CN107690140A - WAP authentication method, apparatus and system - Google Patents
WAP authentication method, apparatus and system Download PDFInfo
- Publication number
- CN107690140A CN107690140A CN201610639186.4A CN201610639186A CN107690140A CN 107690140 A CN107690140 A CN 107690140A CN 201610639186 A CN201610639186 A CN 201610639186A CN 107690140 A CN107690140 A CN 107690140A
- Authority
- CN
- China
- Prior art keywords
- wap
- authentication
- page
- mobile terminal
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of WAP authentication method, including:The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page so that the mobile terminal generates and feeds back access authentication information;Receive the access authentication information and be authenticated, obtain authentication result, and the authentication result is returned into the WAP, to be forwarded to the mobile terminal for use by the WAP.The invention also discloses a kind of WAP authentication device.The present invention realizes the unified certification of the wireless access point device of different vendor in same place, so as to be roamed between the wireless access point device of different vendor with allowing user's unaware, lifts user experience.
Description
Technical field
The present invention relates to communication technical field, more particularly to WAP authentication method, apparatus and system.
Background technology
Currently as the intelligent mobile terminal such as the high speed development of mobile Internet, smart mobile phone, tablet personal computer is more and more general
And because operator's tariff for mobile phone Internet access remains high, people prefer to surf the Net using wifi.Company, hotel, business are superfine large-scale
Place generally both provides wifi services on net, and so as to facilitate employee, either client can also pacify while office or consumption
Easily access Internet resources entirely.
However, the various wireless aps (Access Point, WAP) used suitable for intelligent mobile terminal are also got over
Come it is more, often there is the wireless aps of multiple manufacturers in a large-scale place, and the wireless aps of different vendor correspond to it is different
Authentication mode.Therefore, these wireless aps how are managed collectively, so as to which mobile terminal user can carry out unified certification, uniformly push away
Certification page is sent, and this has become the subject matter of current online management.
Existing technical implementation way is at present:(1) it is enterprising by portal server of the portal2.0 agreements in outside
Row certification and the purpose for realizing unified pushing certification page;(2) it is authenticated by the radius servers of outside and realizes system
The purpose of one pushing certification page.
But above-mentioned implementation has the disadvantage that:(1) at present some manufacturers equipment such as:TP-link, aruba are set
Standby wait does not support portal2.0 agreements;(2) equipment of some manufacturers does not support outside radius certifications, therefore, existing skill at present
Art scheme is difficult to unified certification and unified pushing certification page to the wireless aps of different vendor.
The content of the invention
It is a primary object of the present invention to provide a kind of WAP authentication method, apparatus and system, it is intended to solve existing
There is technical scheme to be difficult to the unified certification to the wireless aps of different vendor and the technical problem of unified pushing certification page.
To achieve the above object, the present invention provides a kind of WAP authentication method, the WAP authenticating party
Method includes:
The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page for described
Mobile terminal generation accesses and feeds back authentication information;
Receive the access authentication information and be authenticated, obtain authentication result, and by described in authentication result return
WAP, to be forwarded to the mobile terminal for use by the WAP.
Optionally, the mobile terminal accessed by preset docking authentication interface to the WAP is authenticated;
Wherein, the communication protocol mode that the authentication interface is supported using the WAP is authenticated, described
Communication protocol mode comprises at least any of portal protocol, XML API protocols, URL parameter mode.
Optionally, the return access authentication page includes:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page,
Wherein, when the relevant information of the WAP comprises at least access point position information, facility information, address information and certification
Between one or more in information.
Optionally, the WAP authentication method also includes:
Detect the mobile terminal data message of the WAP forwarding;
According to the relevant information in the data message, whether the mobile terminal is judged by certification, if so, then putting
The data message of the row mobile terminal.
Optionally, when the authentication result be certification by when, the WAP authentication method also includes:
Specified page parameter is sent to the mobile terminal, so that the display page of the mobile terminal connects from presently described
Enter certification page and jump to specified page corresponding with the specified page parameter, the specified page comprises at least the movement
The shown page or the preassigned page before terminal authentication;Or
Rule is redirected according to self-defined, is sent to the mobile terminal and self-defined redirects rule corresponding page ginseng with described
Number, so that the display page of the mobile terminal is from presently described access authentication page jump to corresponding with the page parameter
The page.
Further, to achieve the above object, the present invention also provides a kind of WAP authentication device, described wirelessly to connect
Access point authentication device includes:
Interception module, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access and recognize
The page is demonstrate,proved so that the mobile terminal generates and feeds back access authentication information;
Authentication module, for receiving the access authentication information and being authenticated, obtain authentication result, and by the certification
As a result the WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
Optionally, the WAP authentication device is connect by preset docking authentication interface to the WAP
The mobile terminal entered is authenticated, wherein, the authentication interface uses the communication protocol mode that the WAP is supported
It is authenticated, the communication protocol mode comprises at least any in portal protocol, XML API protocols, URL parameter mode
Kind.
Optionally, the interception module is additionally operable to:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page,
Wherein, when the relevant information of the WAP comprises at least access point position information, facility information, address information and certification
Between one or more in information.
Optionally, the WAP authentication device also includes:
Detection module, for detecting the mobile terminal data message of the WAP forwarding;
Judge module, according to the relevant information in the data message, judge whether the mobile terminal has passed through certification;
Clearance module, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
Optionally, the WAP authentication device also includes:
Sending module, for when the authentication result be certification by when, to the mobile terminal send specified page ginseng
Number so that the display page of the mobile terminal from presently described access authentication page jump to the specified page parameter pair
The specified page answered, the specified page comprise at least the shown page or preassigned page before the mobile terminal authentication
Face;Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule,
So that the display page of the mobile terminal is from presently described access authentication page jump to page corresponding with the page parameter
Face.
Further, to achieve the above object, the present invention also provides a kind of Verification System, and the Verification System includes some
Wireless controller, some WAPs, some mobile terminals, single wireless controller are connected with multiple WAPs, single
Individual WAP is connected with multiple mobile terminals, and the WAP that the wireless controller includes described in any of the above-described is recognized
Card device.
In the present invention, the access request for the mobile terminal that WAP forwards is obtained by intercepting, so as to know movement
Terminal needs to access network, thus returns to the access authentication page to mobile terminal, and is inputted by terminal user in the certification page
Authentication information generates authentication information by the certification page, and then by being authenticated to the authentication information that mobile terminal is sent
Return authentication result after processing, it is achieved thereby that the unified certification and unified push for the wireless aps of various different vendors are recognized
The page is demonstrate,proved, facilitates the unified management to different vendor's wireless aps in large-scale place.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of WAP authentication method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of WAP authentication method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of WAP authentication method 3rd embodiment of the present invention;
Fig. 4 is the high-level schematic functional block diagram of WAP authentication device first embodiment of the present invention;
Fig. 5 is the high-level schematic functional block diagram of WAP authentication device second embodiment of the present invention;
Fig. 6 is the high-level schematic functional block diagram of WAP authentication device 3rd embodiment of the present invention;
Fig. 7 is the high-level schematic functional block diagram of the embodiment of present inventive verification system one;
Fig. 8 is the connection diagram of the embodiment of present inventive verification system one.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that specific embodiment described herein is not intended to limit the present invention only to explain the present invention.
Reference picture 1, Fig. 1 are the schematic flow sheet of WAP authentication method first embodiment of the present invention.The present embodiment
In, the WAP authentication method includes:
Step S110, intercepts and captures the network insertion request of the mobile terminal of WAP forwarding, and returns to access authentication page
Face is so that the mobile terminal generates and feeds back access authentication information;
Generally, to realize unified certification, the WAP (namely wireless aps) of various manufacturers all can will in large-scale place
The authentication information of the mobile terminal each connected is uniformly sent to external authentication server (such as portal servers, radius
Server) on carry out unified certification.Therefore, in the present embodiment, the mobile terminal of WAP forwarding is obtained by intercepting
Network insertion is asked, for example sets corresponding data message in the upstream equipment WAP authentication device of WAP
Filter condition is intercepted with realizing, so as to realize the unified push of certification page.
It is unlimited for the concrete form and content of certification page in the present embodiment, it is configured with specific reference to being actually needed.
For example there is text box on certification page, consequently facilitating user inputs relevant information, such as user name, phone number, password etc.,
Or certification page can also be current popular wechat Quick Response Code, mobile terminal is by identifying the Quick Response Code so as to generating
Relevant authentication information, upstream WAP authentication device is then forwarded to by WAP again.
Optionally, in the embodiment of WAP authentication method one of the present invention, the return access authentication page includes:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, it is described
The relevant information of WAP is comprised at least in access point position information, facility information, address information and authenticated time information
One or more.
The access authentication page corresponding to being returned in the present embodiment according to the relevant information of WAP, namely this reality
It is not unified fixed to apply the access page returned in example, but can be carried out according to relevant information from adaptation.Such as wirelessly
When access point authentication device is authenticated docking from different WAPs, different certification pages is pushed, can specifically be passed through
Matching such as properties following manner is from the different certification page of adaptation:
1st, access point position, such as the affiliated group of access point are matched;
2nd, reflexless terminal information, such as the device type of WAP, MAC Address;
3rd, Match IP Address attribute, such as the customized IP address of WAP;
4th, different period plannings is matched, for example the first certification page is pushed during morning access, is pushed when accessing afternoon
Second of certification page.
Step S120, receive the access authentication information and be authenticated, obtain authentication result, and by the authentication result
The WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
WAP authentication device can be authenticated after the authentication information of mobile terminal upload is received, this implementation
It is unlimited for the processing mode of certification in example, such as certification is directly completed by WAP authentication device, or by wirelessly connecing
Access point authentication device is forwarded on other external equipments and is authenticated.After the completion of certification, WAP authentication device will recognize
Card result returns to WAP, so as to be forwarded to mobile terminal by WAP.If certification passes through mobile terminal
It can be achieved to access external the Internet by WAP and WAP authentication device.
Optionally, in the embodiment of WAP authentication method one of the present invention, WAP authentication device passes through pre-
The mobile terminal that the docking authentication interface put accesses to the WAP is authenticated, wherein, the authentication interface uses
The communication protocol mode that the WAP is supported is authenticated, and the communication protocol mode is assisted including at least Portal
Any of view, XML API protocols, URL parameter mode.
In the present embodiment, to realize unified pushing certification page and being authenticated, therefore WAP authentication device is led to
Cross preset docking authentication interface to be authenticated the mobile terminal on each WAP, specific implementation is as follows:
1st, for the wireless access point device of support portal2.0 agreements, by intercepting its forwarding on mating interface
Network insertion is asked, and provides certification page to user terminal, and return final authentication result by portal protocol after certification
Back to the wireless access point device;
2nd, for not supporting the wireless access point devices of portal2.0 agreements, specifically using following communication protocol and mode
It is authenticated:
2.1st, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and final authentication result is returned to by the wireless access point device by URL parameter mode after certification;
2.2nd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and authentication result is returned to by the wireless access point device by XML API protocols after certification;
2.3rd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and authentication result is returned to by the wireless access point device by single-sign-on mode after certification.
Optionally, in the embodiment of WAP authentication method one of the present invention, the WAP authentication method is extremely
There is provided less wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification,
One or more authentication mode options in third party's Portal certifications.
For example, option one:Wechat certification, it is authenticated by wechat public platform interface, generally with two ways:
The first:Wechat connects Wi-Fi authentication, and after access wechat connects Wi-Fi, user need not input cumbersome Wi-Fi passwords,
Quick Response Code is swept by wechat or click " connection immediately " mode can fast network access.After user successfully surfs the Net, acquiescence is paid close attention to
The wechat public number, client is converted into bean vermicelli so as to zero cost.
Second:Wechat short message certification, i.e. user are after wechat certification has been carried out, it is also necessary to carry out short message certification.
Option two:Short message certification, the cell-phone number inputted by user on certification page, in WAP authentication device
Upper generation short message verification code simultaneously sends the identifying code to Short Message Service Gateway (movement, UNICOM or telecom operators), and user terminal exists
Short message certification code and input validation code are received, the identifying code matching result received is returned to user by WAP authentication device
Terminal, so as to complete certification.
Option three:Authentication-exempt, user click directly on login, you can complete certification.
Option four:Temporary visitor certification, temporary authentication is realized by safeguarding a temporary visitor database.
Option five:Two-dimentional code authentication, is authenticated by two-dimensional code scanning.
Option six:Account certification, it is authenticated by inputting account number cipher on certification page.
Option seven:Third party's protal authentication modes
By Portal2.0 agreements, the Portal pages are obtained on outside Portal server and are authenticated.
In the present embodiment, the access request for the mobile terminal that WAP forwards is obtained by intercepting, is moved so as to know
Dynamic terminal needs to access network, thus returns to the access authentication page to mobile terminal, and defeated in the certification page by terminal user
Enter authentication information or authentication information is generated by the certification page, and then by recognizing the authentication information that mobile terminal is sent
Return authentication result after card processing, it is achieved thereby that unified certification and unified push for the wireless aps of various different vendors
Certification page, facilitate the unified management to different vendor's wireless aps in large-scale place.
Reference picture 2, Fig. 2 are the schematic flow sheet of WAP authentication method second embodiment of the present invention.Based on above-mentioned
Method first embodiment, in the present embodiment, the WAP authentication method also includes:
Step S210, detect the mobile terminal data message of the WAP forwarding;
Step S220, according to the relevant information in the data message, whether the mobile terminal is judged by certification,
If so, the data message for the mobile terminal of then letting pass.
In the present embodiment, WAP authentication device to mobile terminal online request be authenticated while,
The mobile terminal data message that real-time detection is forwarded by WAP, the data message are sent including at least mobile terminal
Network insertion request.By detecting data message, whether the mobile terminal is judged by certification, if by certification,
WAP authentication device is directly let pass the data message of the mobile terminal, and otherwise the return authentication page enters to the mobile terminal
Row network access authentication.
For example, WAP authentication device (such as wireless controller) is connected with tri- WAPs of A, B, C, currently
Customer mobile terminal is surfed the Net by certification and by access point A, if bringing mobile terminal into access point B when user walks about
When, mobile terminal corresponding to the data message that now WAP authentication device will determine to forward by access point B has led to
Certification is crossed, so as to the data message for the mobile terminal of letting pass, namely customer mobile terminal in access point B without being surfed the Net again
Certification, and then roamed under the wireless aps of various different vendors while user's unaware can be allowed, lift user experience.
In the present embodiment, landing approach is exempted from by old user and realizes seamless roam between the wireless aps of different vendor, than
The user terminal data message such as forwarded by intercepting various manufacturer's wireless AP devices on mating interface, passes through the user terminal
IP address inquire about and whether judge the user terminal by network access authentication, if by certification, let pass the user
The data message that terminal is sent, without being authenticated again, even if with also allowing user's unaware in various different vendors
Roamed under wireless aps, lift user experience.
Reference picture 3, Fig. 3 are the schematic flow sheet of WAP authentication method 3rd embodiment of the present invention.Based on above-mentioned
Method second embodiment, in the present embodiment, also include after above-mentioned steps S120:
Step S130, when the authentication result be certification by when, to the mobile terminal send specified page parameter, with
Make the display page of the mobile terminal from presently described access authentication page jump to corresponding with the specified page parameter
Specified page, the specified page comprise at least the shown page or the preassigned page before the mobile terminal authentication;
Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, with
Make the display page of the mobile terminal from presently described access authentication page jump to the page corresponding with the page parameter.
Page parameter described in the present embodiment specifically refers in verification process or certification terminate after be used for display information
Parameter corresponding to the page.
In the present embodiment, when mobile terminal certification by when, the page shown on mobile terminal will be redirected, specifically
Specified page parameter according to transmitted by the WAP authentication device received is determined.Such as jump to the page specified
Face, for example, mobile terminal be authenticated before the APP that specifies of the page or jump to download the page.
In addition it is also possible to self-defined redirect rule, and so as to be adapted to corresponding jump page, for example, it is such as properties by matching
Different rule is redirected to set:
1st, according to access point position, such as the affiliated group of access point;
2nd, according to end message, such as the device type of WAP, MAC Address;
3rd, according to IP address attribute, such as the customized IP address of WAP;
4th, according to different period plannings, for example the first certification page is pushed during morning access, is pushed when accessing afternoon
Second of certification page;
5th, according to the currently selected authentication mode type of user terminal.
For example rule is redirected if being set according to access point position, jump to page A;And if counted according to the different time
Delineating, which is put, redirects rule, then jumps to page B.
In the present embodiment, may specify jump page or it is self-defined redirect rule, so as to after mobile terminal is by certification, be
The page that mobile terminal provides Multiple types is shown.
Reference picture 4, Fig. 4 are the high-level schematic functional block diagram of WAP authentication device first embodiment of the present invention.This reality
Apply in example, the WAP authentication device includes:
Interception module 10, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access
Certification page is so that the mobile terminal generates and feeds back access authentication information;
Generally, to realize unified certification, the WAP (namely wireless aps) of various manufacturers all can will in large-scale place
The authentication information of the mobile terminal each connected is uniformly sent to external authentication server (such as portal servers, radius
Server) on carry out unified certification.Therefore, in the present embodiment, interception module 10 obtains what WAP forwarded by intercepting
The network insertion request of mobile terminal, for example set accordingly in the upstream equipment WAP authentication device of WAP
Data message filter condition intercepted with realizing, so as to realize the unified push of certification page.
It is unlimited for the concrete form and content of certification page in the present embodiment, it is configured with specific reference to being actually needed.
For example there is text box on certification page, consequently facilitating user inputs relevant information, such as user name, phone number, password etc.,
Or certification page can also be current popular wechat Quick Response Code, mobile terminal is by identifying the Quick Response Code so as to generating
Relevant authentication information, upstream WAP authentication device is then forwarded to by WAP again.
Authentication module 20, for receiving the access authentication information and being authenticated, authentication result is obtained, and recognize described
Demonstrate,prove result and return to the WAP, to be forwarded to the mobile terminal for use by the WAP.
Authentication module 20 can be authenticated after the authentication information of mobile terminal upload is received, right in the present embodiment
It is unlimited in the processing mode of certification, such as certification is directly completed by authentication module 20, or other are forwarded to by authentication module 20
It is authenticated on external equipment.After the completion of certification, authentication result is returned to WAP by authentication module 20, so as to pass through
WAP is forwarded to mobile terminal.If certification is by the way that mobile terminal is recognized by WAP and WAP
Card device can be achieved to access external the Internet.
In the present embodiment, the access request for the mobile terminal that WAP forwards is obtained by intercepting, is moved so as to know
Dynamic terminal needs to access network, thus returns to the access authentication page to mobile terminal, and defeated in the certification page by terminal user
Enter authentication information or authentication information is generated by the certification page, and then by recognizing the authentication information that mobile terminal is sent
Return authentication result after card processing, it is achieved thereby that unified certification and unified push for the wireless aps of various different vendors
Certification page, facilitate the unified management to different vendor's wireless aps in large-scale place.
Optionally, in the embodiment of WAP authentication device one of the present invention, the return access authentication page includes:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, it is described
The relevant information of WAP is comprised at least in access point position information, facility information, address information and authenticated time information
One or more.
The access authentication page corresponding to being returned in the present embodiment according to the relevant information of WAP, namely this reality
It is not unified fixed to apply the access page returned in example, but can be carried out according to relevant information from adaptation.Such as wirelessly
When access point authentication device is authenticated docking from different WAPs, different certification pages is pushed, can specifically be passed through
Matching such as properties following manner is from the different certification page of adaptation:
1st, access point position, such as the affiliated group of access point are matched;
2nd, reflexless terminal information, such as the device type of WAP, MAC Address;
3rd, Match IP Address attribute, such as the customized IP address of WAP;
4th, different period plannings is matched, for example the first certification page is pushed during morning access, is pushed when accessing afternoon
Second of certification page.
It is further alternative, in the embodiment of WAP authentication device one of the present invention, WAP authentication device
The mobile terminal accessed by preset docking authentication interface to the WAP is authenticated, wherein, the certification connects
The communication protocol mode that mouth is supported using the WAP is authenticated, and the communication protocol mode comprises at least
Any of portal protocol, XML API protocols, URL parameter mode.
In the present embodiment, to realize unified pushing certification page and being authenticated, therefore WAP authentication device is led to
Cross the mobile terminal that preset docking authentication interface accesses each WAP to be authenticated, specific implementation is as follows:
1st, for the wireless access point device of support portal2.0 agreements, by intercepting its forwarding on mating interface
Network insertion is asked, and provides certification page to user terminal, and return final authentication result by portal protocol after certification
Back to the wireless access point device;
2nd, for not supporting the wireless access point devices of portal2.0 agreements, specifically using following communication protocol and mode
It is authenticated:
2.1st, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and final authentication result is returned to by the wireless access point device by URL parameter mode after certification;
2.2nd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and authentication result is returned to by the wireless access point device by XML API protocols after certification;
2.3rd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal
For certification page, and authentication result is returned to by the wireless access point device by single-sign-on mode after certification.
Optionally, in the embodiment of WAP authentication method one of the present invention, the WAP authentication method is extremely
There is provided less wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification,
One or more authentication mode options in third party's Portal certifications.
For example, option one:Wechat certification, it is authenticated by wechat public platform interface, generally with two ways:
The first:Wechat connects Wi-Fi authentication, and after access wechat connects Wi-Fi, user need not input cumbersome Wi-Fi passwords,
Quick Response Code is swept by wechat or click " connection immediately " mode can fast network access.After user successfully surfs the Net, acquiescence is paid close attention to
The wechat public number, client is converted into bean vermicelli so as to zero cost.
Second:Wechat short message certification, i.e. user are after wechat certification has been carried out, it is also necessary to carry out short message certification.
Option two:Short message certification, the cell-phone number inputted by user on certification page, in WAP authentication device
Upper generation short message verification code simultaneously sends the identifying code to Short Message Service Gateway (movement, UNICOM or telecom operators), and user terminal exists
Short message certification code and input validation code are received, the identifying code matching result received is returned to user by WAP authentication device
Terminal, so as to complete certification.
Option three:Authentication-exempt, user click directly on login, you can complete certification.
Option four:Temporary visitor certification, temporary authentication is realized by safeguarding a temporary visitor database.
Option five:Two-dimentional code authentication, is authenticated by two-dimensional code scanning.
Option six:Account certification, it is authenticated by inputting account number cipher on certification page.
Option seven:Third party's protal authentication modes
By Portal2.0 agreements, the Portal pages are obtained on outside Portal server and are authenticated.
Reference picture 5, Fig. 5 are the high-level schematic functional block diagram of WAP authentication device second embodiment of the present invention.It is based on
Said apparatus first embodiment, in the present embodiment, the WAP authentication device also includes:
Detection module 30, for detecting the mobile terminal data message of the WAP forwarding;
Judge module 40, according to the relevant information in the data message, judge the mobile terminal whether by recognizing
Card;
Clearance module 50, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
In the present embodiment, WAP authentication device to mobile terminal online request be authenticated while,
The mobile terminal data message that real-time detection is forwarded by WAP, the data message are sent including at least mobile terminal
Network insertion request.By detecting data message, whether the mobile terminal is judged by certification, if by certification,
WAP authentication device is directly let pass the data message of the mobile terminal, and otherwise the return authentication page enters to the mobile terminal
Row network access authentication.
For example, WAP authentication device (such as wireless controller) is connected with tri- WAPs of A, B, C, currently
Customer mobile terminal is surfed the Net by certification and by access point A, if bringing mobile terminal into access point B when user walks about
When, mobile terminal corresponding to the data message that now WAP authentication device will determine to forward by access point B has led to
Certification is crossed, so as to the data message for the mobile terminal of letting pass, namely customer mobile terminal in access point B without being surfed the Net again
Certification, and then roamed under the wireless aps of various different vendors while user's unaware can be allowed, lift user experience.
In the present embodiment, landing approach is exempted from by old user and realizes seamless roam between the wireless aps of different vendor, than
The user terminal data message such as forwarded by intercepting various manufacturer's wireless AP devices on mating interface, passes through the user terminal
IP address inquire about and whether judge the user terminal by network access authentication, if by certification, let pass the user
The data message that terminal is sent, without being authenticated again, even if with also allowing user's unaware in various different vendors
Roamed under wireless aps, lift user experience.
Reference picture 6, Fig. 6 are the high-level schematic functional block diagram of WAP authentication device 3rd embodiment of the present invention.It is based on
Said apparatus first embodiment, in the present embodiment, the WAP authentication device also includes:
Sending module 60, for when the authentication result be certification by when, to the mobile terminal send specified page
Parameter so that the display page of the mobile terminal from presently described access authentication page jump to the specified page parameter
Corresponding specified page, the specified page is including at least the page or preassigned shown before the mobile terminal authentication
The page;Or rule is redirected according to self-defined, sent to the mobile terminal and self-defined redirect rule corresponding page ginseng with described
Number, so that the display page of the mobile terminal is from presently described access authentication page jump to corresponding with the page parameter
The page.
Page parameter described in the present embodiment specifically refers in verification process or certification terminate after be used for display information
Parameter corresponding to the page.
In the present embodiment, when mobile terminal certification by when, the page shown on mobile terminal will be redirected, specifically
Specified page parameter according to transmitted by the WAP authentication device received is determined.Such as jump to the page specified
Face, for example, mobile terminal be authenticated before the APP that specifies of the page or jump to download the page.
In addition it is also possible to self-defined redirect rule, and so as to be adapted to corresponding jump page, for example, it is such as properties by matching
Different rule is redirected to set:
1st, according to access point position, such as the affiliated group of access point;
2nd, according to end message, such as the device type of WAP, MAC Address;
3rd, according to IP address attribute, such as the customized IP address of WAP;
4th, according to different period plannings, for example the first certification page is pushed during morning access, is pushed when accessing afternoon
Second of certification page;
5th, according to the currently selected authentication mode type of user terminal.
For example rule is redirected if being set according to access point position, jump to page A;And if counted according to the different time
Delineating, which is put, redirects rule, then jumps to page B.
In the present embodiment, may specify jump page or it is self-defined redirect rule, so as to after mobile terminal is by certification, be
The page that mobile terminal provides Multiple types is shown.
Reference picture 7, Fig. 7 are the high-level schematic functional block diagram of the embodiment of present inventive verification system one.In the present embodiment, certification system
System includes some wireless controllers 210, some WAPs 220, some mobile terminals 230, single wireless controller 210 and
Multiple WAPs 220 are connected, and single WAP 220 is connected with multiple mobile terminals 230, connection as shown in Figure 8
Schematic diagram.
In addition, the present embodiment is red, wireless controller 210 includes the WAP certification described in said apparatus embodiment
Device 2101.
In the present embodiment, in the large-scale place of the wireless aps with multiple manufacturers, to realize the unification to each wireless aps
Authentication management, therefore, wireless controller 210 is intercepted by WAP authentication device 2101 obtains what WAP forwarded
The access request of mobile terminal, so as to know that mobile terminal needs to access network, thus access authentication page is returned to mobile terminal
Face, and authentication information is generated by terminal user in the certification page input authentication information or by the certification page, and then pass through
The authentication information sent to mobile terminal is authenticated return authentication result after processing, it is achieved thereby that for various different vendors
Wireless aps unified certification and unified pushing certification page, facilitate the unification to different vendor's wireless aps in large-scale place
Management.
Optionally, wireless controller 210 also supports a variety of authentication modes and can set authentication mode by user.For example prop up
Hold wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification, the 3rd
Square Portal certifications etc..
Optionally, wireless controller 210 also supports old user to exempt to log in, so as to realize between the wireless aps of different vendor
Seamless roam, such as the user terminal data message forwarded by intercepting various manufacturer's wireless AP devices on mating interface, lead to
The IP address for crossing the user terminal is inquired about and whether judges the user terminal by network access authentication, if by certification,
Then let pass the user terminal transmission data message, without being authenticated again, even if with also allowing user's unaware each
Roamed under the wireless aps of kind different vendor, lift user experience.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair
The equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (11)
1. a kind of WAP authentication method, it is characterised in that the WAP authentication method includes:
The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page for the movement
Terminal generates and feeds back access authentication information;
Receive the access authentication information and be authenticated, obtain authentication result, and authentication result return is described wireless
Access point, to be forwarded to the mobile terminal for use by the WAP.
2. WAP authentication method as claimed in claim 1, it is characterised in that pass through preset docking authentication interface pair
The mobile terminal of the WAP access is authenticated;
Wherein, the communication protocol mode that the authentication interface is supported using the WAP is authenticated, the communication
Protocol mode comprises at least any of portal protocol, XML API protocols, URL parameter mode.
3. WAP authentication method as claimed in claim 2, it is characterised in that the return access authentication page bag
Include:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein,
The relevant information of the WAP comprises at least access point position information, facility information, address information and authenticated time letter
One or more in breath.
4. WAP authentication method as claimed any one in claims 1 to 3, it is characterised in that the wireless access
Point authentication method also includes:
Detect the mobile terminal data message of the WAP forwarding;
According to the relevant information in the data message, whether the mobile terminal is judged by certification, should if so, then letting pass
The data message of mobile terminal.
5. WAP authentication method as claimed in claim 4, it is characterised in that when the authentication result passes through for certification
When, the WAP authentication method also includes:
Specified page parameter is sent to the mobile terminal, so that the display page of the mobile terminal is recognized from presently described access
Card page jump comprises at least the mobile terminal to specified page corresponding with the specified page parameter, the specified page
The shown page or the preassigned page before certification;Or
Redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule,
So that the display page of the mobile terminal is from presently described access authentication page jump to page corresponding with the page parameter
Face.
6. a kind of WAP authentication device, it is characterised in that the WAP authentication device includes:
Interception module, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access authentication page
Face is so that the mobile terminal generates and feeds back access authentication information;
Authentication module, for receiving the access authentication information and being authenticated, obtain authentication result, and by the authentication result
The WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
7. WAP authentication device as claimed in claim 6, it is characterised in that the WAP authentication device is led to
The mobile terminal that preset docking authentication interface accesses the WAP is crossed to be authenticated, wherein, the authentication interface
The communication protocol mode supported using the WAP is authenticated, and the communication protocol mode comprises at least Portal
Any of agreement, XML API protocols, URL parameter mode.
8. WAP authentication device as claimed in claim 7, it is characterised in that the interception module is additionally operable to:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein,
The relevant information of the WAP comprises at least access point position information, facility information, address information and authenticated time letter
One or more in breath.
9. the WAP authentication device as any one of claim 6 to 8, it is characterised in that the wireless access
Point authentication device also includes:
Detection module, for detecting the mobile terminal data message of the WAP forwarding;
Judge module, according to the relevant information in the data message, judge whether the mobile terminal has passed through certification;
Clearance module, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
10. WAP authentication device as claimed in claim 9, it is characterised in that the WAP authentication device
Also include:
Sending module, for when the authentication result be certification by when, to the mobile terminal send specified page parameter, with
Make the display page of the mobile terminal from presently described access authentication page jump to corresponding with the specified page parameter
Specified page, the specified page comprise at least the shown page or the preassigned page before the mobile terminal authentication;
Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, with
Make the display page of the mobile terminal from presently described access authentication page jump to the page corresponding with the page parameter.
A kind of 11. Verification System, it is characterised in that the Verification System include some wireless controllers, some WAPs,
Some mobile terminals, single wireless controller are connected with multiple WAPs, single WAP and multiple mobile terminals
Connection, the wireless controller include the WAP authentication device any one of claim 6 to 10.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610639186.4A CN107690140A (en) | 2016-08-04 | 2016-08-04 | WAP authentication method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610639186.4A CN107690140A (en) | 2016-08-04 | 2016-08-04 | WAP authentication method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107690140A true CN107690140A (en) | 2018-02-13 |
Family
ID=61151965
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610639186.4A Pending CN107690140A (en) | 2016-08-04 | 2016-08-04 | WAP authentication method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107690140A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108810896A (en) * | 2018-07-17 | 2018-11-13 | 上海连尚网络科技有限公司 | The connection authentication method and device of wireless access point |
CN111049785A (en) * | 2018-10-12 | 2020-04-21 | 中国移动通信集团有限公司 | Portal authentication method and device |
CN113727344A (en) * | 2020-05-25 | 2021-11-30 | 北京锐云通信息技术有限公司 | Multi-factor authentication method in different scene safe internet access |
CN114615721A (en) * | 2022-01-26 | 2022-06-10 | 上海赛可出行科技服务有限公司 | White list configuration method based on vehicle-mounted WIFI application |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1416241A (en) * | 2002-10-16 | 2003-05-07 | 华为技术有限公司 | Authentication method for supporting network switching in based on different devices at same time |
US20050063400A1 (en) * | 2003-09-24 | 2005-03-24 | Lum Stacey C. | Systems and methods of controlling network access |
US20120294196A1 (en) * | 2006-10-09 | 2012-11-22 | At&T Intellectual Property I, Lp | Method And Apparatus For Delivering IP Multimedia Subsystem Services |
CN103501495A (en) * | 2013-10-16 | 2014-01-08 | 苏州汉明科技有限公司 | Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication |
CN104378382A (en) * | 2014-11-28 | 2015-02-25 | 上海斐讯数据通信技术有限公司 | Multiple client wireless authentication system and authentication method thereof |
CN104427499A (en) * | 2013-09-11 | 2015-03-18 | 中国电信股份有限公司 | Wireless local area network (WLAN) access authentication method and system based on World Wide Web |
CN104811489A (en) * | 2015-04-14 | 2015-07-29 | 深圳市华讯方舟科技有限公司 | Page redirecting method and device |
-
2016
- 2016-08-04 CN CN201610639186.4A patent/CN107690140A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1416241A (en) * | 2002-10-16 | 2003-05-07 | 华为技术有限公司 | Authentication method for supporting network switching in based on different devices at same time |
US20050063400A1 (en) * | 2003-09-24 | 2005-03-24 | Lum Stacey C. | Systems and methods of controlling network access |
US20120294196A1 (en) * | 2006-10-09 | 2012-11-22 | At&T Intellectual Property I, Lp | Method And Apparatus For Delivering IP Multimedia Subsystem Services |
CN104427499A (en) * | 2013-09-11 | 2015-03-18 | 中国电信股份有限公司 | Wireless local area network (WLAN) access authentication method and system based on World Wide Web |
CN103501495A (en) * | 2013-10-16 | 2014-01-08 | 苏州汉明科技有限公司 | Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication |
CN104378382A (en) * | 2014-11-28 | 2015-02-25 | 上海斐讯数据通信技术有限公司 | Multiple client wireless authentication system and authentication method thereof |
CN104811489A (en) * | 2015-04-14 | 2015-07-29 | 深圳市华讯方舟科技有限公司 | Page redirecting method and device |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108810896A (en) * | 2018-07-17 | 2018-11-13 | 上海连尚网络科技有限公司 | The connection authentication method and device of wireless access point |
CN111049785A (en) * | 2018-10-12 | 2020-04-21 | 中国移动通信集团有限公司 | Portal authentication method and device |
CN113727344A (en) * | 2020-05-25 | 2021-11-30 | 北京锐云通信息技术有限公司 | Multi-factor authentication method in different scene safe internet access |
CN114615721A (en) * | 2022-01-26 | 2022-06-10 | 上海赛可出行科技服务有限公司 | White list configuration method based on vehicle-mounted WIFI application |
CN114615721B (en) * | 2022-01-26 | 2023-12-22 | 上海赛可出行科技服务有限公司 | White list configuration method based on vehicle-mounted WIFI application |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104834489B (en) | A kind of method for sharing cloud printer and Cloud Server and cloud print system | |
US9288194B2 (en) | Authorization method, apparatus, and system | |
CN104158808B (en) | Portal authentication method and its device based on APP applications | |
CN105007581B (en) | A kind of network access authentication method and client | |
EP3179758A1 (en) | Building intercom method, nfc unlocking device and building intercom system | |
CN105263193B (en) | The WIFI connection methods of mobile terminal and system | |
CN106254560A (en) | Information transferring method and device | |
CN103874065B (en) | A kind of method and device for judging customer location exception | |
CN104994504A (en) | Secure and automatic connection to wireless network | |
CN105704116A (en) | Method for binding intelligent device through binding code | |
CN107690140A (en) | WAP authentication method, apparatus and system | |
CN104735027B (en) | A kind of safety certifying method and authentication server | |
CN104820944A (en) | Method and system for bank self-service terminal authentication, and device | |
CN107529160A (en) | A kind of VoWiFi method for network access and system, terminal and wireless access points equipment | |
CN104270440B (en) | A kind of Portal processing methods of portable broadband wireless access equipment | |
CN105227430A (en) | A kind of social Internet of Things implementation method based on micro-letter platform | |
CN104702608A (en) | WiFi sharing system | |
CN107241431A (en) | The method and system of virtual desktop are logged in based on the barcode scanning that Quick Response Code is realized | |
CN112422758A (en) | LTE cellular mobile network communication method | |
CN105530638B (en) | A kind of free WIFI Verification System shared based on circle of friends | |
CN107786663A (en) | Control method, device and the computer-readable recording medium of smart machine | |
CN106878987B (en) | Communication method, system and cloud server | |
CN106230788A (en) | The reorientation method of a kind of portal certification, radio reception device, portal server | |
CN105635060B (en) | It is a kind of to obtain method, authentication server and the gateway for applying data | |
CN108600190A (en) | A kind of account login method and system based on router |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180213 |