CN108737398B - Processing method and device of trust system, computer equipment and storage medium - Google Patents

Processing method and device of trust system, computer equipment and storage medium Download PDF

Info

Publication number
CN108737398B
CN108737398B CN201810435842.8A CN201810435842A CN108737398B CN 108737398 B CN108737398 B CN 108737398B CN 201810435842 A CN201810435842 A CN 201810435842A CN 108737398 B CN108737398 B CN 108737398B
Authority
CN
China
Prior art keywords
client
trusted
page
subsystem
sent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810435842.8A
Other languages
Chinese (zh)
Other versions
CN108737398A (en
Inventor
林城彬
甘瑞华
许丹
马万里
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Trust Co Ltd
Original Assignee
Ping An Trust Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Trust Co Ltd filed Critical Ping An Trust Co Ltd
Priority to CN201810435842.8A priority Critical patent/CN108737398B/en
Publication of CN108737398A publication Critical patent/CN108737398A/en
Application granted granted Critical
Publication of CN108737398B publication Critical patent/CN108737398B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/06Asset management; Financial planning or analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

The invention provides a processing method, a processing device, equipment and a storage medium of a trust system. The processing method of the trust system comprises the following steps: when a page mark request which is sent by a client and used for accessing a display area of a first trusted subsystem is received, detecting whether the client logs in; when the client is detected not to be logged in, receiving login information sent by the client, and sending the login information sent by the client to an authentication center in a trusted system for verification; when receiving an authorization identifier which represents successful authentication and is sent by an authentication center, sending page content of a page mark corresponding to a display area of a first trust subsystem to a client; when the client is detected to be logged in, sending page content of a page mark corresponding to a display area of a first trust subsystem to the client; and when a logout instruction sent by the client is received, sending the content of the trusted platform page to the client. The technical scheme of the invention realizes the quick jump access among the trusted subsystems.

Description

Processing method and device of trust system, computer equipment and storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a processing method and apparatus for a trusted system, a computer device, and a storage medium.
Background
At present, a trust authority comprises various trust subsystems, such as a loan trust system, a rights and interests trust system, a financing and leasing trust system and the like, wherein the trust subsystems are independent from each other, when the content of a page mark of one trust subsystem is accessed, the trust subsystem needs to be logged in, when the content of a page mark of another trust subsystem is accessed, the accessed trust subsystem needs to be logged in again, quick skip among the trust subsystems cannot be realized, login account information is easy to be confused, inconvenience is brought to a user, and a great amount of time is spent when the user needs to log in different trust subsystems.
Disclosure of Invention
In view of the above, it is desirable to provide a method and an apparatus for processing a trusted system, a computer device, and a storage medium, which are capable of logging in the trusted system and quickly accessing the contents of page flags of each trusted subsystem in the trusted system.
A method of processing a trusted system, comprising:
when a page mark request which is sent by a client and used for accessing a first trusting subsystem display area is received, whether the client logs in is detected, the first trusting subsystem display area is any one of a plurality of trusting subsystem display areas contained in a trusting platform page in a trusting system, and each trusting subsystem display area comprises a plurality of page marks;
when the client is detected not to log in, receiving login information sent by the client, and sending the login information sent by the client to an authentication center in the trusted system for verification; when receiving an authorization identifier which is sent by the authentication center and represents that authentication is successful, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client so that the client displays a page corresponding to the first trusted subsystem;
when the client is detected to be logged in, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client, so that the client displays a page corresponding to the first trusted subsystem;
and when a logout instruction sent by the client is received, sending the content of the trusted platform page to the client so that the client displays the trusted platform page.
A processing apparatus of a trusted system, comprising:
the system comprises a trusted platform page display module, a trusted platform page display module and a trusted platform server, wherein the trusted platform page display module is used for detecting whether a client logs in or not when receiving a page mark request which is sent by the client and used for accessing a first trusted subsystem display area, the first trusted subsystem display area is any one of a plurality of trusted subsystem display areas contained in a trusted platform page in a trusted system, and each trusted subsystem display area comprises a plurality of page marks;
the trusted platform login module is used for receiving login information sent by the client when the client is detected not to be logged in, and sending the login information sent by the client to an authentication center in the trusted system for verification; when receiving an authorization identifier which is sent by the authentication center and represents that authentication is successful, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client so that the client displays a page corresponding to the first trusted subsystem;
the trusted platform page access module is used for sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client when the client is detected to be logged in so that the client can display a page corresponding to the first trusted subsystem;
and the logout module is used for sending the content of the trusted platform page to the client when a logout instruction sent by the client is received, so that the client displays the trusted platform page.
A computer device comprising a memory, a processor and a computer program stored in said memory and executable on said processor, said processor implementing the steps of the processing method of the above-mentioned trusted system when executing said computer program.
A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the processing method of the above-mentioned trusted system.
The processing method, the processing device, the computer equipment and the storage medium of the trust system are characterized in that a page of a trust system platform comprises a plurality of display areas of trust subsystems, and when a page mark request which is sent by a client and used for accessing the display area of a first trust subsystem is received, whether the client logs in is detected so as to rapidly access page contents of the trust subsystems in the trust system according to the page mark; when the client is detected not to be logged in, receiving login information sent by the client, and sending the login information sent by the client to an authentication center in a trusted system for verification; when receiving an authorization identifier which is sent by an authentication center and represents successful authentication, sending page content of a page mark corresponding to a display area of a first trust subsystem to a client so that the client displays a page corresponding to the first trust subsystem, realizing rapid login and accessing; when the client is detected to be logged in, sending page content of the page mark corresponding to the display area of the first trust subsystem to the client, so that the client displays a page corresponding to the first trust subsystem, the client logs in a trust system platform, and accesses the content corresponding to the page mark of each trust subsystem of the trust system platform; when a logout instruction sent by the client is received, the content of the trusted platform page is sent to the client so that the client displays the trusted platform page, the logout of the trusted subsystems is realized, and the trusted platform page is displayed so as to access each trusted subsystem of the trusted platform page.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
FIG. 1 is a diagram illustrating an application environment of a processing method of a trusted system according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method of processing by the trusted system in accordance with one embodiment of the present invention;
FIG. 3 is another detailed flow chart of a method of processing a trusted system in accordance with an embodiment of the present invention;
FIG. 4 is another detailed flow chart of a method of processing a trusted system in accordance with an embodiment of the present invention;
FIG. 5 is a schematic diagram of a processing device of the trusted system in an embodiment of the present invention;
FIG. 6 is a schematic diagram of a computer device provided in an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The processing method of the trust system provided by the present application can be applied to the application environment as shown in fig. 1, wherein the client communicates with the server through the network. Among other things, the client may be, but is not limited to, various personal computers, laptops, smartphones, tablets, and portable wearable devices. The server may be implemented as a stand-alone server or as a server cluster consisting of a plurality of servers.
Aiming at the problem that the existing trust subsystems are independent from each other and can not jump quickly, the invention provides a processing method of a trust system, which displays page marks of a plurality of trust subsystems in the trust system on a page of a trust platform, and can jump to page contents corresponding to the page marks of each trust subsystem quickly only by logging in a certain trust subsystem in the trust system for the first time.
In an embodiment, as shown in fig. 2, a processing method of a trusted system is provided, which is described by taking the method as an example applied to the server in fig. 1, and includes the following steps:
step S10, when receiving a page mark request sent by a client for accessing a display area of a first trusted subsystem, detecting whether the client logs in, where the display area of the first trusted subsystem is any one of a plurality of display areas of the trusted subsystem included in a trusted platform page in the trusted system, and each display area of the trusted subsystem includes a plurality of page marks.
The page mark is a specific title of different display interfaces in the trusted subsystem, specific content in the interface represented by the page mark is checked through the page mark, and when a user clicks the page mark of a certain trusted subsystem through a client, the page mark is regarded as receiving a page mark request for accessing the trusted subsystem, wherein the page mark request is sent by the client.
Specifically, a trusted platform page refers to a platform that integrates multiple independent trusted subsystems, and page content corresponding to page tags of different independent trusted subsystems on the trusted platform page can be directly accessed through the trusted platform page. For example, a loan trust system, a rights and interests trust system and a financing lease trust system are integrated to form a trust platform page, the trust platform page can be developed into an integrated application platform APP, and the integrated application platform APP can be accessed through a terminal or the trust platform page can be accessed through a website link. The method comprises the steps that a page of a trusted platform comprises a plurality of trusted subsystem display areas, each display area comprises a plurality of page marks, the content of the page of the trusted platform is displayed through a client, the page marks of the display areas of the trusted subsystems are accessed, and a server receives an access request sent by the client and detects whether the client logs in. As an implementation mode, the page of the trusted platform integrates information of each trusted subsystem in a server for centralized management, the page of the trusted platform comprises a storage unit, a display management unit, an operation authority management unit and the like for managing each trusted subsystem, the page of the trusted platform is also integrated with an operation menu of each trusted subsystem, and the page mark of each independent trusted subsystem in the page display area of the trusted platform is accessed through the operation menu. The client is a program which corresponds to the server and provides local service for the client, and the server receives an access request sent by the client and carries out corresponding jump.
Further, by displaying a trusted platform page on the client, the trusted platform page comprises a plurality of trusted subsystem display areas, each trusted subsystem display area comprises a plurality of page marks, when a certain trusted subsystem is selected on the trusted platform page through an operation menu, the trusted subsystem is displayed in a flashing mode on the trusted platform page and the font is thickened, other trusted subsystems are kept static and the font is normal, the client can know the accessed page mark of the certain trusted subsystem clearly and detect the login state of the client, and at the moment, the login state of the client needs to be detected in order to determine whether the content of the page mark is displayed or not, and the login state of the client comprises a logged-in state and a logged-out state. As an implementation manner, the operation authority management unit in the trusted platform page includes login state information of the client, and whether the client logs in is determined according to the stored login state information. Through the steps, the integration of a plurality of trusted subsystems on the page of the trusted platform is realized, and the page mark of each trusted subsystem is displayed.
Step S20, when detecting that the client end is not logged in, receiving the login information sent by the client end, and sending the login information sent by the client end to an authentication center in the trust system for verification; and when receiving an authorization identifier which is sent by the authentication center and represents that the authentication is successful, sending page content of a page mark corresponding to the display area of the first trust subsystem to the client so that the client displays a page corresponding to the first trust subsystem.
The authorization identifier refers to an identifier for allowing the client to perform page access.
Specifically, a client selects a page mark of a certain trusted subsystem of the trusted platform through an operation menu, when the client is detected not to log in, a login interface is displayed, login information input by the client on the login interface is sent to an authentication center, the authentication center verifies the received login information and creates an authorization identifier, the authorization identifier is a string of random characters and can be generated in the existing mode, the authentication center also verifies the validity of the login information, and the authorization identifier is created when the login information passes the validity of account number and password information. Where a first trusted subsystem is a particular one of the trusted platform pages, "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
Further, when the client needs to know the content in the page mark of the first trusted system in the page display area of the trusted platform, the page mark of the first trusted subsystem is selected through the page operation menu, the login state of the client is detected, when the client is detected not to log in, a login interface is displayed, login information sent by the client is received, and the authentication center completes the identity authentication of the client logging in the page of the trusted platform for the first time, and the process comprises the following steps: receiving an account and a login password sent by a client, authenticating and detecting whether the account and the login password are completely and correspondingly consistent with an account and a login password saved during user registration, and if the account and the login password are completely and correspondingly consistent, successfully authenticating the identity of the user; otherwise, authentication fails. When the user identity authentication is successful, an authorization identifier is created, and when the authentication is failed, the user returns to the login interface again to log in again. The method includes that a server receives an authorization identifier sent by an authentication center and sends page content of a page mark corresponding to a display area of a first trusted subsystem to a client, so that the client displays a page corresponding to the first trusted subsystem, and specifically includes: and when the authentication center judges that the authorization identifier is valid, the page content of the page mark in the display area of the first trusted subsystem is displayed. The login information sent by the client is verified through the authentication center, the page content of the page mark of the trusted subsystem is displayed through the login information, and the implementation method is simple and quick.
Step S30, when the client is detected to be logged in, sending the page content of the page mark corresponding to the display area of the first trusted subsystem to the client, so that the client displays the page corresponding to the first trusted subsystem.
Specifically, the client logs in when the client is detected to have logged in, for example, when the content of the page mark of the first trusted subsystem is accessed, or when the content of the page marks of other trusted subsystems in the page of the trusted platform is accessed. And when the client is detected to be logged in, receiving the page mark content of the access trusting subsystem sent by the client, and displaying the content corresponding to the page mark of the display area of the trusting subsystem at the client. For example, the client accesses the page content of the page mark of the first trusted subsystem display area, and when the client detects that the client accesses any trusted subsystem page mark in the trusted platform page and logs in, the client directly displays the page content corresponding to the page mark of the selected first trusted subsystem display area.
More specifically, the address of the first trust subsystem is sent to the authentication center, when the authentication center detects that the login state of the client is logged in, the first trust subsystem is jumped to according to the address parameter of the first trust subsystem and is attached with an authorization identifier of the authentication center, the first trust subsystem sends the authorization identifier to the authentication center, and when the authentication center verifies that the authorization identifier is valid, the first trust subsystem jumps to a content interface of a page mark of the first trust subsystem. When the client is detected to be logged in, the page mark of each trust subsystem in the page of the trust platform is accessed, the client does not need to be logged in again, and the page content of the page mark of the selected trust subsystem display area is directly sent to the client. For example, when a page mark request sent by the client to access the display area of the second trusted subsystem is received, and the client logs in when the page content of the page mark of the first trusted subsystem is accessed, the content of the page mark of the display area of the second trusted subsystem is directly sent to the client. Specifically, the address of the second trusted subsystem is sent to the authentication center, when the login state of the client is detected to be logged in, the client jumps to the second trusted subsystem according to the address parameters and attaches an authorization identifier of the authentication center, and when the authentication center verifies that the authorization identifier is valid, the client jumps to a content interface of a page mark of the second trusted subsystem. The page marks of the display areas of the trusted subsystems are quickly checked through the page of the trusted platform, the fact that the client logs in is detected, and the login operation is not needed when the content of the page marks of other trusted subsystems is accessed.
As an implementation manner, the page content in the access page mark is displayed differently according to different login information, for example, when the login information is an internal account number and the specific content in the page mark is accessed, the specific content can be edited, such as modified, added and deleted, by storing the operation, the content in the page mark of the trusted subsystem is refreshed, and the modified content is displayed; and when the login information is an external account and specific content in the page mark is accessed, displaying the content corresponding to the page mark, and determining the information content which is allowed to be accessed by the client through the user login information. The page content corresponding to the page mark of the page of the trusted platform is displayed differently according to different login information, so that the page content corresponding to the page mark can be edited in real time.
In step S40, when a logout instruction sent by the client is received, the content of the trusted platform page is sent to the client so that the client displays the trusted platform page.
Wherein, the logout refers to the content of the page mark of the first trusting subsystem is quitted.
Specifically, when the client needs to quit the current page, a login instruction is sent to the server, specifically, the login instruction can be sent according to an operation button displayed by the page of the trusted platform or other login modes, the content of the page of the trusted platform is sent to the client, the page of the trusted platform is displayed on the client, and the client can access the page according to the page mark of each trusted subsystem of the page of the trusted platform.
S10-S40, a page of the trust system platform comprises display areas of a plurality of trust subsystems, and when a page mark request which is sent by a client and used for accessing the display area of the first trust subsystem is received, whether the client logs in is detected, so that the page content of each trust subsystem in the trust system can be accessed quickly according to the page mark; when the client is detected not to be logged in, receiving login information sent by the client, and sending the login information sent by the client to an authentication center in a trusted system for verification; when receiving an authorization identifier which is sent by an authentication center and represents successful authentication, sending page content of a page mark corresponding to a display area of a first trust subsystem to a client so that the client displays a page corresponding to the first trust subsystem, realizing rapid login and accessing; when the client is detected to be logged in, sending page content of the page mark corresponding to the display area of the first trust subsystem to the client, so that the client displays a page corresponding to the first trust subsystem, the client logs in a trust system platform, and accesses the content corresponding to the page mark of each trust subsystem of the trust system platform; when a logout instruction sent by the client is received, the content of the trusted platform page is sent to the client so that the client displays the trusted platform page, the logout of the trusted subsystems is realized, and the trusted platform page is displayed so as to access each trusted subsystem of the trusted platform page.
In an embodiment, as shown in fig. 3, in step S10, that is, whether the client logs in is detected, which specifically includes the following steps:
step S101, detecting address parameters of the page mark request of the display area of the first trusted subsystem, and judging whether the address parameters include an authorization identifier corresponding to the client.
Specifically, a page mark request of a first trust subsystem display area sent by a client is received, and address parameters of the page request are obtained, wherein the address parameters comprise a website domain name, an IP (Internet protocol), a port number and the like. The address parameters comprise authorization identifiers, and whether the client logs in or not is judged according to the authorization identifiers in the address parameters. The authorization identifier is a string of random characters as long as the authorization identifier is not repeated and is not easy to forge, for example, a string of characters is composed of letters and data, and the authorization identifier is created when the authentication center verifies that the login information sent by the client is valid.
And step S102, when the address parameter comprises an authorization identifier corresponding to the client, judging that the client logs in.
Specifically, when the address parameter of the page request includes an authorization identifier corresponding to the client, it is determined that the client has logged in, it may be understood that the address parameter is arranged in a fixed form, the authorization identifier may be arranged after a website domain name, an IP, and a port number, and an authorization identifier position in the address parameter is directly obtained, and if the authorization identifier position in the address parameter includes the authorization identifier, it is determined that the client has logged in.
Step S103, when the address parameter does not include the authorization identification corresponding to the client, the client is judged not to be logged in.
Specifically, when the address parameter of the page request does not include the authorization identifier corresponding to the client, it can be understood that the address parameter only includes the website domain name, the IP, the port number, and the content of the request, and does not include the authorization identifier, it is determined that the client is not logged in.
And S101-S103, detecting whether the address parameter of the page mark request for accessing the display area of the trusted subsystem contains an authorization identifier, and quickly judging whether the client is logged in.
In an embodiment, as shown in fig. 4, in step S20, after receiving an authorization identifier sent by the authentication center and indicating that the authentication is successful, the processing method of the trusted system further includes the following steps:
step S201, obtaining an authorization identifier, forming a corresponding relation between the client and the authorization identifier, and sending the authorization identifier to each trust subsystem in the trust system through an address bar in a mode of taking socket as a parameter name.
Specifically, the client sends login information, the authentication center successfully authenticates, an authorization identifier is created for each successfully authenticated client, the authorization identifier is sent to the server, and when the server receives the authorization identifier which represents the successful authentication and is sent by the authentication center, the client and the authorization identifier form a corresponding relationship, for example, the client 1 and the authorization identifier ST-XXXX-XXX created by the authentication center form a corresponding relationship. And sending the authorization identifier to each trusted subsystem in the page of the trusted platform through an address bar in a way that Ticket is used as a parameter name, wherein the address parameter of each trusted subsystem is provided with the authorization identifier which is used as the parameter name, such as http:// xtxt? And when the client accesses the content of the page mark to a trusted subsystem in the trusted platform page, the address parameter requested by the client page mark comprises the corresponding Ticket (ST-XXXX-XXX).
Step S202, receiving a page mark request sent by a client, and setting the access right of each trusting subsystem in the trusting system to be in a release state according to the corresponding relation.
Specifically, when a client accesses a page mark of a certain trusted subsystem of a trusted platform page, the server sets the access right of each trusted subsystem in the trusted system to be in a release state according to the corresponding relation between the client and the authorization identifier by receiving a page mark request sent by the client, and does not need a client to perform login operation.
Step S201-S202, forming a corresponding relation between the client and the authorization identifier, wherein the address parameter of the client comprises the corresponding authorization identifier, when the client sends a page mark request, the access right of each trusteeship in the trusteeship system is in a release state, the client does not need to log in again, and the page jumps to the page content corresponding to the page mark in the display area of any trusteeship subsystem according to the page of the trusteeship platform, thereby solving the problems that the accessed trusteeship subsystem needs to be logged in again when the content of the page mark of another trusteeship subsystem is accessed, and the quick jump cannot be realized among the trusteeships.
In an embodiment, in step S40, that is, when the logout instruction sent by the client is received, the content of the trusted platform page is sent to the client, so that the client displays the trusted platform page, which specifically includes the following steps:
and when a command of logging out the first trust subsystem sent by the client is received, logging out an authorization identifier which takes socket as a parameter name in an address bar of the first trust system, and displaying a page of the trust platform.
The client accesses the content of the page mark of the display area of the page of the trusted platform according to the authorization mark in the address parameter of the trusted subsystem when the client can display the content of the page mark of the display area of other trusted subsystems through the page of the trusted platform.
In an embodiment, in step S10, before the first trusting sub-system display area is any one of a plurality of trusting sub-system display areas included in a trusting platform page in a trusting system, and each trusting sub-system display area includes a plurality of page marks, the method further includes the following steps:
and establishing an account number association list of the trusted subsystem in the authentication center.
The account association list is used for associating login information used when a trusted platform page is logged in.
Specifically, the account number of the trusted subsystem is correlated, and when the trusted subsystem is logged in, certain login information is matched, and the authentication is successful. As an implementation manner, the client has a plurality of login information, the login is performed through an account number + password and the like during the login, the account number can include a mailbox, a mobile phone number and the like, after the login, the account number is prevented from being forgotten, the account number can be set as a user name, specifically, through attribute setting, the account number + password and the user name + password are automatically matched and verified, and an account association list is established, wherein the password in the account number + password and the user name + password is the same. Through the steps, the trusted platform page is logged in through different login information.
As another embodiment, when the client does not log in the trusted subsystem through the trusted platform page, the plurality of trusted subsystems have a plurality of corresponding login information, and by associating the login information of the same client included in the trusted system, when the client logs in the trusted subsystem through the trusted platform page, a certain login information is matched, and the authentication is successful. Specifically, the same client is determined by a client ID, which may be information for identifying a unique client, such as a telephone number or an identification number.
In step S20, receiving the login information sent by the client, and sending the login information sent by the client to an authentication center in the trusted system for verification, the method includes:
and sending the login information sent by the client to an authentication center, and judging that the identity authentication of the client is successful when the login information is found in the account association list.
Specifically, the login information sent by the client is searched for in an account association list, wherein the login information sent by the client is an account + a password when a trusted platform page is registered, or can be an associated user name + a password, when the login information is searched for in the account association list through an authentication center, the client is judged to be successfully authenticated, and the login information can be one of the associated accounts.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In an embodiment, a processing device of a trusted system is provided, and the processing device of the trusted system corresponds to the processing method of the trusted system in the above embodiment one to one. As shown in fig. 5, the processing means of the trusted system comprises a trusted platform page display module 10, a trusted platform login module 20, a trusted platform page access module 30 and a logout module 40.
The trusted platform page display module 10 is configured to detect whether a client logs in when receiving a page flag request sent by the client for accessing a display area of a first trusted subsystem, where the display area of the first trusted subsystem is any one of a plurality of display areas of the trusted subsystem included in a trusted platform page in a trusted system, and each display area of the trusted subsystem includes a plurality of page flags.
The trusted platform login module 20 is used for receiving login information sent by the client when the client is detected not to be logged in, and sending the login information sent by the client to an authentication center in the trusted system for verification; and when receiving an authorization identifier which is sent by the authentication center and represents that the authentication is successful, sending page content of a page mark corresponding to the display area of the first trust subsystem to the client so that the client displays a page corresponding to the first trust subsystem.
The trusted platform page access module 30 is configured to send, to the client, page content of a page flag corresponding to the display area of the first trusted subsystem when it is detected that the client logs in, so that the client displays a page corresponding to the first trusted subsystem.
And the logout module 40 is used for sending the content of the trusted platform page to the client when a logout instruction sent by the client is received, so that the client displays the trusted platform page.
Preferably, the trusted platform page display module 10 comprises an address parameter processing unit 101, a first decision unit 102 and a second decision unit 103.
The address parameter processing unit 101 is configured to detect an address parameter of a page mark request in a display area of the first trusted subsystem, and determine whether the address parameter includes an authorization identifier corresponding to the client.
A first determining unit 102, configured to determine that the client has logged in when the address parameter includes an authorization identifier corresponding to the client.
The second determination unit 103 is configured to determine that the client is not logged in when the address parameter does not include the authorization identifier corresponding to the client.
Preferably, the trusted platform login module 20 comprises an authorization identifier configuration unit 201 and a setting unit 202.
And the authorization identifier configuration unit 201 is configured to obtain an authorization identifier, form a corresponding relationship between the client and the authorization identifier, and send the authorization identifier to each trusted subsystem in the trusted system through an address bar in a manner that Ticket is a parameter name.
A setting unit 202, configured to receive a page flag request sent by a client, and set an access right of each trusted subsystem in the trusted system to a release state according to the correspondence.
Preferably, the logout module 40 specifically includes, when receiving a logout instruction of the first trusted subsystem sent by the client, logging out the authorization identifier with Ticket as a parameter name in the address bar of the first trusted system, and displaying a trusted platform page.
Preferably, the processing means of the trusted system further comprises establishing an account association list of trusted subsystems at the authentication center.
The trusted platform login module 20 sends login information sent by the client to the authentication center, and when the login information is found in the account association list, the identity authentication of the client is judged to be successful.
For specific limitations of the handling means of the trusted system, reference may be made to the above limitations of the handling means of the trusted system, which are not described in detail herein. The various modules in the processing means of the above-described trusted system may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In an embodiment, a computer-readable storage medium is provided, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements a processing method of a trusted system, and in order to avoid redundancy, the details are not repeated herein. Alternatively, the computer program is executed by the processor to implement the functions of each module/unit in the processing apparatus of the central trusted system, and is not described herein again to avoid redundancy.
It is to be understood that the computer-readable storage medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, and the like.
In one embodiment, fig. 6 is a schematic diagram of a computer device according to an embodiment of the present invention. As shown in fig. 6, the terminal device computer device 60 of this embodiment includes: a processor 63, a memory 61, and a computer program 62 stored in the memory 61 and executable on the processor 63. The steps of the processing method of the above-described trusted system, such as steps S10 to S40 shown in fig. 2, are implemented when the processor 63 executes the computer program 62. Alternatively, the processor 63, when executing the computer program 62, implements the functionality of the various modules/units in the various system embodiments described above, such as the functionality of the trusted platform page display module 10, the trusted platform login module 20, the trusted platform page access module 30 and the logout module 4 in the processing means of the trusted system shown in fig. 5.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims (8)

1. A method of handling a trusted system, the method comprising:
when a page mark request which is sent by a client and used for accessing a first trusting subsystem display area is received, whether the client logs in is detected, the first trusting subsystem display area is any one of a plurality of trusting subsystem display areas contained in a trusting platform page in a trusting system, and each trusting subsystem display area comprises a plurality of page marks;
when the client is detected not to log in, receiving login information sent by the client, and sending the login information sent by the client to an authentication center in the trusted system for verification; when receiving an authorization identifier which is sent by the authentication center and represents that authentication is successful, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client so that the client displays a page corresponding to the first trusted subsystem;
when the client is detected to be logged in, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client, so that the client displays a page corresponding to the first trusted subsystem;
when a logout instruction sent by the client is received, sending the content of the trusted platform page to the client so that the client displays the trusted platform page;
after receiving the authorization identifier sent by the authentication center and representing successful authentication, the processing method of the trust system further comprises:
acquiring the authorization identifier, forming a corresponding relation between the client and the authorization identifier, and sending the authorization identifier to each trust subsystem in the trust system through an address bar in a way that a packet is a parameter name;
and receiving a page mark request sent by the client, and setting the access right of each trusted subsystem in the trusted system to be in a release state according to the corresponding relation.
2. A method of handling a trusted system as claimed in claim 1, wherein said detecting whether said client is logged in comprises:
detecting address parameters of a page mark request of a display area of the first trusted subsystem, and judging whether the address parameters comprise an authorization identifier corresponding to the client;
when the address parameter comprises an authorization identifier corresponding to the client, judging that the client logs in;
and when the address parameter does not comprise an authorization identifier corresponding to the client, judging that the client is not logged in.
3. A method of processing a trusted system as claimed in claim 1, wherein said sending the contents of said trusted platform page to said client upon receiving a logout instruction sent by said client to cause said client to display said trusted platform page comprises:
and when a command for logging out the first trusted subsystem, sent by the client, is received, logging out an authorization identifier which takes socket as a parameter name in an address bar of the first trusted subsystem, and displaying a page of a trusted platform.
4. A method of handling a trusted system as claimed in claim 1, wherein before said first trusted subsystem display area is any one of a plurality of trusted subsystem display areas contained in a trusted platform page in said trusted system, each of said trusted subsystem display areas including a plurality of page tags, said method of handling a trusted system further comprises:
establishing an account number association list of the trusted subsystem in the authentication center;
the receiving the login information sent by the client and sending the login information sent by the client to an authentication center in the trust system for verification comprises the following steps:
and sending the login information sent by the client to the authentication center, and judging that the identity authentication of the client is successful when the login information is found in the account association list.
5. A processing apparatus of a trusted system, characterized in that the processing apparatus of the trusted system comprises:
the system comprises a trusted platform page display module, a trusted platform page display module and a trusted platform server, wherein the trusted platform page display module is used for detecting whether a client logs in or not when receiving a page mark request which is sent by the client and used for accessing a first trusted subsystem display area, the first trusted subsystem display area is any one of a plurality of trusted subsystem display areas contained in a trusted platform page in a trusted system, and each trusted subsystem display area comprises a plurality of page marks;
the trusted platform login module is used for receiving login information sent by the client when the client is detected not to be logged in, and sending the login information sent by the client to an authentication center in the trusted system for verification; when receiving an authorization identifier which is sent by the authentication center and represents that authentication is successful, sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client so that the client displays a page corresponding to the first trusted subsystem;
the trusted platform page access module is used for sending page content of a page mark corresponding to a display area of the first trusted subsystem to the client when the client is detected to be logged in so that the client can display a page corresponding to the first trusted subsystem;
a logout module, configured to send, to the client, content of the trusted platform page when a logout instruction sent by the client is received, so that the client displays the trusted platform page;
the trusted platform login module comprises:
the authorization identifier configuration unit is used for acquiring the authorization identifier, forming a corresponding relation between the client and the authorization identifier, and sending the authorization identifier to each trust subsystem in the trust system through an address bar in a way of taking socket as a parameter name;
and the setting unit is used for receiving the page mark request sent by the client and setting the access right of each trusting subsystem in the trusting system to be in a release state according to the corresponding relation.
6. A processing apparatus for a trusted system as claimed in claim 5, wherein said trusted platform page display module further comprises:
the address parameter processing unit is used for detecting the address parameter of the page mark request of the display area of the first trusted subsystem and judging whether the address parameter comprises an authorization identifier corresponding to the client;
the first judgment unit is used for judging that the client logs in when the address parameter comprises an authorization identifier corresponding to the client;
and the second judging unit is used for judging that the client side is not logged in when the address parameter does not comprise an authorization identifier corresponding to the client side.
7. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 4 are implemented when the computer program is executed by the processor.
8. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
CN201810435842.8A 2018-05-09 2018-05-09 Processing method and device of trust system, computer equipment and storage medium Active CN108737398B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810435842.8A CN108737398B (en) 2018-05-09 2018-05-09 Processing method and device of trust system, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810435842.8A CN108737398B (en) 2018-05-09 2018-05-09 Processing method and device of trust system, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN108737398A CN108737398A (en) 2018-11-02
CN108737398B true CN108737398B (en) 2022-04-26

Family

ID=63938131

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810435842.8A Active CN108737398B (en) 2018-05-09 2018-05-09 Processing method and device of trust system, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN108737398B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110347457A (en) * 2019-05-31 2019-10-18 深圳壹账通智能科技有限公司 Method for page jump, device, storage medium and computer equipment
CN112579313A (en) * 2019-09-30 2021-03-30 北京国双科技有限公司 Method and device for docking system, storage medium and electronic equipment
CN110806916B (en) * 2019-11-05 2024-01-26 北京金和网络股份有限公司 Method and system for realizing personalized login page of each tenant of SAAS platform
CN113779528A (en) * 2021-09-16 2021-12-10 平安信托有限责任公司 Multi-system front-end page integration method, device, equipment and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989910A (en) * 2010-12-22 2011-03-23 北京安天电子设备有限公司 Multi-system authentication method, device and system
CN104065616A (en) * 2013-03-20 2014-09-24 中国移动通信集团公司 Single sign-on method and system
CN104144167A (en) * 2014-08-15 2014-11-12 深圳市蜂联科技有限公司 User login authentication method of open intelligent gateway platform
CN104378376A (en) * 2014-11-18 2015-02-25 深圳中兴网信科技有限公司 SOA-based single-point login method, authentication server and browser
CN107483437A (en) * 2017-08-14 2017-12-15 深圳市华傲数据技术有限公司 A kind of user's unified login management method and device
CN107888568A (en) * 2017-10-23 2018-04-06 广州星耀悦教育科技有限公司 Unified identity authentication data managing method, electronic equipment, storage medium and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989910A (en) * 2010-12-22 2011-03-23 北京安天电子设备有限公司 Multi-system authentication method, device and system
CN104065616A (en) * 2013-03-20 2014-09-24 中国移动通信集团公司 Single sign-on method and system
CN104144167A (en) * 2014-08-15 2014-11-12 深圳市蜂联科技有限公司 User login authentication method of open intelligent gateway platform
CN104378376A (en) * 2014-11-18 2015-02-25 深圳中兴网信科技有限公司 SOA-based single-point login method, authentication server and browser
CN107483437A (en) * 2017-08-14 2017-12-15 深圳市华傲数据技术有限公司 A kind of user's unified login management method and device
CN107888568A (en) * 2017-10-23 2018-04-06 广州星耀悦教育科技有限公司 Unified identity authentication data managing method, electronic equipment, storage medium and system

Also Published As

Publication number Publication date
CN108737398A (en) 2018-11-02

Similar Documents

Publication Publication Date Title
US11381550B2 (en) Account management using a portable data store
CN108737398B (en) Processing method and device of trust system, computer equipment and storage medium
US9660982B2 (en) Reset and recovery of managed security credentials
US8776194B2 (en) Authentication management services
CN110381031B (en) Single sign-on method, device, equipment and computer readable storage medium
US8745705B2 (en) Account management for multiple network sites
CN108494799B (en) Data sharing method and system
EP2810226B1 (en) Account management for multiple network sites
CN104917716B (en) Page security management method and device
CN111131242A (en) Authority control method, device and system
US20130198823A1 (en) Presenting Managed Security Credentials to Network Sites
CN104025539A (en) Methods And Apparatus To Facilitate Single Sign-On Services
SG189085A1 (en) User account recovery
CN113132402B (en) Single sign-on method and system
CN109088884B (en) Website access method, device, server and storage medium based on identity authentication
CN112800411A (en) Multi-protocol and multi-mode supporting safe and reliable identity authentication method and device
CN111339524A (en) Multi-tenant permission control method and device
CN111241523B (en) Authentication processing method, device, equipment and storage medium
CN107819639B (en) Test method and device
CN109829321B (en) Method, device, equipment and storage medium for authenticating identity
CN114139135A (en) Equipment login management method, device and storage medium
CN113114623B (en) Data connection method, device, terminal equipment and computer readable storage medium
CN107770143B (en) Method and device for verifying client validity
US20080022004A1 (en) Method And System For Providing Resources By Using Virtual Path
CN112929388A (en) Network identity cross-device application rapid authentication method and system, and user agent device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant