CN109150800B - Login access method, system and storage medium - Google Patents
Login access method, system and storage medium Download PDFInfo
- Publication number
- CN109150800B CN109150800B CN201710457265.8A CN201710457265A CN109150800B CN 109150800 B CN109150800 B CN 109150800B CN 201710457265 A CN201710457265 A CN 201710457265A CN 109150800 B CN109150800 B CN 109150800B
- Authority
- CN
- China
- Prior art keywords
- service subsystem
- information
- token
- login
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Abstract
The invention provides a login access method, which is applied to a unified login system side, and comprises the following steps: and when receiving an access request of the user for any service subsystem, sending user login information and authentication token information of any service subsystem to any service subsystem for verification of any service subsystem. The invention mainly adopts a REST-based lightweight service technology, establishes an identity mutual trust authentication service between systems, then releases the authentication service as a service conforming to the REST architecture specification for a local user interface and a remote third-party interface to call, simultaneously adopts an encrypted token mode to store user authentication information in a token of a client, and then obtains the authentication user information by decrypting a token ciphertext, thereby providing safety guarantee for the user information and increasing the expandability of an application server.
Description
Technical Field
The present invention relates to the field of application systems, and in particular, to a login access method, system and storage medium.
Background
With the continuous popularization of digitalization, various subsystems related to self service are gradually introduced into various departments of large enterprises and public institutions (among the service subsystems, most of Web and Andriod/APP subsystems exist), and almost every service subsystem needs to identify the identity of an operator, and allocate certain authority according to different identities of the operator to make some operational restrictions. As a result, many companies or departments design a set of user profile and authority management mechanism in each service subsystem, and provide user login authentication. Therefore, the requirements are met, and the problems of inconvenience in user account management, non-uniform user data and the like are brought. When a digital network is developed to a certain stage, the integration of user data for unified management becomes necessary, the mutual authentication process based on user information between the existing unified login system and each service subsystem is realized through a SOAP protocol, then the unified login system stores the session information containing user authentication credentials, a subsequent user obtains the session information through a browser and initiates a login request to the service subsystem, and the service subsystem returns login success to the browser of the user after information authentication.
The following problems will occur by adopting the above scheme:
1. the uniform login system has slow response efficiency, resources cannot be reasonably utilized, and the message blocking phenomenon is easy to generate;
2. the loose coupling of the resources of the unified login system and the view is poor, the system maintenance is inconvenient, the integration of a third-party system is inconvenient, and the system expansibility is poor;
3. the unified login system has a single data structure, and traditionally, data is transmitted in an XML (eXtensible Markup Language) format based on a Simple Object Access Protocol (SOAP), so that the unified login system is difficult to adapt to the development requirement of a mobile internet service;
4. the security of the service subsystem is low, the traditional transmission is in a URL (Uniform Resource Locator), many sensitive information are exposed outside, and it is difficult to ensure information security only by simply adding and configuring SSL (Secure Sockets Layer) to transmit data.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a login access method, system and storage medium, which not only ensure the information security of a service subsystem, but also enable a unified login system to have good dynamic flexibility.
The technical scheme adopted by the invention is that the login access method is applied to a unified login system side, and the method comprises the following steps:
and when the unified login system receives an access request of the user for any service subsystem, sending user login information and service subsystem authentication token information to the service subsystem for the service subsystem to verify.
Further, before the unified login system receives an access request of the user to any service subsystem, the method further includes:
the unified login system generates and stores the authentication token information of the service subsystem according to the pre-acquired characteristic information of the service subsystem;
wherein the feature information of the service subsystem comprises: account information of the service subsystem, or the account information of the service subsystem and unique coding information corresponding to the service subsystem; the account information of the service subsystem comprises: a service subsystem name and a service subsystem password.
Further, the sending the user login information and the service subsystem authentication token information to the service subsystem includes:
and sending user login information and the service subsystem authentication token information to the service subsystem in a REST (Representational State Transfer) mode.
Further, the generating the service subsystem authentication token information according to the pre-obtained feature information of the service subsystem includes:
generating a token through a random data sequence character string and account information of the service subsystem;
and encrypting the token to obtain the authentication token information of the service subsystem, or encrypting the token and the unique coding information corresponding to the service subsystem to obtain the authentication token information of the service subsystem.
Further, the encrypting the token to obtain the service subsystem authentication token information includes:
hashing the token and generating a verification code;
encrypting the verification code and the hashed token to obtain the authentication token information of the service subsystem;
the encrypting the token and the unique encoding information corresponding to the service subsystem to obtain the service subsystem authentication token information includes:
hashing the token and generating a verification code;
and encrypting the verification code, the unique coding information corresponding to the service subsystem and the hashed token to obtain the authentication token information of the service subsystem.
The invention also provides a login access method, which comprises the following steps:
the service subsystem receives user login information and service subsystem authentication token information sent by the unified login system;
and the service subsystem checks the received user login information and the service subsystem authentication token information and returns a check result to the unified login system.
Furthermore, the service subsystem and the unified login system interact in a REST mode.
Further, the verifying the received user login information and the service subsystem authentication token information includes:
judging whether the received user login information is stored locally or not, wherein the user login information comprises: user information, or user information and password information;
if the judgment result is yes;
and judging whether a token obtained according to the received service subsystem authentication token information is valid or not, or judging whether the token obtained according to the received service subsystem authentication token information and unique coding information corresponding to the service subsystem are valid or not.
Further, a method for obtaining a token and unique encoding information corresponding to the service subsystem according to the received service subsystem authentication token information includes:
decrypting the authentication token information of the service subsystem to obtain a token and unique coding information corresponding to the service subsystem;
performing de-hashing on the token to obtain a random data sequence character string and account information of a service subsystem; the account information of the service subsystem comprises: a service subsystem name and a service subsystem password.
Further, the determining whether the token obtained according to the received token authentication information of the service subsystem and the unique encoding information corresponding to the service subsystem are valid includes:
a1: judging whether the token is in the valid period, if so, executing the step A2, otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid;
a2: and judging whether the unique coding information corresponding to the service subsystem obtained by decrypting the authentication token information of the service subsystem and the account information of the service subsystem obtained according to the token are stored locally, if so, judging that the received token and the unique coding information corresponding to the service subsystem are valid, and otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid.
The invention also provides a unified login system, which comprises: a first communication module, a first memory, and a first processor, wherein:
the first communication module is configured to perform communication interaction with a user and a service subsystem;
the first memory stores an authentication management program;
a first processor configured to execute the authentication manager to implement the steps of the login access method as described above.
The present invention also provides a service subsystem, comprising: a second communication module, a second memory, and a second processor, wherein:
the second communication module is configured to perform communication interaction with the unified login system;
the second memory stores an authentication registration program;
a second processor configured to execute the authentication registration procedure to implement the steps of the login access method as described above.
The present invention also provides a computer storage medium having a computer program stored thereon, which, when executed by a processor, performs the steps of the above login access method.
By adopting the technical scheme, the invention at least has the following advantages:
the login access method, the login access system and the storage medium provided by the invention provide a solution to the problems of low service efficiency, waste of service resources, single data structure and the like in the process of accessing the service subsystem by a client user through a unified login system at present, and improve the real-time performance and the accuracy of system processing while ensuring the availability of the system. The invention can improve the service efficiency, save the service resources, provide high-quality service for the mobile application, reduce the operation cost, improve the user experience and increase the economic income of operators.
Drawings
FIG. 1 is a flowchart of a login access method according to a first embodiment of the present invention;
FIG. 2 is a flowchart of a login access method according to a second embodiment of the present invention;
FIG. 3 is a schematic diagram of a unified login system according to a third embodiment of the present invention;
fig. 4 is a schematic diagram of a service subsystem according to a fourth embodiment of the present invention.
Detailed Description
To further explain the technical means and effects of the present invention adopted to achieve the intended purpose, the present invention will be described in detail with reference to the accompanying drawings and preferred embodiments.
A first embodiment of the present invention provides a login access method, which is applied to a unified login system, and as shown in fig. 1, the method includes the following specific steps:
step S101, the unified login system generates and stores service subsystem authentication token information for each service subsystem, and the service subsystem authentication token information is also configured into the corresponding service subsystem.
Specifically, in a first optional example, the service subsystem authentication token information includes: account information of the business subsystem.
In a second alternative example, the service subsystem authentication token information includes: the account information of the service subsystem and the unique coding information corresponding to the service subsystem.
The account information of the business subsystem includes: a service subsystem name and a service subsystem password;
the unified login system interacts with the user and the service subsystem in a REST mode. Such as: and the unified login system sends user login information and the service subsystem authentication token information to the service subsystem in an REST mode.
In step S101, feature information of a service subsystem may be acquired in advance, where the feature information of the service subsystem includes: account information of the service subsystem, or the account information of the service subsystem and unique coding information corresponding to the service subsystem; the account information of the service subsystem comprises: a service subsystem name and a service subsystem password.
Aiming at each service subsystem, the unified login system generates service subsystem authentication token information according to the pre-acquired feature information of the service subsystem, and the method comprises the following steps:
a1: aiming at any business subsystem, generating a token through a random data sequence character string and account information of the business subsystem;
a2: and encrypting the token to obtain the authentication token information of any service subsystem, or encrypting the token and the unique coding information corresponding to any service subsystem to obtain the authentication token information of any service subsystem.
Further, in step a2, encrypting the token or the token and the unique encoding information to obtain the authentication token information of any service subsystem, includes:
hashing the token and generating a verification code;
in a first optional example, the verification code and the hashed token are combined and encrypted to obtain authentication token information of any service subsystem;
in a second optional example, the verification code, the unique encoding information corresponding to any service subsystem, and the hashed token are combined and encrypted to obtain the authentication token information of any service subsystem.
Step S102, when receiving the access request of the user for any service subsystem, sending the user login information and the authentication token information of any service subsystem to any service subsystem for the verification of any service subsystem.
The embodiment of the invention mainly adopts the lightweight service technology based on REST, and the REST technical service has the following characteristics:
1) and (6) caching data. The data can be cached as required based on the REST system, so that the information transmission between the server and the client can be reduced, the performance is improved, and the user experience is increased. The service subsystem caches the access request from the unified login system, so that the access speed is improved.
2) The system structure is hierarchical. In a REST-based system, a client can interactively communicate with one or more servers, and a good system hierarchical structure facilitates maintenance of operation and maintenance personnel and integration of other applications. Such as: according to the embodiment of the invention, different service subsystems (similar to a server) can be logged in through the unified login system (similar to a unified login entrance of a client).
3) The data structure is rich. The expression form gives corresponding content according to the requirement when the client requests the resource, and generally returns the formats of XML, JSON, XHML and the like. Such as: in the embodiment of the invention, when the unified login system (similar to a unified login entry of a client) requests resources from the service subsystem (similar to a server), the client can not only enable a PC (personal computer) but also enable a mobile terminal, and the mobile terminal can request the resources in various formats such as XML (extensive Makeup language), JSON (java script object notation), XHML (extensible markup language) and the like from the service subsystem, while the client in the prior art only can be the PC and does not support the mobile terminal and the formats.
4) And no state. In a REST system, the server (similar to a unified login entry) does not save any state about the client (similar to a business subsystem). That is, the client itself is responsible for maintaining the user state and needs to provide enough information each time a request is sent. Such as: when the user side sends a user login request in the embodiment of the invention, the unified login system (similar to the unified login entry of the client) combines the user login information and the registration ciphertext and sends the user login information and the registration ciphertext to the service subsystem (similar to the server) for verification.
5) And (4) a unified interface. A REST system needs to use a unified interface (i.e., the unified login system of the embodiment of the present invention) to complete the interaction between the unified interface and the service subsystem. This allows each service subsystem in the REST system to perform evolution independently. In conclusion, the problems in the prior art can be fundamentally solved.
In addition, a program corresponding to the method of the embodiment of the invention can be designed into a login access service. The service issues a login access process as REST service for local users and remote users to call, meanwhile, the service subsystem authentication token information input by an administrator is stored in a unified login system and configured in a service subsystem in an encryption token mode, the service does not use Session to store the relevant authentication information of the service subsystem in a Session mode, but obtains the authentication token information of the service subsystem through decryption token ciphertext, the information security of the users is guaranteed, and the server has good dynamic flexibility and the like.
The user side of the embodiment of the invention can be a browser (such as IE, Firefox, chrome and the like) installed in a PC (personal computer) or a mobile phone client (App or iOS). For example: when a user logs in a certain system, other subsystems do not need to log in the system, and all applications of the related subsystems can be accessed.
A second embodiment of the present invention, a login access method, is applied to a service subsystem, as shown in fig. 2, the method further includes the following specific steps:
step S201, a service subsystem locally configures self service subsystem authentication token information; the service subsystem authentication token information is also stored in the unified login system.
Step S202, when the service subsystem receives user login information and service subsystem authentication token information sent by the unified login system based on the access request of the user, the received user login information and service subsystem authentication token information are verified, and a verification result is returned to the unified login system.
Specifically, the service subsystem and the unified login system interact in a REST manner.
In step S202, the verifying the received user login information and service subsystem authentication token information includes:
a1: judging whether the received user login information is stored locally or not, if so, executing the step A2; otherwise, executing step A3; the user login information comprises: user information, or user information and password information;
a2: judging whether a token obtained according to the received service subsystem authentication token information or the obtained token and unique coding information corresponding to the service subsystem are valid or not, if so, returning verification success information to the unified login system; otherwise, executing step A3;
a3: and returning verification failure information to the unified login system.
Optionally, in step a2, the method for obtaining the token or obtaining the token and the unique encoding information corresponding to the service subsystem according to the token authentication information of the service subsystem includes:
in a first optional example, the service subsystem authentication token information is decrypted to obtain a token;
in a second optional example, the service subsystem authentication token information is decrypted to obtain the unique coding information corresponding to the token and the service subsystem;
performing de-hashing on the token to obtain a random data sequence character string and account information of a service subsystem; the account information of the business subsystem includes: a service subsystem name and a service subsystem password.
Further, in step a2, the determining whether the token obtained according to the received service subsystem authentication token information and the unique encoding information corresponding to the service subsystem are valid includes:
b1: judging whether the token is in the valid period, if so, executing the step B2, otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid;
b2: and judging whether the unique coding information corresponding to the service subsystem obtained by decrypting the authentication token information of the service subsystem and the account information of the service subsystem obtained according to the token are stored locally, if so, judging that the received token and the unique coding information corresponding to the service subsystem are valid, and otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid.
In the embodiment of the invention, the token mode is introduced to store the relevant information of the authentication of the service subsystem, and the REST mode is adopted to realize the interaction among the user, the unified login system and the service subsystem, thereby not only ensuring the information security of the service subsystem, but also ensuring the good dynamic flexibility of the unified login system.
The user side of the embodiment of the invention can be a browser (such as IE, Firefox, chrome and the like) installed in a PC (personal computer) or a mobile phone client (App or iOS). For example: when a user logs in a certain system, other subsystems do not need to log in the system, and all applications of the related subsystems can be accessed.
A third embodiment of the present invention is a unified login system, as shown in fig. 3, including the following components: a first communication module 301, a first memory 302, and a first processor 303, wherein:
a first communication module 301 configured to perform communication interaction with a user side and a service subsystem;
the first memory 302 stores an authentication management program;
a first processor 303 configured to execute the authentication management program to implement the steps of the login access method according to the first embodiment or the second embodiment of the present invention.
In a fourth embodiment of the present invention, a service subsystem, as shown in fig. 4, includes the following components: a second communication module 401, a second memory 402, and a second processor 403, wherein:
the second communication module 401 is configured to perform communication interaction with the unified login system;
the second memory 402 stores an authentication registration program;
a second processor 403 configured to execute the authentication registration procedure to implement the steps of the login access method according to the third embodiment or the fourth embodiment of the present invention.
A fifth embodiment of the present invention is a computer storage medium having a computer program stored thereon, the computer program, when executed by a processor, implementing the steps of the login access method according to the first or second embodiment of the present invention.
In terms of engineering implementation, the software in the computer storage medium of the embodiment may be implemented by running on a necessary general hardware platform, and certainly may also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the computer storage medium (such as ROM/RAM, magnetic disk, optical disk) of the present invention includes several instructions for causing a device (which may be a server or a client) to perform the method according to the embodiment of the present invention.
While the invention has been described in connection with specific embodiments thereof, it is to be understood that it is intended by the appended drawings and description that the invention may be embodied in other specific forms without departing from the spirit or scope of the invention.
Claims (7)
1. A login access method, comprising:
when the unified login system receives an access request of a user for any service subsystem, user login information and service subsystem authentication token information are sent to the service subsystem for the service subsystem to check;
before the unified login system receives an access request of the user for any service subsystem, the method further comprises:
the unified login system generates and stores the authentication token information of the service subsystem according to the pre-acquired characteristic information of the service subsystem; wherein the feature information of the service subsystem comprises: account information of the service subsystem and unique coding information corresponding to the service subsystem; the account information of the service subsystem comprises: a service subsystem name and a service subsystem password;
the generating the service subsystem authentication token information according to the pre-acquired feature information of the service subsystem includes:
generating a token through a random data sequence character string and account information of the service subsystem;
hashing the token and generating a verification code;
and encrypting the verification code, the unique coding information corresponding to the service subsystem and the hashed token to obtain the authentication token information of the service subsystem.
2. The login access method of claim 1, wherein the sending the user login information and the service subsystem authentication token information to the service subsystem comprises:
and sending user login information and the service subsystem authentication token information to the service subsystem in an REST mode.
3. A login access method, comprising:
the service subsystem receives user login information and service subsystem authentication token information sent by the unified login system;
the service subsystem checks the received user login information and the service subsystem authentication token information and returns a check result to the unified login system;
the verifying the received user login information and the service subsystem authentication token information comprises:
judging whether the received user login information is stored locally or not;
if the judgment result is yes: judging whether a token obtained according to the received authentication token information of the service subsystem and unique coding information corresponding to the service subsystem are valid or not;
the judging whether the token obtained according to the received authentication token information of the service subsystem and the unique coding information corresponding to the service subsystem are valid includes:
a1: judging whether the token is in the valid period, if so, executing the step A2, otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid;
a2: and judging whether the unique coding information corresponding to the service subsystem obtained by decrypting the authentication token information of the service subsystem and the account information of the service subsystem obtained according to the token are stored locally, if so, judging that the received token and the unique coding information corresponding to the service subsystem are valid, and otherwise, judging that the received token and the unique coding information corresponding to the service subsystem are invalid.
4. The login access method of claim 3, wherein the service subsystem and the unified login system interact with each other in a REST manner.
5. A unified entry system, comprising: a first communication module, a first memory, and a first processor, wherein:
the first communication module is configured to perform communication interaction with a user and a service subsystem;
the first memory stores an authentication management program;
a first processor configured to execute the authentication manager to implement the steps of the login access method according to any of claims 1 to 2.
6. A service subsystem, comprising: a second communication module, a second memory, and a second processor, wherein:
the second communication module is configured to perform communication interaction with the unified login system;
the second memory stores an authentication registration program;
a second processor configured to execute the authentication registration procedure to implement the steps of the login access method according to any one of claims 3 to 4.
7. A computer storage medium, characterized in that the computer storage medium has stored thereon a computer program which, when being executed by a processor, carries out the steps of the login access method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710457265.8A CN109150800B (en) | 2017-06-16 | 2017-06-16 | Login access method, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710457265.8A CN109150800B (en) | 2017-06-16 | 2017-06-16 | Login access method, system and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109150800A CN109150800A (en) | 2019-01-04 |
| CN109150800B true CN109150800B (en) | 2022-05-13 |
Family
ID=64830443
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710457265.8A Active CN109150800B (en) | 2017-06-16 | 2017-06-16 | Login access method, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109150800B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110032414B (en) * | 2019-03-06 | 2023-06-06 | 联想企业解决方案(新加坡)有限公司 | Apparatus and method for secure user authentication in remote console mode |
| CN110706143A (en) * | 2019-09-26 | 2020-01-17 | 中电万维信息技术有限责任公司 | Identity authentication method and device based on government affair service |
| CN111538966B (en) * | 2020-04-17 | 2024-02-23 | 中移(杭州)信息技术有限公司 | Access method, access device, server and storage medium |
| CN111935159A (en) * | 2020-08-13 | 2020-11-13 | 工银科技有限公司 | Method, device and system for authenticating mutual trust between multiple systems |
| CN112231674A (en) * | 2020-10-20 | 2021-01-15 | 北京思特奇信息技术股份有限公司 | Skip verification method and system for URL (Uniform resource locator) address and electronic equipment |
| CN114024681A (en) * | 2021-09-03 | 2022-02-08 | 杭州安恒信息安全技术有限公司 | System login method, device, equipment and computer readable storage medium |
| CN114039800A (en) * | 2022-01-10 | 2022-02-11 | 中建电子商务有限责任公司 | Access control method and device based on device fingerprint, server and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102739708A (en) * | 2011-04-07 | 2012-10-17 | 腾讯科技(深圳)有限公司 | System and method for accessing third party application based on cloud platform |
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
| CN106162574A (en) * | 2015-04-02 | 2016-11-23 | 成都鼎桥通信技术有限公司 | Group system is applied universal retrieval method, server and terminal |
| CN106790272A (en) * | 2017-02-16 | 2017-05-31 | 济南浪潮高新科技投资发展有限公司 | A kind of system and method for single-sign-on, a kind of application server |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9961062B2 (en) * | 2015-07-21 | 2018-05-01 | Sap Se | Centralized authentication server for providing cross-domain resources via a rest-based tunnel |
-
2017
- 2017-06-16 CN CN201710457265.8A patent/CN109150800B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102739708A (en) * | 2011-04-07 | 2012-10-17 | 腾讯科技(深圳)有限公司 | System and method for accessing third party application based on cloud platform |
| CN103188248A (en) * | 2011-12-31 | 2013-07-03 | 卓望数码技术(深圳)有限公司 | Identity authentication system and method based on single sign-on |
| CN106162574A (en) * | 2015-04-02 | 2016-11-23 | 成都鼎桥通信技术有限公司 | Group system is applied universal retrieval method, server and terminal |
| CN106790272A (en) * | 2017-02-16 | 2017-05-31 | 济南浪潮高新科技投资发展有限公司 | A kind of system and method for single-sign-on, a kind of application server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109150800A (en) | 2019-01-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109150800B (en) | Login access method, system and storage medium | |
| US11218460B2 (en) | Secure authentication for accessing remote resources | |
| US9276926B2 (en) | Secure and automated credential information transfer mechanism | |
| US8966594B2 (en) | Proxy authentication | |
| US8296828B2 (en) | Transforming claim based identities to credential based identities | |
| US9584615B2 (en) | Redirecting access requests to an authorized server system for a cloud service | |
| CN112131021B (en) | Access request processing method and device | |
| US20100043065A1 (en) | Single sign-on for web applications | |
| CN102457509B (en) | Cloud computing resources safety access method, Apparatus and system | |
| CN107347068A (en) | Single-point logging method and system, electronic equipment | |
| CN103716326A (en) | Resource access method and URG | |
| CN110225050B (en) | JWT token management method | |
| CN104378376A (en) | SOA-based single-point login method, authentication server and browser | |
| US9239911B2 (en) | Replacement of security credentials for secure proxying | |
| KR20120002836A (en) | Apparatus and method for controlling access to combined services | |
| CA3135212A1 (en) | Computing system and methods providing session access based upon authentication token with different authentication credentials | |
| CN109450890B (en) | Single sign-on method and device | |
| CN113271289B (en) | Method, system and computer storage medium for resource authorization and access | |
| JP2017097542A (en) | Authentication control program, authentication control device, and authentication control method | |
| US11153293B1 (en) | Identity information linking | |
| CN104243488A (en) | Login authentication method of cross-website server | |
| CN116527341A (en) | Client-side calling rear-end interface authentication authorization security method | |
| CN113992446B (en) | Cross-domain browser user authentication method, system and computer storage medium | |
| US10708269B1 (en) | Hosted application access management | |
| CN108418906A (en) | A kind of domain name analytic method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |