CN107864508A - A kind of pre-synchronization method and device of radio roaming authentication state - Google Patents
A kind of pre-synchronization method and device of radio roaming authentication state Download PDFInfo
- Publication number
- CN107864508A CN107864508A CN201711435606.8A CN201711435606A CN107864508A CN 107864508 A CN107864508 A CN 107864508A CN 201711435606 A CN201711435606 A CN 201711435606A CN 107864508 A CN107864508 A CN 107864508A
- Authority
- CN
- China
- Prior art keywords
- authentication
- sta
- information
- local
- neighbor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W56/00—Synchronisation arrangements
- H04W56/001—Synchronization between nodes
Abstract
This application provides a kind of pre-synchronization method and device of radio roaming authentication state, AP passes through rear in STA certification, the corresponding relation of the identification information of the STA and authentication state information is stored in local authentication relationship list, and by this neighbor AP of authentication relationship list synchronization to surrounding.It can be considered as around this STA and " the same buyun of certification " be present, after STA has authentication information on an AP, its authentication information can be synchronously diffused into the neighbor AP of surrounding immediately by the AP.STA has been synchronized STA authentication information after AP1 roams to AP2 on AP2, can be connected AP2 immediately and then be connected internet, it is not necessary to which AP2 reports certificate server inquiry STA authentication information again.The application mode of presynchronization STA authentication information states in the range of can make STA no-delay online during radio roaming, lift Consumer's Experience.
Description
Technical field
The application is related to the communications field, more particularly to a kind of pre-synchronization method and device of radio roaming authentication state.
Background technology
WLAN generally comprises two kinds of equipment of AC and AP, and AC passes through CAPWAP agreements as wireless controller management
Control AP.User connects the wireless signal access network that AP is emitted.It is using more wireless authentication access mode now
Portal and 802.1X certifications, in more AP scenes such as school, market, office building, radio roaming is a kind of relatively conventional feelings
Condition, referring to accompanying drawing 1, radio roaming is that STA is moved between the AP in a SSID is belonged to, if STA is from AP1 to mobile AP2,
When being moved to AP2 overlay area, STA is roamed, and with reference to figure 1, AP1 and AP2 SSID is identical.
In more AP collaborative works, after a certain STA completes certification on AP1, AP1 just remembers STA authentication state,
STA can connect network by AP1.But after STA roams to AP2, because AP2 is not aware that STA has already passed through certification, AP2 is just
Need from AP1 synchronization authentication states, thus how to ensure authentication state Fast synchronization become one have to consider the problem of.
Radio roaming authentication mode of the prior art is usually:For STA after AP1 roams to AP2, AP2 reports STA information
To AC, AC inquires about authentication state from certificate server, and authentication information is returned to AC by certificate server, and AC is by under authentication information
AP2 is sent to, finally STA is let pass by AP2.Prior art is inquired about after authentication state from certificate server end and carries out decision-making again,
Although it can ensure that authentication state is correct.But because inquiry needs the transmission of message, query time is influenceed by network state, very
User may be caused to be required that re-authentication or interruption business of networking, Consumer's Experience are poor during this period.
The content of the invention
In order to solve the above technical problems, this application provides the pre-synchronization method of radio roaming authentication state and device, skill
Art scheme is as follows:
A kind of pre-synchronization method of radio roaming authentication state, methods described include:
After target AP receives STA access request, STA authentication state letter is inquired about in the local authentication list to prestore
Breath, there are the corresponding relation of multigroup STA identification informations and authentication state information, the STA marks in the local authentication list
Information for can unique mark STA information;
If the authentication state information of the STA is not present in target AP local authentication list, the mark of the STA is believed
Breath reports to authenticating device and inquired about or certification, until authenticating device return authentication result;
The identification information of the STA and the corresponding relation of authentication state information are added local authentication list by target AP, and
Authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is to belong to a SSID with target AP, and
With the AP of target AP distance in particular range.
A kind of presynchronization device of radio roaming authentication state, described device include:
Enquiry module:After making the access request that target AP receives STA, inquired about in the local authentication list to prestore
STA authentication state information, there is multigroup STA identification informations pass corresponding with authentication state information in the local authentication list
System, the STA identification informations for can unique mark STA information;
Authentication module:For when target AP local authentication list be not present the STA authentication state information when, by institute
The identification-information reporting for stating STA is inquired about or certification to authenticating device, until authenticating device return authentication result;
Synchronization module:For making target AP add the identification information of the STA and the corresponding relation of authentication state information
Local authentication list, and the authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is same with target AP
Belong to a SSID, and the AP with target AP distance in particular range.
Make certifications of the AP in STA in the application by rear, by the identification information of STA pass corresponding with authentication state information
System is stored in local authentication relationship list, and by this neighbor AP of authentication relationship list synchronization to surrounding.This can be considered as
" the same buyun of certification " be present around STA, after STA has authentication information on an AP, its authentication information can be by the AP
When be synchronously diffused into the neighbor AP of surrounding.STA has been synchronized STA certification letter after AP1 roams to AP2 on AP2
Breath, AP2 can be connected immediately and then connects internet, it is not necessary to which AP2 reports certificate server inquiry STA certification letter again
Breath.The application mode of presynchronization STA authentication information states in the range of can make STA it is no-delay during radio roaming on
Net, lift Consumer's Experience.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments described in application, for those of ordinary skill in the art, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is the application schematic diagram that STA is roamed between different AP in the prior art;
Fig. 2 is that STA carries out the schematic diagram of roaming authentication to the application between different AP in the prior art;
Fig. 3 is a kind of flow chart of the pre-synchronization method of the embodiment of the present application radio roaming authentication state;
Fig. 4 is multistage synchronous a kind of flow chart in the pre-synchronization method of the embodiment of the present application radio roaming authentication state;
Fig. 5 is multistage synchronous another flow in the pre-synchronization method of the embodiment of the present application radio roaming authentication state
Figure;
Fig. 6 is a kind of schematic diagram of the presynchronization device of the embodiment of the present application radio roaming authentication state;
Fig. 7 is a kind of schematic diagram of " the same buyuns of STA " in the embodiment of the present application radio roaming certification;
Fig. 8 is a kind of schematic diagram for applying the roaming authentication method of " the same buyuns of STA " under concrete application scene;
Fig. 9 is a kind of structural representation of computer equipment of the embodiment of the present application.
Embodiment
Radio roaming authentication mode of the prior art, with Fig. 2 for example, when a STA equipment is connected into one first
During AP in SSID, complete roaming authentication step is usually:
(1) STA is connected into AP1;
(2) AP1 reports the AC STA information, inquires about STA authentication state;
(3) un-authenticated state information is returned to AC by certificate server, and information is issued to AP1 by AC;
(4) AP1 determines to give the unverified redirections of STA;
(5) STA ejects Portal certification pages, and user inputs user name password and is authenticated;
(6) authentication information is returned to AC by certificate server, and authentication result is issued to AP by AC;
(7) STA certifications are by the way that AP1, which gives, to let pass, STA successful access networks;
(8) STA roams to AP2;
(9) AP2 reports the AC STA information, inquires about authentication state;
(10) authentication information is returned to AC by certificate server, and AC is issued to AP;
(11) AP2 determines to give STA clearances.
To sum up, for STA after AP1 roams to AP2, AP2 reports STA information to inquire about certification shape from certificate server to AC, AC
Authentication information is returned to AC by state, certificate server, and AC finally lets pass STA authentication information issuings to AP2 by AP2.
Prior art is inquired about after authentication state from certificate server end and carries out decision-making again, although can ensure authentication state
Correctly.But because inquiry needs the transmission of message, influenceed query time by network state, it is likely that cause user during this period
It is required re-authentication or interrupts business of networking, Consumer's Experience is poor.
In view of this, the embodiment of the present application provides a kind of pre-synchronization method and device of radio roaming authentication state, is
Those skilled in the art are made to more fully understand the technical scheme in the application, below in conjunction with attached in the embodiment of the present application
Figure, the technical scheme in the embodiment of the present application is described in detail.
Refer to the attached drawing 3, it is a kind of flow chart of the pre-synchronization method of the embodiment of the present application radio roaming authentication state, this is same
One step process performs on AP, and it can include following basic step:
S301, after the access request for receiving STA, STA authentication state letter is inquired about in the local authentication list to prestore
Breath;
Wherein, it is as shown in the table, it is corresponding with authentication state information there are multigroup STA identification informations in local authentication list
Relation, the STA identification informations for can unique mark STA information, STA IP, MAC Address etc. can be used in STA identification informations
Any of which can unique mark STA information;
AP local authentication list schematic diagrames
Identification information | Authentication state |
STA identification informations one | Certification |
STA identification informations two | It is unverified |
…… | …… |
Whether S302, the STA locally have authentication informationIf locally authentication information be present, do not operate, if
It is local that authentication information is not present, perform step S303;
S303, the identification-information reporting of the STA is inquired about or certification to authenticating device, until authenticating device returns
Authentication result;
S304, the identification information of the STA and the corresponding relation of authentication state information are added into local authentication list, and will
Authentication information in local authentication list is synchronized to neighbor AP;
In STA certifications by rear, AP is by wireless protocols, and such as 802.11 agreements or bluetooth other wireless protocols are by certification
Synchronizing information is to neighbor AP.Illustrate:During using 802.11 agreement, the extended field in Beacon frames or self-defined is utilized
802.11 message authentication information is synchronized.Synchronous authentication information includes foregoing STA identification informations
With corresponding STA authentication states information, AP needs for authentication information to be broadcast to the neighbor AP of surrounding.
The identification-information reporting of the STA inquired about to authenticating device as one embodiment, in step S303 or
Certification may include:
By the identification-information reporting of the STA to authenticating device, wherein, there are the local authentication row in authenticating device
Table;
Inquired about in the local authentication list of authenticating device, if in the absence of the authentication state information of the STA, it is right
The STA is authenticated.
As one embodiment, in step S304 AP by the identification information of the STA it is corresponding with authentication state information close
System add local authentication list, and by local authentication list synchronization to neighbor AP after, in addition to:
After the neighbor AP receives the synchronous authentication informations of target AP, the authentication information is synchronized to oneself again
Neighbor AP, and so on, carry out multistage synchronous.
To ensure the synchronous effect of authentication state, we must expand synchronous scope, if AP1 is only by authentication state
It is synchronized to neighbor AP, then when the speed of STA movements is very fast (such as user holds STA equipment and run), it is possible to occur same
Not the problem of leg speed degree does not catch up with, therefore the embodiment of the present application introduces a kind of multistage simultaneous techniques simultaneously, i.e. AP2 receives AP1 synchronization
It after effect, can again synchronize, synchronizing information is synchronized to AP2 neighbor AP.Thus expand synchronous scope.
So far, the flow shown in Fig. 3 is completed.
While carrying out multistage synchronous, in order to avoid causing broadcast storm, (synchronizing information is transmitted by wireless protocols
, wireless protocols are sent by the forms of broadcasting), the embodiment of the present application introduces a kind of stop and stops technology simultaneously, i.e., more in use
During level simultaneous techniques, unrestrictedly can't synchronously it go down, being synchronized to certain limit will only stop, and specifically have accompanying drawing 4 and accompanying drawing 5,
The two kinds of multistage synchronous method provided for the embodiment of the present application.
Refer to the attached drawing 4, for multistage synchronous one kind in the pre-synchronization method of the embodiment of the present application radio roaming authentication state
Flow chart, it can include following basic step:
After S401, AP receive the synchronous authentication informations of other AP, the authentication information is synchronized to the neighbour of oneself again
Occupy AP;
S402, after receiving authentication information by the AP of synchronization, whether detection is local has had the authentication informationIf this
There has been the authentication information on ground, performs step S404, local not have the authentication information, performs step S403;
S403, the authentication information is synchronized to the neighbor AP of oneself again, and so on, carry out multistage synchronous;
S404, stop synchronous.
So far, the flow shown in Fig. 4 is completed.
Refer to the attached drawing 5, be the embodiment of the present application radio roaming authentication state pre-synchronization method in it is multistage synchronous another
Kind flow chart, it can include following basic step:
After S501, AP receive the synchronous authentication informations of other AP, the authentication information is synchronized to the neighbour of oneself again
Occupy AP;
S502, after receiving authentication information by the AP of synchronization, the count area of authentication information is subtracted 1
S503, whether the count area for judging authentication information is 0If count area is 0, step S505 is performed, if counting
Field is not 0, performs step S504;
According to ICP/IP protocol, the packet of probe messages needs to encapsulate corresponding information, includes the IP address of access device
Information, TCP port number information corresponding to access device and some other information.
S504, the authentication information is synchronized to the neighbor AP of oneself again, and so on, carry out multistage synchronous;
S505, stop synchronous;
So far, the flow shown in Fig. 5 is completed.
Refer to the attached drawing 6, it is a kind of schematic diagram of the presynchronization device of the embodiment of the present application radio roaming authentication state.Bag
Include:Enquiry module 610, authentication module 620, synchronization module 630.
Enquiry module 610:After making the access request that target AP receives STA, in the local authentication list to prestore
STA authentication state information is inquired about, pair for having multigroup STA identification informations and authentication state information in the local authentication list
Should be related to, the STA identification informations for can unique mark STA information;
Authentication module 620:For making the local authentication list as target AP that the authentication state information of the STA be not present
When, the identification-information reporting of the STA is inquired about or certification to authenticating device, until authenticating device return authentication result;
Synchronization module 630:For making target AP add the identification information of the STA and the corresponding relation of authentication state information
Enter local authentication list, and the authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is and target AP
Belong to a SSID, and the AP with target AP distance in particular range.
In a kind of embodiment of the application, the authentication module, it is specifically used for:
By the identification-information reporting of the STA to authenticating device, wherein, there are the local authentication row in authenticating device
Table;
Inquired about in the local authentication list of authenticating device, if in the absence of the authentication state information of the STA, it is right
The STA is authenticated.
In a kind of embodiment of the application, the synchronization module, specifically it is additionally operable to:
After the neighbor AP receives the synchronous authentication informations of target AP, the authentication information is synchronized to oneself again
Neighbor AP, and so on, carry out multistage synchronous.
In a kind of embodiment of the application, the synchronization module, it is specifically used for:
After the neighbor AP receives the synchronous authentication informations of target AP, whether detection is local has the authentication information;
There is not the authentication information if local, the authentication information is synchronized to the neighbor AP of oneself again, and with
This analogizes, and carries out multistage synchronous.
In a kind of embodiment of the application, the synchronization module, it is specifically used for:
The authentication information is synchronized to the neighbor AP of oneself again, and after synchronization subtracted the count area of authentication information
1, the like, carry out multistage synchronously, until count area is 0, then stopping is synchronous.
So far, the apparatus structure description shown in Fig. 6 is completed.
Summary embodiment, the roaming pre-synchronization method of the application can be considered as " a same to buyun " around STA,
Illustrated by taking accompanying drawing 7 as an example:
When STA is connected to AP2, shroud AP1, AP2, AP3 with buyun, now STA authentication state can AP1,
It is mutually in step between AP2, AP3, i.e.,:After STA is in AP2 certifications, STA authentication state can be synchronized to AP1 and AP3 by AP2 so that
Also there is STA authentication state on AP1 and AP3, even if STA does not connect AP1 and AP3 this moment.Then when STA is constantly moved to
During AP5, with buyun STA can be followed to move together.After movement, AP3, AP4, AP5 are shrouded with buyun, now authentication state can be
Moved between AP3, AP4, AP5, AP6.Comprise the following steps that:
(1) .STA accesses AP2, and certification is completed on AP2, and STA authentication state is synchronized to AP1 and AP3 by subsequent AP2
(2) .STA roams to AP3, due to having there is STA authentication state on AP3, no-delay can be connected after STA roamings
Network.STA authentication state is synchronized to AP2 and AP4 by subsequent AP3
(3) .STA roams to AP4, due to having there is STA authentication state on AP4, no-delay can be connected after STA roamings
Network.STA authentication state is synchronized to AP3 and AP5 by subsequent AP4
(4) .STA roams to AP5, due to having there is STA authentication state on AP5, no-delay can be connected after STA roamings
Network.STA authentication state is synchronized to AP3 and AP4 by subsequent AP5.
In summary, due to the same buyun moment in the range of it presynchronization STA states, therefore STA is roamed anyway, can
No-delay connection network at once.
Referring to accompanying drawing 8, with STA First Contact Connections AP1, and exemplified by AP1 and AP2 internetwork roaming, it will apply that " STA is same
The roaming authentication method of buyun " illustrates with reference to a kind of concrete application scene, and step is as follows:
(1) .STA connections AP1
(2) .AP1 inquires about local authentication state.AP1 is had found after having STA accesses in this example, inquires about local authentication list.This
Ground authentication list is one and is cached in the local authentication information records of AP, records STA mark and the corresponding relation of authentication state.
The purpose for needing local authentication list herein is to can quickly find STA authentication state when there is STA accesses.STA
Mark include IP, MAC etc. some can unique mark STA information.Due to being locally that the STA accesses the wireless network, institute first
With AP1 local authentication list necessarily without the information of the STA, next step is performed.
(3) if AP1 are locally searched less than authentication state, AP inquires about authentication state at authentication gateway.In this example, AP1
STA information reporting is continued to inquire about to authentication gateway.STA mark, such as STA MAC must be included in information reporting.Letter
Cease the mode that reports, form can be with varied:Such as using the WTP EVENT REQUEST message in the CAPWAP agreements of standard
Report ADD STATION message.Authentication gateway refers to any server that can do certification herein, such as 802.1X certificate servers
Or Portal certificate servers etc.;
(4) authentication gateways inquire about local authentication state after a certain AP authentication state inquiry request is received.This example
In, because STA is that first connection is wireless, the inevitable authentication state without the STA on authentication gateway;
(5) authentication gateways can issue the authentication state inquired.In this example, due to the authentication state without the STA, then
The unverified information of AP1 can be replied;
(6) if AP receive the unverified information that authentication gateway is sent, requirement STA certifications are needed.Use under normal circumstances
Portal certifications, AP block STA data traffic, certification are redirected to the STA.
(7) authentication requesting that .STA initiates according to AP is then authenticated.Illustrate:Portal certifications are needed at STA ends
Account number cipher is authenticated corresponding to input;
(8) authentication gateways ask certification to certificate server.Certificate server refers to authentication storage information, and (such as account is close
Code etc.) and the server of authentication information can be verified, such as Radius servers, ldap server, certificate server and certificate web
Pass can also be same equipment;
(9) certificate servers are by authentication result return authentication gateway;
(10) authentication result is returned to AP by authentication gateways again.In this example, result is returned to AP1 by authentication gateway.
The embodiment of the present application also provides a kind of computer-readable recording medium, is stored thereon with computer program, the program
The pre-synchronization method of foregoing radio roaming authentication state is realized when being executed by processor.This method includes:
After target AP receives STA access request, STA authentication state letter is inquired about in the local authentication list to prestore
Breath, there are the corresponding relation of multigroup STA identification informations and authentication state information, the STA marks in the local authentication list
Information for can unique mark STA information;
If the authentication state information of the STA is not present in target AP local authentication list, the mark of the STA is believed
Breath reports to authenticating device and inquired about or certification, until authenticating device return authentication result;
The identification information of the STA and the corresponding relation of authentication state information are added local authentication list by target AP, and
Authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is to belong to a SSID with target AP, and
With the AP of target AP distance in particular range.
The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM
(SRAM), dynamic random access memory (DRAM), other kinds of random access memory (RAM), read-only storage
(ROM), Electrically Erasable Read Only Memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc are read-only
Memory (CD-ROM), digital versatile disc (DVD) or other optical storages, magnetic cassette tape, tape magnetic rigid disk storage or
Other magnetic storage apparatus or any other non-transmission medium, the information that can be accessed by a computing device available for storage.According to
Herein defines, and computer-readable medium does not include temporary computer readable media (transitory media), such as modulation
Data-signal and carrier wave.
The embodiment of the present application also provides a kind of computer equipment, and it comprises at least memory, processor and is stored in storage
On device and the computer program that can run on a processor, wherein, foregoing radio roaming is realized during computing device described program
The pre-synchronization method of authentication state.This method comprises at least:
After target AP receives STA access request, STA authentication state letter is inquired about in the local authentication list to prestore
Breath, there are the corresponding relation of multigroup STA identification informations and authentication state information, the STA marks in the local authentication list
Information for can unique mark STA information;
If the authentication state information of the STA is not present in target AP local authentication list, the mark of the STA is believed
Breath reports to authenticating device and inquired about or certification, until authenticating device return authentication result;
The identification information of the STA and the corresponding relation of authentication state information are added local authentication list by target AP, and
Authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is to belong to a SSID with target AP, and
With the AP of target AP distance in particular range.
Fig. 9 shows a kind of more specifically computing device hardware architecture diagram that the embodiment of the present application is provided, should
Equipment can include:Processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus 1050.
Wherein processor 1010, memory 1020, input/output interface 1030 and communication interface 1040 are realized each other by bus 1050
Between device interior communication connection.
Processor 1010 can use general CPU (Central Processing Unit, central processing unit), micro- place
Reason device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one
Or the mode such as multiple integrated circuits is realized, for performing relative program, to realize technical scheme that the embodiment of the present application is provided.
Memory 1020 can use ROM (Read Only Memory, read-only storage), RAM (Random Access
Memory, random access memory), the form such as static storage device, dynamic memory realize.Memory 1020 can store
Operating system and other applications, technical scheme that the embodiment of the present application is provided is being realized by software or firmware
When, related program code is stored in memory 1020, and is performed by processor 1010 to call.
Input/output interface 1030 is used to connect input/output module, to realize information input and output.Input and output/
Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein
Input equipment can include keyboard, mouse, touch-screen, microphone, various kinds of sensors etc., output equipment can include display,
Loudspeaker, vibrator, indicator lamp etc..
Communication interface 1040 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment
Interaction.Wherein communication module can be realized by wired mode (such as USB, netting twine etc.) and communicated, can also be wirelessly
(such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 1050 includes a path, equipment each component (such as processor 1010, memory 1020, input/it is defeated
Outgoing interface 1030 and communication interface 1040) between transmit information.
It should be noted that although the said equipment illustrate only processor 1010, memory 1020, input/output interface
1030th, communication interface 1040 and bus 1050, but in specific implementation process, the equipment can also include realizing normal fortune
Other assemblies necessary to row.In addition, it will be appreciated by those skilled in the art that, can also be only comprising real in the said equipment
Component necessary to existing the embodiment of the present application scheme, without including all components shown in figure.
Each embodiment in the application is described by the way of progressive, identical similar part between each embodiment
Mutually referring to what each embodiment stressed is the difference with other embodiment.Implement especially for device
For example, because it is substantially similar to embodiment of the method, so describing fairly simple, related part is referring to embodiment of the method
Part illustrates.Device embodiment described above is only schematical, illustrates wherein described as separating component
Module can be or may not be physically separate, can be as the part that module is shown or may not be thing
Manage unit, you can with positioned at a place, or can also be distributed on multiple NEs.It can select according to the actual needs
Some or all of module therein is selected to realize the purpose of this embodiment scheme.Those of ordinary skill in the art are not paying wound
In the case that the property made is worked, you can to understand and implement.
The preferred embodiment of the application is the foregoing is only, not limiting the application, all essences in the application
God any modification, equivalent substitution and improvements done etc., should be included within the scope of the application protection with principle.
Claims (10)
1. a kind of pre-synchronization method of radio roaming authentication state, it is characterised in that methods described includes:
After target AP receives STA access request, STA authentication state information is inquired about in the local authentication list to prestore,
There are the corresponding relation of multigroup STA identification informations and authentication state information, the STA identification informations in the local authentication list
For can unique mark STA information;
If the authentication state information of the STA is not present in target AP local authentication list, by the identification information of the STA
Report is inquired about to authenticating device or certification, until authenticating device return authentication result;
The identification information of the STA and the corresponding relation of authentication state information are added local authentication list by target AP, and incite somebody to action this
Authentication information in ground authentication list is synchronized to neighbor AP, wherein, neighbor AP is to belong to a SSID, and and mesh with target AP
Mark AP of the AP distance in particular range.
2. according to the method for claim 1, it is characterised in that the identification-information reporting by the STA to certification is set
It is standby to be inquired about or certification, including:
By the identification-information reporting of the STA to authenticating device, wherein, there is the local authentication list in authenticating device;
Inquired about in the local authentication list of authenticating device, if in the absence of the authentication state information of the STA, to described
STA is authenticated.
3. according to the method for claim 1, it is characterised in that the AP is by the identification information and authentication state of the STA
The corresponding relation of information adds local authentication list, and by local authentication list synchronization to neighbor AP after, in addition to:
After the neighbor AP receives the synchronous authentication informations of target AP, the authentication information is synchronized to the neighbours of oneself again
AP, and so on, carry out multistage synchronous.
4. according to the method for claim 3, it is characterised in that the neighbour that the authentication information is synchronized to oneself again
AP is occupied, and so on, carry out multistage synchronously, including:
After the neighbor AP receives the synchronous authentication informations of target AP, whether detection is local has the authentication information;
If local do not have the authentication information, the authentication information is synchronized to the neighbor AP of oneself again, and with such
Push away, carry out multistage synchronous.
5. according to the method for claim 3, it is characterised in that the neighbour that the authentication information is synchronized to oneself again
AP is occupied, and so on, form multistage synchronously, including:
The authentication information is synchronized to the neighbor AP of oneself again, and the count area of authentication information is subtracted 1 after synchronization, according to
It is secondary to analogize, carry out multistage synchronously, until count area is 0, then stopping is synchronous.
6. a kind of presynchronization device of radio roaming authentication state, it is characterised in that described device includes:
Enquiry module:After making the access request that target AP receives STA, STA is inquired about in the local authentication list to prestore
Authentication state information, have the corresponding relation of multigroup STA identification informations and authentication state information in the local authentication list,
The STA identification informations for can unique mark STA information;
Authentication module:For the authentication state information of the STA to be not present when target AP local authentication list, then by described in
STA identification-information reporting is inquired about to authenticating device or certification, until authenticating device return authentication result;
Synchronization module:For making target AP add the identification information of the STA and the corresponding relation of authentication state information locally
Authentication list, and the authentication information in local authentication list is synchronized to neighbor AP, wherein, neighbor AP is to be belonged to target AP
One SSID, and the AP with target AP distance in particular range.
7. device according to claim 6, it is characterised in that the authentication module, be specifically used for:
By the identification-information reporting of the STA to authenticating device, wherein, there is the local authentication list in authenticating device;
Inquired about in the local authentication list of authenticating device, if in the absence of the authentication state information of the STA, to described
STA is authenticated.
8. device according to claim 6, it is characterised in that the synchronization module, be specifically additionally operable to:
After the neighbor AP receives the synchronous authentication informations of target AP, the authentication information is synchronized to the neighbours of oneself again
AP, and so on, carry out multistage synchronous.
9. device according to claim 8, it is characterised in that the synchronization module, be specifically used for:
After the neighbor AP receives the synchronous authentication informations of target AP, whether detection is local has the authentication information;
If local do not have the authentication information, the authentication information is synchronized to the neighbor AP of oneself again, and with such
Push away, carry out multistage synchronous.
10. device according to claim 8, it is characterised in that the synchronization module, be specifically used for:
The authentication information is synchronized to the neighbor AP of oneself again, and the count area of authentication information is subtracted 1 after synchronization, according to
It is secondary to analogize, carry out multistage synchronously, until count area is 0, then stopping is synchronous.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711435606.8A CN107864508A (en) | 2017-12-26 | 2017-12-26 | A kind of pre-synchronization method and device of radio roaming authentication state |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711435606.8A CN107864508A (en) | 2017-12-26 | 2017-12-26 | A kind of pre-synchronization method and device of radio roaming authentication state |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107864508A true CN107864508A (en) | 2018-03-30 |
Family
ID=61707420
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711435606.8A Pending CN107864508A (en) | 2017-12-26 | 2017-12-26 | A kind of pre-synchronization method and device of radio roaming authentication state |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107864508A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109379339A (en) * | 2018-09-20 | 2019-02-22 | 杭州迪普科技股份有限公司 | A kind of portal authentication method and device |
CN110475250A (en) * | 2019-08-28 | 2019-11-19 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493783A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493782A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493246A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493886A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110536297A (en) * | 2019-08-28 | 2019-12-03 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN111225376A (en) * | 2018-11-26 | 2020-06-02 | 中国电信股份有限公司 | Authentication method, system, wireless access point AP and computer readable storage medium |
CN111954293A (en) * | 2019-05-16 | 2020-11-17 | 阿里巴巴集团控股有限公司 | Data synchronization method, network connection method, device and wireless access point |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101730194A (en) * | 2009-12-31 | 2010-06-09 | 福建星网锐捷网络有限公司 | Terminal access method, terminal access system and access controller |
CN101945388A (en) * | 2010-10-14 | 2011-01-12 | 杭州华三通信技术有限公司 | Wireless roaming authentication method, wireless roaming method and device thereof |
CN102340775A (en) * | 2011-10-28 | 2012-02-01 | 杭州华三通信技术有限公司 | Method for quickly roaming wireless client in AP (Assembly Program) and AP |
CN105101152A (en) * | 2014-05-15 | 2015-11-25 | 华为技术有限公司 | Roaming method of wireless terminal between wireless controllers and related device |
CN105376829A (en) * | 2015-10-27 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | System and method for WIFI roaming of mobile terminal in local area network (LAN) |
CN105376739A (en) * | 2015-12-04 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | Network authentication method and system |
-
2017
- 2017-12-26 CN CN201711435606.8A patent/CN107864508A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101730194A (en) * | 2009-12-31 | 2010-06-09 | 福建星网锐捷网络有限公司 | Terminal access method, terminal access system and access controller |
CN101945388A (en) * | 2010-10-14 | 2011-01-12 | 杭州华三通信技术有限公司 | Wireless roaming authentication method, wireless roaming method and device thereof |
CN102340775A (en) * | 2011-10-28 | 2012-02-01 | 杭州华三通信技术有限公司 | Method for quickly roaming wireless client in AP (Assembly Program) and AP |
CN105101152A (en) * | 2014-05-15 | 2015-11-25 | 华为技术有限公司 | Roaming method of wireless terminal between wireless controllers and related device |
CN105376829A (en) * | 2015-10-27 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | System and method for WIFI roaming of mobile terminal in local area network (LAN) |
CN105376739A (en) * | 2015-12-04 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | Network authentication method and system |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109379339A (en) * | 2018-09-20 | 2019-02-22 | 杭州迪普科技股份有限公司 | A kind of portal authentication method and device |
CN109379339B (en) * | 2018-09-20 | 2022-01-25 | 杭州迪普科技股份有限公司 | Portal authentication method and device |
CN111225376A (en) * | 2018-11-26 | 2020-06-02 | 中国电信股份有限公司 | Authentication method, system, wireless access point AP and computer readable storage medium |
CN111954293A (en) * | 2019-05-16 | 2020-11-17 | 阿里巴巴集团控股有限公司 | Data synchronization method, network connection method, device and wireless access point |
CN110475250A (en) * | 2019-08-28 | 2019-11-19 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493783A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493782A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493246A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110493886A (en) * | 2019-08-28 | 2019-11-22 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
CN110536297A (en) * | 2019-08-28 | 2019-12-03 | 上海连尚网络科技有限公司 | Wireless network connecting method, device, electronic equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107864508A (en) | A kind of pre-synchronization method and device of radio roaming authentication state | |
EP3378260B1 (en) | Secure fine timing measurement | |
CN105379329B (en) | System and method for assigning internet protocol address to mobile device during switching | |
JP5452822B2 (en) | Method and apparatus for authenticating a request for network capability to connect to an access network | |
US10477397B2 (en) | Method and apparatus for passpoint EAP session tracking | |
EP2950499B1 (en) | 802.1x access session keepalive method, device, and system | |
CN101785343B (en) | Method, system and device for fast transitioning resource negotiation | |
EP2797379A1 (en) | Repeating method of wireless repeating device, and wireless repeating device | |
US9781579B2 (en) | Method and device for realizing terminal WIFI talkback | |
CN106105134A (en) | Improved end-to-end data protection | |
US20130121321A1 (en) | Vlan tagging in wlans | |
US11871223B2 (en) | Authentication method and apparatus and device | |
WO2016177106A1 (en) | Dedicated core network selection method and device | |
CN102014391B (en) | Wireless network safety access method, system and wireless controller | |
CN107820246B (en) | User authentication method, device and system | |
US11889568B2 (en) | Systems and methods for paging over WiFi for mobile terminating calls | |
CN105532028A (en) | Systems and methods for fast initial link setup security optimizations for psk and sae security modes | |
US8775583B1 (en) | Assigning internet protocol addresses in a network | |
US11265708B2 (en) | Method and device for joining access node group | |
CN110086839A (en) | A kind of dynamic access method and device of remote equipment | |
CN108235386A (en) | A kind of communication means and equipment | |
TWI685267B (en) | Method and equipment for access control | |
KR102077110B1 (en) | Method for avoiding interference in wireless local access networks and appratus using thereof | |
CN115499894A (en) | Network slice adjusting method, device and equipment | |
US8611537B2 (en) | Method and system for optimizing authentication procedures in media independent handover services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180330 |