CN108763889A - A kind of login validation method, device, equipment and readable storage medium storing program for executing - Google Patents
A kind of login validation method, device, equipment and readable storage medium storing program for executing Download PDFInfo
- Publication number
- CN108763889A CN108763889A CN201810550572.5A CN201810550572A CN108763889A CN 108763889 A CN108763889 A CN 108763889A CN 201810550572 A CN201810550572 A CN 201810550572A CN 108763889 A CN108763889 A CN 108763889A
- Authority
- CN
- China
- Prior art keywords
- user
- login
- login authentication
- target user
- failure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of login validation methods, and this approach includes the following steps:When getting the login authentication request of target user's transmission, the user login validation failure record file under specified configuration file directory is read;Search and judge in target user's login authentication failure record file the whether login authentication failure record of carrying target user;If recorded, preset condition is utilized, determines whether target user has login authentication qualification;If do not recorded, directly determine that target user has login authentication qualification;If target user has login authentication qualification, login authentication request is handled using the user data in presetting database.While solving disabled user's Brute Force user name password using user login validation failure file, the access times to database can be also reduced.Login authentication efficiency is improved, user experience is promoted.The invention also discloses a kind of login authentication device, equipment and readable storage medium storing program for executing, have corresponding technique effect.
Description
Technical field
The present invention relates to safeguard technology field, more particularly to a kind of login validation method, device, equipment and readable
Storage medium.
Background technology
In order to reinforce the verification of user identity legitimacy, more and more GUI (graphic user interface, Graphical
User Interface) software to user login validation be added to differentiate failure handling function, to prevent disabled user's violence
User name password is cracked, system or user information are damaged.
Existing, disabled user's Brute Force user name password, increases in database user information table and uses in order to prevent
Family login record, when each user initiates logging request, to be recorded using these, to prevent disabled user's Brute Force from using
Name in an account book password.In this way, just leading to that continually the data in database are accessed and handled, can cause under database performance
Drop.Especially when user's sign-on access amount is larger, database performance is also deteriorated therewith, data base querying occurs, and renewal speed is slow,
And then cause user identity legitimacy verifies slack-off, influence user experience.
In conclusion the problems such as how effectively improving user login validation efficiency, is that current those skilled in the art are anxious
The technical issues of need to solving.
Invention content
The object of the present invention is to provide a kind of login validation method, device, equipment and readable storage medium storing program for executing, to improve user
The efficiency of login authentication promotes user experience.
In order to solve the above technical problems, the present invention provides the following technical solutions:
A kind of login validation method, including:
When getting the login authentication request of target user's transmission, the user read under specified configuration file directory logs in
Authentication failed records file;
It searches and judges whether recorded the target user's in target user's login authentication failure record file
Login authentication failure record;
If recorded, preset condition is utilized, determines whether the target user has login authentication qualification;
If do not recorded, directly determine that the target user has the login authentication qualification;
If the target user has the login authentication qualification, using the user data in presetting database to described
Login authentication request is handled;Wherein, the user data includes the login authentication information of validated user.
Preferably, before the user login validation failure record file under the reading specified configuration file directory, also
Including:
User login validation failure record file is imported under specified configuration file directory;Wherein, the user logs in
The login authentication frequency of failure of login authentication failure user, newest authentication failed time have been recorded in verification record file.
Preferably, described to utilize preset condition, determine whether the target user has login authentication qualification, including:
Read the login authentication frequency of failure of the target user, and judge the login authentication frequency of failure whether be more than
Predetermined threshold value;
If it does, then utilizing the newest authentication failed time of the target user, judge that the login authentication request is
It is no to belong to except the default account locking period, and when belonging to except the default account locking period, determine that the target is used
Family has login authentication qualification;
If be less than, it is determined that the target user has login authentication qualification.
Preferably, the user data using in presetting database handles login authentication request, including:
When login authentication fails, then the target is updated or added in the user login validation failure record file
The login authentication failure record of user.
Preferably, the user data using in presetting database handles login authentication request, including:
When login authentication success, the login authentication failure record of the target user is lost from the user login validation
It loses in record file and deletes.
A kind of login authentication device, including:
File read module, for when getting the login authentication request of target user's transmission, reading specified configuration text
User login validation failure record file under part catalogue;
Login authentication failure record searches judgment module, for searching and judging that target user's login authentication is unsuccessfully remembered
Whether the login authentication failure record of the target user has been recorded in record file;
Login authentication qualification determining module, if for having recorded institute in target user's login authentication failure record file
The login authentication failure record of target user is stated, then utilizes preset condition, determines whether the target user has login authentication
Qualification;If the login authentication failure record of the target user is not recorded in the user login validation failure record file,
Directly determine that the target user has the login authentication qualification;
Login authentication request processing module, if there is the login authentication qualification for the target user, using in advance
If the user data in database handles login authentication request;Wherein, the user data includes validated user
Login authentication information.
Preferably, further include:
User login validation failure record file import modul, for the use under the reading specified configuration file directory
Before the login authentication failure record file of family, user login validation failure record file is imported into specified configuration file directory
Under;Wherein, the login authentication frequency of failure, most of login authentication failure user has been recorded in user login validation record file
The new authentication failed time.
Preferably, login authentication request processing module is specifically used for when login authentication fails, then is logged in the user
The login authentication failure record of the target user is updated or added in authentication failed record file.
A kind of login authentication equipment, including:
Memory, for storing computer program;
Processor, the step of above-mentioned login validation method is realized when for executing the computer program.
A kind of readable storage medium storing program for executing is stored with computer program, the computer program quilt on the readable storage medium storing program for executing
The step of processor realizes above-mentioned login validation method when executing.
The method provided using the embodiment of the present invention is read when getting the login authentication request of target user's transmission
Fetching determines the user login validation failure record file under configuration file catalogue;It searches and judges that target user's login authentication fails
Record the login authentication failure record of whether carrying target user in file;If recorded, preset condition is utilized, is determined
Whether target user has login authentication qualification;If do not recorded, directly determine that target user has login authentication qualification;If
Target user has login authentication qualification, then is handled login authentication request using the user data in presetting database;
Wherein, user data includes the login authentication information of validated user.Before handling login authentication request, first with finger
Determine the user login validation failure record file under configuration file catalogue, determines whether target user has login authentication money
Lattice.Only when it is with login authentication qualification, the login authentication request of target user is handled using presetting database.?
That is while solving disabled user's Brute Force user name cryptographic problem using user login validation failure file, also
The access times to database can be reduced.The verification efficiency to validated user is improved, user experience is promoted.
Correspondingly, the embodiment of the present invention additionally provides login authentication device corresponding with above-mentioned login validation method, sets
Standby and readable storage medium storing program for executing, has above-mentioned technique effect, and details are not described herein.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
Obtain other attached drawings according to these attached drawings.
Fig. 1 is a kind of implementing procedure figure of login validation method in the embodiment of the present invention;
Fig. 2 is the flow chart of another login validation method in the embodiment of the present invention;
Fig. 3 is a kind of concrete application flow diagram of login validation method in the embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of login authentication device in the embodiment of the present invention;
Fig. 5 is a kind of structural schematic diagram of login authentication equipment in the embodiment of the present invention.
Specific implementation mode
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.Obviously, described embodiments are only a part of the embodiments of the present invention, rather than
Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, shall fall within the protection scope of the present invention.
Embodiment one:
Referring to FIG. 1, Fig. 1 is a kind of flow chart of login validation method in the embodiment of the present invention, this method includes following
Step:
S101, when get target user transmission login authentication request when, read specified configuration file directory under use
Family login authentication failure record file.
Target user can send login authentication request by gui software or order line terminal, be asked in the Sign-On authentication
In may include user name (or account) and authentication information (such as password).When the login authentication for getting target user's transmission
When request, the user login validation failure file under specified configuration file directory can be read.Specifically, user login validation loses
Lose the record information that file is the user login validation failure for having recorded designated software system.For example, user's login can be recorded
The information such as the reason of number of failure, time of login failure, login failure.
Whether S102 searches and judges in target user's login authentication failure record file the login of carrying target user
Authentication failed records.
It, can be by searching for traversal user login validation failure file after reading user login validation failure file
In login failed for user record, it is determined whether there are target users whether login authentication failure record.If there is login
Authentication failed records, then enters step S103, unsuccessfully recorded if there is no login authentication, then enter step S104.
S103, using preset condition, determine whether target user has login authentication qualification.
In the present embodiment, it can pre-set for judging whether user has the condition of login authentication qualification.This is pre-
If the particular content of condition can predefine, it can also be confirmed and be adjusted according to actual conditions, not limited herein.
When the login failure for having recorded target user in user login validation failure record file verifies record, Ke Yili
With preset condition, determine whether target user has login authentication qualification.
S104, directly determine that target user has login authentication qualification.
When the login failure of non-carrying target user verifies record in user login validation fails file, it is believed that mesh
The suspicion that Brute Force is not present in user is marked, at this time, it is believed that target user has login authentication qualification.
If S105, target user have login authentication qualification, login is tested using the user data in presetting database
Card request is handled.
Wherein, user data includes the login authentication information of validated user.
After determining that target user has login authentication qualification, then the user data pair in presetting database can be utilized
Login authentication request is handled.Wherein, presetting database includes the login authentication information of validated user, that is to say, that profit
The login authentication of target user can be asked with these login authentication informations to carry out judgement processing, finally determine whether to enable target
User successfully logs in.
The method provided using the embodiment of the present invention is read when getting the login authentication request of target user's transmission
Fetching determines the user login validation failure record file under configuration file catalogue;It searches and judges that target user's login authentication fails
Record the login authentication failure record of whether carrying target user in file;If recorded, preset condition is utilized, is determined
Whether target user has login authentication qualification;If do not recorded, directly determine that target user has login authentication qualification;If
Target user has login authentication qualification, then is handled login authentication request using the user data in presetting database;
Wherein, user data includes the login authentication information of validated user.Before handling login authentication request, first with finger
Determine the user login validation failure record file under configuration file catalogue, determines whether target user has login authentication money
Lattice.Only when it is with login authentication qualification, the login authentication request of target user is handled using presetting database.?
That is while solving disabled user's Brute Force user name cryptographic problem using user login validation failure file, also
The access times to database can be reduced.The verification efficiency to validated user is improved, user experience is promoted.
It should be noted that being based on above-described embodiment one, the embodiment of the present invention additionally provides the scheme of being correspondingly improved.Rear
Involved in continuous embodiment with can mutually be referred between same steps or corresponding steps in above-described embodiment one, corresponding advantageous effect
Also can be cross-referenced, it is no longer repeated one by one in improvement embodiment below.
Embodiment two:
Referring to FIG. 2, Fig. 2 is the flow chart of another login validation method in the embodiment of the present invention, this method include with
Lower step:
S201, user login validation failure record file is imported under specified configuration file directory.
Wherein, user login validation record file in recorded login authentication failure user the login authentication frequency of failure,
The newest authentication failed time.
Specifically, a user login validation failure record file can be created first, and recorded in the login failed for user
The login authentication frequency of failure of login authentication failure user, newest authentication failed time described in file, (i.e. last time logged in
The authentication failed time) etc. information.Then user login validation failure record file is imported under specified configuration file directory.If
Current system has configuration file catalogue, then directly user login validation failure record file is importing directly under the catalogue,
If configuration file catalogue is not present in current system, a configuration file can be created under this systems, and so user is logged in and is tested
Failure record file is demonstrate,proved to import wherein.Not in the database because of configuration file, so when accessing login authentication failure record file
The normal use of database will not be interfered.
S202, when get target user transmission login authentication request when, read specified configuration file directory under use
Family login authentication failure record file.
Whether S203, lookup simultaneously judge in target user's login authentication failure record file the login of carrying target user
Authentication failed records.
If recorded, S204 is entered step, if do not recorded, enters step S207.
S204, the login authentication frequency of failure for reading target user, and judge whether the login authentication frequency of failure is more than pre-
If threshold value.
In the present embodiment, disabled user's Brute Force username and password in order to prevent, can pre-set a use
In the threshold value of the limitation login authentication frequency of failure.Specifically, the concrete numerical value of the predetermined threshold value can predefine, it can also root
It is determined and adjusts according to actual conditions, do not limit herein.
After reading the login authentication frequency of failure of target user, the login authentication frequency of failure and predetermined threshold value are carried out
Judge.
If it exceeds predetermined threshold value, that is, showing current target user, there may be the suspicion of Brute Force username and password
It doubts, then enters step S205;If being less than predetermined threshold value, that is, show that current goal user may be normal because inputing password etc. by mistake
Rule reason causes there are login authentication failure record, temporary there is no the suspicion that sudden huge profits crack user name password, then enters step
S206、
S205, the newest authentication failed time using target user, judge whether login authentication request belongs to default account
It locks except the period, and when belonging to except the default account locking period, determines that target user has login authentication qualification.
In the present embodiment, user account can also be locked after user's login times are more than predetermined threshold value
Operation.Specifically, the failure of last time login authentication can be arranged to when allowing to be normally carried out login authentication interval next time
Between as account lock the period.Specifically, the duration of the default account locking period can predefine, it can also be according to reality
Situation is determined and adjusts, and does not limit herein.
Utilize the newest verification time of target user, it may be determined that the initiation time of the login authentication request currently acquired
Whether belong to except default account locking time, if this preset account locking the period except, then it is assumed that can be to target user
The login authentication request of transmission carries out normal authentication processing.If whether the initiation time of login authentication request belongs to default account
Within locking time, then it is assumed that the login authentication request that target user sends is excessively frequent, can in order to ensure user account safety
With without any processing.
S206, determine that target user has login authentication qualification.
If the login authentication frequency of failure is less than predetermined threshold value, that is, show that current goal user may be because inputing by mistake close
The conventional reason such as code causes there are login authentication failure record, and temporary there is no the suspicion that sudden huge profits crack user name password.It can be with
Think that target user has login authentication qualification.
S207, directly determine that target user has login authentication qualification.
If S208, target user have login authentication qualification, login is tested using the user data in presetting database
Card request is handled.
Preferably, when handling login authentication request, user login validation failure record file can also be directed to
It modifies and adjusts, more to match practical application request.That is, when login authentication fails, then lost in user login validation
Lose the login authentication failure record for updating or adding target user in record file.And/or when login authentication success, by mesh
The login authentication failure record of mark user is deleted from user login validation failure record file.
That is, after being proved to be successful to the login authentication request of target user, it is believed that login authentication
May be unsuccessfully that target inputs the normally login such as user name or password by mistake about the login authentication failure record of target user in file
When authentication failed, recorded.Therefore, target user is being determined after good authentication, its corresponding login can tested
Card failure record is deleted from user login validation failure record, to accelerate the login authentication processing of the target user next time
Flow.
It is verified when to the login authentication request of target user, and after authentication failed, at this point it is possible to think the target
There are the suspicion of Brute Force user name and user password by user, therefore need to be by this login authentication failure record.Specifically, working as
When having recorded the login authentication failure record of the target user in user login validation failure file, it is only necessary to will wherein log in and test
The card frequency of failure adds 1, and the newest login authentication time is updated to this login authentication Time To Failure.When user login validation loses
When losing the login authentication failure record of non-carrying target user in file, then need unsuccessfully to remember for target user establishment login authentication
Record.
It is better understood from the technical solution that the embodiment of the present invention is provided for the ease of those skilled in the art, with reference to
Specific login authentication flow, is provided for the embodiments of the invention technical solution and is described in detail.
In order to reinforce the verification of user identity legitimacy, more and more gui softwares add the legitimacy of user identity
Discriminating failure handling function.By limiting logon attempt number, frequently logs on failure and lock an account and locking time is set
System is protected, disabled user's Brute Force user name password is prevented, system is damaged.
To realize that this function, existing solution be:User is inputted into user name password in Web login interfaces, and will
User name, password are issued to logical process layer, and whether user name, password in logical process layer reading database lock, log in
The log-on messages such as number, last login Time To Failure, and using these log-on messages judge, according to judging result determine user into
Enter system home page and still prompts corresponding error message in log in page.This function needs increase last time in database user information table
Login failure time, login failure time field, while this scheme can frequently carry out the inquiry of database, the operations such as update,
Each operating database needs data reading in memory, CPU dissection process data, and processing is completed, and memory is returned the result to, by
Interior to there is write-in database, frequent progress data processing can cause database performance to decline, when database performance is poor, then count
According to library inquiry, renewal speed is slack-off, and then causes user identity legitimacy verifies slack-off, influences user experience.
Database performance is generally subject to the hardware configuration of physical server, and hardware configuration is high, then database performance is good, number
According to library operation quickly back-checking as a result, then user experience is good;Hardware configuration is relatively low, and it will cause physical servers cannot respond to
Front end is asked, and the stuck illusion of system greatly weakens user experience.The another aspect for influencing database performance is then database
In each tables of data size, when database table is big, database table is read in into memory and is slowed, once can only reading part
Divide table data, if the table data for reading in memory do not include the data of retrieval, also needs to retrieve the remaining data graftabl of table, directly
To retrieving data.
Hardware cost certainly will be increased by increasing physical server hardware configuration, if reducing Database size, reduce operand
According to library number, then database performance can be promoted, response speed must improve when operating database.
Technical solution provided in an embodiment of the present invention is to be reached to database Reduction of Students' Study Load in the case where not increasing hardware configuration
To optimization performance purpose, and then improves and differentiate user's treatment effeciency.Specifically, this technical solution provided in an embodiment of the present invention needs
Increase login failed for user record file, for preserving login failed for user record as a result, Web layers by user name, under password
After being sent to logical process layer, logical process layer retrieves login failed for user file, retrieves user login information, surpasses if user logs in
It crosses 5 times (can also be certainly, other numerical value in other embodiments of the invention) and does not surpass according to the time of last login failure
Spend 30 minutes (can also be certainly, other durations in other embodiments of the invention), then directly refusal user logs in, and is not necessarily to
Operating database.Operating database can not complete instant response to retrieval login failed for user file.If last login time and this
Secondary login time is more than 30 minutes, then inquires database and obtain the comparison of user name password, remove user if by verification and step on
Record user information in failure record file.Frequent operation that is such then reducing database is reduced in user message table to log in and be lost
Number Error_time is lost, last login Time To Failure Last_log_time fields, database table storage information is less, data
Library table is loaded into memory and then becomes faster, and retrieval data efficiency becomes faster.Scheme after optimization is from reduction database manipulation and in logical process
First part verifies layer, and two aspects, which are promoted, differentiates user identity legitimacy treatment effeciency.
Its specific process flow is asked referring to FIG. 3, Fig. 3 answers for the specific of a kind of login validation method in the embodiment of the present invention
Use flow diagram.
S1, in a browser input Web system address, into the system login page;
S2, user input user name password, and user name password is issued to logical process layer;
S3, logical process layer read login failed for user and record file;
S4, it searches in login failure record file with the presence or absence of login user information (such as the user that current request logs in
User name), there is no step S5 is carried out, exists and carry out step S9;
S5, logical process layer are inquired user name password, and are compared with Web layers of user name password;
Specifically, logical process layer inquiry user name password is the user name password in database.
Whether S6, Web layers of user name password authentification pass through;
By entering step S7 after verification, S8 is otherwise entered step;
S7, it completes to log in system home page;
S8, login user information is recorded with User_ErrorTime_Last_log_time formats;
S9, retrieval user login validation failure record file, obtain the Error_time and Last_log_time of user;
S10, judge whether Error_time is more than or equal to 5;
If it is, S11 is entered step, if it is not, then entering step S13;
S11, current time and last login Time To Failure make the difference, and whether the time is more than 30 minutes;
If it is, entering step S20;If it is not, then entering step S12;
S12, user, account is prompted to lock, forbidden logging in log in page;
The user name of S13, logical process layer inquiry database, password, and verify;
S14, judgement verify whether to pass through;
If so, entering step S15;If it is not, then entering step S17;
S15, it completes to log in system home page;
User information in S16, deletion login failed for user record file Login_error_record files;
User information in S17, modification Login_error_record files, ErrorTime add 1, Last_log_time
Current_time is asked in update;
S18, inquiry database obtain user name password, and the user name with Web layers, password compare;
If the verification passes, then S15 is entered step;If authentication failed enters step S19;
User information in S19, modification Login_error_record files, Error_time add 1, Last_log_
Time is updated to Current_time.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of login authentication device, is described below
Login authentication device can correspond reference with above-described login validation method.
Shown in Figure 4, which comprises the following modules:
File read module 101, for when getting the login authentication request of target user's transmission, reading specified configuration
User login validation failure record file under file directory;
Login authentication failure record searches judgment module 102, for searching and judging that target user's login authentication is unsuccessfully remembered
Record the login authentication failure record of whether carrying target user in file;
Login authentication qualification determining module 103, if for having recorded mesh in target user's login authentication failure record file
The login authentication failure record of user is marked, then utilizes preset condition, determines whether target user has login authentication qualification;If with
The login authentication failure record of non-carrying target user in the login authentication failure record file of family then directly determines target user's tool
There is login authentication qualification;
Login authentication request processing module 104 utilizes preset data if having login authentication qualification for target user
User data in library handles login authentication request;Wherein, user data includes the login authentication information of validated user.
The device provided using the embodiment of the present invention is read when getting the login authentication request of target user's transmission
Fetching determines the user login validation failure record file under configuration file catalogue;It searches and judges that target user's login authentication fails
Record the login authentication failure record of whether carrying target user in file;If recorded, preset condition is utilized, is determined
Whether target user has login authentication qualification;If do not recorded, directly determine that target user has login authentication qualification;If
Target user has login authentication qualification, then is handled login authentication request using the user data in presetting database;
Wherein, user data includes the login authentication information of validated user.Before handling login authentication request, first with finger
Determine the user login validation failure record file under configuration file catalogue, determines whether target user has login authentication money
Lattice.Only when it is with login authentication qualification, the login authentication request of target user is handled using presetting database.?
That is while solving disabled user's Brute Force user name cryptographic problem using user login validation failure file, also
The access times to database can be reduced.The verification efficiency to validated user is improved, user experience is promoted.
In a kind of specific implementation mode of the present invention, further include:
User login validation failure record file import modul is stepped on for the user in the case where reading specified configuration file directory
Before recording authentication failed record file, user login validation failure record file is imported under specified configuration file directory;Its
In, record the login authentication frequency of failure of login authentication failure user in user login validation record file, newest verification is lost
Lose the time.
In a kind of specific implementation mode of the present invention, login authentication request processing module 104, specifically for being tested when login
When card failure, then the login authentication failure record of target user is updated or added in user login validation failure record file.
In a kind of specific implementation mode of the present invention, login authentication request processing module 104 is specifically used for
It is when login authentication success, the login authentication failure record of target user is literary from user login validation failure record
It is deleted in part.
In a kind of specific implementation mode of the present invention, login authentication qualification determining module 103, including:
Login authentication frequency of failure judging unit, the login authentication frequency of failure for reading target user, and judge to step on
Record whether authentication failed number is more than predetermined threshold value;
Account locks judging unit, if the login authentication frequency of failure for target user is more than predetermined threshold value, profit
With the newest authentication failed time of target user, judge whether login authentication request belonged to except the default account locking period, and
When belonging to except the default account locking period, determine that target user has login authentication qualification;
Login authentication qualification determination unit, the login authentication frequency of failure for target user are less than predetermined threshold value, then
Determine that target user has login authentication qualification.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of login authentication equipment, is described below
A kind of login authentication equipment can correspond reference with a kind of above-described login validation method.
Shown in Figure 5, which includes:
Memory D1, for storing computer program;
Processor D2, when for executing computer program the step of the login validation method of realization above method embodiment.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of readable storage medium storing program for executing, is described below
A kind of readable storage medium storing program for executing can correspond reference with a kind of above-described login validation method.
A kind of readable storage medium storing program for executing is stored with computer program on readable storage medium storing program for executing, and computer program is held by processor
The step of login validation method of above method embodiment is realized when row.
The computer readable storage medium is specifically as follows USB flash disk, mobile hard disk, read-only memory (Read-Only
Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disc or CD etc. are various stores
The readable storage medium storing program for executing of program code.
Each embodiment is described by the way of progressive in this specification, the highlights of each of the examples are with it is other
The difference of embodiment, just to refer each other for same or similar part between each embodiment.For being filled disclosed in embodiment
For setting, since it is corresponded to the methods disclosed in the examples, so description is fairly simple, related place is referring to method part
Explanation.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure
And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These
Function is implemented in hardware or software actually, depends on the specific application and design constraint of technical solution.Profession
Technical staff can use different methods to achieve the described function each specific application, but this realization should not be recognized
It is beyond the scope of this invention.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
Principle and implementation of the present invention are described for specific case used herein, and above example is said
It is bright to be merely used to help understand technical scheme of the present invention and its core concept.It should be pointed out that for the common of the art
For technical staff, without departing from the principle of the present invention, can also several improvements and modifications are made to the present invention, these change
It is also fallen into the claims in the present invention protection domain into modification.
Claims (10)
1. a kind of login validation method, which is characterized in that including:
When getting the login authentication request of target user's transmission, the user login validation under specified configuration file directory is read
Failure record file;
Search and judge whether to have recorded in target user's login authentication failure record file the login of the target user
Authentication failed records;
If recorded, preset condition is utilized, determines whether the target user has login authentication qualification;
If do not recorded, directly determine that the target user has the login authentication qualification;
If the target user has the login authentication qualification, using the user data in presetting database to the login
Checking request is handled;Wherein, the user data includes the login authentication information of validated user.
2. login validation method according to claim 1, which is characterized in that under the reading specified configuration file directory
User login validation failure record file before, further include:
User login validation failure record file is imported under specified configuration file directory;Wherein, the user login validation
The login authentication frequency of failure of login authentication failure user, newest authentication failed time have been recorded in record file.
3. login validation method according to claim 2, which is characterized in that it is described to utilize preset condition, determine the mesh
Mark whether user has login authentication qualification, including:
The login authentication frequency of failure of the target user is read, and judges whether the login authentication frequency of failure is more than default
Threshold value;
If it does, then utilizing the newest authentication failed time of the target user, judge whether the login authentication request belongs to
It is locked except the period in default account, and when belonging to except the default account locking period, determines target user's tool
There is login authentication qualification;
If be less than, it is determined that the target user has login authentication qualification.
4. login validation method according to any one of claims 1 to 3, which is characterized in that described to utilize presetting database
In user data to the login authentication request handle, including:
When login authentication fails, then the target user is updated or added in the user login validation failure record file
Login authentication failure record.
5. login validation method according to any one of claims 1 to 3, which is characterized in that described to utilize presetting database
In user data to the login authentication request handle, including:
When login authentication success, the login authentication failure record of the target user is unsuccessfully remembered from the user login validation
It is deleted in record file.
6. a kind of login authentication device, which is characterized in that including:
File read module, for when getting the login authentication request of target user's transmission, reading specified configuration file mesh
User login validation failure record file under record;
Login authentication failure record searches judgment module, for searching and judging target user's login authentication failure record text
Whether the login authentication failure record of the target user has been recorded in part;
Login authentication qualification determining module, if for having recorded the mesh in target user's login authentication failure record file
The login authentication failure record of user is marked, then utilizes preset condition, determines whether the target user has login authentication qualification;
If not recording the login authentication failure record of the target user in the user login validation failure record file, directly really
The fixed target user has the login authentication qualification;
Login authentication request processing module utilizes present count if having the login authentication qualification for the target user
Login authentication request is handled according to the user data in library;Wherein, the user data includes stepping on for validated user
Record verification information.
7. login authentication device according to claim 6, which is characterized in that further include:
User login validation failure record file import modul is stepped on for the user under the reading specified configuration file directory
Before recording authentication failed record file, user login validation failure record file is imported under specified configuration file directory;Its
In, the login authentication frequency of failure of login authentication failure user has been recorded in user login validation record file, newest has been tested
Demonstrate,prove Time To Failure.
8. the login authentication device described according to claim 6 or 7, which is characterized in that login authentication request processing module, specifically
For when login authentication fails, then the target user being updated or adding in the user login validation failure record file
Login authentication failure record.
9. a kind of login authentication equipment, which is characterized in that including:
Memory, for storing computer program;
Processor, realizing the login validation method as described in any one of claim 1 to 5 when for executing the computer program
Step.
10. a kind of readable storage medium storing program for executing, which is characterized in that be stored with computer program, the meter on the readable storage medium storing program for executing
It is realized when calculation machine program is executed by processor as described in any one of claim 1 to 5 the step of login validation method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810550572.5A CN108763889A (en) | 2018-05-31 | 2018-05-31 | A kind of login validation method, device, equipment and readable storage medium storing program for executing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810550572.5A CN108763889A (en) | 2018-05-31 | 2018-05-31 | A kind of login validation method, device, equipment and readable storage medium storing program for executing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108763889A true CN108763889A (en) | 2018-11-06 |
Family
ID=64001499
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810550572.5A Withdrawn CN108763889A (en) | 2018-05-31 | 2018-05-31 | A kind of login validation method, device, equipment and readable storage medium storing program for executing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108763889A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112202730A (en) * | 2020-09-11 | 2021-01-08 | 苏州浪潮智能科技有限公司 | Access control method, system, terminal and storage medium based on blacklist |
| CN112861120A (en) * | 2019-11-27 | 2021-05-28 | 深信服科技股份有限公司 | Identification method, device and storage medium |
| CN113114693A (en) * | 2021-04-16 | 2021-07-13 | 北京天空卫士网络安全技术有限公司 | Account state display method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1917484A (en) * | 2006-09-13 | 2007-02-21 | 阿里巴巴公司 | Method of fast access of instant communicating system and system thereof |
| US20150007278A1 (en) * | 2013-06-28 | 2015-01-01 | Business Objects Software Ltd. | Authentication for single page web interfaces |
| CN105335470A (en) * | 2015-09-29 | 2016-02-17 | 北京奇虎科技有限公司 | Method and device for showing user login information |
| CN105897670A (en) * | 2015-11-13 | 2016-08-24 | 乐视云计算有限公司 | Website user login authentication method and system |
-
2018
- 2018-05-31 CN CN201810550572.5A patent/CN108763889A/en not_active Withdrawn
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1917484A (en) * | 2006-09-13 | 2007-02-21 | 阿里巴巴公司 | Method of fast access of instant communicating system and system thereof |
| US20150007278A1 (en) * | 2013-06-28 | 2015-01-01 | Business Objects Software Ltd. | Authentication for single page web interfaces |
| CN105335470A (en) * | 2015-09-29 | 2016-02-17 | 北京奇虎科技有限公司 | Method and device for showing user login information |
| CN105897670A (en) * | 2015-11-13 | 2016-08-24 | 乐视云计算有限公司 | Website user login authentication method and system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112861120A (en) * | 2019-11-27 | 2021-05-28 | 深信服科技股份有限公司 | Identification method, device and storage medium |
| CN112202730A (en) * | 2020-09-11 | 2021-01-08 | 苏州浪潮智能科技有限公司 | Access control method, system, terminal and storage medium based on blacklist |
| CN112202730B (en) * | 2020-09-11 | 2022-05-13 | 苏州浪潮智能科技有限公司 | Access control method, system, terminal and storage medium based on blacklist |
| CN113114693A (en) * | 2021-04-16 | 2021-07-13 | 北京天空卫士网络安全技术有限公司 | Account state display method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9811547B2 (en) | Client computer for updating a database stored on a server via a network | |
| US7249251B2 (en) | Methods and apparatus for secure modification of a retention period for data in a storage system | |
| US7290279B2 (en) | Access control method using token having security attributes in computer system | |
| US9491182B2 (en) | Methods and systems for secure internet access and services | |
| US7580961B2 (en) | Methods and apparatus for modifying a retention period for data in a storage system | |
| US7430645B2 (en) | Methods and apparatus for extending a retention period for data in a storage system | |
| CN108763889A (en) | A kind of login validation method, device, equipment and readable storage medium storing program for executing | |
| CN106487744A (en) | A kind of Shiro verification method based on Redis storage | |
| CN112037058B (en) | Data verification method, device and storage medium | |
| CN107402821A (en) | Access control method, device and the equipment of shared resource | |
| CN112231654A (en) | Operation and maintenance data isolation method and device, electronic equipment and storage medium | |
| CN111090882B (en) | Operation control method, device and equipment for redis database | |
| US20110314088A1 (en) | System and method for controlling and monitoring access to data processing applications | |
| CN109101798A (en) | A kind of login method of BIOS, login system and relevant apparatus | |
| JP4830576B2 (en) | Information processing apparatus, data management method, program | |
| CN106130968B (en) | A kind of identity identifying method and system | |
| JP4191239B2 (en) | Access authority control system | |
| US7801920B2 (en) | Methods and apparatus for indirectly identifying a retention period for data in a storage system | |
| CN106559385A (en) | A kind of data authentication method and apparatus | |
| JP2017527018A (en) | Method and apparatus for using depleted network resources | |
| CN113468618A (en) | Mobile hard disk multi-security-level interaction method and system | |
| CN111125678A (en) | Method, device and medium for managing Option ROM loading | |
| JP4342326B2 (en) | Database controller | |
| CN108848104B (en) | Information management method and device | |
| KR100514139B1 (en) | Querying method of applying security function to ODBC and apparatus thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20181106 |