CN108289101A - Information processing method and device - Google Patents
Information processing method and device Download PDFInfo
- Publication number
- CN108289101A CN108289101A CN201810074673.XA CN201810074673A CN108289101A CN 108289101 A CN108289101 A CN 108289101A CN 201810074673 A CN201810074673 A CN 201810074673A CN 108289101 A CN108289101 A CN 108289101A
- Authority
- CN
- China
- Prior art keywords
- application
- information
- service ticket
- user
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/957—Browsing optimisation, e.g. caching or content distillation
- G06F16/9574—Browsing optimisation, e.g. caching or content distillation of access to content, e.g. by caching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Information Transfer Between Computers (AREA)
Abstract
A kind of information processing method of proposition of the embodiment of the present invention and device, are related to Internet technical field.This method includes:When first during user terminal accesses multiple applications for the first time is applied and has not visited other application, first application receives the user login information that certificate server returns, user login information is preserved to cache server, is generated and the unique corresponding identification information of user login information;Cookie information, which is generated, according to identification information is sent to browser preservation, set the path of cookie information to predefined paths, so as to user terminal accessed first application again by any application in the multiple applications of browser access when, any application obtains cookie information according to predefined paths, and then user login information is obtained according to the identification information in cookie information, without each access registrar server authentication user's login status, it avoids system appearance and repeatedly redirects refresh page, improve user experience.
Description
Technical field
The present invention relates to Internet technical fields, in particular to a kind of information processing method and device.
Background technology
In order to meet the demand of growing all types of user group, many enterprises realize the arbitrary combination of multiple applications and build a station
System, multiple applications are clustered deploy(ment)s, single-sign-on (Single Sign On, SSO), are popular at present enterprises
One of solution of business integration, in several applications, user, which only needs to log in, can once access all mutual trusts
Application, i.e., only need to login service end request one-time authentication operation, and being capable of normal Single Sign Out.For example, existing
What Single Sign-On Technology Used was usually realized in:It, can quilt because logging in not yet when user accesses using 1 for the first time
It is directed in login service end and is logged in;The log-on message that login service end is provided according to user carries out proof of identity, if
By verification, then one certification authority of user is returned to, user will be visited again on certification authority band using 1, can be by certification using 1
Authority is sent to login service end and is verified, and checks the legitimacy of certification authority, if by verification, user may have access to and answer
With the resource on 1, since user's login authentication on login service end need to only be arrived when accessing using 2 and application 3
Login service end obtains certification authority, goes to access using 2 by certification authority and applies 3, to realize that user merely enters once
Log-on message accesses all applications.
In existing scheme, although user does not have to input log-on message login authentication on login service end again,
Access for the first time each in application, being required for obtaining certification authority after user's login status is verified at login service end, and it is every
As soon as verifying time user's login status at login service end, the page, which will appear, once to be redirected, and occurs repeatedly jumping so as to cause system
Turn refresh page, greatly reduces user experience.
Invention content
A kind of information processing method of offer of the embodiment of the present invention and device.
Technical solution used in the embodiment of the present invention is as follows:
In a first aspect, the embodiment of the present invention proposes a kind of information processing method, it is applied to application server, the application clothes
Business device is communicated with user terminal, certificate server, and the user terminal is equipped with browser, may have access to institute by the browser
Multiple applications on application server are stated, the method includes:In the user terminal accesses the multiple application for the first time
First application and do not accessed in the multiple application in addition to it is described first application other application when, it is described first application
The user login information that the certificate server returns is received, so that the user terminal is accessed by the user login information
First application;The user login information is preserved to a cache server, and is generated with the user login information only
One corresponding identification information;Cookie information is generated according to the identification information and is sent to the browser preservation, and will be described
The path of cookie information is set as a predefined paths, after excessively described first application of the user terminal access, then to lead to
It crosses any in application, any application can be obtained according to the predefined paths in the multiple application of the browser access
The cookie information, and then institute is obtained from the cache server according to the identification information in the cookie information
User login information is stated, so that the user terminal accesses any application by the user login information.
Second aspect, the embodiment of the present invention also propose a kind of information processing unit, are applied to application server, the application
Server is communicated with user terminal, certificate server, and the user terminal is equipped with browser, may have access to by the browser
Multiple applications on the application server, described device include:Receiving module, for accessing institute for the first time in the user terminal
It states the in multiple applications first application and did not access the other application applied in addition to described first in the multiple application
When, the user login information that the certificate server returns is received, so that the user terminal passes through the user login information
Access first application;Cache module, for preserving the user login information to a cache server, and generation and institute
State user login information uniquely corresponding identification information;Cookie information generation module, for being generated according to the identification information
Cookie information is sent to the browser and preserves, and sets the path of the cookie information to a predefined paths, so as to
It is answered after excessively described first application of the user terminal access, then by any in the multiple application of the browser access
Used time, any application can be obtained according to the predefined paths, and then be believed according to the mark in the cookie information
Breath obtains the corresponding user login information from the cache server, so that the user terminal is stepped on by the user
Record any application described in message reference.
Compared with the prior art, in embodiments of the present invention, the first application is accessed for the first time in user terminal and do not accessed
When other application, the first application receives the user login information that certificate server returns so that described in user terminal successful access
First application;First application caches user login information, and generates and the unique corresponding mark of the user login information
Know information, is sent to browser preservation after then generating cookie information according to the identification information, which is set
Path is a predefined paths so that can share the cookie information between multiple applications, and then realize user login information
It is shared between multiple applications.In other words, after excessively described first application of the user terminal access, then pass through the browsing
Device accesses any in application, any application passes through the readable cookie for taking out browser of the predefined paths in the multiple application
Then information obtains corresponding user login information by identification information to obtain identification information from cache server, real
Show when user terminal access crosses first using going to access other application resource again, it can be directly according to the mark in cookie information
Acquisition of information is known to user login information, without wanting the technology of access registrar server authentication user's login status to imitate every time
Fruit avoids system appearance and repeatedly redirects refresh page, improves user experience.
Other features and advantages of the present invention will be illustrated in subsequent specification, also, partly be become from specification
It is clear that by implementing understanding of the embodiment of the present invention.The purpose of the present invention and other advantages can be by saying what is write
Specifically noted structure is realized and is obtained in bright book, claims and attached drawing.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows the application environment schematic diagram of the information processing method that the embodiment of the present invention is provided and device.
Fig. 2 shows the block diagrams for the application server that the embodiment of the present invention is provided.
Fig. 3 shows the flow diagram for the information processing method that the embodiment of the present invention is provided.
Fig. 4 shows the flow diagram for the information processing method that another embodiment of the present invention is provided.
Fig. 5 shows the high-level schematic functional block diagram for the information processing unit that the embodiment of the present invention is provided.
Icon:100- application servers;200- user terminals;300- certificate servers;400- networks;500- information processings
Device;110- memories;120- processors;130- communication interfaces;510- judgment modules;520- request processing modules;530- is sent out
Send module;540- receiving modules;550- cache modules;560-cookie information generating modules;570- publishes processing module.
Specific implementation mode
Below in conjunction with attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Usually exist
The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause
This, the detailed description of the embodiment of the present invention to providing in the accompanying drawings is not intended to limit claimed invention below
Range, but it is merely representative of the selected embodiment of the present invention.Based on the embodiment of the present invention, those skilled in the art are not doing
The every other embodiment obtained under the premise of going out creative work, shall fall within the protection scope of the present invention.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined, then it further need not be defined and explained in subsequent attached drawing in a attached drawing.
The information processing method and device that the embodiment of the present invention is provided can be applied in application environment as shown in Figure 1.
Application server 100, user terminal 200 and certificate server 300 are located in network 400, application server 100, user terminal
200 and certificate server 300 can be communicated between each other by network 400, to realize application server 100 and user terminal
Between 200, between application server 100 and certificate server 300 and between user terminal 200 and certificate server 300
Data communicate or interaction.Wherein, multiple applications (for example, the first application, second application ...) are installed in application server 100,
Browser is installed, user terminal 200 multiple is answered by what browser may have access on application server 100 in user terminal 200
With, user inputs user login information (for example, username and password) by user terminal 200 and is sent to certificate server 300,
To carry out login authentication on certificate server 300.
In the present embodiment, the user terminal 200 may be, but not limited to, smart mobile phone, PC
(personal computer, PC), tablet computer, personal digital assistant (personal digital assistant, PDA),
Mobile internet surfing equipment (mobile Internet device, MID) etc..
It should be noted that in practice, the application server 100 can be one or more, and multiple application can
To be deployed on an application server 100, can also be deployed on different application servers 100.
Fig. 2 is please referred to, is the block diagram of application server 100 shown in FIG. 1.The application server 100 can wrap
It includes:Memory 110, processor 120 and communication interface 130, the memory 110, processor 120 and communication interface 130, each member
It is directly or indirectly electrically connected between part, to realize the transmission or interaction of data.For example, these elements can lead between each other
It crosses one or more communication bus or signal wire is realized and is electrically connected.Processor 120 be used for execute stored in memory 110 can
Execution module, such as computer program.
Wherein, memory 110 may be, but not limited to, random access memory (Random Access Memory,
RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only
Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM),
Electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc..
Memory 110 can be used for storing software program and module, information processing unit 500 include it is at least one can be with software or firmware
(firmware) form is stored in memory 110 or is solidificated in the operating system in the application server 100
Software function module in (operating system, OS).The processor 120 executes one after receiving and executing instruction
A or multiple programs are to realize the data processing method of the embodiment of the present application announcement.The communication interface 130 can be used for saving with other
Point device carries out the communication of signaling or data.
Processor 120 may be a kind of IC chip, the processing capacity with signal.It is above-mentioned during realization
Each step of method can be completed by the integrated logic circuit of the hardware in processor 120 or the instruction of software form.On
The processor 120 stated can be general processor, including central processing unit (Central Processing Unit, abbreviation
CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (DSP), special
Integrated circuit (ASIC), ready-made programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor
Logical device, discrete hardware components.
Fig. 3 is please referred to, by the flow diagram for the information processing method that the embodiment of the present invention provides.It needs to illustrate
It is that the information processing method described in the embodiment of the present invention is not limitation with Fig. 3 and particular order as described below, should be managed
Solution, in other embodiments, the sequence of information processing method which part step of the present invention can be according to actual needs
It is exchanged with each other or part steps therein can also be omitted or be deleted.The information processing method can be applied to above-mentioned application
Server 100 below will be described in detail detailed process shown in Fig. 3.
Step S101, described first applies when receiving the access request of the transmission of the user terminal 200, described in judgement
User terminal 200 whether access for the first time it is described first application and whether accessed in the multiple application in addition to described first
The other application of application.
In the present embodiment, using the multiple application as an application system, first applies and is receiving access request
When, user's login status of user terminal 200 is verified according to the access request, i.e., whether verification user is logged should
Application system should when first application cannot obtain cookie information and service ticket according to the access request
Cookie information include with the unique corresponding identification information of user login information, then judge that the user terminal 200 is for the first time
It accesses first application and did not access the other application applied in addition to described first in the multiple application, that is to say
It says, user is to access the application system for the first time;Wherein, which is that certificate server 300 is logical in 200 certification of user terminal
Later application server 100 is returned to.When first application can obtain cookie information, then judge that user terminal 200 is visited
Asked at least one of multiple application application;When first application can obtain service ticket but cannot obtain cookie letters
When breath, then judge that user terminal 200 logins successfully on certificate server 300, the first application needs certificate server
It is whether legal that the service ticket is verified on 300, when 300 service for checking credentials bill of certificate server is legal, then to application server
100 return and the associated user login information of service ticket.
Step S102, determine the user terminal 200 access for the first time it is described first application and do not accessed described more
In a application in addition to it is described first application other application when, it is described first application the access is asked by the browser
It asks and is redirected to the certificate server 300, recognize so that the certificate server 300 to the user terminal 200 log in
Card, generation and the associated service ticket of user login information obtained from the user terminal 200, and pass through the user terminal
The service ticket is back to first application by 200.
In the present embodiment, certificate server 300 verifies user when receiving access request according to the access request
Login status then directly returns to log in page, so that user fills in use when determining that user logs in not yet to user terminal 200
Family log-on message, certificate server 300 carry out login authentication according to the user login information of acquisition to the user terminal 200,
I.e. whether verification user is effective, and such as effectively, then 200 certification of user terminal success allows user to log in, otherwise do not allow user to step on
Record.Certificate server 300 generates TGT (Ticket after 200 certification of user terminal success, according to the user login information of acquisition
Granting Ticket) object, it is put into the caching of oneself, while generating unique mark TGC corresponding with the TGT objects
(Ticket-Granting Cookie) is written in browser, when there is the arrival of browser http request again, comes if be transmitted through
Have certificate server 300 generate unique mark TGC, then certificate server 300 is using unique mark TGC as keyword key
Can whether there is or not TGT objects in query caching, it is if having, then logged before illustrating user, if it is not, user needs to step on again
Record.In the present embodiment, certificate server 300 will also sign and issue one after 200 certification of user terminal success according to TGT objects
Service ticket (Service Ticket, ST) returns to user terminal 200, and user terminal 200 is made to be gone again by the service ticket
Access the first application.
Ground is readily appreciated that, since user terminal 200 is to access first application for the first time and do not accessed the multiple
The other application applied in addition to described first in, then the first application are redirected to the certificate server by browser
Unique mark TGC will not be carried in 300 access request, certificate server 300 also just inquires the TGT objects less than caching, then
Log in page directly is returned to user terminal 200, so that user fills in user login information.Certificate server 300 is in user terminal
After 200 certifications success, TGT object records caching is generated, and browser is written into the corresponding unique mark TGC of the TGT objects;Root
Be that service ticket is signed and issued in the first application according to the TGT objects, and browser notified to be redirected to the first application, using service ticket as
URL parameter is transmitted, and so that user terminal 200 is realized and is gone to access the first application again by the service ticket.
Step S103, described first is described to pass through using the service ticket is sent to the certificate server 300
Whether certificate server 300 verifies the service ticket effective.
For example, first applies after receiving service ticket, access registrar server will be removed again after on service ticket band
300, by certificate server 300 come the legitimacy of service for checking credentials bill.
Step S104, first in the user terminal 200 accesses the multiple application for the first time applies and does not access
Cross in the multiple application in addition to first application other application when, first application receives the certificate server
300 user login informations returned are answered so that the user terminal 200 accesses described first by the user login information
With.
Specifically, step S104 includes:When the certificate server 300 verify the service ticket it is effective when, first
Using the reception return of certificate server 300 and the associated user login information of the service ticket.
In the present embodiment, it is associated with TGT objects due to service ticket, TGT objects are associated with user login information, when recognizing
Demonstrate,prove 300 service for checking credentials bill of server it is legal when, the will be returned to the associated user login information of the service ticket
One application, the first application get the resource that user login information allows for user to access the first application.
Step S105 preserves the user login information to a cache server, and generates to log in the user and believe
The unique corresponding identification information of breath.
In the present embodiment, the application server 100 can also be communicated to connect with a cache server, and first applies and obtaining
When getting the user login information of the return of certificate server 300, user is just allowed to access the resource of the first application, while creating meeting
Session is talked about, which is saved in session session, is generated uniquely corresponding with the user login information
Then session session is saved in cache server (for example, redis, which can be used, caches machine by identification information session id
System), so that application can obtain session session according to identification information session id from the cache server, and then obtain
Obtain user login information.
Step S106 generates cookie information according to the identification information and is sent to the browser preservation, and will be described
The path of cookie information is set as a predefined paths, so as to the user terminal 200 accessed it is described first application after, then
By any in application, any application can be obtained according to the predefined paths in the multiple application of the browser access
The cookie information is obtained, and then is obtained from the cache server according to the identification information in the cookie information
The user login information, so that the user terminal 200 accesses any application by the user login information.
In the present embodiment, it first applies and is generating and the unique corresponding identification information session id of user login information
Afterwards, it is created in cookie information write-in browser according to identification information session id, while by the way that cookie letters are arranged
The path of breath is a predefined paths so that user terminal 200 is again by any in browser access application system in application, browsing
It (may be still the first application, it is also possible to which in addition to the other application of the first application, for example second answer that device, which is sent to any application,
With, third application etc.) access request in can all carry the cookie information, any application can be obtained according to the predefined paths
Cookie information, and then identification information session id are obtained, then gone identification information session id as keyword key
Access cache server is stepped on to obtain the user login information cached in cache server when any application obtains user
After recording information, you can user is allowed to access corresponding application resource.
For example, can realize that cookie information is shared between multiple applications by the following method:cookie.setPath
("/"), i.e., the predefined paths are set as "/", in fact, the predefined paths of the cookie information determine browser access application
Multiple on server 100 are every in this way in application, should be sent to the cookie information under the root of application server 100
When browser accesses any again in application, the cookie information can be obtained under predefined paths "/", without regenerating
Cookie information.It should be noted that in this application, if all applications on the application server 100 generate cookie
Information, the path of cookie information should all be arranged to identical, for example, being all "/", thereby realize being total to for cookie information
It enjoys (that is to say user login information shared), using also user login information need not be obtained from certificate server 300.
Therefore in the present embodiment, user accesses multiple in application, only needing to ask in certificate server 300 in application system
One-time authentication operation is asked to achieve that single-sign-on, it need not will certificate server when accessing the resource each applied for the first time
300 go to verify whether to log in, and then obtain corresponding service ticket and exchange user login information for and realize the access each applied;
For user after the application of successful access first, the user login information that the first application will obtain is all using it in application system
Between share, user terminal 200 accessed it is described first application after, then pass through in the multiple application of the browser access appoint
Once in application, it is any application no longer need to certificate server 300 obtain service ticket, but direct access path "/" obtain
Identification information in cookie information, and then user login information is obtained according to the identification information, the system that avoids occurs more
The secondary page for redirecting refreshing, greatly improves user experience.
As shown in figure 4, the flow diagram of the information processing method provided by another embodiment of the present invention.With upper one
Information processing method described in embodiment is compared, and information processing method provided in this embodiment not only realizes between each application
User login information is shared so that obtains service using certificate server 300 is no longer needed to after the access request for receiving user
Bill exchanges user login information for, but also can realize Single Sign Out, that is, realizes state of logging off.In the present embodiment
In, described information processing method further includes:
Step S107, when first application receives when publishing request of the transmission of the certificate server 300, described the
The service ticket and the corresponding user login information of the service ticket are deleted in one application.
In the present embodiment, user can initiate to publish request in any application, this, which is published request, by any application turns
It is sent to certificate server 300, then all applications from certificate server 300 by way of broadcast into application system are sent out
Request is published, since the other application in application system does not obtain service ticket from certificate server 300, also just there is no clothes
The correspondence of business bill and identification information session id, and the first application has from the acquisition service ticket of certificate server 300,
User login information is obtained from certificate server 300 according to service ticket, and identification information is generated according to user login information
Session id, therefore record has unique corresponding pass of the service ticket with the identification information session id in the first application
System, in other words, the only first application, which could execute, publishes operation, and other application cannot execute.When the first application receives
To when publishing request, the corresponding identification information session id are obtained according to the service ticket, then by the mark
The corresponding user login informations of information session id are deleted from cache server, while deleting the service ticket,
Single Sign Out can be realized.
It should be noted that in the present embodiment, certificate server 300 is after receiving and publishing request, also by certification
The TGT objects cached on server 300, the service ticket signed and issued and the unique mark TGC being written in browser are purged.
Further, in the present embodiment, it is a cluster to be applied when each of the multiple application, i.e., when described
When each of multiple applications application includes at least one application node, for example, application cluster a (including application a nodes 1, application
A nodes 2, using a nodes 3 ...), application cluster b (including application b nodes 1, using b nodes 2, using b nodes 3 ...), it is described to recognize
It demonstrate,proves server 300 and publishes request described in application node transmission one of into each application.
For example, first application includes the first application node and the second application node, then step S105 may include:
When the service ticket and the unique corresponding relation are stored in first application node and first application
Node receives the transmission of the certificate server 300 described when publishing request, and first application node is by the service ticket
According to this and the corresponding user login information of the service ticket is deleted.In other words, 300 broadcast type of certificate server
Application node is sent out at random one of into all applications publishes request, when the first application node in the first application receives
To when publishing request and service ticket and unique corresponding relation are stored in first application node, then first application node can
Corresponding identification information session id are directly obtained according to service ticket, are then found pair according to identification information session id
The user login information answered, and the user login information is deleted from cache server, while deleting in the first application node
The service ticket of caching, then the first application node, which realizes, publishes operation.
When the service ticket and the unique corresponding relation are stored in first application node and second application
Node receives the transmission of the certificate server 300 described when publishing request, and second application node asks described publish
It asks and is forwarded to first application node;First application node publishes request by the service ticket and institute according to
The corresponding user login information of service ticket is stated to be deleted.In other words, when the service ticket and described unique right
It should be related to and be stored in first application node, but certificate server 300 will not publish request and be sent to the first application section
Point, and it has been sent to the second application node, since the second application node does not preserve service ticket and service ticket and mark
Know information unique corresponding relation, can not execute and publish operation, then need by this publish request to this first apply in other
It sends out to node broadcasts formula and publishes request, after what the first application node received that the second application node sends out publishes request, execute
Publish operation.
In the prior art, if realizing Single Sign Out in the case where each application includes at least one application node,
It then needs to share the unique corresponding relation of service ticket and identification information between each application node so that application server
100 also need to safeguard the address of the buffer memory device of caching unique corresponding relation, increase O&M cost to a certain extent and answer
Miscellaneous degree.And the mode of Single Sign Out is realized in the present embodiment, user can publish at any one using upper application, certificate server
300 after receiving and publishing request, and broadcast type sends out to some application node of all applications and publishes request at random, works as transmission
When being routed to the second application node of the first application to the request of the first application, which can not find service ticket
With the unique corresponding relation of identification information, it can not execute and publish operation, other application node of the request to the first application will be published
It sends out to broadcast type and publishes request, finally publish operation according to request execution is published by the first application node.Therefore, with existing skill
Art is compared, and the Single Sign Out realization method of the application need not preserve the unique corresponding relation of service ticket and identification information
The unique corresponding relation is shared with other application node by application node, and application server 100 does not have to the ground for safeguarding buffer memory device
Location reduces O&M cost and complexity.
Fig. 5 is please referred to, by the high-level schematic functional block diagram for the information processing unit 500 that the embodiment of the present invention provides.It needs
Illustrate, the information processing unit 500 that the present embodiment is provided, the technique effect and preceding method of basic principle and generation
Embodiment is identical, to briefly describe, does not refer to part in the present embodiment, can refer to the corresponding contents in previous embodiment.It is described
Information processing unit 500 is applied to above-mentioned application server 100 comprising judgment module 510, request processing module 520, hair
It send module 530, receiving module 540, cache module 550, cookie information generation module 560 and publishes processing module 570.
The judgment module 510 is used to, when receiving the access request of the transmission of the user terminal 200, judge the use
Family terminal 200 whether access for the first time it is described first application and whether accessed in the multiple application in addition to described first answers
Other application.
In the present embodiment, the judgment module 510 be particularly used in when cannot according to the access request obtain described in
When cookie information and the service ticket, then judge that the user terminal 200 is to access first application for the first time and do not have
There is the other application applied in addition to described first accessed in the multiple application.
It is appreciated that the judgment module 510 can execute above-mentioned steps S101.
The request processing module 520 be used for determine the user terminal 200 access for the first time it is described first application and do not have
Have accessed in the multiple application in addition to first application other application when, by the browser by the access
Request is redirected to the certificate server 300, so that the certificate server 300 logs in the user terminal 200
Certification, generation and the associated service ticket of user login information obtained from the user terminal 200, and pass through user end
The service ticket is back to first application by end 200.
It is appreciated that the request processing module 520 can execute above-mentioned steps S102.
The sending module 530 is recognized described in passing through for the service ticket to be sent to the certificate server 300
Whether card server 300 verifies the service ticket effective.
It is appreciated that the sending module 530 can execute above-mentioned steps S103.
The receiving module 540 is for the first application in the user terminal 200 accesses the multiple application for the first time
And do not accessed in the multiple application in addition to it is described first application other application when, receive the certificate server
300 user login informations returned are answered so that the user terminal 200 accesses described first by the user login information
With.
Wherein, the receiving module 540 is specifically used for when to verify the service ticket effective for the certificate server 300
When, receive the certificate server 300 return with the associated user login information of the service ticket.
It is appreciated that the receiving module 540 can execute above-mentioned steps S104.
The cache module 550 is used to preserve the user login information to a cache server, and generate with it is described
The unique corresponding identification information of user login information.
It is appreciated that the cache module 550 can execute above-mentioned steps S105.
The cookie information generation module 560 is used to be sent to according to identification information generation cookie information described
Browser preserves, and sets the path of the cookie information to a predefined paths, to be accessed in the user terminal 200
After crossing first application, then by any in application, any application in the multiple application of the browser access
Can obtain the cookie information according to the predefined paths, so according to the identification information in the cookie information from
The user login information is obtained in the cache server, so that the user terminal 200 passes through the user login information
Access any application.
It is appreciated that the cookie information generation module 560 can execute above-mentioned steps S106.
The processing module 570 of publishing is for when first application receives stepping on for the transmission of the certificate server 300
When going out to ask, first application carries out the corresponding user login information of the service ticket and the service ticket
It deletes.
Wherein, in the present embodiment, when each of the multiple application application includes at least one application node, institute
It states certificate server 300 and publishes request described in application node transmission one of into each application, described first answers
With including the first application node and the second application node, when the service ticket and the unique corresponding relation are stored in described
One application node and first application node receive the transmission of the certificate server 300 described when publishing request, described
The processing module 570 of publishing of first application node is used for the service ticket and the corresponding user of the service ticket
Log-on message is deleted;When the service ticket and the unique corresponding relation are stored in first application node and described
Second application node receives the transmission of the certificate server 300 described when publishing request, and second application node is stepped on
Go out processing module 570 for publishing request by described and being forwarded to first application node;First application node is published
Processing module 570 is used to publish request according to and steps on the service ticket and the corresponding user of the service ticket
Record information is deleted.
It should be understood that when each of the multiple application application includes at least one application node, each application node
It is identical when upper included function module and unit.
It is appreciated that the processing module 570 of publishing can execute above-mentioned steps S107.
In conclusion information processing method and device that the embodiment of the present invention is provided, are applied to application server, it is described
Application server is communicated with user terminal, certificate server, and the user terminal is equipped with browser, can by the browser
Multiple applications on the application server are accessed, the first application in the user terminal accesses the multiple application for the first time
And do not accessed in the multiple application in addition to it is described first application other application when, it is described first application receive described in
The user login information that certificate server returns, so that the user terminal accesses described first by the user login information
Using;The user login information is preserved to a cache server, and is generated uniquely corresponding with the user login information
Identification information;Cookie information is generated according to the identification information and is sent to the browser preservation, and the cookie is believed
The path of breath is set as a predefined paths, so as to after excessively described first application of the user terminal access, then by described clear
Device of looking at accesses any in application, any application can be according to described in predefined paths acquisition in the multiple application
Cookie information, and then the use is obtained from the cache server according to the identification information in the cookie information
Family log-on message, so that the user terminal accesses any application by the user login information.In other words, when with
When family terminal access crosses first using going to access other application resource again, any application passes through the readable taking-up of the predefined paths and browses
Then the cookie information of device obtains corresponding user by identification information to obtain identification information from cache server
Log-on message avoids system appearance and repeatedly redirects brush without wanting access registrar server authentication user's login status every time
New page improves user experience.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, apparatus, equipment or computer journey
Sequence product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine software and hardware side
The form of the embodiment in face.Moreover, it wherein includes computer available programs that the embodiment of the present invention, which can be used in one or more,
Implement in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of code
The form of computer program product.
The embodiment of the present invention with reference to according to the method for the embodiment of the present invention, device, equipment and computer program product
Flowchart and/or the block diagram describes.It should be understood that can be realized by computer program instructions every in flowchart and/or the block diagram
The combination of flow and/or box in one flow and/or box and flowchart and/or the block diagram.These computers can be provided
Processor of the program instruction to all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices
To generate a machine so that the instruction executed by computer or the processor of other programmable data processing devices generates use
In the dress for realizing the function of being specified in one flow of flow chart or multiple flows and/or one box of block diagram or multiple boxes
It sets.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that instruction generation stored in the computer readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device so that count
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, in computer or
The instruction executed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In several embodiments that the embodiment of the present invention is provided, it should be understood that disclosed device and method also may be used
To realize by another way.Device and method embodiment described above is only schematical, for example, in attached drawing
Flow chart and block diagram show the device of multiple embodiments according to the present invention, the possibility of method and computer program product is realized
Architecture, function and operation.In this regard, each box in flowchart or block diagram can represent module, a program
A part for a part for section or code, the module, section or code includes that one or more is patrolled for realizing defined
Collect the executable instruction of function.It should also be noted that at some as the function of in the realization method replaced, being marked in box
It can occur in a different order than that indicated in the drawings.For example, two continuous boxes can essentially be held substantially in parallel
Row, they can also be executed in the opposite order sometimes, this is depended on the functions involved.It is also noted that block diagram and/or
The combination of each box in flow chart and the box in block diagram and or flow chart can use function or dynamic as defined in executing
The dedicated hardware based system made is realized, or can be realized using a combination of dedicated hardware and computer instructions.
In addition, each function module in each embodiment of the present invention can integrate to form an independent portion
Point, can also be modules individualism, can also two or more modules be integrated to form an independent part.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module
It is stored in a computer read/write memory medium.Based on this understanding, technical scheme of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be expressed in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be
People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic disc or CD.It needs
Illustrate, herein, the terms "include", "comprise" or any other variant thereof is intended to cover non-exclusive inclusion,
So that the process, method, article or equipment including a series of elements includes not only those elements, but also include not having
The other element being expressly recited, or further include for elements inherent to such a process, method, article, or device.Do not having
There is the element limited by sentence "including a ..." in the case of more limiting, it is not excluded that in the mistake for including the element
There is also other identical elements in journey, method, article or equipment.
The foregoing is merely the alternative embodiments of the present invention, are not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.It should be noted that:Similar label and letter exist
Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing
It is further defined and is explained.
Claims (10)
1. a kind of information processing method, is applied to application server, the application server and user terminal, certificate server are logical
Letter, the user terminal are equipped with browser, may have access to multiple applications on the application server by the browser,
It is characterized in that, the method includes:
In the first application during the user terminal accesses the multiple application for the first time and not accessing the multiple application
In addition to first application other application when, first application receives the user that the certificate server returns and logs in letter
Breath, so that the user terminal accesses first application by the user login information;
The user login information is preserved to a cache server, and is generated and the unique corresponding mark of the user login information
Know information;
Cookie information is generated according to the identification information be sent to the browser and preserve, and by the road of the cookie information
Diameter is set as a predefined paths, to be visited after excessively described first application of the user terminal access, then by the browser
It asks any in application, any application can obtain the cookie letters according to the predefined paths in the multiple application
Breath, and then the user is obtained from the cache server according to the identification information in the cookie information and logs in letter
Breath, so that the user terminal accesses any application by the user login information.
2. information processing method as described in claim 1, which is characterized in that accessed for the first time in the user terminal the multiple
In first application and do not accessed in the multiple application in addition to it is described first application other application when, it is described
Before first application receives the user login information that the certificate server returns, the method further includes:
For the first time whether described first applies when receiving the access request that the user terminal is sent, judge the user terminal
It accesses first application and whether accessed the other application applied in addition to described first in the multiple application;
Determine the user terminal access first application for the first time and do not accessed in the multiple application in addition to institute
When stating the other application of the first application, it is described first application by the browser by the access request be redirected to described in recognize
Server is demonstrate,proved, so that the certificate server carries out login authentication to the user terminal, generation is obtained with from the user terminal
The associated service ticket of user login information taken, and the service ticket is back to described first by the user terminal
Using;
The service ticket is sent to the certificate server to verify institute by the certificate server by first application
Whether effective state service ticket;
First application receives the user login information that the certificate server returns, including:
When the certificate server verify the service ticket it is effective when, it is returning with the service to receive the certificate server
The associated user login information of bill.
3. information processing method as claimed in claim 2, which is characterized in that described first applies to receive the user whole
When holding the access request sent, judge whether the user terminal accesses first application and whether accessed described for the first time
The other application applied in addition to described first in multiple applications, including:
When first application cannot obtain the cookie information and the service ticket according to the access request, then
Judge the user terminal be access first application for the first time and do not accessed in the multiple application in addition to described the
The other application of one application.
4. information processing method as claimed in claim 2, which is characterized in that record has the service ticket in first application
According to the unique corresponding relation with the identification information, the method further includes:
When first application receives when publishing request of the certificate server transmission, described first applies the service
Bill and the corresponding user login information of the service ticket are deleted.
5. information processing method as claimed in claim 4, which is characterized in that when each of the multiple application application includes
When at least one application node, the certificate server is stepped on one of into each application described in application node transmission
Go out request, first application includes the first application node and the second application node, described when described first applies and receive institute
When publishing request of certificate server transmission is stated, first application is corresponding by the service ticket and the service ticket
The user login information is deleted, including:
When the service ticket and the unique corresponding relation are stored in first application node and first application node
Receive that the certificate server sends is described when publishing request, and first application node is by the service ticket and institute
The corresponding user login information of service ticket is stated to be deleted;
When the service ticket and the unique corresponding relation are stored in first application node and second application node
Receive that the certificate server sends is described when publishing request, and second application node is published described request and be forwarded to
First application node;First application node publishes request by the service ticket and the service ticket according to
It is deleted according to the corresponding user login information.
6. a kind of information processing unit, is applied to application server, the application server and user terminal, certificate server are logical
Letter, the user terminal are equipped with browser, may have access to multiple applications on the application server by the browser,
It is characterized in that, described device includes:
Receiving module did not accessed for the first application in accessing the multiple application for the first time in the user terminal and institute
State in multiple applications in addition to first application other application when, receive the user that the certificate server returns and log in letter
Breath, so that the user terminal accesses first application by the user login information;
Cache module is believed for preserving the user login information to a cache server, and generating to log in the user
The unique corresponding identification information of breath;
Cookie information generation module is sent to the browser guarantor for generating cookie information according to the identification information
It deposits, and sets the path of the cookie information to a predefined paths, so as in the user terminal access excessively described first
After, then by any in application, any application can be according to described in the multiple application of the browser access
Predefined paths obtain the cookie information, and then are taken from the caching according to the identification information in the cookie information
The user login information is obtained in business device, so that the user terminal accesses described any answer by the user login information
With.
7. information processing unit as claimed in claim 6, which is characterized in that described device further includes:
Judgment module, for when receiving the access request that the user terminal is sent, judging whether the user terminal is first
It is secondary to access first application and whether accessed the other application applied in addition to described first in the multiple application;
Request processing module, for determine the user terminal access for the first time it is described first application and do not accessed described more
In a application in addition to it is described first application other application when, the access request is redirected to by institute by the browser
Certificate server is stated, so that the certificate server carries out login authentication to the user terminal, is generated and whole from the user
It holds the associated service ticket of user login information obtained, and by the user terminal is back to the service ticket described
First application;
Sending module, for the service ticket to be sent to the certificate server to verify institute by the certificate server
Whether effective state service ticket;
The receiving module is used to, when the certificate server verification service ticket is effective, receive the certificate server
Return with the associated user login information of the service ticket.
8. information processing unit as claimed in claim 7, which is characterized in that the judgment module is used to work as cannot be according to described
When access request obtains the cookie information and the service ticket, then judge that the user terminal is described in access for the first time
First applies and did not access the other application applied in addition to described first in the multiple application.
9. information processing unit as claimed in claim 7, which is characterized in that record has the service ticket in first application
According to the unique corresponding relation with the identification information, described device further includes:
Publish processing module, for when receiving that the certificate server sends when publishing request, by the service ticket with
And the corresponding user login information of the service ticket is deleted.
10. information processing unit as claimed in claim 9, which is characterized in that when each of the multiple application application is wrapped
When including at least one application node, the certificate server is one of into each application described in application node transmission
Publish request, first application includes the first application node and the second application node, when the service ticket and it is described uniquely
Correspondence is stored in first application node and first application node receives the institute that the certificate server is sent
It states when publishing request, first application node publishes processing module for by the service ticket and the service ticket
The corresponding user login information is deleted;
When the service ticket and the unique corresponding relation are stored in first application node and second application node
Receive that the certificate server sends is described when publishing request, second application node publish processing module for will
It is described to publish request and be forwarded to first application node;First application node publish processing module for according to described in
Request is published to delete the service ticket and the corresponding user login information of the service ticket.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810074673.XA CN108289101B (en) | 2018-01-25 | 2018-01-25 | Information processing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810074673.XA CN108289101B (en) | 2018-01-25 | 2018-01-25 | Information processing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108289101A true CN108289101A (en) | 2018-07-17 |
CN108289101B CN108289101B (en) | 2021-02-12 |
Family
ID=62835943
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810074673.XA Active CN108289101B (en) | 2018-01-25 | 2018-01-25 | Information processing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108289101B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108769083A (en) * | 2018-08-01 | 2018-11-06 | 北京奇虎科技有限公司 | Login method, apparatus and system based on distributed server |
CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
CN109831408A (en) * | 2018-12-13 | 2019-05-31 | 平安万家医疗投资管理有限责任公司 | Single-sign-on subsystem publishes method and system |
CN111181977A (en) * | 2019-12-31 | 2020-05-19 | 瑞庭网络技术(上海)有限公司 | Login method, device, electronic equipment and medium |
CN112491890A (en) * | 2020-11-27 | 2021-03-12 | 中国农业银行股份有限公司 | Access method and device |
CN112765583A (en) * | 2021-01-27 | 2021-05-07 | 海尔数字科技(青岛)有限公司 | Single sign-on method, device, equipment and medium |
CN114285650A (en) * | 2021-12-27 | 2022-04-05 | 中国电信股份有限公司 | Communication system, method and device based on cookie authentication |
CN114338634A (en) * | 2021-12-29 | 2022-04-12 | 杭州盈高科技有限公司 | Data processing method and device |
CN117319087A (en) * | 2023-11-28 | 2023-12-29 | 北京车与车科技有限公司 | Single sign-on method, device and storage medium based on centralized authentication service |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102098158A (en) * | 2009-12-10 | 2011-06-15 | 北大方正集团有限公司 | Cross-domain name single sign on and off method and system as well as corresponding equipment |
US20130086210A1 (en) * | 2011-09-29 | 2013-04-04 | Oracle International Corporation | Mobile application, identity relationship management |
CN103179134A (en) * | 2013-04-19 | 2013-06-26 | 中国建设银行股份有限公司 | Single sign on method and system based on Cookie and application server thereof |
CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
CN104158818A (en) * | 2014-08-25 | 2014-11-19 | 中国联合网络通信集团有限公司 | Single sign-on method and system |
CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
CN104320423A (en) * | 2014-11-19 | 2015-01-28 | 重庆邮电大学 | Single sign-on light weight implementation method based on Cookie |
CN104378376A (en) * | 2014-11-18 | 2015-02-25 | 深圳中兴网信科技有限公司 | SOA-based single-point login method, authentication server and browser |
CN105072123A (en) * | 2015-08-21 | 2015-11-18 | 广州博鳌纵横网络科技有限公司 | Single sign on log-out method and system under cluster environment |
-
2018
- 2018-01-25 CN CN201810074673.XA patent/CN108289101B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102098158A (en) * | 2009-12-10 | 2011-06-15 | 北大方正集团有限公司 | Cross-domain name single sign on and off method and system as well as corresponding equipment |
US20130086210A1 (en) * | 2011-09-29 | 2013-04-04 | Oracle International Corporation | Mobile application, identity relationship management |
CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
CN103179134A (en) * | 2013-04-19 | 2013-06-26 | 中国建设银行股份有限公司 | Single sign on method and system based on Cookie and application server thereof |
CN104158818A (en) * | 2014-08-25 | 2014-11-19 | 中国联合网络通信集团有限公司 | Single sign-on method and system |
CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
CN104378376A (en) * | 2014-11-18 | 2015-02-25 | 深圳中兴网信科技有限公司 | SOA-based single-point login method, authentication server and browser |
CN104320423A (en) * | 2014-11-19 | 2015-01-28 | 重庆邮电大学 | Single sign-on light weight implementation method based on Cookie |
CN105072123A (en) * | 2015-08-21 | 2015-11-18 | 广州博鳌纵横网络科技有限公司 | Single sign on log-out method and system under cluster environment |
Non-Patent Citations (3)
Title |
---|
HCHHAN89: ""redis缓存和cookie实现Session共享"", 《CSDN》 * |
READIAY: ""【No.2】CAS单点登录的原理分析"", 《CSDN》 * |
YLJAVA: "CAS实现单点登录(sso)原理", 《简书》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108769083A (en) * | 2018-08-01 | 2018-11-06 | 北京奇虎科技有限公司 | Login method, apparatus and system based on distributed server |
CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
CN109246076B (en) * | 2018-08-01 | 2022-11-04 | 北京奇虎科技有限公司 | Method and device for single sign-on to multiple systems |
CN109831408A (en) * | 2018-12-13 | 2019-05-31 | 平安万家医疗投资管理有限责任公司 | Single-sign-on subsystem publishes method and system |
CN111181977A (en) * | 2019-12-31 | 2020-05-19 | 瑞庭网络技术(上海)有限公司 | Login method, device, electronic equipment and medium |
CN112491890A (en) * | 2020-11-27 | 2021-03-12 | 中国农业银行股份有限公司 | Access method and device |
CN112765583A (en) * | 2021-01-27 | 2021-05-07 | 海尔数字科技(青岛)有限公司 | Single sign-on method, device, equipment and medium |
CN114285650A (en) * | 2021-12-27 | 2022-04-05 | 中国电信股份有限公司 | Communication system, method and device based on cookie authentication |
CN114338634A (en) * | 2021-12-29 | 2022-04-12 | 杭州盈高科技有限公司 | Data processing method and device |
CN114338634B (en) * | 2021-12-29 | 2023-12-01 | 杭州盈高科技有限公司 | Data processing method and device |
CN117319087A (en) * | 2023-11-28 | 2023-12-29 | 北京车与车科技有限公司 | Single sign-on method, device and storage medium based on centralized authentication service |
CN117319087B (en) * | 2023-11-28 | 2024-02-27 | 北京车与车科技有限公司 | Single sign-on method, device and storage medium based on centralized authentication service |
Also Published As
Publication number | Publication date |
---|---|
CN108289101B (en) | 2021-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108289101A (en) | Information processing method and device | |
CN105007280B (en) | A kind of application login method and device | |
CN101388773B (en) | Identity management platform, service server, uniform login system and method | |
CN104426862B (en) | Realize method, system and browser that cross-domain request logs in | |
CN102098158B (en) | Cross-domain name single sign on and off method and system as well as corresponding equipment | |
CN105430102B (en) | The integrated approach of the websites SaaS and third party system, system and its apparatus | |
CN106209749A (en) | Single-point logging method and the processing method and processing device of device, relevant device and application | |
CN104468487B (en) | Communication authentication method and device, terminal device | |
CN105871838B (en) | A kind of log-in control method and customer center platform of third party's account | |
CN107948167A (en) | A kind of method and apparatus of single-sign-on | |
CN104158818B (en) | A kind of single-point logging method and system | |
CN104158802B (en) | A kind of platform authorization method, platform service end and applications client and system | |
CN110032842B (en) | Method and system for simultaneously supporting single sign-on and third party sign-on | |
CN105812350B (en) | Cross-platform single sign-on system | |
CN109547458A (en) | Login validation method, device, computer equipment and storage medium | |
CN109587147A (en) | Single sign-on system, method, server and storage medium | |
US9756028B2 (en) | Methods, systems and computer program products for secure access to information | |
CN110213223A (en) | Business management method, device, system, computer equipment and storage medium | |
US8856957B1 (en) | Federated identity broker | |
CN106921636A (en) | Identity identifying method and device | |
CN109981664A (en) | Website logging method, device and the realization device of page end | |
CN110113366A (en) | A kind of detection method and device of CSRF loophole | |
CN108718337A (en) | Website account login, verification, verification information processing method, apparatus and system | |
CN108076077A (en) | A kind of conversation controlling method and device | |
CN102316080A (en) | Function for supporting anonymous verification of central authentication service in same master domain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |