CN108289101A - Information processing method and device - Google Patents

Information processing method and device Download PDF

Info

Publication number
CN108289101A
CN108289101A CN201810074673.XA CN201810074673A CN108289101A CN 108289101 A CN108289101 A CN 108289101A CN 201810074673 A CN201810074673 A CN 201810074673A CN 108289101 A CN108289101 A CN 108289101A
Authority
CN
China
Prior art keywords
application
information
service ticket
user
user terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810074673.XA
Other languages
Chinese (zh)
Other versions
CN108289101B (en
Inventor
童健
张雨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ce Dongli Technology Co Ltd
Original Assignee
Ce Dongli Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ce Dongli Technology Co Ltd filed Critical Ce Dongli Technology Co Ltd
Priority to CN201810074673.XA priority Critical patent/CN108289101B/en
Publication of CN108289101A publication Critical patent/CN108289101A/en
Application granted granted Critical
Publication of CN108289101B publication Critical patent/CN108289101B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/957Browsing optimisation, e.g. caching or content distillation
    • G06F16/9574Browsing optimisation, e.g. caching or content distillation of access to content, e.g. by caching
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A kind of information processing method of proposition of the embodiment of the present invention and device, are related to Internet technical field.This method includes:When first during user terminal accesses multiple applications for the first time is applied and has not visited other application, first application receives the user login information that certificate server returns, user login information is preserved to cache server, is generated and the unique corresponding identification information of user login information;Cookie information, which is generated, according to identification information is sent to browser preservation, set the path of cookie information to predefined paths, so as to user terminal accessed first application again by any application in the multiple applications of browser access when, any application obtains cookie information according to predefined paths, and then user login information is obtained according to the identification information in cookie information, without each access registrar server authentication user's login status, it avoids system appearance and repeatedly redirects refresh page, improve user experience.

Description

Information processing method and device
Technical field
The present invention relates to Internet technical fields, in particular to a kind of information processing method and device.
Background technology
In order to meet the demand of growing all types of user group, many enterprises realize the arbitrary combination of multiple applications and build a station System, multiple applications are clustered deploy(ment)s, single-sign-on (Single Sign On, SSO), are popular at present enterprises One of solution of business integration, in several applications, user, which only needs to log in, can once access all mutual trusts Application, i.e., only need to login service end request one-time authentication operation, and being capable of normal Single Sign Out.For example, existing What Single Sign-On Technology Used was usually realized in:It, can quilt because logging in not yet when user accesses using 1 for the first time It is directed in login service end and is logged in;The log-on message that login service end is provided according to user carries out proof of identity, if By verification, then one certification authority of user is returned to, user will be visited again on certification authority band using 1, can be by certification using 1 Authority is sent to login service end and is verified, and checks the legitimacy of certification authority, if by verification, user may have access to and answer With the resource on 1, since user's login authentication on login service end need to only be arrived when accessing using 2 and application 3 Login service end obtains certification authority, goes to access using 2 by certification authority and applies 3, to realize that user merely enters once Log-on message accesses all applications.
In existing scheme, although user does not have to input log-on message login authentication on login service end again, Access for the first time each in application, being required for obtaining certification authority after user's login status is verified at login service end, and it is every As soon as verifying time user's login status at login service end, the page, which will appear, once to be redirected, and occurs repeatedly jumping so as to cause system Turn refresh page, greatly reduces user experience.
Invention content
A kind of information processing method of offer of the embodiment of the present invention and device.
Technical solution used in the embodiment of the present invention is as follows:
In a first aspect, the embodiment of the present invention proposes a kind of information processing method, it is applied to application server, the application clothes Business device is communicated with user terminal, certificate server, and the user terminal is equipped with browser, may have access to institute by the browser Multiple applications on application server are stated, the method includes:In the user terminal accesses the multiple application for the first time First application and do not accessed in the multiple application in addition to it is described first application other application when, it is described first application The user login information that the certificate server returns is received, so that the user terminal is accessed by the user login information First application;The user login information is preserved to a cache server, and is generated with the user login information only One corresponding identification information;Cookie information is generated according to the identification information and is sent to the browser preservation, and will be described The path of cookie information is set as a predefined paths, after excessively described first application of the user terminal access, then to lead to It crosses any in application, any application can be obtained according to the predefined paths in the multiple application of the browser access The cookie information, and then institute is obtained from the cache server according to the identification information in the cookie information User login information is stated, so that the user terminal accesses any application by the user login information.
Second aspect, the embodiment of the present invention also propose a kind of information processing unit, are applied to application server, the application Server is communicated with user terminal, certificate server, and the user terminal is equipped with browser, may have access to by the browser Multiple applications on the application server, described device include:Receiving module, for accessing institute for the first time in the user terminal It states the in multiple applications first application and did not access the other application applied in addition to described first in the multiple application When, the user login information that the certificate server returns is received, so that the user terminal passes through the user login information Access first application;Cache module, for preserving the user login information to a cache server, and generation and institute State user login information uniquely corresponding identification information;Cookie information generation module, for being generated according to the identification information Cookie information is sent to the browser and preserves, and sets the path of the cookie information to a predefined paths, so as to It is answered after excessively described first application of the user terminal access, then by any in the multiple application of the browser access Used time, any application can be obtained according to the predefined paths, and then be believed according to the mark in the cookie information Breath obtains the corresponding user login information from the cache server, so that the user terminal is stepped on by the user Record any application described in message reference.
Compared with the prior art, in embodiments of the present invention, the first application is accessed for the first time in user terminal and do not accessed When other application, the first application receives the user login information that certificate server returns so that described in user terminal successful access First application;First application caches user login information, and generates and the unique corresponding mark of the user login information Know information, is sent to browser preservation after then generating cookie information according to the identification information, which is set Path is a predefined paths so that can share the cookie information between multiple applications, and then realize user login information It is shared between multiple applications.In other words, after excessively described first application of the user terminal access, then pass through the browsing Device accesses any in application, any application passes through the readable cookie for taking out browser of the predefined paths in the multiple application Then information obtains corresponding user login information by identification information to obtain identification information from cache server, real Show when user terminal access crosses first using going to access other application resource again, it can be directly according to the mark in cookie information Acquisition of information is known to user login information, without wanting the technology of access registrar server authentication user's login status to imitate every time Fruit avoids system appearance and repeatedly redirects refresh page, improves user experience.
Other features and advantages of the present invention will be illustrated in subsequent specification, also, partly be become from specification It is clear that by implementing understanding of the embodiment of the present invention.The purpose of the present invention and other advantages can be by saying what is write Specifically noted structure is realized and is obtained in bright book, claims and attached drawing.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows the application environment schematic diagram of the information processing method that the embodiment of the present invention is provided and device.
Fig. 2 shows the block diagrams for the application server that the embodiment of the present invention is provided.
Fig. 3 shows the flow diagram for the information processing method that the embodiment of the present invention is provided.
Fig. 4 shows the flow diagram for the information processing method that another embodiment of the present invention is provided.
Fig. 5 shows the high-level schematic functional block diagram for the information processing unit that the embodiment of the present invention is provided.
Icon:100- application servers;200- user terminals;300- certificate servers;400- networks;500- information processings Device;110- memories;120- processors;130- communication interfaces;510- judgment modules;520- request processing modules;530- is sent out Send module;540- receiving modules;550- cache modules;560-cookie information generating modules;570- publishes processing module.
Specific implementation mode
Below in conjunction with attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Usually exist The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause This, the detailed description of the embodiment of the present invention to providing in the accompanying drawings is not intended to limit claimed invention below Range, but it is merely representative of the selected embodiment of the present invention.Based on the embodiment of the present invention, those skilled in the art are not doing The every other embodiment obtained under the premise of going out creative work, shall fall within the protection scope of the present invention.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined, then it further need not be defined and explained in subsequent attached drawing in a attached drawing.
The information processing method and device that the embodiment of the present invention is provided can be applied in application environment as shown in Figure 1. Application server 100, user terminal 200 and certificate server 300 are located in network 400, application server 100, user terminal 200 and certificate server 300 can be communicated between each other by network 400, to realize application server 100 and user terminal Between 200, between application server 100 and certificate server 300 and between user terminal 200 and certificate server 300 Data communicate or interaction.Wherein, multiple applications (for example, the first application, second application ...) are installed in application server 100, Browser is installed, user terminal 200 multiple is answered by what browser may have access on application server 100 in user terminal 200 With, user inputs user login information (for example, username and password) by user terminal 200 and is sent to certificate server 300, To carry out login authentication on certificate server 300.
In the present embodiment, the user terminal 200 may be, but not limited to, smart mobile phone, PC (personal computer, PC), tablet computer, personal digital assistant (personal digital assistant, PDA), Mobile internet surfing equipment (mobile Internet device, MID) etc..
It should be noted that in practice, the application server 100 can be one or more, and multiple application can To be deployed on an application server 100, can also be deployed on different application servers 100.
Fig. 2 is please referred to, is the block diagram of application server 100 shown in FIG. 1.The application server 100 can wrap It includes:Memory 110, processor 120 and communication interface 130, the memory 110, processor 120 and communication interface 130, each member It is directly or indirectly electrically connected between part, to realize the transmission or interaction of data.For example, these elements can lead between each other It crosses one or more communication bus or signal wire is realized and is electrically connected.Processor 120 be used for execute stored in memory 110 can Execution module, such as computer program.
Wherein, memory 110 may be, but not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), Electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc.. Memory 110 can be used for storing software program and module, information processing unit 500 include it is at least one can be with software or firmware (firmware) form is stored in memory 110 or is solidificated in the operating system in the application server 100 Software function module in (operating system, OS).The processor 120 executes one after receiving and executing instruction A or multiple programs are to realize the data processing method of the embodiment of the present application announcement.The communication interface 130 can be used for saving with other Point device carries out the communication of signaling or data.
Processor 120 may be a kind of IC chip, the processing capacity with signal.It is above-mentioned during realization Each step of method can be completed by the integrated logic circuit of the hardware in processor 120 or the instruction of software form.On The processor 120 stated can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (DSP), special Integrated circuit (ASIC), ready-made programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor Logical device, discrete hardware components.
Fig. 3 is please referred to, by the flow diagram for the information processing method that the embodiment of the present invention provides.It needs to illustrate It is that the information processing method described in the embodiment of the present invention is not limitation with Fig. 3 and particular order as described below, should be managed Solution, in other embodiments, the sequence of information processing method which part step of the present invention can be according to actual needs It is exchanged with each other or part steps therein can also be omitted or be deleted.The information processing method can be applied to above-mentioned application Server 100 below will be described in detail detailed process shown in Fig. 3.
Step S101, described first applies when receiving the access request of the transmission of the user terminal 200, described in judgement User terminal 200 whether access for the first time it is described first application and whether accessed in the multiple application in addition to described first The other application of application.
In the present embodiment, using the multiple application as an application system, first applies and is receiving access request When, user's login status of user terminal 200 is verified according to the access request, i.e., whether verification user is logged should Application system should when first application cannot obtain cookie information and service ticket according to the access request Cookie information include with the unique corresponding identification information of user login information, then judge that the user terminal 200 is for the first time It accesses first application and did not access the other application applied in addition to described first in the multiple application, that is to say It says, user is to access the application system for the first time;Wherein, which is that certificate server 300 is logical in 200 certification of user terminal Later application server 100 is returned to.When first application can obtain cookie information, then judge that user terminal 200 is visited Asked at least one of multiple application application;When first application can obtain service ticket but cannot obtain cookie letters When breath, then judge that user terminal 200 logins successfully on certificate server 300, the first application needs certificate server It is whether legal that the service ticket is verified on 300, when 300 service for checking credentials bill of certificate server is legal, then to application server 100 return and the associated user login information of service ticket.
Step S102, determine the user terminal 200 access for the first time it is described first application and do not accessed described more In a application in addition to it is described first application other application when, it is described first application the access is asked by the browser It asks and is redirected to the certificate server 300, recognize so that the certificate server 300 to the user terminal 200 log in Card, generation and the associated service ticket of user login information obtained from the user terminal 200, and pass through the user terminal The service ticket is back to first application by 200.
In the present embodiment, certificate server 300 verifies user when receiving access request according to the access request Login status then directly returns to log in page, so that user fills in use when determining that user logs in not yet to user terminal 200 Family log-on message, certificate server 300 carry out login authentication according to the user login information of acquisition to the user terminal 200, I.e. whether verification user is effective, and such as effectively, then 200 certification of user terminal success allows user to log in, otherwise do not allow user to step on Record.Certificate server 300 generates TGT (Ticket after 200 certification of user terminal success, according to the user login information of acquisition Granting Ticket) object, it is put into the caching of oneself, while generating unique mark TGC corresponding with the TGT objects (Ticket-Granting Cookie) is written in browser, when there is the arrival of browser http request again, comes if be transmitted through Have certificate server 300 generate unique mark TGC, then certificate server 300 is using unique mark TGC as keyword key Can whether there is or not TGT objects in query caching, it is if having, then logged before illustrating user, if it is not, user needs to step on again Record.In the present embodiment, certificate server 300 will also sign and issue one after 200 certification of user terminal success according to TGT objects Service ticket (Service Ticket, ST) returns to user terminal 200, and user terminal 200 is made to be gone again by the service ticket Access the first application.
Ground is readily appreciated that, since user terminal 200 is to access first application for the first time and do not accessed the multiple The other application applied in addition to described first in, then the first application are redirected to the certificate server by browser Unique mark TGC will not be carried in 300 access request, certificate server 300 also just inquires the TGT objects less than caching, then Log in page directly is returned to user terminal 200, so that user fills in user login information.Certificate server 300 is in user terminal After 200 certifications success, TGT object records caching is generated, and browser is written into the corresponding unique mark TGC of the TGT objects;Root Be that service ticket is signed and issued in the first application according to the TGT objects, and browser notified to be redirected to the first application, using service ticket as URL parameter is transmitted, and so that user terminal 200 is realized and is gone to access the first application again by the service ticket.
Step S103, described first is described to pass through using the service ticket is sent to the certificate server 300 Whether certificate server 300 verifies the service ticket effective.
For example, first applies after receiving service ticket, access registrar server will be removed again after on service ticket band 300, by certificate server 300 come the legitimacy of service for checking credentials bill.
Step S104, first in the user terminal 200 accesses the multiple application for the first time applies and does not access Cross in the multiple application in addition to first application other application when, first application receives the certificate server 300 user login informations returned are answered so that the user terminal 200 accesses described first by the user login information With.
Specifically, step S104 includes:When the certificate server 300 verify the service ticket it is effective when, first Using the reception return of certificate server 300 and the associated user login information of the service ticket.
In the present embodiment, it is associated with TGT objects due to service ticket, TGT objects are associated with user login information, when recognizing Demonstrate,prove 300 service for checking credentials bill of server it is legal when, the will be returned to the associated user login information of the service ticket One application, the first application get the resource that user login information allows for user to access the first application.
Step S105 preserves the user login information to a cache server, and generates to log in the user and believe The unique corresponding identification information of breath.
In the present embodiment, the application server 100 can also be communicated to connect with a cache server, and first applies and obtaining When getting the user login information of the return of certificate server 300, user is just allowed to access the resource of the first application, while creating meeting Session is talked about, which is saved in session session, is generated uniquely corresponding with the user login information Then session session is saved in cache server (for example, redis, which can be used, caches machine by identification information session id System), so that application can obtain session session according to identification information session id from the cache server, and then obtain Obtain user login information.
Step S106 generates cookie information according to the identification information and is sent to the browser preservation, and will be described The path of cookie information is set as a predefined paths, so as to the user terminal 200 accessed it is described first application after, then By any in application, any application can be obtained according to the predefined paths in the multiple application of the browser access The cookie information is obtained, and then is obtained from the cache server according to the identification information in the cookie information The user login information, so that the user terminal 200 accesses any application by the user login information.
In the present embodiment, it first applies and is generating and the unique corresponding identification information session id of user login information Afterwards, it is created in cookie information write-in browser according to identification information session id, while by the way that cookie letters are arranged The path of breath is a predefined paths so that user terminal 200 is again by any in browser access application system in application, browsing It (may be still the first application, it is also possible to which in addition to the other application of the first application, for example second answer that device, which is sent to any application, With, third application etc.) access request in can all carry the cookie information, any application can be obtained according to the predefined paths Cookie information, and then identification information session id are obtained, then gone identification information session id as keyword key Access cache server is stepped on to obtain the user login information cached in cache server when any application obtains user After recording information, you can user is allowed to access corresponding application resource.
For example, can realize that cookie information is shared between multiple applications by the following method:cookie.setPath ("/"), i.e., the predefined paths are set as "/", in fact, the predefined paths of the cookie information determine browser access application Multiple on server 100 are every in this way in application, should be sent to the cookie information under the root of application server 100 When browser accesses any again in application, the cookie information can be obtained under predefined paths "/", without regenerating Cookie information.It should be noted that in this application, if all applications on the application server 100 generate cookie Information, the path of cookie information should all be arranged to identical, for example, being all "/", thereby realize being total to for cookie information It enjoys (that is to say user login information shared), using also user login information need not be obtained from certificate server 300.
Therefore in the present embodiment, user accesses multiple in application, only needing to ask in certificate server 300 in application system One-time authentication operation is asked to achieve that single-sign-on, it need not will certificate server when accessing the resource each applied for the first time 300 go to verify whether to log in, and then obtain corresponding service ticket and exchange user login information for and realize the access each applied; For user after the application of successful access first, the user login information that the first application will obtain is all using it in application system Between share, user terminal 200 accessed it is described first application after, then pass through in the multiple application of the browser access appoint Once in application, it is any application no longer need to certificate server 300 obtain service ticket, but direct access path "/" obtain Identification information in cookie information, and then user login information is obtained according to the identification information, the system that avoids occurs more The secondary page for redirecting refreshing, greatly improves user experience.
As shown in figure 4, the flow diagram of the information processing method provided by another embodiment of the present invention.With upper one Information processing method described in embodiment is compared, and information processing method provided in this embodiment not only realizes between each application User login information is shared so that obtains service using certificate server 300 is no longer needed to after the access request for receiving user Bill exchanges user login information for, but also can realize Single Sign Out, that is, realizes state of logging off.In the present embodiment In, described information processing method further includes:
Step S107, when first application receives when publishing request of the transmission of the certificate server 300, described the The service ticket and the corresponding user login information of the service ticket are deleted in one application.
In the present embodiment, user can initiate to publish request in any application, this, which is published request, by any application turns It is sent to certificate server 300, then all applications from certificate server 300 by way of broadcast into application system are sent out Request is published, since the other application in application system does not obtain service ticket from certificate server 300, also just there is no clothes The correspondence of business bill and identification information session id, and the first application has from the acquisition service ticket of certificate server 300, User login information is obtained from certificate server 300 according to service ticket, and identification information is generated according to user login information Session id, therefore record has unique corresponding pass of the service ticket with the identification information session id in the first application System, in other words, the only first application, which could execute, publishes operation, and other application cannot execute.When the first application receives To when publishing request, the corresponding identification information session id are obtained according to the service ticket, then by the mark The corresponding user login informations of information session id are deleted from cache server, while deleting the service ticket, Single Sign Out can be realized.
It should be noted that in the present embodiment, certificate server 300 is after receiving and publishing request, also by certification The TGT objects cached on server 300, the service ticket signed and issued and the unique mark TGC being written in browser are purged.
Further, in the present embodiment, it is a cluster to be applied when each of the multiple application, i.e., when described When each of multiple applications application includes at least one application node, for example, application cluster a (including application a nodes 1, application A nodes 2, using a nodes 3 ...), application cluster b (including application b nodes 1, using b nodes 2, using b nodes 3 ...), it is described to recognize It demonstrate,proves server 300 and publishes request described in application node transmission one of into each application.
For example, first application includes the first application node and the second application node, then step S105 may include:
When the service ticket and the unique corresponding relation are stored in first application node and first application Node receives the transmission of the certificate server 300 described when publishing request, and first application node is by the service ticket According to this and the corresponding user login information of the service ticket is deleted.In other words, 300 broadcast type of certificate server Application node is sent out at random one of into all applications publishes request, when the first application node in the first application receives To when publishing request and service ticket and unique corresponding relation are stored in first application node, then first application node can Corresponding identification information session id are directly obtained according to service ticket, are then found pair according to identification information session id The user login information answered, and the user login information is deleted from cache server, while deleting in the first application node The service ticket of caching, then the first application node, which realizes, publishes operation.
When the service ticket and the unique corresponding relation are stored in first application node and second application Node receives the transmission of the certificate server 300 described when publishing request, and second application node asks described publish It asks and is forwarded to first application node;First application node publishes request by the service ticket and institute according to The corresponding user login information of service ticket is stated to be deleted.In other words, when the service ticket and described unique right It should be related to and be stored in first application node, but certificate server 300 will not publish request and be sent to the first application section Point, and it has been sent to the second application node, since the second application node does not preserve service ticket and service ticket and mark Know information unique corresponding relation, can not execute and publish operation, then need by this publish request to this first apply in other It sends out to node broadcasts formula and publishes request, after what the first application node received that the second application node sends out publishes request, execute Publish operation.
In the prior art, if realizing Single Sign Out in the case where each application includes at least one application node, It then needs to share the unique corresponding relation of service ticket and identification information between each application node so that application server 100 also need to safeguard the address of the buffer memory device of caching unique corresponding relation, increase O&M cost to a certain extent and answer Miscellaneous degree.And the mode of Single Sign Out is realized in the present embodiment, user can publish at any one using upper application, certificate server 300 after receiving and publishing request, and broadcast type sends out to some application node of all applications and publishes request at random, works as transmission When being routed to the second application node of the first application to the request of the first application, which can not find service ticket With the unique corresponding relation of identification information, it can not execute and publish operation, other application node of the request to the first application will be published It sends out to broadcast type and publishes request, finally publish operation according to request execution is published by the first application node.Therefore, with existing skill Art is compared, and the Single Sign Out realization method of the application need not preserve the unique corresponding relation of service ticket and identification information The unique corresponding relation is shared with other application node by application node, and application server 100 does not have to the ground for safeguarding buffer memory device Location reduces O&M cost and complexity.
Fig. 5 is please referred to, by the high-level schematic functional block diagram for the information processing unit 500 that the embodiment of the present invention provides.It needs Illustrate, the information processing unit 500 that the present embodiment is provided, the technique effect and preceding method of basic principle and generation Embodiment is identical, to briefly describe, does not refer to part in the present embodiment, can refer to the corresponding contents in previous embodiment.It is described Information processing unit 500 is applied to above-mentioned application server 100 comprising judgment module 510, request processing module 520, hair It send module 530, receiving module 540, cache module 550, cookie information generation module 560 and publishes processing module 570.
The judgment module 510 is used to, when receiving the access request of the transmission of the user terminal 200, judge the use Family terminal 200 whether access for the first time it is described first application and whether accessed in the multiple application in addition to described first answers Other application.
In the present embodiment, the judgment module 510 be particularly used in when cannot according to the access request obtain described in When cookie information and the service ticket, then judge that the user terminal 200 is to access first application for the first time and do not have There is the other application applied in addition to described first accessed in the multiple application.
It is appreciated that the judgment module 510 can execute above-mentioned steps S101.
The request processing module 520 be used for determine the user terminal 200 access for the first time it is described first application and do not have Have accessed in the multiple application in addition to first application other application when, by the browser by the access Request is redirected to the certificate server 300, so that the certificate server 300 logs in the user terminal 200 Certification, generation and the associated service ticket of user login information obtained from the user terminal 200, and pass through user end The service ticket is back to first application by end 200.
It is appreciated that the request processing module 520 can execute above-mentioned steps S102.
The sending module 530 is recognized described in passing through for the service ticket to be sent to the certificate server 300 Whether card server 300 verifies the service ticket effective.
It is appreciated that the sending module 530 can execute above-mentioned steps S103.
The receiving module 540 is for the first application in the user terminal 200 accesses the multiple application for the first time And do not accessed in the multiple application in addition to it is described first application other application when, receive the certificate server 300 user login informations returned are answered so that the user terminal 200 accesses described first by the user login information With.
Wherein, the receiving module 540 is specifically used for when to verify the service ticket effective for the certificate server 300 When, receive the certificate server 300 return with the associated user login information of the service ticket.
It is appreciated that the receiving module 540 can execute above-mentioned steps S104.
The cache module 550 is used to preserve the user login information to a cache server, and generate with it is described The unique corresponding identification information of user login information.
It is appreciated that the cache module 550 can execute above-mentioned steps S105.
The cookie information generation module 560 is used to be sent to according to identification information generation cookie information described Browser preserves, and sets the path of the cookie information to a predefined paths, to be accessed in the user terminal 200 After crossing first application, then by any in application, any application in the multiple application of the browser access Can obtain the cookie information according to the predefined paths, so according to the identification information in the cookie information from The user login information is obtained in the cache server, so that the user terminal 200 passes through the user login information Access any application.
It is appreciated that the cookie information generation module 560 can execute above-mentioned steps S106.
The processing module 570 of publishing is for when first application receives stepping on for the transmission of the certificate server 300 When going out to ask, first application carries out the corresponding user login information of the service ticket and the service ticket It deletes.
Wherein, in the present embodiment, when each of the multiple application application includes at least one application node, institute It states certificate server 300 and publishes request described in application node transmission one of into each application, described first answers With including the first application node and the second application node, when the service ticket and the unique corresponding relation are stored in described One application node and first application node receive the transmission of the certificate server 300 described when publishing request, described The processing module 570 of publishing of first application node is used for the service ticket and the corresponding user of the service ticket Log-on message is deleted;When the service ticket and the unique corresponding relation are stored in first application node and described Second application node receives the transmission of the certificate server 300 described when publishing request, and second application node is stepped on Go out processing module 570 for publishing request by described and being forwarded to first application node;First application node is published Processing module 570 is used to publish request according to and steps on the service ticket and the corresponding user of the service ticket Record information is deleted.
It should be understood that when each of the multiple application application includes at least one application node, each application node It is identical when upper included function module and unit.
It is appreciated that the processing module 570 of publishing can execute above-mentioned steps S107.
In conclusion information processing method and device that the embodiment of the present invention is provided, are applied to application server, it is described Application server is communicated with user terminal, certificate server, and the user terminal is equipped with browser, can by the browser Multiple applications on the application server are accessed, the first application in the user terminal accesses the multiple application for the first time And do not accessed in the multiple application in addition to it is described first application other application when, it is described first application receive described in The user login information that certificate server returns, so that the user terminal accesses described first by the user login information Using;The user login information is preserved to a cache server, and is generated uniquely corresponding with the user login information Identification information;Cookie information is generated according to the identification information and is sent to the browser preservation, and the cookie is believed The path of breath is set as a predefined paths, so as to after excessively described first application of the user terminal access, then by described clear Device of looking at accesses any in application, any application can be according to described in predefined paths acquisition in the multiple application Cookie information, and then the use is obtained from the cache server according to the identification information in the cookie information Family log-on message, so that the user terminal accesses any application by the user login information.In other words, when with When family terminal access crosses first using going to access other application resource again, any application passes through the readable taking-up of the predefined paths and browses Then the cookie information of device obtains corresponding user by identification information to obtain identification information from cache server Log-on message avoids system appearance and repeatedly redirects brush without wanting access registrar server authentication user's login status every time New page improves user experience.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, apparatus, equipment or computer journey Sequence product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine software and hardware side The form of the embodiment in face.Moreover, it wherein includes computer available programs that the embodiment of the present invention, which can be used in one or more, Implement in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of code The form of computer program product.
The embodiment of the present invention with reference to according to the method for the embodiment of the present invention, device, equipment and computer program product Flowchart and/or the block diagram describes.It should be understood that can be realized by computer program instructions every in flowchart and/or the block diagram The combination of flow and/or box in one flow and/or box and flowchart and/or the block diagram.These computers can be provided Processor of the program instruction to all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices To generate a machine so that the instruction executed by computer or the processor of other programmable data processing devices generates use In the dress for realizing the function of being specified in one flow of flow chart or multiple flows and/or one box of block diagram or multiple boxes It sets.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works so that instruction generation stored in the computer readable memory includes referring to Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device so that count Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, in computer or The instruction executed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in a box or multiple boxes.
In several embodiments that the embodiment of the present invention is provided, it should be understood that disclosed device and method also may be used To realize by another way.Device and method embodiment described above is only schematical, for example, in attached drawing Flow chart and block diagram show the device of multiple embodiments according to the present invention, the possibility of method and computer program product is realized Architecture, function and operation.In this regard, each box in flowchart or block diagram can represent module, a program A part for a part for section or code, the module, section or code includes that one or more is patrolled for realizing defined Collect the executable instruction of function.It should also be noted that at some as the function of in the realization method replaced, being marked in box It can occur in a different order than that indicated in the drawings.For example, two continuous boxes can essentially be held substantially in parallel Row, they can also be executed in the opposite order sometimes, this is depended on the functions involved.It is also noted that block diagram and/or The combination of each box in flow chart and the box in block diagram and or flow chart can use function or dynamic as defined in executing The dedicated hardware based system made is realized, or can be realized using a combination of dedicated hardware and computer instructions.
In addition, each function module in each embodiment of the present invention can integrate to form an independent portion Point, can also be modules individualism, can also two or more modules be integrated to form an independent part.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer read/write memory medium.Based on this understanding, technical scheme of the present invention is substantially in other words The part of the part that contributes to existing technology or the technical solution can be expressed in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention. And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic disc or CD.It needs Illustrate, herein, the terms "include", "comprise" or any other variant thereof is intended to cover non-exclusive inclusion, So that the process, method, article or equipment including a series of elements includes not only those elements, but also include not having The other element being expressly recited, or further include for elements inherent to such a process, method, article, or device.Do not having There is the element limited by sentence "including a ..." in the case of more limiting, it is not excluded that in the mistake for including the element There is also other identical elements in journey, method, article or equipment.
The foregoing is merely the alternative embodiments of the present invention, are not intended to restrict the invention, for the skill of this field For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.It should be noted that:Similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and is explained.

Claims (10)

1. a kind of information processing method, is applied to application server, the application server and user terminal, certificate server are logical Letter, the user terminal are equipped with browser, may have access to multiple applications on the application server by the browser, It is characterized in that, the method includes:
In the first application during the user terminal accesses the multiple application for the first time and not accessing the multiple application In addition to first application other application when, first application receives the user that the certificate server returns and logs in letter Breath, so that the user terminal accesses first application by the user login information;
The user login information is preserved to a cache server, and is generated and the unique corresponding mark of the user login information Know information;
Cookie information is generated according to the identification information be sent to the browser and preserve, and by the road of the cookie information Diameter is set as a predefined paths, to be visited after excessively described first application of the user terminal access, then by the browser It asks any in application, any application can obtain the cookie letters according to the predefined paths in the multiple application Breath, and then the user is obtained from the cache server according to the identification information in the cookie information and logs in letter Breath, so that the user terminal accesses any application by the user login information.
2. information processing method as described in claim 1, which is characterized in that accessed for the first time in the user terminal the multiple In first application and do not accessed in the multiple application in addition to it is described first application other application when, it is described Before first application receives the user login information that the certificate server returns, the method further includes:
For the first time whether described first applies when receiving the access request that the user terminal is sent, judge the user terminal It accesses first application and whether accessed the other application applied in addition to described first in the multiple application;
Determine the user terminal access first application for the first time and do not accessed in the multiple application in addition to institute When stating the other application of the first application, it is described first application by the browser by the access request be redirected to described in recognize Server is demonstrate,proved, so that the certificate server carries out login authentication to the user terminal, generation is obtained with from the user terminal The associated service ticket of user login information taken, and the service ticket is back to described first by the user terminal Using;
The service ticket is sent to the certificate server to verify institute by the certificate server by first application Whether effective state service ticket;
First application receives the user login information that the certificate server returns, including:
When the certificate server verify the service ticket it is effective when, it is returning with the service to receive the certificate server The associated user login information of bill.
3. information processing method as claimed in claim 2, which is characterized in that described first applies to receive the user whole When holding the access request sent, judge whether the user terminal accesses first application and whether accessed described for the first time The other application applied in addition to described first in multiple applications, including:
When first application cannot obtain the cookie information and the service ticket according to the access request, then Judge the user terminal be access first application for the first time and do not accessed in the multiple application in addition to described the The other application of one application.
4. information processing method as claimed in claim 2, which is characterized in that record has the service ticket in first application According to the unique corresponding relation with the identification information, the method further includes:
When first application receives when publishing request of the certificate server transmission, described first applies the service Bill and the corresponding user login information of the service ticket are deleted.
5. information processing method as claimed in claim 4, which is characterized in that when each of the multiple application application includes When at least one application node, the certificate server is stepped on one of into each application described in application node transmission Go out request, first application includes the first application node and the second application node, described when described first applies and receive institute When publishing request of certificate server transmission is stated, first application is corresponding by the service ticket and the service ticket The user login information is deleted, including:
When the service ticket and the unique corresponding relation are stored in first application node and first application node Receive that the certificate server sends is described when publishing request, and first application node is by the service ticket and institute The corresponding user login information of service ticket is stated to be deleted;
When the service ticket and the unique corresponding relation are stored in first application node and second application node Receive that the certificate server sends is described when publishing request, and second application node is published described request and be forwarded to First application node;First application node publishes request by the service ticket and the service ticket according to It is deleted according to the corresponding user login information.
6. a kind of information processing unit, is applied to application server, the application server and user terminal, certificate server are logical Letter, the user terminal are equipped with browser, may have access to multiple applications on the application server by the browser, It is characterized in that, described device includes:
Receiving module did not accessed for the first application in accessing the multiple application for the first time in the user terminal and institute State in multiple applications in addition to first application other application when, receive the user that the certificate server returns and log in letter Breath, so that the user terminal accesses first application by the user login information;
Cache module is believed for preserving the user login information to a cache server, and generating to log in the user The unique corresponding identification information of breath;
Cookie information generation module is sent to the browser guarantor for generating cookie information according to the identification information It deposits, and sets the path of the cookie information to a predefined paths, so as in the user terminal access excessively described first After, then by any in application, any application can be according to described in the multiple application of the browser access Predefined paths obtain the cookie information, and then are taken from the caching according to the identification information in the cookie information The user login information is obtained in business device, so that the user terminal accesses described any answer by the user login information With.
7. information processing unit as claimed in claim 6, which is characterized in that described device further includes:
Judgment module, for when receiving the access request that the user terminal is sent, judging whether the user terminal is first It is secondary to access first application and whether accessed the other application applied in addition to described first in the multiple application;
Request processing module, for determine the user terminal access for the first time it is described first application and do not accessed described more In a application in addition to it is described first application other application when, the access request is redirected to by institute by the browser Certificate server is stated, so that the certificate server carries out login authentication to the user terminal, is generated and whole from the user It holds the associated service ticket of user login information obtained, and by the user terminal is back to the service ticket described First application;
Sending module, for the service ticket to be sent to the certificate server to verify institute by the certificate server Whether effective state service ticket;
The receiving module is used to, when the certificate server verification service ticket is effective, receive the certificate server Return with the associated user login information of the service ticket.
8. information processing unit as claimed in claim 7, which is characterized in that the judgment module is used to work as cannot be according to described When access request obtains the cookie information and the service ticket, then judge that the user terminal is described in access for the first time First applies and did not access the other application applied in addition to described first in the multiple application.
9. information processing unit as claimed in claim 7, which is characterized in that record has the service ticket in first application According to the unique corresponding relation with the identification information, described device further includes:
Publish processing module, for when receiving that the certificate server sends when publishing request, by the service ticket with And the corresponding user login information of the service ticket is deleted.
10. information processing unit as claimed in claim 9, which is characterized in that when each of the multiple application application is wrapped When including at least one application node, the certificate server is one of into each application described in application node transmission Publish request, first application includes the first application node and the second application node, when the service ticket and it is described uniquely Correspondence is stored in first application node and first application node receives the institute that the certificate server is sent It states when publishing request, first application node publishes processing module for by the service ticket and the service ticket The corresponding user login information is deleted;
When the service ticket and the unique corresponding relation are stored in first application node and second application node Receive that the certificate server sends is described when publishing request, second application node publish processing module for will It is described to publish request and be forwarded to first application node;First application node publish processing module for according to described in Request is published to delete the service ticket and the corresponding user login information of the service ticket.
CN201810074673.XA 2018-01-25 2018-01-25 Information processing method and device Active CN108289101B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810074673.XA CN108289101B (en) 2018-01-25 2018-01-25 Information processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810074673.XA CN108289101B (en) 2018-01-25 2018-01-25 Information processing method and device

Publications (2)

Publication Number Publication Date
CN108289101A true CN108289101A (en) 2018-07-17
CN108289101B CN108289101B (en) 2021-02-12

Family

ID=62835943

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810074673.XA Active CN108289101B (en) 2018-01-25 2018-01-25 Information processing method and device

Country Status (1)

Country Link
CN (1) CN108289101B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108769083A (en) * 2018-08-01 2018-11-06 北京奇虎科技有限公司 Login method, apparatus and system based on distributed server
CN109246076A (en) * 2018-08-01 2019-01-18 北京奇虎科技有限公司 A kind of method and apparatus of single-sign-on multisystem
CN109831408A (en) * 2018-12-13 2019-05-31 平安万家医疗投资管理有限责任公司 Single-sign-on subsystem publishes method and system
CN111181977A (en) * 2019-12-31 2020-05-19 瑞庭网络技术(上海)有限公司 Login method, device, electronic equipment and medium
CN112491890A (en) * 2020-11-27 2021-03-12 中国农业银行股份有限公司 Access method and device
CN112765583A (en) * 2021-01-27 2021-05-07 海尔数字科技(青岛)有限公司 Single sign-on method, device, equipment and medium
CN114285650A (en) * 2021-12-27 2022-04-05 中国电信股份有限公司 Communication system, method and device based on cookie authentication
CN114338634A (en) * 2021-12-29 2022-04-12 杭州盈高科技有限公司 Data processing method and device
CN117319087A (en) * 2023-11-28 2023-12-29 北京车与车科技有限公司 Single sign-on method, device and storage medium based on centralized authentication service

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102098158A (en) * 2009-12-10 2011-06-15 北大方正集团有限公司 Cross-domain name single sign on and off method and system as well as corresponding equipment
US20130086210A1 (en) * 2011-09-29 2013-04-04 Oracle International Corporation Mobile application, identity relationship management
CN103179134A (en) * 2013-04-19 2013-06-26 中国建设银行股份有限公司 Single sign on method and system based on Cookie and application server thereof
CN103188248A (en) * 2011-12-31 2013-07-03 卓望数码技术(深圳)有限公司 Identity authentication system and method based on single sign-on
CN104158818A (en) * 2014-08-25 2014-11-19 中国联合网络通信集团有限公司 Single sign-on method and system
CN104301316A (en) * 2014-10-13 2015-01-21 中国电子科技集团公司第二十八研究所 Single sign-on system and implementation method thereof
CN104320423A (en) * 2014-11-19 2015-01-28 重庆邮电大学 Single sign-on light weight implementation method based on Cookie
CN104378376A (en) * 2014-11-18 2015-02-25 深圳中兴网信科技有限公司 SOA-based single-point login method, authentication server and browser
CN105072123A (en) * 2015-08-21 2015-11-18 广州博鳌纵横网络科技有限公司 Single sign on log-out method and system under cluster environment

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102098158A (en) * 2009-12-10 2011-06-15 北大方正集团有限公司 Cross-domain name single sign on and off method and system as well as corresponding equipment
US20130086210A1 (en) * 2011-09-29 2013-04-04 Oracle International Corporation Mobile application, identity relationship management
CN103188248A (en) * 2011-12-31 2013-07-03 卓望数码技术(深圳)有限公司 Identity authentication system and method based on single sign-on
CN103179134A (en) * 2013-04-19 2013-06-26 中国建设银行股份有限公司 Single sign on method and system based on Cookie and application server thereof
CN104158818A (en) * 2014-08-25 2014-11-19 中国联合网络通信集团有限公司 Single sign-on method and system
CN104301316A (en) * 2014-10-13 2015-01-21 中国电子科技集团公司第二十八研究所 Single sign-on system and implementation method thereof
CN104378376A (en) * 2014-11-18 2015-02-25 深圳中兴网信科技有限公司 SOA-based single-point login method, authentication server and browser
CN104320423A (en) * 2014-11-19 2015-01-28 重庆邮电大学 Single sign-on light weight implementation method based on Cookie
CN105072123A (en) * 2015-08-21 2015-11-18 广州博鳌纵横网络科技有限公司 Single sign on log-out method and system under cluster environment

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
HCHHAN89: ""redis缓存和cookie实现Session共享"", 《CSDN》 *
READIAY: ""【No.2】CAS单点登录的原理分析"", 《CSDN》 *
YLJAVA: "CAS实现单点登录(sso)原理", 《简书》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108769083A (en) * 2018-08-01 2018-11-06 北京奇虎科技有限公司 Login method, apparatus and system based on distributed server
CN109246076A (en) * 2018-08-01 2019-01-18 北京奇虎科技有限公司 A kind of method and apparatus of single-sign-on multisystem
CN109246076B (en) * 2018-08-01 2022-11-04 北京奇虎科技有限公司 Method and device for single sign-on to multiple systems
CN109831408A (en) * 2018-12-13 2019-05-31 平安万家医疗投资管理有限责任公司 Single-sign-on subsystem publishes method and system
CN111181977A (en) * 2019-12-31 2020-05-19 瑞庭网络技术(上海)有限公司 Login method, device, electronic equipment and medium
CN112491890A (en) * 2020-11-27 2021-03-12 中国农业银行股份有限公司 Access method and device
CN112765583A (en) * 2021-01-27 2021-05-07 海尔数字科技(青岛)有限公司 Single sign-on method, device, equipment and medium
CN114285650A (en) * 2021-12-27 2022-04-05 中国电信股份有限公司 Communication system, method and device based on cookie authentication
CN114338634A (en) * 2021-12-29 2022-04-12 杭州盈高科技有限公司 Data processing method and device
CN114338634B (en) * 2021-12-29 2023-12-01 杭州盈高科技有限公司 Data processing method and device
CN117319087A (en) * 2023-11-28 2023-12-29 北京车与车科技有限公司 Single sign-on method, device and storage medium based on centralized authentication service
CN117319087B (en) * 2023-11-28 2024-02-27 北京车与车科技有限公司 Single sign-on method, device and storage medium based on centralized authentication service

Also Published As

Publication number Publication date
CN108289101B (en) 2021-02-12

Similar Documents

Publication Publication Date Title
CN108289101A (en) Information processing method and device
CN105007280B (en) A kind of application login method and device
CN101388773B (en) Identity management platform, service server, uniform login system and method
CN104426862B (en) Realize method, system and browser that cross-domain request logs in
CN102098158B (en) Cross-domain name single sign on and off method and system as well as corresponding equipment
CN105430102B (en) The integrated approach of the websites SaaS and third party system, system and its apparatus
CN106209749A (en) Single-point logging method and the processing method and processing device of device, relevant device and application
CN104468487B (en) Communication authentication method and device, terminal device
CN105871838B (en) A kind of log-in control method and customer center platform of third party's account
CN107948167A (en) A kind of method and apparatus of single-sign-on
CN104158818B (en) A kind of single-point logging method and system
CN104158802B (en) A kind of platform authorization method, platform service end and applications client and system
CN110032842B (en) Method and system for simultaneously supporting single sign-on and third party sign-on
CN105812350B (en) Cross-platform single sign-on system
CN109547458A (en) Login validation method, device, computer equipment and storage medium
CN109587147A (en) Single sign-on system, method, server and storage medium
US9756028B2 (en) Methods, systems and computer program products for secure access to information
CN110213223A (en) Business management method, device, system, computer equipment and storage medium
US8856957B1 (en) Federated identity broker
CN106921636A (en) Identity identifying method and device
CN109981664A (en) Website logging method, device and the realization device of page end
CN110113366A (en) A kind of detection method and device of CSRF loophole
CN108718337A (en) Website account login, verification, verification information processing method, apparatus and system
CN108076077A (en) A kind of conversation controlling method and device
CN102316080A (en) Function for supporting anonymous verification of central authentication service in same master domain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant