CN107690140A - WAP authentication method, apparatus and system - Google Patents

WAP authentication method, apparatus and system Download PDF

Info

Publication number
CN107690140A
CN107690140A CN201610639186.4A CN201610639186A CN107690140A CN 107690140 A CN107690140 A CN 107690140A CN 201610639186 A CN201610639186 A CN 201610639186A CN 107690140 A CN107690140 A CN 107690140A
Authority
CN
China
Prior art keywords
wap
authentication
page
mobile terminal
certification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610639186.4A
Other languages
Chinese (zh)
Inventor
漆雄峰
李兰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Technology Co Ltd Of Xin Ruiwang Section Of Shenzhen
Original Assignee
Technology Co Ltd Of Xin Ruiwang Section Of Shenzhen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Technology Co Ltd Of Xin Ruiwang Section Of Shenzhen filed Critical Technology Co Ltd Of Xin Ruiwang Section Of Shenzhen
Priority to CN201610639186.4A priority Critical patent/CN107690140A/en
Publication of CN107690140A publication Critical patent/CN107690140A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of WAP authentication method, including:The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page so that the mobile terminal generates and feeds back access authentication information;Receive the access authentication information and be authenticated, obtain authentication result, and the authentication result is returned into the WAP, to be forwarded to the mobile terminal for use by the WAP.The invention also discloses a kind of WAP authentication device.The present invention realizes the unified certification of the wireless access point device of different vendor in same place, so as to be roamed between the wireless access point device of different vendor with allowing user's unaware, lifts user experience.

Description

WAP authentication method, apparatus and system
Technical field
The present invention relates to communication technical field, more particularly to WAP authentication method, apparatus and system.
Background technology
Currently as the intelligent mobile terminal such as the high speed development of mobile Internet, smart mobile phone, tablet personal computer is more and more general And because operator's tariff for mobile phone Internet access remains high, people prefer to surf the Net using wifi.Company, hotel, business are superfine large-scale Place generally both provides wifi services on net, and so as to facilitate employee, either client can also pacify while office or consumption Easily access Internet resources entirely.
However, the various wireless aps (Access Point, WAP) used suitable for intelligent mobile terminal are also got over Come it is more, often there is the wireless aps of multiple manufacturers in a large-scale place, and the wireless aps of different vendor correspond to it is different Authentication mode.Therefore, these wireless aps how are managed collectively, so as to which mobile terminal user can carry out unified certification, uniformly push away Certification page is sent, and this has become the subject matter of current online management.
Existing technical implementation way is at present:(1) it is enterprising by portal server of the portal2.0 agreements in outside Row certification and the purpose for realizing unified pushing certification page;(2) it is authenticated by the radius servers of outside and realizes system The purpose of one pushing certification page.
But above-mentioned implementation has the disadvantage that:(1) at present some manufacturers equipment such as:TP-link, aruba are set Standby wait does not support portal2.0 agreements;(2) equipment of some manufacturers does not support outside radius certifications, therefore, existing skill at present Art scheme is difficult to unified certification and unified pushing certification page to the wireless aps of different vendor.
The content of the invention
It is a primary object of the present invention to provide a kind of WAP authentication method, apparatus and system, it is intended to solve existing There is technical scheme to be difficult to the unified certification to the wireless aps of different vendor and the technical problem of unified pushing certification page.
To achieve the above object, the present invention provides a kind of WAP authentication method, the WAP authenticating party Method includes:
The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page for described Mobile terminal generation accesses and feeds back authentication information;
Receive the access authentication information and be authenticated, obtain authentication result, and by described in authentication result return WAP, to be forwarded to the mobile terminal for use by the WAP.
Optionally, the mobile terminal accessed by preset docking authentication interface to the WAP is authenticated;
Wherein, the communication protocol mode that the authentication interface is supported using the WAP is authenticated, described Communication protocol mode comprises at least any of portal protocol, XML API protocols, URL parameter mode.
Optionally, the return access authentication page includes:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, Wherein, when the relevant information of the WAP comprises at least access point position information, facility information, address information and certification Between one or more in information.
Optionally, the WAP authentication method also includes:
Detect the mobile terminal data message of the WAP forwarding;
According to the relevant information in the data message, whether the mobile terminal is judged by certification, if so, then putting The data message of the row mobile terminal.
Optionally, when the authentication result be certification by when, the WAP authentication method also includes:
Specified page parameter is sent to the mobile terminal, so that the display page of the mobile terminal connects from presently described Enter certification page and jump to specified page corresponding with the specified page parameter, the specified page comprises at least the movement The shown page or the preassigned page before terminal authentication;Or
Rule is redirected according to self-defined, is sent to the mobile terminal and self-defined redirects rule corresponding page ginseng with described Number, so that the display page of the mobile terminal is from presently described access authentication page jump to corresponding with the page parameter The page.
Further, to achieve the above object, the present invention also provides a kind of WAP authentication device, described wirelessly to connect Access point authentication device includes:
Interception module, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access and recognize The page is demonstrate,proved so that the mobile terminal generates and feeds back access authentication information;
Authentication module, for receiving the access authentication information and being authenticated, obtain authentication result, and by the certification As a result the WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
Optionally, the WAP authentication device is connect by preset docking authentication interface to the WAP The mobile terminal entered is authenticated, wherein, the authentication interface uses the communication protocol mode that the WAP is supported It is authenticated, the communication protocol mode comprises at least any in portal protocol, XML API protocols, URL parameter mode Kind.
Optionally, the interception module is additionally operable to:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, Wherein, when the relevant information of the WAP comprises at least access point position information, facility information, address information and certification Between one or more in information.
Optionally, the WAP authentication device also includes:
Detection module, for detecting the mobile terminal data message of the WAP forwarding;
Judge module, according to the relevant information in the data message, judge whether the mobile terminal has passed through certification;
Clearance module, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
Optionally, the WAP authentication device also includes:
Sending module, for when the authentication result be certification by when, to the mobile terminal send specified page ginseng Number so that the display page of the mobile terminal from presently described access authentication page jump to the specified page parameter pair The specified page answered, the specified page comprise at least the shown page or preassigned page before the mobile terminal authentication Face;Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, So that the display page of the mobile terminal is from presently described access authentication page jump to page corresponding with the page parameter Face.
Further, to achieve the above object, the present invention also provides a kind of Verification System, and the Verification System includes some Wireless controller, some WAPs, some mobile terminals, single wireless controller are connected with multiple WAPs, single Individual WAP is connected with multiple mobile terminals, and the WAP that the wireless controller includes described in any of the above-described is recognized Card device.
In the present invention, the access request for the mobile terminal that WAP forwards is obtained by intercepting, so as to know movement Terminal needs to access network, thus returns to the access authentication page to mobile terminal, and is inputted by terminal user in the certification page Authentication information generates authentication information by the certification page, and then by being authenticated to the authentication information that mobile terminal is sent Return authentication result after processing, it is achieved thereby that the unified certification and unified push for the wireless aps of various different vendors are recognized The page is demonstrate,proved, facilitates the unified management to different vendor's wireless aps in large-scale place.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of WAP authentication method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of WAP authentication method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of WAP authentication method 3rd embodiment of the present invention;
Fig. 4 is the high-level schematic functional block diagram of WAP authentication device first embodiment of the present invention;
Fig. 5 is the high-level schematic functional block diagram of WAP authentication device second embodiment of the present invention;
Fig. 6 is the high-level schematic functional block diagram of WAP authentication device 3rd embodiment of the present invention;
Fig. 7 is the high-level schematic functional block diagram of the embodiment of present inventive verification system one;
Fig. 8 is the connection diagram of the embodiment of present inventive verification system one.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that specific embodiment described herein is not intended to limit the present invention only to explain the present invention.
Reference picture 1, Fig. 1 are the schematic flow sheet of WAP authentication method first embodiment of the present invention.The present embodiment In, the WAP authentication method includes:
Step S110, intercepts and captures the network insertion request of the mobile terminal of WAP forwarding, and returns to access authentication page Face is so that the mobile terminal generates and feeds back access authentication information;
Generally, to realize unified certification, the WAP (namely wireless aps) of various manufacturers all can will in large-scale place The authentication information of the mobile terminal each connected is uniformly sent to external authentication server (such as portal servers, radius Server) on carry out unified certification.Therefore, in the present embodiment, the mobile terminal of WAP forwarding is obtained by intercepting Network insertion is asked, for example sets corresponding data message in the upstream equipment WAP authentication device of WAP Filter condition is intercepted with realizing, so as to realize the unified push of certification page.
It is unlimited for the concrete form and content of certification page in the present embodiment, it is configured with specific reference to being actually needed. For example there is text box on certification page, consequently facilitating user inputs relevant information, such as user name, phone number, password etc., Or certification page can also be current popular wechat Quick Response Code, mobile terminal is by identifying the Quick Response Code so as to generating Relevant authentication information, upstream WAP authentication device is then forwarded to by WAP again.
Optionally, in the embodiment of WAP authentication method one of the present invention, the return access authentication page includes: According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, it is described The relevant information of WAP is comprised at least in access point position information, facility information, address information and authenticated time information One or more.
The access authentication page corresponding to being returned in the present embodiment according to the relevant information of WAP, namely this reality It is not unified fixed to apply the access page returned in example, but can be carried out according to relevant information from adaptation.Such as wirelessly When access point authentication device is authenticated docking from different WAPs, different certification pages is pushed, can specifically be passed through Matching such as properties following manner is from the different certification page of adaptation:
1st, access point position, such as the affiliated group of access point are matched;
2nd, reflexless terminal information, such as the device type of WAP, MAC Address;
3rd, Match IP Address attribute, such as the customized IP address of WAP;
4th, different period plannings is matched, for example the first certification page is pushed during morning access, is pushed when accessing afternoon Second of certification page.
Step S120, receive the access authentication information and be authenticated, obtain authentication result, and by the authentication result The WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
WAP authentication device can be authenticated after the authentication information of mobile terminal upload is received, this implementation It is unlimited for the processing mode of certification in example, such as certification is directly completed by WAP authentication device, or by wirelessly connecing Access point authentication device is forwarded on other external equipments and is authenticated.After the completion of certification, WAP authentication device will recognize Card result returns to WAP, so as to be forwarded to mobile terminal by WAP.If certification passes through mobile terminal It can be achieved to access external the Internet by WAP and WAP authentication device.
Optionally, in the embodiment of WAP authentication method one of the present invention, WAP authentication device passes through pre- The mobile terminal that the docking authentication interface put accesses to the WAP is authenticated, wherein, the authentication interface uses The communication protocol mode that the WAP is supported is authenticated, and the communication protocol mode is assisted including at least Portal Any of view, XML API protocols, URL parameter mode.
In the present embodiment, to realize unified pushing certification page and being authenticated, therefore WAP authentication device is led to Cross preset docking authentication interface to be authenticated the mobile terminal on each WAP, specific implementation is as follows:
1st, for the wireless access point device of support portal2.0 agreements, by intercepting its forwarding on mating interface Network insertion is asked, and provides certification page to user terminal, and return final authentication result by portal protocol after certification Back to the wireless access point device;
2nd, for not supporting the wireless access point devices of portal2.0 agreements, specifically using following communication protocol and mode It is authenticated:
2.1st, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and final authentication result is returned to by the wireless access point device by URL parameter mode after certification;
2.2nd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and authentication result is returned to by the wireless access point device by XML API protocols after certification;
2.3rd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and authentication result is returned to by the wireless access point device by single-sign-on mode after certification.
Optionally, in the embodiment of WAP authentication method one of the present invention, the WAP authentication method is extremely There is provided less wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification, One or more authentication mode options in third party's Portal certifications.
For example, option one:Wechat certification, it is authenticated by wechat public platform interface, generally with two ways:
The first:Wechat connects Wi-Fi authentication, and after access wechat connects Wi-Fi, user need not input cumbersome Wi-Fi passwords, Quick Response Code is swept by wechat or click " connection immediately " mode can fast network access.After user successfully surfs the Net, acquiescence is paid close attention to The wechat public number, client is converted into bean vermicelli so as to zero cost.
Second:Wechat short message certification, i.e. user are after wechat certification has been carried out, it is also necessary to carry out short message certification.
Option two:Short message certification, the cell-phone number inputted by user on certification page, in WAP authentication device Upper generation short message verification code simultaneously sends the identifying code to Short Message Service Gateway (movement, UNICOM or telecom operators), and user terminal exists Short message certification code and input validation code are received, the identifying code matching result received is returned to user by WAP authentication device Terminal, so as to complete certification.
Option three:Authentication-exempt, user click directly on login, you can complete certification.
Option four:Temporary visitor certification, temporary authentication is realized by safeguarding a temporary visitor database.
Option five:Two-dimentional code authentication, is authenticated by two-dimensional code scanning.
Option six:Account certification, it is authenticated by inputting account number cipher on certification page.
Option seven:Third party's protal authentication modes
By Portal2.0 agreements, the Portal pages are obtained on outside Portal server and are authenticated.
In the present embodiment, the access request for the mobile terminal that WAP forwards is obtained by intercepting, is moved so as to know Dynamic terminal needs to access network, thus returns to the access authentication page to mobile terminal, and defeated in the certification page by terminal user Enter authentication information or authentication information is generated by the certification page, and then by recognizing the authentication information that mobile terminal is sent Return authentication result after card processing, it is achieved thereby that unified certification and unified push for the wireless aps of various different vendors Certification page, facilitate the unified management to different vendor's wireless aps in large-scale place.
Reference picture 2, Fig. 2 are the schematic flow sheet of WAP authentication method second embodiment of the present invention.Based on above-mentioned Method first embodiment, in the present embodiment, the WAP authentication method also includes:
Step S210, detect the mobile terminal data message of the WAP forwarding;
Step S220, according to the relevant information in the data message, whether the mobile terminal is judged by certification, If so, the data message for the mobile terminal of then letting pass.
In the present embodiment, WAP authentication device to mobile terminal online request be authenticated while, The mobile terminal data message that real-time detection is forwarded by WAP, the data message are sent including at least mobile terminal Network insertion request.By detecting data message, whether the mobile terminal is judged by certification, if by certification, WAP authentication device is directly let pass the data message of the mobile terminal, and otherwise the return authentication page enters to the mobile terminal Row network access authentication.
For example, WAP authentication device (such as wireless controller) is connected with tri- WAPs of A, B, C, currently Customer mobile terminal is surfed the Net by certification and by access point A, if bringing mobile terminal into access point B when user walks about When, mobile terminal corresponding to the data message that now WAP authentication device will determine to forward by access point B has led to Certification is crossed, so as to the data message for the mobile terminal of letting pass, namely customer mobile terminal in access point B without being surfed the Net again Certification, and then roamed under the wireless aps of various different vendors while user's unaware can be allowed, lift user experience.
In the present embodiment, landing approach is exempted from by old user and realizes seamless roam between the wireless aps of different vendor, than The user terminal data message such as forwarded by intercepting various manufacturer's wireless AP devices on mating interface, passes through the user terminal IP address inquire about and whether judge the user terminal by network access authentication, if by certification, let pass the user The data message that terminal is sent, without being authenticated again, even if with also allowing user's unaware in various different vendors Roamed under wireless aps, lift user experience.
Reference picture 3, Fig. 3 are the schematic flow sheet of WAP authentication method 3rd embodiment of the present invention.Based on above-mentioned Method second embodiment, in the present embodiment, also include after above-mentioned steps S120:
Step S130, when the authentication result be certification by when, to the mobile terminal send specified page parameter, with Make the display page of the mobile terminal from presently described access authentication page jump to corresponding with the specified page parameter Specified page, the specified page comprise at least the shown page or the preassigned page before the mobile terminal authentication; Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, with Make the display page of the mobile terminal from presently described access authentication page jump to the page corresponding with the page parameter.
Page parameter described in the present embodiment specifically refers in verification process or certification terminate after be used for display information Parameter corresponding to the page.
In the present embodiment, when mobile terminal certification by when, the page shown on mobile terminal will be redirected, specifically Specified page parameter according to transmitted by the WAP authentication device received is determined.Such as jump to the page specified Face, for example, mobile terminal be authenticated before the APP that specifies of the page or jump to download the page.
In addition it is also possible to self-defined redirect rule, and so as to be adapted to corresponding jump page, for example, it is such as properties by matching Different rule is redirected to set:
1st, according to access point position, such as the affiliated group of access point;
2nd, according to end message, such as the device type of WAP, MAC Address;
3rd, according to IP address attribute, such as the customized IP address of WAP;
4th, according to different period plannings, for example the first certification page is pushed during morning access, is pushed when accessing afternoon Second of certification page;
5th, according to the currently selected authentication mode type of user terminal.
For example rule is redirected if being set according to access point position, jump to page A;And if counted according to the different time Delineating, which is put, redirects rule, then jumps to page B.
In the present embodiment, may specify jump page or it is self-defined redirect rule, so as to after mobile terminal is by certification, be The page that mobile terminal provides Multiple types is shown.
Reference picture 4, Fig. 4 are the high-level schematic functional block diagram of WAP authentication device first embodiment of the present invention.This reality Apply in example, the WAP authentication device includes:
Interception module 10, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access Certification page is so that the mobile terminal generates and feeds back access authentication information;
Generally, to realize unified certification, the WAP (namely wireless aps) of various manufacturers all can will in large-scale place The authentication information of the mobile terminal each connected is uniformly sent to external authentication server (such as portal servers, radius Server) on carry out unified certification.Therefore, in the present embodiment, interception module 10 obtains what WAP forwarded by intercepting The network insertion request of mobile terminal, for example set accordingly in the upstream equipment WAP authentication device of WAP Data message filter condition intercepted with realizing, so as to realize the unified push of certification page.
It is unlimited for the concrete form and content of certification page in the present embodiment, it is configured with specific reference to being actually needed. For example there is text box on certification page, consequently facilitating user inputs relevant information, such as user name, phone number, password etc., Or certification page can also be current popular wechat Quick Response Code, mobile terminal is by identifying the Quick Response Code so as to generating Relevant authentication information, upstream WAP authentication device is then forwarded to by WAP again.
Authentication module 20, for receiving the access authentication information and being authenticated, authentication result is obtained, and recognize described Demonstrate,prove result and return to the WAP, to be forwarded to the mobile terminal for use by the WAP.
Authentication module 20 can be authenticated after the authentication information of mobile terminal upload is received, right in the present embodiment It is unlimited in the processing mode of certification, such as certification is directly completed by authentication module 20, or other are forwarded to by authentication module 20 It is authenticated on external equipment.After the completion of certification, authentication result is returned to WAP by authentication module 20, so as to pass through WAP is forwarded to mobile terminal.If certification is by the way that mobile terminal is recognized by WAP and WAP Card device can be achieved to access external the Internet.
In the present embodiment, the access request for the mobile terminal that WAP forwards is obtained by intercepting, is moved so as to know Dynamic terminal needs to access network, thus returns to the access authentication page to mobile terminal, and defeated in the certification page by terminal user Enter authentication information or authentication information is generated by the certification page, and then by recognizing the authentication information that mobile terminal is sent Return authentication result after card processing, it is achieved thereby that unified certification and unified push for the wireless aps of various different vendors Certification page, facilitate the unified management to different vendor's wireless aps in large-scale place.
Optionally, in the embodiment of WAP authentication device one of the present invention, the return access authentication page includes: According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, it is described The relevant information of WAP is comprised at least in access point position information, facility information, address information and authenticated time information One or more.
The access authentication page corresponding to being returned in the present embodiment according to the relevant information of WAP, namely this reality It is not unified fixed to apply the access page returned in example, but can be carried out according to relevant information from adaptation.Such as wirelessly When access point authentication device is authenticated docking from different WAPs, different certification pages is pushed, can specifically be passed through Matching such as properties following manner is from the different certification page of adaptation:
1st, access point position, such as the affiliated group of access point are matched;
2nd, reflexless terminal information, such as the device type of WAP, MAC Address;
3rd, Match IP Address attribute, such as the customized IP address of WAP;
4th, different period plannings is matched, for example the first certification page is pushed during morning access, is pushed when accessing afternoon Second of certification page.
It is further alternative, in the embodiment of WAP authentication device one of the present invention, WAP authentication device The mobile terminal accessed by preset docking authentication interface to the WAP is authenticated, wherein, the certification connects The communication protocol mode that mouth is supported using the WAP is authenticated, and the communication protocol mode comprises at least Any of portal protocol, XML API protocols, URL parameter mode.
In the present embodiment, to realize unified pushing certification page and being authenticated, therefore WAP authentication device is led to Cross the mobile terminal that preset docking authentication interface accesses each WAP to be authenticated, specific implementation is as follows:
1st, for the wireless access point device of support portal2.0 agreements, by intercepting its forwarding on mating interface Network insertion is asked, and provides certification page to user terminal, and return final authentication result by portal protocol after certification Back to the wireless access point device;
2nd, for not supporting the wireless access point devices of portal2.0 agreements, specifically using following communication protocol and mode It is authenticated:
2.1st, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and final authentication result is returned to by the wireless access point device by URL parameter mode after certification;
2.2nd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and authentication result is returned to by the wireless access point device by XML API protocols after certification;
2.3rd, the network insertion forwarded by intercepting wireless access point device on mating interface is asked, and is carried to user terminal For certification page, and authentication result is returned to by the wireless access point device by single-sign-on mode after certification.
Optionally, in the embodiment of WAP authentication method one of the present invention, the WAP authentication method is extremely There is provided less wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification, One or more authentication mode options in third party's Portal certifications.
For example, option one:Wechat certification, it is authenticated by wechat public platform interface, generally with two ways:
The first:Wechat connects Wi-Fi authentication, and after access wechat connects Wi-Fi, user need not input cumbersome Wi-Fi passwords, Quick Response Code is swept by wechat or click " connection immediately " mode can fast network access.After user successfully surfs the Net, acquiescence is paid close attention to The wechat public number, client is converted into bean vermicelli so as to zero cost.
Second:Wechat short message certification, i.e. user are after wechat certification has been carried out, it is also necessary to carry out short message certification.
Option two:Short message certification, the cell-phone number inputted by user on certification page, in WAP authentication device Upper generation short message verification code simultaneously sends the identifying code to Short Message Service Gateway (movement, UNICOM or telecom operators), and user terminal exists Short message certification code and input validation code are received, the identifying code matching result received is returned to user by WAP authentication device Terminal, so as to complete certification.
Option three:Authentication-exempt, user click directly on login, you can complete certification.
Option four:Temporary visitor certification, temporary authentication is realized by safeguarding a temporary visitor database.
Option five:Two-dimentional code authentication, is authenticated by two-dimensional code scanning.
Option six:Account certification, it is authenticated by inputting account number cipher on certification page.
Option seven:Third party's protal authentication modes
By Portal2.0 agreements, the Portal pages are obtained on outside Portal server and are authenticated.
Reference picture 5, Fig. 5 are the high-level schematic functional block diagram of WAP authentication device second embodiment of the present invention.It is based on Said apparatus first embodiment, in the present embodiment, the WAP authentication device also includes:
Detection module 30, for detecting the mobile terminal data message of the WAP forwarding;
Judge module 40, according to the relevant information in the data message, judge the mobile terminal whether by recognizing Card;
Clearance module 50, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
In the present embodiment, WAP authentication device to mobile terminal online request be authenticated while, The mobile terminal data message that real-time detection is forwarded by WAP, the data message are sent including at least mobile terminal Network insertion request.By detecting data message, whether the mobile terminal is judged by certification, if by certification, WAP authentication device is directly let pass the data message of the mobile terminal, and otherwise the return authentication page enters to the mobile terminal Row network access authentication.
For example, WAP authentication device (such as wireless controller) is connected with tri- WAPs of A, B, C, currently Customer mobile terminal is surfed the Net by certification and by access point A, if bringing mobile terminal into access point B when user walks about When, mobile terminal corresponding to the data message that now WAP authentication device will determine to forward by access point B has led to Certification is crossed, so as to the data message for the mobile terminal of letting pass, namely customer mobile terminal in access point B without being surfed the Net again Certification, and then roamed under the wireless aps of various different vendors while user's unaware can be allowed, lift user experience.
In the present embodiment, landing approach is exempted from by old user and realizes seamless roam between the wireless aps of different vendor, than The user terminal data message such as forwarded by intercepting various manufacturer's wireless AP devices on mating interface, passes through the user terminal IP address inquire about and whether judge the user terminal by network access authentication, if by certification, let pass the user The data message that terminal is sent, without being authenticated again, even if with also allowing user's unaware in various different vendors Roamed under wireless aps, lift user experience.
Reference picture 6, Fig. 6 are the high-level schematic functional block diagram of WAP authentication device 3rd embodiment of the present invention.It is based on Said apparatus first embodiment, in the present embodiment, the WAP authentication device also includes:
Sending module 60, for when the authentication result be certification by when, to the mobile terminal send specified page Parameter so that the display page of the mobile terminal from presently described access authentication page jump to the specified page parameter Corresponding specified page, the specified page is including at least the page or preassigned shown before the mobile terminal authentication The page;Or rule is redirected according to self-defined, sent to the mobile terminal and self-defined redirect rule corresponding page ginseng with described Number, so that the display page of the mobile terminal is from presently described access authentication page jump to corresponding with the page parameter The page.
Page parameter described in the present embodiment specifically refers in verification process or certification terminate after be used for display information Parameter corresponding to the page.
In the present embodiment, when mobile terminal certification by when, the page shown on mobile terminal will be redirected, specifically Specified page parameter according to transmitted by the WAP authentication device received is determined.Such as jump to the page specified Face, for example, mobile terminal be authenticated before the APP that specifies of the page or jump to download the page.
In addition it is also possible to self-defined redirect rule, and so as to be adapted to corresponding jump page, for example, it is such as properties by matching Different rule is redirected to set:
1st, according to access point position, such as the affiliated group of access point;
2nd, according to end message, such as the device type of WAP, MAC Address;
3rd, according to IP address attribute, such as the customized IP address of WAP;
4th, according to different period plannings, for example the first certification page is pushed during morning access, is pushed when accessing afternoon Second of certification page;
5th, according to the currently selected authentication mode type of user terminal.
For example rule is redirected if being set according to access point position, jump to page A;And if counted according to the different time Delineating, which is put, redirects rule, then jumps to page B.
In the present embodiment, may specify jump page or it is self-defined redirect rule, so as to after mobile terminal is by certification, be The page that mobile terminal provides Multiple types is shown.
Reference picture 7, Fig. 7 are the high-level schematic functional block diagram of the embodiment of present inventive verification system one.In the present embodiment, certification system System includes some wireless controllers 210, some WAPs 220, some mobile terminals 230, single wireless controller 210 and Multiple WAPs 220 are connected, and single WAP 220 is connected with multiple mobile terminals 230, connection as shown in Figure 8 Schematic diagram.
In addition, the present embodiment is red, wireless controller 210 includes the WAP certification described in said apparatus embodiment Device 2101.
In the present embodiment, in the large-scale place of the wireless aps with multiple manufacturers, to realize the unification to each wireless aps Authentication management, therefore, wireless controller 210 is intercepted by WAP authentication device 2101 obtains what WAP forwarded The access request of mobile terminal, so as to know that mobile terminal needs to access network, thus access authentication page is returned to mobile terminal Face, and authentication information is generated by terminal user in the certification page input authentication information or by the certification page, and then pass through The authentication information sent to mobile terminal is authenticated return authentication result after processing, it is achieved thereby that for various different vendors Wireless aps unified certification and unified pushing certification page, facilitate the unification to different vendor's wireless aps in large-scale place Management.
Optionally, wireless controller 210 also supports a variety of authentication modes and can set authentication mode by user.For example prop up Hold wechat certification, wechat short message certification, short message certification, authentication-exempt, temporary visitor certification, two-dimentional code authentication, account certification, the 3rd Square Portal certifications etc..
Optionally, wireless controller 210 also supports old user to exempt to log in, so as to realize between the wireless aps of different vendor Seamless roam, such as the user terminal data message forwarded by intercepting various manufacturer's wireless AP devices on mating interface, lead to The IP address for crossing the user terminal is inquired about and whether judges the user terminal by network access authentication, if by certification, Then let pass the user terminal transmission data message, without being authenticated again, even if with also allowing user's unaware each Roamed under the wireless aps of kind different vendor, lift user experience.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair The equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills Art field, is included within the scope of the present invention.

Claims (11)

1. a kind of WAP authentication method, it is characterised in that the WAP authentication method includes:
The network insertion request of the mobile terminal of WAP forwarding is intercepted and captured, and returns to the access authentication page for the movement Terminal generates and feeds back access authentication information;
Receive the access authentication information and be authenticated, obtain authentication result, and authentication result return is described wireless Access point, to be forwarded to the mobile terminal for use by the WAP.
2. WAP authentication method as claimed in claim 1, it is characterised in that pass through preset docking authentication interface pair The mobile terminal of the WAP access is authenticated;
Wherein, the communication protocol mode that the authentication interface is supported using the WAP is authenticated, the communication Protocol mode comprises at least any of portal protocol, XML API protocols, URL parameter mode.
3. WAP authentication method as claimed in claim 2, it is characterised in that the return access authentication page bag Include:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, The relevant information of the WAP comprises at least access point position information, facility information, address information and authenticated time letter One or more in breath.
4. WAP authentication method as claimed any one in claims 1 to 3, it is characterised in that the wireless access Point authentication method also includes:
Detect the mobile terminal data message of the WAP forwarding;
According to the relevant information in the data message, whether the mobile terminal is judged by certification, should if so, then letting pass The data message of mobile terminal.
5. WAP authentication method as claimed in claim 4, it is characterised in that when the authentication result passes through for certification When, the WAP authentication method also includes:
Specified page parameter is sent to the mobile terminal, so that the display page of the mobile terminal is recognized from presently described access Card page jump comprises at least the mobile terminal to specified page corresponding with the specified page parameter, the specified page The shown page or the preassigned page before certification;Or
Redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, So that the display page of the mobile terminal is from presently described access authentication page jump to page corresponding with the page parameter Face.
6. a kind of WAP authentication device, it is characterised in that the WAP authentication device includes:
Interception module, the network insertion request of the mobile terminal for intercepting and capturing WAP forwarding, and return to access authentication page Face is so that the mobile terminal generates and feeds back access authentication information;
Authentication module, for receiving the access authentication information and being authenticated, obtain authentication result, and by the authentication result The WAP is returned to, to be forwarded to the mobile terminal for use by the WAP.
7. WAP authentication device as claimed in claim 6, it is characterised in that the WAP authentication device is led to The mobile terminal that preset docking authentication interface accesses the WAP is crossed to be authenticated, wherein, the authentication interface The communication protocol mode supported using the WAP is authenticated, and the communication protocol mode comprises at least Portal Any of agreement, XML API protocols, URL parameter mode.
8. WAP authentication device as claimed in claim 7, it is characterised in that the interception module is additionally operable to:
According to the relevant information of the WAP, to the WAP return corresponding to the access authentication page, wherein, The relevant information of the WAP comprises at least access point position information, facility information, address information and authenticated time letter One or more in breath.
9. the WAP authentication device as any one of claim 6 to 8, it is characterised in that the wireless access Point authentication device also includes:
Detection module, for detecting the mobile terminal data message of the WAP forwarding;
Judge module, according to the relevant information in the data message, judge whether the mobile terminal has passed through certification;
Clearance module, for when the mobile terminal has passed through certification, the data message for the mobile terminal of letting pass.
10. WAP authentication device as claimed in claim 9, it is characterised in that the WAP authentication device Also include:
Sending module, for when the authentication result be certification by when, to the mobile terminal send specified page parameter, with Make the display page of the mobile terminal from presently described access authentication page jump to corresponding with the specified page parameter Specified page, the specified page comprise at least the shown page or the preassigned page before the mobile terminal authentication; Or redirect rule according to self-defined, to the mobile terminal send with it is described it is self-defined redirect the corresponding page parameter of rule, with Make the display page of the mobile terminal from presently described access authentication page jump to the page corresponding with the page parameter.
A kind of 11. Verification System, it is characterised in that the Verification System include some wireless controllers, some WAPs, Some mobile terminals, single wireless controller are connected with multiple WAPs, single WAP and multiple mobile terminals Connection, the wireless controller include the WAP authentication device any one of claim 6 to 10.
CN201610639186.4A 2016-08-04 2016-08-04 WAP authentication method, apparatus and system Pending CN107690140A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610639186.4A CN107690140A (en) 2016-08-04 2016-08-04 WAP authentication method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610639186.4A CN107690140A (en) 2016-08-04 2016-08-04 WAP authentication method, apparatus and system

Publications (1)

Publication Number Publication Date
CN107690140A true CN107690140A (en) 2018-02-13

Family

ID=61151965

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610639186.4A Pending CN107690140A (en) 2016-08-04 2016-08-04 WAP authentication method, apparatus and system

Country Status (1)

Country Link
CN (1) CN107690140A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810896A (en) * 2018-07-17 2018-11-13 上海连尚网络科技有限公司 The connection authentication method and device of wireless access point
CN111049785A (en) * 2018-10-12 2020-04-21 中国移动通信集团有限公司 Portal authentication method and device
CN113727344A (en) * 2020-05-25 2021-11-30 北京锐云通信息技术有限公司 Multi-factor authentication method in different scene safe internet access
CN114615721A (en) * 2022-01-26 2022-06-10 上海赛可出行科技服务有限公司 White list configuration method based on vehicle-mounted WIFI application

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1416241A (en) * 2002-10-16 2003-05-07 华为技术有限公司 Authentication method for supporting network switching in based on different devices at same time
US20050063400A1 (en) * 2003-09-24 2005-03-24 Lum Stacey C. Systems and methods of controlling network access
US20120294196A1 (en) * 2006-10-09 2012-11-22 At&T Intellectual Property I, Lp Method And Apparatus For Delivering IP Multimedia Subsystem Services
CN103501495A (en) * 2013-10-16 2014-01-08 苏州汉明科技有限公司 Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication
CN104378382A (en) * 2014-11-28 2015-02-25 上海斐讯数据通信技术有限公司 Multiple client wireless authentication system and authentication method thereof
CN104427499A (en) * 2013-09-11 2015-03-18 中国电信股份有限公司 Wireless local area network (WLAN) access authentication method and system based on World Wide Web
CN104811489A (en) * 2015-04-14 2015-07-29 深圳市华讯方舟科技有限公司 Page redirecting method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1416241A (en) * 2002-10-16 2003-05-07 华为技术有限公司 Authentication method for supporting network switching in based on different devices at same time
US20050063400A1 (en) * 2003-09-24 2005-03-24 Lum Stacey C. Systems and methods of controlling network access
US20120294196A1 (en) * 2006-10-09 2012-11-22 At&T Intellectual Property I, Lp Method And Apparatus For Delivering IP Multimedia Subsystem Services
CN104427499A (en) * 2013-09-11 2015-03-18 中国电信股份有限公司 Wireless local area network (WLAN) access authentication method and system based on World Wide Web
CN103501495A (en) * 2013-10-16 2014-01-08 苏州汉明科技有限公司 Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication
CN104378382A (en) * 2014-11-28 2015-02-25 上海斐讯数据通信技术有限公司 Multiple client wireless authentication system and authentication method thereof
CN104811489A (en) * 2015-04-14 2015-07-29 深圳市华讯方舟科技有限公司 Page redirecting method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810896A (en) * 2018-07-17 2018-11-13 上海连尚网络科技有限公司 The connection authentication method and device of wireless access point
CN111049785A (en) * 2018-10-12 2020-04-21 中国移动通信集团有限公司 Portal authentication method and device
CN113727344A (en) * 2020-05-25 2021-11-30 北京锐云通信息技术有限公司 Multi-factor authentication method in different scene safe internet access
CN114615721A (en) * 2022-01-26 2022-06-10 上海赛可出行科技服务有限公司 White list configuration method based on vehicle-mounted WIFI application
CN114615721B (en) * 2022-01-26 2023-12-22 上海赛可出行科技服务有限公司 White list configuration method based on vehicle-mounted WIFI application

Similar Documents

Publication Publication Date Title
CN104834489B (en) A kind of method for sharing cloud printer and Cloud Server and cloud print system
US9288194B2 (en) Authorization method, apparatus, and system
CN104158808B (en) Portal authentication method and its device based on APP applications
CN105007581B (en) A kind of network access authentication method and client
EP3179758A1 (en) Building intercom method, nfc unlocking device and building intercom system
CN105263193B (en) The WIFI connection methods of mobile terminal and system
CN106254560A (en) Information transferring method and device
CN103874065B (en) A kind of method and device for judging customer location exception
CN104994504A (en) Secure and automatic connection to wireless network
CN105704116A (en) Method for binding intelligent device through binding code
CN107690140A (en) WAP authentication method, apparatus and system
CN104735027B (en) A kind of safety certifying method and authentication server
CN104820944A (en) Method and system for bank self-service terminal authentication, and device
CN107529160A (en) A kind of VoWiFi method for network access and system, terminal and wireless access points equipment
CN104270440B (en) A kind of Portal processing methods of portable broadband wireless access equipment
CN105227430A (en) A kind of social Internet of Things implementation method based on micro-letter platform
CN104702608A (en) WiFi sharing system
CN107241431A (en) The method and system of virtual desktop are logged in based on the barcode scanning that Quick Response Code is realized
CN112422758A (en) LTE cellular mobile network communication method
CN105530638B (en) A kind of free WIFI Verification System shared based on circle of friends
CN107786663A (en) Control method, device and the computer-readable recording medium of smart machine
CN106878987B (en) Communication method, system and cloud server
CN106230788A (en) The reorientation method of a kind of portal certification, radio reception device, portal server
CN105635060B (en) It is a kind of to obtain method, authentication server and the gateway for applying data
CN108600190A (en) A kind of account login method and system based on router

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180213