2017-05-04 | 2017-09-29 | 北京京电电网维护集团有限公司 | Data processing method, the device and system of terminal |
| CN107508818A (en) * | 2017-09-04 | 2017-12-22 | 安徽国广数字科技有限公司 | A kind of unification authentication platform reverse authorization method based on application role |
| CN108092806A (en) * | 2017-12-11 | 2018-05-29 | 国云科技股份有限公司 | A kind of administration of multiple roles method based on cloudy platform |
| CN108173850A (en) * | 2017-12-28 | 2018-06-15 | 杭州趣链科技有限公司 | A kind of identity authorization system and identity identifying method based on block chain intelligence contract |
| CN108259458A (en) * | 2017-09-30 | 2018-07-06 | 中国平安人寿保险股份有限公司 | Application software account relating method, apparatus and storage medium |
| CN108985701A (en) * | 2017-06-02 | 2018-12-11 | 北京金融资产交易所有限公司 | A kind of No.1 way system and its data managing method |
| CN109033809A (en) * | 2018-07-06 | 2018-12-18 | 航天星图科技(北京)有限公司 | A kind of user's integrated system and method based on application role's trustship |
| CN109087227A (en) * | 2018-09-06 | 2018-12-25 | 安徽晶奇网络科技股份有限公司 | A kind of social helping monitoring and critical-path analysis system |
| CN109286620A (en) * | 2018-09-25 | 2019-01-29 | 平安科技(深圳)有限公司 | Method for managing user right, system, equipment and computer readable storage medium |
| CN109462601A (en) * | 2018-12-13 | 2019-03-12 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN109547432A (en) * | 2018-11-19 | 2019-03-29 | 中国银行股份有限公司 | Multisystem verification method and device, storage medium and electronic equipment |
| CN109558711A (en) * | 2018-11-09 | 2019-04-02 | 平安科技(深圳)有限公司 | The page login method and device of big data component |
| CN110187870A (en) * | 2019-05-22 | 2019-08-30 | 中电科华云信息技术有限公司 | A kind of shared integrated system based on business module |
| CN110519236A (en) * | 2019-08-07 | 2019-11-29 | 武汉金百瑞科技股份有限公司 | A kind of method of safe account and permission control under website cluster |
| CN110535652A (en) * | 2019-07-01 | 2019-12-03 | 广州昆仑科技有限公司 | A kind of system and method by each operation system data integration displaying and unified login |
| CN110572430A (en) * | 2019-07-30 | 2019-12-13 | 云南昆钢电子信息科技有限公司 | identity data synchronization system and method based on timing task |
| CN110611656A (en) * | 2019-08-15 | 2019-12-24 | 中国人民银行数字货币研究所 | Identity management method, device and system based on master identity multiple mapping |
| CN110673967A (en) * | 2019-09-26 | 2020-01-10 | 中电万维信息技术有限责任公司 | Cluster system and access and call-out method based on EJB, ActiveMQ and ESB |
| CN110706143A (en) * | 2019-09-26 | 2020-01-17 | 中电万维信息技术有限责任公司 | Identity authentication method and device based on government affair service |
| CN110750780A (en) * | 2019-10-16 | 2020-02-04 | 北京微星优财网络科技有限公司 | User role permission fusion method, device and equipment based on multi-service system |
| CN111078736A (en) * | 2019-11-06 | 2020-04-28 | 用友网络科技股份有限公司 | Data aggregation processing method and device, terminal and storage medium |
| CN111291340A (en) * | 2020-03-05 | 2020-06-16 | 浪潮通用软件有限公司 | Unified identity authentication management system and method |
| CN111447222A (en) * | 2020-03-26 | 2020-07-24 | 广东电网有限责任公司 | Distributed system authority authentication system and method based on micro-service architecture |
| CN111488095A (en) * | 2020-04-07 | 2020-08-04 | 中国人民财产保险股份有限公司 | User login management method and device |
| CN111510461A (en) * | 2020-04-26 | 2020-08-07 | 成都安恒信息技术有限公司 | System and method for managing WEB application centralized release authority |
| CN111711679A (en) * | 2020-06-09 | 2020-09-25 | 宏图智能物流股份有限公司 | Warehouse network unified management platform method |
| CN111984965A (en) * | 2020-08-31 | 2020-11-24 | 成都安恒信息技术有限公司 | Multi-source user management authentication system and method based on operation and maintenance audit system |
| CN112003818A (en) * | 2020-07-04 | 2020-11-27 | 中信银行股份有限公司 | Identity authentication method and identity authentication system |
| CN113301045A (en) * | 2021-05-25 | 2021-08-24 | 四川虹魔方网络科技有限公司 | Login service access security control method |
| CN113742749A (en) * | 2021-09-10 | 2021-12-03 | 广州市奥威亚电子科技有限公司 | Method, device and equipment for managing platform user authority and storage medium |
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
| CN113992408A (en) * | 2021-10-27 | 2022-01-28 | 上海妃鱼网络科技有限公司 | Multi-system unified login information processing method and system |
| CN114095266A (en) * | 2021-11-19 | 2022-02-25 | 深圳市雷鸟网络传媒有限公司 | Login authentication method and device, electronic equipment and readable storage medium |
| CN114422182A (en) * | 2021-12-13 | 2022-04-29 | 以萨技术股份有限公司 | Unified identity management platform |
| CN114500031A (en) * | 2022-01-21 | 2022-05-13 | 浙江惠瀜网络科技有限公司 | System, method, electronic device and medium for obtaining BI report form based on single sign-on |
| CN114567460A (en) * | 2022-01-30 | 2022-05-31 | 上海浦东发展银行股份有限公司 | Identity authentication method of ESB port to access system |
| CN114900336A (en) * | 2022-04-18 | 2022-08-12 | 中国航空工业集团公司沈阳飞机设计研究所 | Cross-unit secure sharing method and system for application system |
| CN115589333A (en) * | 2022-11-11 | 2023-01-10 | 中电金信软件有限公司 | Access request authentication method, device and system and electronic equipment |
| CN117354051A (en) * | 2023-12-04 | 2024-01-05 | 明阳点时科技(沈阳)有限公司 | Opensearch Dashboards unified login realization method and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
| CN103839138A (en) * | 2014-03-08 | 2014-06-04 | 成都文昊科技有限公司 | System for supporting interaction of multiple heterogeneous systems |
-
2015
- 2015-10-21 CN CN201510682091.6A patent/CN106612246A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103560888A (en) * | 2013-11-05 | 2014-02-05 | 江苏先安科技有限公司 | Digital certificate-based unified authentication login method for integrating multiple application systems |
| CN103839138A (en) * | 2014-03-08 | 2014-06-04 | 成都文昊科技有限公司 | System for supporting interaction of multiple heterogeneous systems |
Non-Patent Citations (3)
| Title |
|---|
| 孙超: ""异构集成环境下的统一身份认证系统"", 《中国优秀硕士学位论文全文数据库》 * |
| 畅文丁: ""浅谈统一认证方案中正向代理和方向代理两种技术的集成实现"", 《中国传媒科技》 * |
| 费青松: ""数字校园统一身份认证的研究与设计"", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (56)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107222523A (en) * | 2017-05-04 | 2017-09-29 | 北京京电电网维护集团有限公司 | Data processing method, the device and system of terminal |
| CN107222523B (en) * | 2017-05-04 | 2021-03-26 | 北京京电电网维护集团有限公司 | Terminal data processing method, device and system |
| CN107172049A (en) * | 2017-05-19 | 2017-09-15 | 北京信安世纪科技有限公司 | A kind of intelligent identity identification system |
| CN108985701A (en) * | 2017-06-02 | 2018-12-11 | 北京金融资产交易所有限公司 | A kind of No.1 way system and its data managing method |
| CN107508818A (en) * | 2017-09-04 | 2017-12-22 | 安徽国广数字科技有限公司 | A kind of unification authentication platform reverse authorization method based on application role |
| CN108259458A (en) * | 2017-09-30 | 2018-07-06 | 中国平安人寿保险股份有限公司 | Application software account relating method, apparatus and storage medium |
| CN108259458B (en) * | 2017-09-30 | 2021-12-28 | 中国平安人寿保险股份有限公司 | Application software account correlation method and device and storage medium |
| CN108092806A (en) * | 2017-12-11 | 2018-05-29 | 国云科技股份有限公司 | A kind of administration of multiple roles method based on cloudy platform |
| CN108173850B (en) * | 2017-12-28 | 2021-03-19 | 杭州趣链科技有限公司 | Identity authentication system and identity authentication method based on block chain intelligent contract |
| CN108173850A (en) * | 2017-12-28 | 2018-06-15 | 杭州趣链科技有限公司 | A kind of identity authorization system and identity identifying method based on block chain intelligence contract |
| CN109033809A (en) * | 2018-07-06 | 2018-12-18 | 航天星图科技(北京)有限公司 | A kind of user's integrated system and method based on application role's trustship |
| CN109087227A (en) * | 2018-09-06 | 2018-12-25 | 安徽晶奇网络科技股份有限公司 | A kind of social helping monitoring and critical-path analysis system |
| CN109286620B (en) * | 2018-09-25 | 2022-07-08 | 平安科技(深圳)有限公司 | User right management method, system, device and computer readable storage medium |
| CN109286620A (en) * | 2018-09-25 | 2019-01-29 | 平安科技(深圳)有限公司 | Method for managing user right, system, equipment and computer readable storage medium |
| CN109558711A (en) * | 2018-11-09 | 2019-04-02 | 平安科技(深圳)有限公司 | The page login method and device of big data component |
| CN109547432A (en) * | 2018-11-19 | 2019-03-29 | 中国银行股份有限公司 | Multisystem verification method and device, storage medium and electronic equipment |
| CN109547432B (en) * | 2018-11-19 | 2020-11-27 | 中国银行股份有限公司 | Multi-system verification method and device, storage medium and electronic equipment |
| CN109462601A (en) * | 2018-12-13 | 2019-03-12 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN109462601B (en) * | 2018-12-13 | 2020-12-22 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN110187870A (en) * | 2019-05-22 | 2019-08-30 | 中电科华云信息技术有限公司 | A kind of shared integrated system based on business module |
| CN110535652A (en) * | 2019-07-01 | 2019-12-03 | 广州昆仑科技有限公司 | A kind of system and method by each operation system data integration displaying and unified login |
| CN110572430A (en) * | 2019-07-30 | 2019-12-13 | 云南昆钢电子信息科技有限公司 | identity data synchronization system and method based on timing task |
| CN110519236B (en) * | 2019-08-07 | 2022-05-24 | 武汉金百瑞科技股份有限公司 | Method for controlling safe account and authority under website cluster |
| CN110519236A (en) * | 2019-08-07 | 2019-11-29 | 武汉金百瑞科技股份有限公司 | A kind of method of safe account and permission control under website cluster |
| CN110611656A (en) * | 2019-08-15 | 2019-12-24 | 中国人民银行数字货币研究所 | Identity management method, device and system based on master identity multiple mapping |
| CN110673967A (en) * | 2019-09-26 | 2020-01-10 | 中电万维信息技术有限责任公司 | Cluster system and access and call-out method based on EJB, ActiveMQ and ESB |
| CN110706143A (en) * | 2019-09-26 | 2020-01-17 | 中电万维信息技术有限责任公司 | Identity authentication method and device based on government affair service |
| CN110750780A (en) * | 2019-10-16 | 2020-02-04 | 北京微星优财网络科技有限公司 | User role permission fusion method, device and equipment based on multi-service system |
| CN111078736A (en) * | 2019-11-06 | 2020-04-28 | 用友网络科技股份有限公司 | Data aggregation processing method and device, terminal and storage medium |
| CN111291340A (en) * | 2020-03-05 | 2020-06-16 | 浪潮通用软件有限公司 | Unified identity authentication management system and method |
| CN111447222A (en) * | 2020-03-26 | 2020-07-24 | 广东电网有限责任公司 | Distributed system authority authentication system and method based on micro-service architecture |
| CN111488095A (en) * | 2020-04-07 | 2020-08-04 | 中国人民财产保险股份有限公司 | User login management method and device |
| CN111510461A (en) * | 2020-04-26 | 2020-08-07 | 成都安恒信息技术有限公司 | System and method for managing WEB application centralized release authority |
| CN111711679A (en) * | 2020-06-09 | 2020-09-25 | 宏图智能物流股份有限公司 | Warehouse network unified management platform method |
| CN112003818A (en) * | 2020-07-04 | 2020-11-27 | 中信银行股份有限公司 | Identity authentication method and identity authentication system |
| CN111984965A (en) * | 2020-08-31 | 2020-11-24 | 成都安恒信息技术有限公司 | Multi-source user management authentication system and method based on operation and maintenance audit system |
| CN113301045A (en) * | 2021-05-25 | 2021-08-24 | 四川虹魔方网络科技有限公司 | Login service access security control method |
| CN113742749A (en) * | 2021-09-10 | 2021-12-03 | 广州市奥威亚电子科技有限公司 | Method, device and equipment for managing platform user authority and storage medium |
| CN113742749B (en) * | 2021-09-10 | 2024-03-29 | 广州市奥威亚电子科技有限公司 | Platform user authority management method, device, equipment and storage medium |
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
| CN113992408A (en) * | 2021-10-27 | 2022-01-28 | 上海妃鱼网络科技有限公司 | Multi-system unified login information processing method and system |
| CN113992408B (en) * | 2021-10-27 | 2024-05-10 | 上海妃鱼网络科技有限公司 | Multi-system unified login information processing method and system |
| CN114095266A (en) * | 2021-11-19 | 2022-02-25 | 深圳市雷鸟网络传媒有限公司 | Login authentication method and device, electronic equipment and readable storage medium |
| CN114095266B (en) * | 2021-11-19 | 2023-09-19 | 深圳市雷鸟网络传媒有限公司 | Login authentication method and device, electronic equipment and readable storage medium |
| CN114422182A (en) * | 2021-12-13 | 2022-04-29 | 以萨技术股份有限公司 | Unified identity management platform |
| CN114422182B (en) * | 2021-12-13 | 2024-01-16 | 以萨技术股份有限公司 | Unified identity management platform |
| CN114500031A (en) * | 2022-01-21 | 2022-05-13 | 浙江惠瀜网络科技有限公司 | System, method, electronic device and medium for obtaining BI report form based on single sign-on |
| CN114500031B (en) * | 2022-01-21 | 2024-06-04 | 浙江惠瀜网络科技有限公司 | System, method, electronic equipment and medium for acquiring BI report based on single sign-on |
| CN114567460A (en) * | 2022-01-30 | 2022-05-31 | 上海浦东发展银行股份有限公司 | Identity authentication method of ESB port to access system |
| CN114567460B (en) * | 2022-01-30 | 2024-06-18 | 上海浦东发展银行股份有限公司 | Identity authentication method of ESB port to access system |
| CN114900336B (en) * | 2022-04-18 | 2023-07-07 | 中国航空工业集团公司沈阳飞机设计研究所 | Cross-unit secure sharing method and system for application system |
| CN114900336A (en) * | 2022-04-18 | 2022-08-12 | 中国航空工业集团公司沈阳飞机设计研究所 | Cross-unit secure sharing method and system for application system |
| CN115589333A (en) * | 2022-11-11 | 2023-01-10 | 中电金信软件有限公司 | Access request authentication method, device and system and electronic equipment |
| CN115589333B (en) * | 2022-11-11 | 2023-04-28 | 中电金信软件有限公司 | Access request authentication method, device, system and electronic equipment |
| CN117354051A (en) * | 2023-12-04 | 2024-01-05 | 明阳点时科技(沈阳)有限公司 | Opensearch Dashboards unified login realization method and system |
| CN117354051B (en) * | 2023-12-04 | 2024-02-20 | 明阳点时科技(沈阳)有限公司 | Opensearch Dashboards unified login realization method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106612246A (en) | Unified authentication method for simulation identity | |
| US12008561B2 (en) | System for verification of pseudonymous credentials for digital identities with managed access to personal data on trust networks | |
| US8141140B2 (en) | Methods and systems for single sign on with dynamic authentication levels | |
| CN104253812B (en) | Entrust the certification for WEB service | |
| US9641535B2 (en) | Apparatus and data processing systems for accessing an object | |
| TW201830280A (en) | Trusted login method, server, and system | |
| AU2017225928A1 (en) | Systems and methods for distributed data sharing with asynchronous third-party attestation | |
| US20110145565A1 (en) | Federated authentication for mailbox replication | |
| CN104378376A (en) | SOA-based single-point login method, authentication server and browser | |
| CN108667612A (en) | A kind of trust service framework and method based on block chain | |
| CN103179134A (en) | Single sign on method and system based on Cookie and application server thereof | |
| CN101355527A (en) | Method for implementing single-point LOG striding domain name | |
| CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
| Alonso et al. | An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European regulation | |
| CN107872455A (en) | A kind of cross-domain single login system and its method | |
| CN104683306A (en) | Safe and controllable internet real-name certification mechanism | |
| CN102497356A (en) | Public service platform integrated system of internet medicine trading market | |
| CN110247758A (en) | The method, apparatus and code management device of Password Management | |
| CN111291394A (en) | False information management method, false information management device and storage medium | |
| CN111274569A (en) | Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof | |
| Ramtohul et al. | Information security governance for e-services in southern African developing countries e-Government projects | |
| JP4932154B2 (en) | Method and system for providing user authentication to a member site in an identity management network, method for authenticating a user at a home site belonging to the identity management network, computer readable medium, and system for hierarchical distributed identity management | |
| US20030055935A1 (en) | System for managing a computer network | |
| CN111506661A (en) | Content access management method, device and storage medium | |
| CN103118025A (en) | Single sign-on method based on network access certification, single sign-on device and certificating server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170503 |
|
| WD01 | Invention patent application deemed withdrawn after publication |