CN107547562A - A kind of portal authentication methods and device - Google Patents
A kind of portal authentication methods and device Download PDFInfo
- Publication number
- CN107547562A CN107547562A CN201710875442.4A CN201710875442A CN107547562A CN 107547562 A CN107547562 A CN 107547562A CN 201710875442 A CN201710875442 A CN 201710875442A CN 107547562 A CN107547562 A CN 107547562A
- Authority
- CN
- China
- Prior art keywords
- user
- portal
- request message
- list item
- network request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
This application discloses a kind of portal authentication methods and device.This method includes:The network request message that sender sends is received, the network request message carries user's mark;Portal certifications are carried out according to whether user's label detection can be based on the network request message, when portal certifications cannot be carried out, go to enable portal user's table and ARP corresponding to the user mark preserved on BRAS;After deleting portal user's table and ARP, portal certifications are carried out based on the network request message.The application can ensure to support travelling across VLAN roaming, ensure that user triggers roaming and reached the standard grade in time, without waiting for can just be reached the standard grade after portal user's table aging.
Description
Technical field
The application is related to network communication technology field, more particularly to a kind of portal authentication methods and device.
Background technology
Portal certifications (portal authentication) are also commonly referred to as web authentication, i.e., receive the user of user's input by Web page
Name and password, authentication is carried out to user, and the purpose being controlled is accessed to user to reach.Mainly wrapped in portal networks
Include:Portal clients, access device and portal servers, wherein, access device can be BRAS (Broadband
Remote Access Server, BAS Broadband Access Server).
In portal networks, outer net is connected, the access device and portal clients, portal for such as connecting internet take
Business device is connected, and the main function of access device is that the flow of the access outer net of portal clients initiation is controlled;
The effect of portal servers is to receive the certification request of portal clients, and provides web authentication page to portal clients
Face inputs the authentication informations such as user name, password so as to user in the web authentication page, to the authentication information of portal clients
It is authenticated.
The content of the invention
The application provides a kind of portal authentication methods and device, is not supported across VALN's with solving current portal certifications
The problem of roaming.
To reach above-mentioned purpose, what the technical scheme of the application was realized in:
On the one hand, this application provides a kind of portal authentication methods, applied to BRAS, this method includes:
The network request message that sender sends is received, the network request message carries user's mark;
Portal certifications are carried out according to whether user's label detection can be based on the network request message, can not
During carrying out portal certifications, go to enable portal user's table and ARP corresponding to the user mark preserved on BRAS;
After going to enable portal user's table and ARP, portal is carried out based on the network request message and recognized
Card.
On the other hand, present invention also provides a kind of portal authentication devices, applied to BRAS, the device includes:
Receiving unit, for receiving the network request message of sender's transmission, the network request message carries user's mark;
Detection unit, for carrying out portal certifications according to whether user's label detection can be based on network request message;
Authentication processing unit, for the user mark for when portal certifications cannot be carried out, going on enabled BRAS to preserve
Portal user's table and ARP corresponding to knowledge;After going to enable portal user's table and ARP, based on the net
Network request message carries out portal certifications.
On the other hand, this application provides a kind of portal authentication devices, including processor and machinable medium,
The machinable medium is stored with the machine-executable instruction that can be executed by processor, and the processor can perform by machine
Instruction promotes:Perform above-mentioned portal authentication methods.
On the other hand, this application provides a kind of machinable medium, machine-executable instruction is stored with, is being located
When managing device calling and performing, the machine-executable instruction promotes processor:Perform above-mentioned portal authentication methods.
The beneficial effect of the application is:Based on preserved on BRAS the user mark corresponding to portal user's table and
During ARP, the ARP can not realize the premise of the data forwarding between BRAS and sender, pass through network request message
User's label detection whether can carry out portal certifications, when portal certifications cannot be carried out, delete BRAS on preserve
The user mark corresponding to portal user's table and ARP so that can be based on network request message carry out portal recognize
Card, ensure that user triggers roaming and reached the standard grade in time, without waiting portal user's table aging.
Brief description of the drawings
Fig. 1 is the portal networking schematic diagrams under the roaming scence shown in the embodiment of the present application;
Fig. 2 is a kind of portal authentication methods flow chart that the embodiment of the present application provides;
Fig. 3 is the portal identifying procedure schematic diagrames that the embodiment of the present application provides;
Fig. 4 is a kind of portal authentication devices structured flowchart that the embodiment of the present application provides;
Fig. 5 is a kind of hardware architecture diagram of portal authentication devices shown in the embodiment of the present application.
Embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Following description is related to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent apparatus and method of some aspects be described in detail in claims, the application.
It is only merely for the purpose of description specific embodiment in term used in this application, and is not intended to be limiting the application.
" one kind " of singulative used in the application and appended claims, " described " and "the" are also intended to including majority
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wrapped
Containing the associated list items purpose of one or more, any or all may be combined.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used for same type of information being distinguished from each other out.For example, do not departing from
In the case of the application scope, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
Current portal authentication modes, after user is linked into BRAS from registration area, roam into random zone and from
VLAN (Virtual Local Area Network, VLAN) the access BRAS of random zone, at this time if user
BRAS is accessed in registration area, and the portal user's table generated on BRAS does not have aging, if being initiated again in random zone
Portal certifications, authentication interface can be caused not release, portal certifications can not be carried out.
Fig. 1 illustrates the portal networking schematic diagrams under roaming scence, and user user connects from region A vlan a
After entering BRAS, roam into and access BRAS from region B vlan b after the B of region, at this time if user user accesses in region A
The portal user's table generated on BRAS, BRAS does not have aging, and user user initiates portal after region B is reached and recognized again
The reason for demonstrate,proving, authentication interface can be caused can not all to release, produce the problem is that user user is generated when region A is accessed
Portal user's table after can issue the ARP that label Index in corresponding ARP such as table 1 below is 1, user user
It can be generated when initiating network access again from region B as label Index is 2 ARP in table 1 below.
Table 1
| Index | IP | MAC | VLAN | PORT | Type |
| 1 | User-ip | User-mac | a | Port1 | R |
| 2 | User-ip | User-mac | b | Port2 | D |
Scheming shown in above-mentioned table 1, for user user after region B reaches the standard grade, the type Type of the ARP of BRAS generations is R, if
Corresponding to region A portal user's list item not aging, ARP that corresponding label Index is 1 also will not aging, due to
ARP 1 is generated earlier than ARP 2, and the flow of the user is hit on all follow-up BRAS and all can preferentially be hit and according to ARP
List item 1 carries out flow transmission.
Therefore user user from region B initiate network access when, BRAS push WEB server authentication interface, now, by
Had no problem in user's user flows to server, and by server return to the flow of user done on BRAS three layers of forwarding when
ARP 1 can preferentially be hit by waiting, and cause flow to be issued to region A, region B user can not get portal and recognize naturally
Interface is demonstrate,proved, user is ultimately resulted in and roams failure.
The embodiment of the present application is directed to the above situation, there is provided a kind of portal authentication methods, realizes travelling across VLAN or across end
Mouth roaming.
Fig. 2 is a kind of portal authentication methods flow chart that the embodiment of the present application provides, and the method for the present embodiment is applied to
BRAS, as shown in Fig. 2 this method includes:
S210, receives the network request message that sender sends, and the network request message carries user's mark.
For user when initiating network access, user terminal can send network request message to BRAS, such as HTTP (Hyper
Text Transfer Protocol, HTTP) message, exemplarily, user is identified as the network to the present embodiment
The source IP address of request message, certainly, in practical application, it can also be identified MAC Address as user, to this present embodiment not
Be specifically limited, if in whole portal networks the user mark can unique mark portal user table, ARP and
User is forbidden to roam list item.
S220, portal certifications are carried out according to whether user's label detection can be based on network request message, cannot
When carrying out portal certifications, go to enable portal user's table and ARP corresponding to the user mark preserved on BRAS.
The embodiment of the present application can realize that portal corresponding to enabled user's mark uses by deleting, putting invalid mode
Family table and ARP.To save BRAS memory space, and it is easy to BRAS management portal user's tables and ARP, this Shen
Please embodiment, when portal certifications cannot be carried out, delete user mark corresponding to portal user's table and ARP.
Whether the embodiment of the present application can be detected on BRAS portal user's table corresponding to user mark, if detecting
User mark can carry out portal certifications without corresponding portal user's table, judgement;If detecting, user is identified with pair
The portal user's table answered, and user corresponding to portal user's table is online, judges the network request message being currently received
For invalid packet, portal certifications cannot be now carried out;Accordingly, if detecting, user is identified with corresponding portal user
Table, and user corresponding to portal user's table is not online, judges that sender is in roaming state, can now carry out portal
Certification.
S130, after enabled portal user's table and ARP is gone, portal certifications are carried out based on network request message.
Exemplarily, if certification is by generating corresponding portal user's table, if certification is not by prompting sender
Authentification failure.
The present embodiment is based on when preserving portal user's table corresponding to user mark and ARP on BRAS,
On the premise of ARP can not realize the data forwarding between BRAS and sender, identified by the user of network request message
Detect whether that portal certifications can be carried out, when portal certifications cannot be carried out, go on enabled BRAS the user preserved
Portal user's table and ARP corresponding to mark so that network request message can be based on and carry out portal certifications, ensure to use
Family is triggered roaming and reached the standard grade in time, without can just be reached the standard grade after waiting portal user's table aging.
In an implementation of the present embodiment, detect whether to ask based on the network received according to following manner
Message is asked to carry out portal certifications:
Detection user identifies whether corresponding portal user's table be present, and network is based on if in the absence of portal user's table
Request message carries out portal certifications, and certification is by generating corresponding portal user's table, certification is not by prompting sender
Authentification failure;
If portal user's table be present, whether detection sender is online, if sender is not online, removes enabled portal
User's table and corresponding ARP, and portal certifications are carried out based on network request message, portal certifications are by generating phase
The portal user's table answered, portal certifications are not by prompting sender's authentification failure.
The present embodiment is also based on user's mark generation and forbids user to roam list item when detection sender is not online,
Forbid user to roam list item and unique mark is identified by user, the present embodiment forbids user to roam list item for forbidding carrying it
The network request message of user's mark carries out portal certifications.
In wherein a kind of implementation, if sender is online, token network request message is invalid packet, forbids sending
Fang Jinhang portal certifications;In practical application, when it is invalid packet to detect network request message, it can abandon or delete this
Illegal packet text.
In practical application, the source IP address of network request message can be detected, it is exemplary, with reference to figure 2, BRAS
ICMP (Internet Control Message Protocol, Internet control reports are sent to user user by VLAN a
Cultural association discusses) detection bag, if receiving response in detection time, then it is assumed that user user is online, otherwise it is assumed that user user is not
Online.
To prevent BRAS from, by network attack, in time, effectively handling illegal network request message, this implementation
Example detects the user and identifies whether to forbid user in the presence of corresponding first before portal certifications are carried out based on network request message
Roam list item.
Forbid user to roam list item if the user identifies to exist, forbid sender to carry out portal certifications;The present embodiment exists
Detect the user identify exist corresponding to forbid user roam list item when, the network request message can be abandoned, without follow-up
Portal authentication processings.
Forbid user to roam list item if user mark is not present, detect the user and identify whether in the presence of corresponding
Portal user's table, portal authentication processings are carried out according to such scheme.
In another implementation of the present embodiment, it can be generated by following proposal and forbid user to roam list item:
Extract IP fields corresponding to user mark in portal user's table, MAC fields, authentication interface PORT fields,
One or more generations in VLAN fields, set time TIME field forbid user to roam list item.
Exemplarily, user's roaming list item is forbidden to include IP fields, MAC words with reference to table 2 below, the present embodiment generation
Section, PORT fields, VLAN fields and TIME fields, wherein, IP fields are IP address, and MAC fields are user's MAC address,
PORT fields are the interface of access authentication of user, and VLAN fields are the VLAN of access authentication of user, and TIME fields are to forbid user
Roaming time, the numerical value of the TIME fields can be second level, minute level etc., can be configured according to application demand.
Table 2
For forbidding user to roam the ageing time of list item, this can be configured according to TIME field values and forbid user to roam
The ageing time of list item, or, configuration forbids user's roaming list item associated with portal user's table, is deleting portal user
The remove ban user that linked during table roams list item.
The application describes the portal verification process of the present embodiment offer in detail by following embodiments.
Fig. 3 is the portal identifying procedure schematic diagrames that the embodiment of the present application provides, as shown in figure 3, portal verification process
It is as follows:
S310, judge whether that user's roaming table is forbidden in hit based on access request message, step S370 performed if hit,
Step S320 is performed if miss.
User, can be by access request message up sending BRAS platforms when initiating network access, and BRAS platforms are obtained to access and asked
The source IP in message is sought, is checked based on the source IP and forbids user to roam list item, forbid user to overflow if there is corresponding to the source IP
Step S370 is then performed in trip list item, otherwise performs step S320.
S320, judge whether to hit portal user's table based on source IP, if hit performs step S330, if miss execution
Step S340.
It whether there is portal user's table corresponding to the source IP on detection BRAS platforms, if there is then performing step
S330, if there is no then execution step S340.
S330, the source IP is detected, detect successful execution step S350, portal user's table is then deleted in detection failure
With corresponding ARP, and step S340 is performed.
Exemplarily, BRAS sends icmp probe bag by the VLAN in portal user's table to user, if detecting
Response is received in time, then it is assumed that user is online, now detects successfully, otherwise it is assumed that user is not online, now detection failure.
S340, portal certifications are carried out based on access request message, certification is by performing step S360, and certification is not by holding
Row step S370.
S350, generation forbid user to roam list item.
This implementation judges that the user of portal user's table is online corresponding to source IP, then step in step S350
S310 access request message is invalid packet, now forbids user to carry out portal certifications.
Because the attack time of invalid packet is generally below second level, such as attacked in Microsecond grade, thus, the application is real
Applying example will forbid the ageing time of user's roaming list item to be arranged to second level or minute level, to avoid the attack of invalid packet.
And user will be forbidden to roam the ageing time of list item and be arranged to second level or minute level, additionally it is possible to avoid forbidding user
In the ageing time for roaming list item, user's roaming can not reach the standard grade in time.Because in practical application, the time that user roams leads to
Often for more than hour level, i.e., the ageing time that roaming time typically larger than forbids user to roam list item, therefore, this Shen occur for user
The ageing time for forbidding user's roaming list item that please be set can ensure that validated user can be reached the standard grade in time in roaming.
S360, generate portal user's table.
Now corresponding ARP can be generated according to portal user's table, be sent based on the ARP to user terminal
The related datas such as authentication interface, user is set to carry out portal certifications.
S370, user is forbidden to carry out portal certifications.
Corresponding with above-mentioned portal authentication methods, the application should provide portal authentication devices.
Fig. 4 is a kind of portal authentication devices structured flowchart that the embodiment of the present application provides, and the portal of the present embodiment recognizes
Card device is applied to BRAS, as shown in figure 4, the device 40 includes:Receiving unit 41, detection unit 42 and authentication processing unit
43;
Receiving unit 41, for receiving the network request message of sender's transmission, the network request message carries user's mark
Know, user is identified as the source IP address of network request message;
Detection unit 42, for recognizing according to whether user's label detection can be based on network request message progress portal
Card;
Authentication processing unit 43, for the user for when portal certifications cannot be carried out, going on enabled BRAS to preserve
Portal user's table and ARP corresponding to mark, go after enabling portal user's table and ARP, based on the net
Network request message carries out portal certifications.
In an implementation of the present embodiment, detection unit 42, it is additionally operable to detection user and identifies whether in the presence of corresponding
Portal user's table, and user mark portal user's table be present when, detection sender it is whether online;Authentication department
Unit 43 is managed, for when detection unit 42 detects user's mark and portal user's table is not present, entering based on network request message
Row portal certifications;And when the detection sender of detection unit 42 is not online, remove enabled portal user's table and corresponding ARP
List item, and portal certifications are carried out based on network request message.
In this implementation, authentication processing unit 43, it is additionally operable to when the detection sender of detection unit 42 is online, mark
Network request message is invalid packet, forbids sender to carry out portal certifications;In practical application, authentication processing unit 43 is being examined
When surveying unit to detect network request message be invalid packet, it is literary to abandon or delete the illegal packet.
The authentication processing unit 43 of this implementation, it is further used for, when the detection sender of detection unit 42 is online, carrying
Take IP address field in portal user's table, physical address field, authentication interface field, virtual local area network field, it is fixed when
Between one or more generations in field forbid user to roam list item;Forbid user to roam list item and unique mark is identified by user
Know, forbid user to roam the network request message that list item is used to forbid carrying its user mark and carry out portal certifications.
In practical application, authentication processing unit 43, the ageing time for forbidding user to roam list item described in configuration is additionally operable to, or
Person, configuration forbid user's roaming list item associated with portal user's table, the linkage when deleting portal user's table is deleted taboo
Only user roams list item.
In another implementation of the present embodiment, detection module 42, it is additionally operable to identify whether exist in detection user
Before corresponding portal user's table, detection user identifies whether to forbid user to roam list item in the presence of corresponding.Authentication processing list
Member 43, when forbidding user to roam list item corresponding to the detection user's mark presence of detection unit 42, sender is forbidden to carry out
Portal certifications, detect user's mark in detection unit 42 and be not present and forbid user to roam list item, driving detection unit 42 detects
User identifies whether corresponding portal user's table be present.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is real referring to method
Apply the part explanation of example.Device embodiment described above is only schematical, wherein described be used as separating component
The unit of explanation can be or may not be physically separate, can be as the part that unit is shown or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to reality
Need to select some or all of module therein to realize the purpose of this embodiment scheme.Those of ordinary skill in the art are not
In the case of paying creative work, you can to understand and implement.
The portal authentication devices that the application provides can be realized by software, can also pass through hardware or software and hardware knot
The mode of conjunction is realized.Exemplified by implemented in software, shown in reference picture 5, the portal authentication devices 40 that the application provides may include to locate
Reason device 501, the machinable medium 502 for being stored with machine-executable instruction.Processor 501 and machinable medium
502 can communicate via system bus 503.Also, by read and perform in machinable medium 502 with portal certifications
Machine-executable instruction corresponding to logic, processor 501 can perform above-described portal authentication methods.
The machinable medium 502 mentioned in the application can be that any electronics, magnetic, optics or other physics are deposited
Storage device, can be included or storage information, such as executable instruction, data, etc..For example, machinable medium can be:
RAM (Radom Access Memory, random access memory), volatile memory, nonvolatile memory, flash memory, storage are driven
Dynamic device (such as hard disk drive), solid state hard disc, any kind of storage dish (such as CD, DVD), or similar storage are situated between
Matter, or combinations thereof.
According to example disclosed in the present application, present invention also provides a kind of machine readable including machine-executable instruction to deposit
Machinable medium 502 in storage media, such as Fig. 5, the machine-executable instruction can be by portal authentication devices 40
In processor 501 perform to realize portal authentication methods described above.
It should be noted that herein, such as first and second or the like relational terms are used merely to a reality
Body or operation make a distinction with another entity or operation, and not necessarily require or imply and deposited between these entities or operation
In any this actual relation or order.Term " comprising ", "comprising" or its any other variant are intended to non-row
His property includes, so that process, method, article or equipment including a series of elements not only include those key elements, and
And also include the other element being not expressly set out, or also include for this process, method, article or equipment institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including institute
State in process, method, article or the equipment of key element and other identical element also be present.
The preferred embodiment of the application is the foregoing is only, is not intended to limit the protection domain of the application.It is all
Any modification, equivalent substitution and improvements made within spirit herein and principle etc., it is all contained in the protection domain of the application
It is interior.
Claims (12)
1. a kind of portal authentication methods, it is characterised in that applied to Broadband Remote Access Server BRAS, this method includes:
The network request message that sender sends is received, the network request message carries user's mark;
Portal certifications are carried out according to whether user's label detection can be based on the network request message, cannot entered
During row portal certifications, go to enable portal user's table and ARP corresponding to the user mark preserved on BRAS;
After going to enable portal user's table and ARP, portal certifications are carried out based on the network request message.
2. portal authentication methods according to claim 1, it is characterised in that described to be according to user's label detection
It is no to be included based on network request message progress portal certifications:
Detect the user and identify whether corresponding portal user's table be present, if portal user's table, base is not present
Portal certifications are carried out in the network request message;
If portal user's table be present, whether detection described sender is online, if described sender is not online, goes to make
Energy portal user's table and corresponding ARP, and portal certifications are carried out based on the network request message.
3. portal authentication methods according to claim 2, it is characterised in that when detection described sender is online, institute
Stating method also includes:
Extract IP address field in portal user's table, physical address field, authentication interface field, VLAN word
One or more generations in section, set time field forbid user to roam list item, described to forbid user's roaming list item to pass through institute
State user and identify unique mark, the network request message for forbidding user's roaming list item to be used to forbid carrying its user mark enters
Row portal certifications.
4. portal authentication methods according to claim 3, it is characterised in that identify whether exist detecting the user
Before corresponding portal user's table, methods described also includes:
Detect the user to identify whether to forbid user to roam list item in the presence of corresponding, if forbidding user's roaming table described in existing
, then forbid described sender to carry out portal certifications;
If forbidding user to roam list item in the absence of described, detect the user and identify whether corresponding portal user be present
Table.
5. portal authentication methods according to claim 3, it is characterised in that when generation forbids user to roam list item,
Methods described also includes:
User is forbidden to roam the ageing time of list item described in configuration;
Or forbid user's roaming list item associated with portal user's table described in configuration, deleting portal user's table
Shi Liandong forbids user to roam list item described in deleting.
6. a kind of portal authentication devices, it is characterised in that applied to Broadband Remote Access Server BRAS, the device includes:
Receiving unit, for receiving the network request message of sender's transmission, the network request message carries user's mark;
Detection unit, for recognizing according to whether user's label detection can be based on network request message progress portal
Card;
Authentication processing unit, for the user mark pair for when portal certifications cannot be carried out, going on enabled BRAS to preserve
The portal user's table and ARP answered, go after enabling portal user's table and ARP, based on the network request
Message carries out portal certifications.
7. portal authentication devices according to claim 6, it is characterised in that
The detection unit, identify whether corresponding portal user's table be present for detecting the user, and in the use
When family mark has portal user's table, whether detection described sender is online;
The authentication processing unit, portal user's table is not present for detecting user's mark in the detection unit
When, portal certifications are carried out based on the network request message;It is and not online in detection unit detection described sender
When, go to enable portal user's table and corresponding ARP, and carry out portal based on the network request message and recognize
Card.
8. portal authentication devices according to claim 7, it is characterised in that the authentication processing unit, be additionally operable to
When detection unit detection described sender is online, IP address field in portal user's table, physical address are extracted
User's roaming table is forbidden in one or more generations in field, authentication interface field, virtual local area network field, set time field
, it is described to forbid user to roam list item by user mark unique mark, it is described to forbid user to roam list item for forbidding
The network request message for carrying its user mark carries out portal certifications.
9. portal authentication devices according to claim 8, it is characterised in that
The detection module, it is additionally operable to before detecting the user and identifying whether to have corresponding portal user's table, detection
The user identifies whether to forbid user to roam list item in the presence of corresponding;
The authentication processing unit, user is forbidden to roam corresponding to presence for detecting the user in the detection unit and identifying
During list item, forbid described sender to carry out portal certifications, user's mark is detected in the absence of described in the detection unit
Forbid user to roam list item, drive the detection unit to detect the user and identify whether corresponding portal user's table be present.
10. portal authentication devices according to claim 8, it is characterised in that the authentication processing unit, be additionally operable to match somebody with somebody
The ageing time for forbidding user to roam list item is put, or, forbid user to roam list item described in configuration and used with the portal
Family table is associated, and makes to forbid user to roam list item described in linkage deletion when deleting portal user's table.
11. a kind of message process device, including processor and machinable medium, the machinable medium storage
Having can be promoted by the machine-executable instruction of the computing device, the processor by the machine-executable instruction:Hold
Portal authentication method of the row as described in Claims 1 to 5 is any.
12. a kind of machinable medium, is stored with machine-executable instruction, described when being called and being performed by processor
Machine-executable instruction promotes the processor:Perform the portal authentication methods as described in Claims 1 to 5 is any.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710875442.4A CN107547562B (en) | 2017-09-25 | 2017-09-25 | Portal authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710875442.4A CN107547562B (en) | 2017-09-25 | 2017-09-25 | Portal authentication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107547562A true CN107547562A (en) | 2018-01-05 |
| CN107547562B CN107547562B (en) | 2020-04-28 |
Family
ID=60964713
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710875442.4A Active CN107547562B (en) | 2017-09-25 | 2017-09-25 | Portal authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107547562B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109587175A (en) * | 2019-01-11 | 2019-04-05 | 杭州迪普科技股份有限公司 | A kind of illegal external connection processing method and system |
| CN109861892A (en) * | 2019-03-28 | 2019-06-07 | 新华三技术有限公司 | A kind of terminal roaming method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075904A (en) * | 2010-12-24 | 2011-05-25 | 杭州华三通信技术有限公司 | Method and device for preventing re-authentication of roaming user |
| US8514828B1 (en) * | 2012-10-30 | 2013-08-20 | Aruba Networks, Inc. | Home virtual local area network identification for roaming mobile clients |
| US8769626B2 (en) * | 2011-11-29 | 2014-07-01 | Cisco Technology, Inc. | Web authentication support for proxy mobile IP |
| CN105959188A (en) * | 2016-06-07 | 2016-09-21 | 华为技术有限公司 | Method and device for controlling user terminal to be online |
-
2017
- 2017-09-25 CN CN201710875442.4A patent/CN107547562B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075904A (en) * | 2010-12-24 | 2011-05-25 | 杭州华三通信技术有限公司 | Method and device for preventing re-authentication of roaming user |
| US8769626B2 (en) * | 2011-11-29 | 2014-07-01 | Cisco Technology, Inc. | Web authentication support for proxy mobile IP |
| US8514828B1 (en) * | 2012-10-30 | 2013-08-20 | Aruba Networks, Inc. | Home virtual local area network identification for roaming mobile clients |
| CN105959188A (en) * | 2016-06-07 | 2016-09-21 | 华为技术有限公司 | Method and device for controlling user terminal to be online |
Non-Patent Citations (1)
| Title |
|---|
| STEFFEN GEBERT等: "Demonstrating a personalized secure-by-default bring your own device solution based on software defined networking", 《2016 28TH INTERNATIONAL TELETRAFFIC CONGRESS (ITC 28) 1》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109587175A (en) * | 2019-01-11 | 2019-04-05 | 杭州迪普科技股份有限公司 | A kind of illegal external connection processing method and system |
| CN109861892A (en) * | 2019-03-28 | 2019-06-07 | 新华三技术有限公司 | A kind of terminal roaming method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107547562B (en) | 2020-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11019094B2 (en) | Methods and systems for malicious message detection and processing | |
| KR101270041B1 (en) | System and method for detecting arp spoofing | |
| US20080028029A1 (en) | Method and apparatus for determining whether an email message is spam | |
| US10757135B2 (en) | Bot characteristic detection method and apparatus | |
| US20160006717A1 (en) | Prompting login account | |
| CN110519265B (en) | Method and device for defending attack | |
| EP2859495A2 (en) | Malicious message detection and processing | |
| US9882921B1 (en) | Systems and methods for detecting cache-poisoning attacks in networks using service discovery protocols | |
| CN101300811B (en) | Snoop echo response extractor and extraction method thereof | |
| CN104780139B (en) | A kind of defence method and system based on MAC Address attack | |
| TWI602411B (en) | Privacy enhanced email service | |
| CN111901317B (en) | Access control policy processing method, system and equipment | |
| CN107547562A (en) | A kind of portal authentication methods and device | |
| CN114172726B (en) | Access control method and system based on container environment | |
| CN107689963A (en) | A kind of detection method and device for arp reply message aggression | |
| US10650382B2 (en) | Systems and methods for detecting fraudulent use of a serial code for accessing an associated value stored on a network | |
| US10333950B2 (en) | Defending against malicious electronic messages | |
| US10516665B2 (en) | Network management apparatus, network management method, and recording medium | |
| CN108259454A (en) | A kind of portal authentication method and device | |
| CN102457430B (en) | Network package processing method and routing equipment | |
| US11425162B2 (en) | Detection of malicious C2 channels abusing social media sites | |
| US20130145428A1 (en) | Denial of service attack resistant input port | |
| US20130055393A1 (en) | Method and apparatus for enhancing privacy of contact information in profile | |
| CN110677417A (en) | Anti-crawler system and method | |
| US10320751B2 (en) | DNS server selective block and DNS address modification method using proxy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230627 Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd. Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466 Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd. |