CN109274657A - A kind of method and system carrying out access authentication based on WEB - Google Patents

A kind of method and system carrying out access authentication based on WEB Download PDF

Info

Publication number
CN109274657A
CN109274657A CN201811027010.9A CN201811027010A CN109274657A CN 109274657 A CN109274657 A CN 109274657A CN 201811027010 A CN201811027010 A CN 201811027010A CN 109274657 A CN109274657 A CN 109274657A
Authority
CN
China
Prior art keywords
user
authentication
next step
message
authenticated
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811027010.9A
Other languages
Chinese (zh)
Inventor
曾亮
曾凡帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHENZHEN JIXIANG TENDA TECHNOLOGY Co Ltd
Original Assignee
SHENZHEN JIXIANG TENDA TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHENZHEN JIXIANG TENDA TECHNOLOGY Co Ltd filed Critical SHENZHEN JIXIANG TENDA TECHNOLOGY Co Ltd
Priority to CN201811027010.9A priority Critical patent/CN109274657A/en
Publication of CN109274657A publication Critical patent/CN109274657A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of methods for carrying out access authentication based on WEB, comprising the following steps: S1, user inquire the IP address of domain name to dns server;S2, dns server response inform that the IP address of user's domain name is A.B.C.D;S3, user and IP address are that the Website server of A.B.C.D establishes TCP connection;S4, user issue HTTP GET/POST request to the Website server that IP address is A.B.C.D, but are intercepted by network access equipment;S5, network access equipment disguise oneself as Website server that IP address is A.B.C.D to user's response, return to 302 response message of HTTP to user.The present invention also provides a kind of systems for carrying out access authentication based on WEB.It all supports the beneficial effects of the present invention are: providing a kind of Wireless-wire and does not all need the access authentication scheme for additionally installing client.

Description

A kind of method and system carrying out access authentication based on WEB
Technical field
The present invention relates to the method for access authentication more particularly to a kind of method and systems that access authentication is carried out based on WEB.
Background technique
For general access authentication, user installation particular clients are needed, pass through client and network access equipment The interactive certification to complete user identity.The scene big for user volume needs to install client software in every client computer, Deployment is difficult.And for PPPoE dialing authentication, although all included dialup client of most of personal computer, it is not suitable for Wireless environment.WPA is only applicable to wireless environment, and cable environment is almost without the scene for using the certification, in cable environment It uses, needs that Authentication Client additionally is installed.Although 802.1x be wirelessly not required to it is specifically configured, it is wired to need that client is installed End, deployment are difficult.
Therefore, provided that a kind of Wireless-wire is all supported and all do not need the access authentication scheme for additionally installing client It is those skilled in the art's technical problem urgently to be resolved.
Summary of the invention
In order to solve the problems in the prior art, the present invention provides it is a kind of based on WEB carry out access authentication method with System.
The present invention provides a kind of methods for carrying out access authentication based on WEB, comprising the following steps:
S1, user inquire the IP address of domain name by wireless terminal or catv terminal through network access equipment to dns server;
S2, dns server response inform that the IP address of user's domain name is A.B.C.D;
S3, user and IP address are that the Website server of A.B.C.D establishes TCP connection;
S4, user issue HTTP GET/POST request to the Website server that IP address is A.B.C.D, but by network insertion Equipment intercepts;
S5, network access equipment disguise oneself as Website server that IP address is A.B.C.D to user's response, return to 302 sound of HTTP Answer message to user, it is desirable that user jumps to the address of certification page;
S6, user and IP address are that the Website server of A.B.C.D disconnects;
Certification page in S7, user's accessing step S5;
S8, user input authentication information and submit in certification page;
S9, network access equipment verify the authentication information of user, and authentication information includes account and password, if authentication information has The user is then added authentication list, and enters next step by effect, if authentication information is invalid, enters next step;
S10, network access equipment return authentication result are prompted to user.
As a further improvement of the present invention, in step S5, when there is IP uplink message to reach network access equipment, network The re-orientation processes process of access device is as follows:
S51: judge whether the IP uplink message is DNS message or the message for sending out the machine, and certification page is placed on the machine, is, puts Otherwise row turns in next step;
S52: judge whether the IP uplink message is the message for establishing or releasing TCP connection, is to let pass, and is otherwise turned in next step;
S53: judging whether cable port or wireless interface are authenticated, and is to turn in next step, otherwise to let pass;
S54: judging whether user is to have authenticated user or authentication-exempt user, is to let pass, and otherwise turns in next step;
S55: judging whether the IP uplink message is HTTP request message, is to turn in next step, otherwise directly to abandon the IP uplink Message;
S56: according to the HTTP request message of previous step, 302 response message of HTTP is constructed, it is desirable that user jumps to certification The address of the page abandons the IP uplink message;
S57: 302 response message of HTTP that previous step constructs is returned into user.
As a further improvement of the present invention, step S9 includes following sub-step:
Whether S91, the authentication module inspection authentication information of network access equipment are correct, turn if correct in next step, if wrong Accidentally, then it returns to miscue and terminates;
S92, judge whether account is out of date, is, return to miscue and terminate, otherwise turn in next step;
S93, judge that account has authenticated whether number of users reaches the upper limit, is, return to miscue and terminate, otherwise turn next Step;
S94, the authentication information of user is recorded to having authenticated in user list;
S95, return authentication are successfully prompted to user.
As a further improvement of the present invention, the method for carrying out access authentication based on WEB further includes timing detection stream Journey, the timing testing process are as follows:
1: traversing each account, judge whether account is expired, authenticate online use using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1.
The present invention also provides a kind of systems for carrying out access authentication based on WEB, comprising: network access equipment, the net Network access device includes:
Redirection module when for user to be accessed internet, forces user to jump to certification page, when there is IP uplink message to arrive When up to network access equipment, re-orientation processes process is as follows:
1: judging whether the IP uplink message is DNS message or the message for being sent to the machine, and certification page is placed on the machine, is, puts Otherwise row turns in next step;
2: judging whether the IP uplink message is the message for establishing or releasing TCP connection, is to let pass, and is otherwise turned in next step;
3: judging whether cable port or wireless interface are authenticated, be to turn in next step, otherwise to let pass;
4: judging whether user is to have authenticated user or authentication-exempt user, is to let pass, otherwise turn in next step;
5: judging whether the IP uplink message is HTTP request message, be to turn in next step, otherwise directly to abandon the IP uplink report Text;
6: according to the HTTP request message of previous step, constructing 302 response message of HTTP, it is desirable that user jumps to authentication page The address in face abandons the IP uplink message;
7: 302 response message of HTTP that previous step constructs is returned into user;
Authentication module, for handling the certification request of user, authentication information includes account and password, when user mentions in certification page After handing over authentication information, authentication processing process is as follows:
1: authentication module checks whether authentication information is correct, turns in next step, otherwise to return to miscue, authentication processing if correct Process terminates;
2: judging whether the account is out of date, is, return to miscue, authentication processing process terminates, and otherwise turns in next step;
3: judge that the account has authenticated whether number of users reaches the upper limit, is, returns to miscue, authentication processing process terminates, Otherwise turn in next step;
4: recording the authentication information of user to having authenticated in user list;
5: return authentication is successfully prompted to user, and authentication processing process terminates;
Timing detection module, whether expired for periodically detection account, it is offline whether user needs, and detects once every the X time, Timing testing process is as follows:
1: traversing each account, judge whether account is expired, authenticate online use using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1.
It all supports the beneficial effects of the present invention are: providing a kind of Wireless-wire and does not all need that client is additionally installed Access authentication scheme, while being suitable for cable and wireless environment, versatility is higher, is not necessarily to other additionally mounted clients, uses It is convenient.
Detailed description of the invention
Fig. 1 is a kind of networking schematic diagram for the system that access authentication is carried out based on WEB of the present invention.
Fig. 2 is a kind of network sequence figure for the method that access authentication is carried out based on WEB of the present invention.
Fig. 3 is a kind of redirection flow chart for the method that access authentication is carried out based on WEB of the present invention.
Fig. 4 is a kind of identifying procedure figure for the method that access authentication is carried out based on WEB of the present invention.
Fig. 5 is a kind of timing overhaul flow chart for the method that access authentication is carried out based on WEB of the present invention.
Specific embodiment
The invention will be further described for explanation and specific embodiment with reference to the accompanying drawing.
As shown in Figures 1 to 5, a kind of system that access authentication is carried out based on WEB, from the point of view of network interaction, when user exists When browser accesses www.xxx.com, process is as follows:
1: user inquires domain name to dns server through network access equipment by wireless terminal or catv terminal The IP address of www.xxx.com;
2:DNS server response informs that the IP address of user www.xxx.com is A.B.C.D;
3: user and Website server A.B.C.D establish TCP connection (by three-way handshake message);
4: user issues HTTP GET/POST request to Website server A.B.C.D, but is intercepted by network access equipment;
5: re-orientation processes process, network access equipment disguise oneself as A.B.C.D to user's response, return to 302 message of HTTP to use Family, it is desirable that user jumps to specified address (generally certification page address);
6: user disconnects with Website server;
7: user accesses the address (certification page) returned in step 5;
8: user is in certification page input authentication information (authentication information includes account user name, password etc.) and submits;
9: authentication processing process, network access equipment verifies the authentication information of user, if authentication information is effective, the user Addition has authenticated (clearance) list, and enters next step, if authentication information is invalid, enters next step;
10: network access equipment return authentication result (success or failure) is prompted to user, specifically, if authentication information has Effect, then return authentication success page is to user, if authentication information is invalid, returns to failure page and is prompted to user.
The following (see figure 3) of re-orientation processes process:
1: judging whether IP uplink message is DNS message or the message (certification page is placed on the machine) for being sent to the machine, is to let pass (directly forwarding), otherwise turns in next step;
2: judging whether IP uplink message is the message (three-way handshake and wave for four times) for establishing or releasing TCP connection, is to put Row (directly forwards), otherwise turns in next step;
3: judging whether cable port or wireless interface are authenticated, be to turn in next step, otherwise to let pass and (directly forward);
4: judging whether user is to have authenticated user or authentication-exempt user, be let pass (directly forwarding), otherwise turn in next step;
5: judging whether IP uplink message is HTTP request message, be to turn in next step, otherwise direct dropping packets;
6: according to the HTTP request message of previous step, constructing 302 response message of HTTP, it is desirable that user jumps to authentication page The address in face
7: 302 response message of HTTP that previous step constructs is returned into user;
So far, redirection process is completed, and user will be forced to jump to certification page.
The following (see figure 4) of authentication processing process:
1: authentication module checks whether authentication information is correct (or whether effective), turns in next step if correct, otherwise returns wrong It accidentally prompts, process terminates;
2: whether the account is out of date, is, returns to miscue, and process terminates, and otherwise turns in next step;
3: the account has authenticated whether number of users reaches the upper limit, is, returns to miscue, and process terminates, and otherwise turns next Step;
4: recording the authentication information of user to having authenticated in user list;
5: return authentication is successfully prompted to user, and process terminates.
A kind of system carrying out access authentication based on WEB, further includes timing testing process.
The following (see figure 5) of timing testing process:
1: traversing each account, judgement is that account is no expired, and online use is authenticated using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1 (circulation).
As shown in Figures 1 to 5, a kind of system that access authentication is carried out based on WEB, including network access equipment, the net Network access device includes: redirection module, authentication module and timing detection module.
Redirection module when for user to be accessed internet, forces user to jump to certification page.When there is IP uplink report When text reaches the network equipment, the following (see figure 3) of re-orientation processes process:
1: judging whether IP uplink message is DNS message or the message (certification page is placed on the machine) for being sent to the machine, is to let pass (directly forwarding), otherwise turns in next step;
2: judging whether IP uplink message is the message (three-way handshake and wave for four times) for establishing or releasing TCP connection, is to put Row (directly forwards), otherwise turns in next step;
3: judging whether cable port or wireless interface are authenticated, be to turn in next step, otherwise to let pass and (directly forward);
4: judging whether user is to have authenticated user or authentication-exempt user, be let pass (directly forwarding), otherwise turn in next step;
5: judging whether IP uplink message is HTTP request message, be to turn in next step, otherwise direct dropping packets;
6: according to the HTTP request message of previous step, constructing 302 response message of HTTP, it is desirable that user jumps to authentication page The address in face
7: 302 response message of HTTP that previous step constructs is returned into user;
So far, redirection process is completed, and user will be forced to jump to certification page.
Authentication module, for handling the certification request of user, when user certification page submit authentication information after, authentication department Manage the following (see figure 4) of process:
1: authentication module checks whether authentication information is correct (or whether effective), turns in next step if correct, otherwise returns wrong It accidentally prompts, process terminates;
2: whether the account is out of date, is, returns to miscue, and process terminates, and otherwise turns in next step;
3: the account has authenticated whether number of users reaches the upper limit, is, returns to miscue, and process terminates, and otherwise turns next Step;
4: recording the authentication information of user to having authenticated in user list;
5: return authentication is successfully prompted to user, and process terminates.
Timing detection module, whether expired for periodically detection account, it is offline whether user needs, and detects every the X time Once, the following (see figure 5) of timing testing process:
1: traversing each account, judgement is that account is no expired, and online use is authenticated using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1 (circulation).
A kind of method and system being carried out access authentication based on WEB provided by the invention, is had the advantage that
1, user terminal only needs to prepare web browser, all included web browser of most of wired and wireless terminal, without another Outer other clients of installation, deployment are convenient.
2, it is suitable for cable and wireless environment simultaneously.
3, user only needs that webpage can be accessed, without any additional configuration.
4, certification network and non-authentication network can be divided according to cable port and wireless interface, facilitates equipment manager pair Wired and wireless network is managed.
The above content is a further detailed description of the present invention in conjunction with specific preferred embodiments, and it cannot be said that Specific implementation of the invention is only limited to these instructions.For those of ordinary skill in the art to which the present invention belongs, exist Under the premise of not departing from present inventive concept, a number of simple deductions or replacements can also be made, all shall be regarded as belonging to of the invention Protection scope.

Claims (5)

1. a kind of method for carrying out access authentication based on WEB, which comprises the following steps:
S1, user inquire the IP address of domain name by wireless terminal or catv terminal through network access equipment to dns server;
S2, dns server response inform that the IP address of user's domain name is A.B.C.D;
S3, user and IP address are that the Website server of A.B.C.D establishes TCP connection;
S4, user issue HTTP GET/POST request to the Website server that IP address is A.B.C.D, but by network insertion Equipment intercepts;
S5, network access equipment disguise oneself as Website server that IP address is A.B.C.D to user's response, return to 302 sound of HTTP Answer message to user, it is desirable that user jumps to the address of certification page;
S6, user and IP address are that the Website server of A.B.C.D disconnects;
Certification page in S7, user's accessing step S5;
S8, user input authentication information and submit in certification page;
S9, network access equipment verify the authentication information of user, and authentication information includes account and password, if authentication information has The user is then added authentication list, and enters next step by effect, if authentication information is invalid, enters next step;
S10, network access equipment return authentication result are prompted to user.
2. the method according to claim 1 for carrying out access authentication based on WEB, which is characterized in that in step S5, when there is IP When uplink message reaches network access equipment, the re-orientation processes process of network access equipment is as follows:
S51: judge whether the IP uplink message is DNS message or the message for sending out the machine, and certification page is placed on the machine, is, puts Otherwise row turns in next step;
S52: judge whether the IP uplink message is the message for establishing or releasing TCP connection, is to let pass, and is otherwise turned in next step;
S53: judging whether cable port or wireless interface are authenticated, and is to turn in next step, otherwise to let pass;
S54: judging whether user is to have authenticated user or authentication-exempt user, is to let pass, and otherwise turns in next step;
S55: judging whether the IP uplink message is HTTP request message, is to turn in next step, otherwise directly to abandon the IP uplink Message;
S56: according to the HTTP request message of previous step, 302 response message of HTTP is constructed, it is desirable that user jumps to certification The address of the page abandons the IP uplink message;
S57: 302 response message of HTTP that previous step constructs is returned into user.
3. the method according to claim 1 for carrying out access authentication based on WEB, which is characterized in that step S9 includes following Sub-step:
Whether S91, the authentication module inspection authentication information of network access equipment are correct, turn if correct in next step, if wrong Accidentally, then it returns to miscue and terminates;
S92, judge whether account is out of date, is, return to miscue and terminate, otherwise turn in next step;
S93, judge that account has authenticated whether number of users reaches the upper limit, is, return to miscue and terminate, otherwise turn next Step;
S94, the authentication information of user is recorded to having authenticated in user list;
S95, return authentication are successfully prompted to user.
4. the method according to claim 1 for carrying out access authentication based on WEB, which is characterized in that described to be carried out based on WEB The method of access authentication further includes timing testing process, and the timing testing process is as follows:
1: traversing each account, judge whether account is expired, authenticate online use using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1.
5. a kind of system for carrying out access authentication based on WEB, it is characterised in that: it include: network access equipment, the network insertion Equipment includes:
Redirection module, for forcing user to jump to certification page, when there is IP uplink message to arrive when user accesses internet When up to network access equipment, re-orientation processes process is as follows:
1: judging whether the IP uplink message is DNS message or the message for being sent to the machine, and certification page is placed on the machine, is, puts Otherwise row turns in next step;
2: judging whether the IP uplink message is the message for establishing or releasing TCP connection, is to let pass, and is otherwise turned in next step;
3: judging whether cable port or wireless interface are authenticated, be to turn in next step, otherwise to let pass;
4: judging whether user is to have authenticated user or authentication-exempt user, is to let pass, otherwise turn in next step;
5: judging whether the IP uplink message is HTTP request message, be to turn in next step, otherwise directly to abandon the IP uplink report Text;
6: according to the HTTP request message of previous step, constructing 302 response message of HTTP, it is desirable that user jumps to authentication page The address in face abandons the IP uplink message;
7: 302 response message of HTTP that previous step constructs is returned into user;
Authentication module, for handling the certification request of user, authentication information includes account and password, when user mentions in certification page After handing over authentication information, authentication processing process is as follows:
1: authentication module checks whether authentication information is correct, turns in next step, otherwise to return to miscue, authentication processing if correct Process terminates;
2: judging whether the account is out of date, is, return to miscue, authentication processing process terminates, and otherwise turns in next step;
3: judge that the account has authenticated whether number of users reaches the upper limit, is, returns to miscue, authentication processing process terminates, Otherwise turn in next step;
4: recording the authentication information of user to having authenticated in user list;
5: return authentication is successfully prompted to user, and authentication processing process terminates;
Timing detection module, whether expired for periodically detection account, it is offline whether user needs, and detects once every the X time, Timing testing process is as follows:
1: traversing each account, judge whether account is expired, authenticate online use using the account information all if expired Family kick it is offline, from the information deletion authenticated in user list these users, otherwise turn in next step;
2: the online user that traversal has each authenticated judges whether in the nearest Y time without network flow, if then the user Information delete from having authenticated in user list, otherwise turn in next step;
3: waiting the X time, go to step 1.
CN201811027010.9A 2018-09-04 2018-09-04 A kind of method and system carrying out access authentication based on WEB Pending CN109274657A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811027010.9A CN109274657A (en) 2018-09-04 2018-09-04 A kind of method and system carrying out access authentication based on WEB

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811027010.9A CN109274657A (en) 2018-09-04 2018-09-04 A kind of method and system carrying out access authentication based on WEB

Publications (1)

Publication Number Publication Date
CN109274657A true CN109274657A (en) 2019-01-25

Family

ID=65188288

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811027010.9A Pending CN109274657A (en) 2018-09-04 2018-09-04 A kind of method and system carrying out access authentication based on WEB

Country Status (1)

Country Link
CN (1) CN109274657A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431778A (en) * 2020-05-11 2020-07-17 深圳市吉祥腾达科技有限公司 Internet access authentication method realized based on wide area network server
CN112312391A (en) * 2019-07-26 2021-02-02 中国电信股份有限公司 Authentication method, system and related equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025633A (en) * 2010-12-16 2011-04-20 北京星网锐捷网络技术有限公司 WEB authentication-based routing method, authentication request receiving device and authentication system
CN102158492A (en) * 2011-04-14 2011-08-17 福建星网锐捷网络有限公司 Web authentication method, device and network equipment
US20150350256A1 (en) * 2014-05-28 2015-12-03 Apple Inc. Device and Method for Virtual Private Network Connection Establishment
CN105357209A (en) * 2015-11-20 2016-02-24 福建星网锐捷网络有限公司 WEB authentication method and WEB authentication device
CN105592037A (en) * 2015-07-10 2016-05-18 杭州华三通信技术有限公司 MAC address authentication method and device
CN106330948A (en) * 2016-09-09 2017-01-11 杭州华三通信技术有限公司 Message control method and message control device
CN106506675A (en) * 2016-11-25 2017-03-15 杭州华三通信技术有限公司 A kind of page reorientation method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025633A (en) * 2010-12-16 2011-04-20 北京星网锐捷网络技术有限公司 WEB authentication-based routing method, authentication request receiving device and authentication system
CN102158492A (en) * 2011-04-14 2011-08-17 福建星网锐捷网络有限公司 Web authentication method, device and network equipment
US20150350256A1 (en) * 2014-05-28 2015-12-03 Apple Inc. Device and Method for Virtual Private Network Connection Establishment
CN105592037A (en) * 2015-07-10 2016-05-18 杭州华三通信技术有限公司 MAC address authentication method and device
CN105357209A (en) * 2015-11-20 2016-02-24 福建星网锐捷网络有限公司 WEB authentication method and WEB authentication device
CN106330948A (en) * 2016-09-09 2017-01-11 杭州华三通信技术有限公司 Message control method and message control device
CN106506675A (en) * 2016-11-25 2017-03-15 杭州华三通信技术有限公司 A kind of page reorientation method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112312391A (en) * 2019-07-26 2021-02-02 中国电信股份有限公司 Authentication method, system and related equipment
CN112312391B (en) * 2019-07-26 2022-08-02 中国电信股份有限公司 Authentication method, system and related equipment
CN111431778A (en) * 2020-05-11 2020-07-17 深圳市吉祥腾达科技有限公司 Internet access authentication method realized based on wide area network server
CN111431778B (en) * 2020-05-11 2021-08-31 深圳市吉祥腾达科技有限公司 Internet access authentication method realized based on wide area network server

Similar Documents

Publication Publication Date Title
CN106131079B (en) Authentication method, system and proxy server
EP3675451B1 (en) Method, computer readable storage medium and apparatus for seamless single sign-on (sso) for native mobile-application initiated open-id connect (oidc) and security assertion markup language (saml) flows
CN104158808B (en) Portal authentication method and its device based on APP applications
CN103825881B (en) The reorientation method and device of WLAN user are realized based on wireless access controller AC
CN103701805B (en) Detect the method and device of weak passwurd in network
US8832787B1 (en) Implementing single sign-on across a heterogeneous collection of client/server and web-based applications
CN101702717B (en) Method, system and equipment for authenticating Portal
CN104283848B (en) Terminal access method and device
CN104539615B (en) Cascade connection authentication method based on CAS
CN103024740B (en) Method and system for accessing internet by mobile terminal
WO2008022589A1 (en) A system and method for authenticating the accessing request for the home network
CN104662873A (en) Reducing core network traffic caused by migrant
CN107733861A (en) It is a kind of based on enterprise-level intranet and extranet environment without password login implementation method
CN102984173A (en) Network access control method and system
WO2017177691A1 (en) Portal authentication method and system
CN103796278A (en) Mobile terminal wireless network access control method
CN105704141A (en) WIFI-based advertisement push method
CN108092988B (en) Non-perception authentication and authorization network system and method based on dynamic temporary password creation
CN102710667B (en) Method for realizing Portal authentication server attack prevention and broadband access server
CN105592046B (en) A kind of authentication-exempt access method and device
CN103905395A (en) WEB access control method and system based on redirection
CN106060072A (en) Authentication method and device
CN110557358A (en) Honeypot server communication method, SSLStrip man-in-the-middle attack perception method and related device
CN107508822A (en) Access control method and device
CN109274657A (en) A kind of method and system carrying out access authentication based on WEB

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190125

RJ01 Rejection of invention patent application after publication