CN109379369A - Single-point logging method, device, server and storage medium - Google Patents
Single-point logging method, device, server and storage medium Download PDFInfo
- Publication number
- CN109379369A CN109379369A CN201811333618.4A CN201811333618A CN109379369A CN 109379369 A CN109379369 A CN 109379369A CN 201811333618 A CN201811333618 A CN 201811333618A CN 109379369 A CN109379369 A CN 109379369A
- Authority
- CN
- China
- Prior art keywords
- application system
- target
- spoke
- access request
- destination address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000003860 storage Methods 0.000 title claims abstract description 23
- 230000015654 memory Effects 0.000 claims description 22
- 238000004590 computer program Methods 0.000 claims description 20
- 238000012545 processing Methods 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 description 24
- 238000004422 calculation algorithm Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000011161 development Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000004044 response Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 235000014510 cooky Nutrition 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 210000004258 portal system Anatomy 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A kind of single-point logging method, comprising: receive the logging request for the login gate system that client is sent, wherein the gate system is associated at least one application system;A target spoke is generated, and the validity period of the target spoke is set;Receive the access request of either objective application system at least one application system described in the access that client is sent;Verify the access request;And when the access request passes through verifying, allow to access the target application system.The present invention also provides a kind of single-sign-on device, server and storage mediums.The single-sign-on function of multiple subsystem may be implemented through the invention, be similar to a security tool, without repeatedly inputting username and password in the case where log in any application system in the gate system.
Description
Technical field
The present invention relates to mobile communication technology fields, and in particular to a kind of single-point logging method, device, server and storage
Medium.
Background technique
Enterprise information portal system is mainly used for realizing existing business greatly as enterprises portal basic platform, one
The reasonable aggregation of information (data) is realized in the integration of system, data resource, human resources;By realizing unified user and system
One access entrance accesses the relevant information resource integrated in portal platform, really realizes the effective use of resource, bigger hair
The use value of enterprise's existing resource is waved, production efficiency is improved.
In the prior art, for user when logging in the application system in the gate system, user needs input to be logged in
The authentication informations such as the username and password of application system can just log on in corresponding application system.For example, for one
It include application system 1, application system 2 and application system 3 inside enterprise A for enterprise.User logs in application system if necessary
1 just needs to input the corresponding username and password of application system 1, and user just needs to input to answer if necessary to log in application system 2
With the corresponding username and password of system 2, user just needs to input application system 3 corresponding if necessary to login application system 3
Username and password.It is cumbersome, poor user experience.
Summary of the invention
In view of the foregoing, it is necessary to propose a kind of single-point logging method, device, server and storage medium, Ke Yishi
The single-sign-on function of existing multiple subsystem, without being logged in the gate system in the case where repeatedly inputting username and password
Any application system.
The first aspect of the present invention provides a kind of single-point logging method, which comprises
Receive the logging request for the login gate system that client is sent, wherein the gate system is associated at least one
Application system;
A target spoke is generated, and the validity period of the target spoke is set;
Receive the access request of either objective application system at least one application system described in the access that client is sent;
Verify the access request;And
When the access request passes through verifying, allow to access the target application system.
Preferably, the logging request includes the target of the either objective application system at least one described application system
Address.
Preferably, it includes target spoke to be certified, the target application system that the access request, which includes: the access request,
The destination address for the corresponding API account and the target application system of uniting.
Preferably, by verifying the target of target spoke to be certified, target application system and the target application system
The access request is verified in location;
When the destination address of the target spoke to be certified and target application system and the target application system is all verified
By when, confirm that the access request is verified;
One in the destination address of the target spoke to be certified and target application system and the target application system
When person's verifying does not pass through, confirm that the access request verifying does not pass through.
Preferably, by confirming whether the target spoke to be certified is consistent with the target spoke of generation, and whether having
In the effect phase, to verify the target spoke to be certified;
When the target spoke to be certified is consistent with the target spoke of generation, and before the deadline when, confirmation is described wait recognize
Card target spoke is verified;
When the target spoke of the target spoke to be certified and generation is inconsistent, or not before the deadline when, described in confirmation
Target spoke verifying to be certified does not pass through;
Judge that the corresponding API account of the target application system whether there is in database;
When the corresponding API account of the target application system is present in the database, the target application is confirmed
System is verified;
When the corresponding API account of the target application system is not present in the database, confirm that the target is answered
Do not passed through with system verifying;
Confirm the target application system in the access request destination address whether in logging request described in
The destination address of target application system is consistent;
The mesh in the destination address and the logging request of the target application system in the access request
When the destination address of mark application system is consistent, confirm that the destination address of the target application system is verified;
The destination address and the target in the logging request of the target application system in the access request
When the destination address of application system is inconsistent, confirm that the destination address verifying of the target application system does not pass through.
Preferably, the method also includes:
One in the destination address of the target spoke to be certified and target application system and the target application system
When person's verifying does not pass through, confirm that the access request verifying does not pass through, application system described in denied access.
Preferably, when the logging request passes through verifying, allow the client access the target application system it
Afterwards, the method includes removing target spoke.
The second aspect of the present invention provides a kind of single-sign-on device, and described device includes:
Receiving module, the logging request of the login gate system for receiving client transmission, wherein the gate system
It is associated at least one application system;
For generating a target spoke, and the validity period of the target spoke is arranged in generation module;
The receiving module is also used to receive either objective at least one application system described in the access of client transmission
The access request of application system, wherein the access request includes that target spoke to be certified and the target application system are corresponding
API account;
Authentication module, for verifying the access request;And
Processing module, for allowing to access the target application system when the access request passes through verifying.
The third aspect of the present invention provides a kind of server, and the server includes processor and memory, the processing
Device is for realizing the single-point logging method when executing the computer program stored in the memory.
The fourth aspect of the present invention provides a kind of computer readable storage medium, deposits on the computer readable storage medium
Computer program is contained, the computer program realizes the single-point logging method when being executed by processor.
Single-point logging method, device, system and storage medium of the present invention, the present invention are controlled single by token mechanism
Point logs in secure access, and the single-sign-on function of multiple subsystem may be implemented, in the feelings without repeatedly inputting username and password
Any application system in the gate system is logged under condition.The anti-replay-attack that ensure that single-sign-on access, further through encryption
It ensure that link information is not leaked, greatly reduce the workload of secondary development, shorten the development cycle, ensure that access peace
Entirely, reliably, reduce O&M cost, it can be with Quick thread.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the flow chart for the single-point logging method that the embodiment of the present invention one provides.
Fig. 2 is the functional block diagram in single-sign-on device preferred embodiment of the present invention provided by Embodiment 2 of the present invention.
Fig. 3 is the schematic diagram for the server that the embodiment of the present invention three provides.
The present invention that the following detailed description will be further explained with reference to the above drawings.
Specific embodiment
To better understand the objects, features and advantages of the present invention, with reference to the accompanying drawing and specific real
Applying example, the present invention will be described in detail.It should be noted that in the absence of conflict, the embodiment of the present invention and embodiment
In feature can be combined with each other.
In the following description, numerous specific details are set forth in order to facilitate a full understanding of the present invention, described embodiment is only
It is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill
Personnel's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Unless otherwise defined, all technical and scientific terms used herein and belong to technical field of the invention
The normally understood meaning of technical staff is identical.Term as used herein in the specification of the present invention is intended merely to description tool
The purpose of the embodiment of body, it is not intended that in the limitation present invention.
Description and claims of this specification and term " first " in above-mentioned attached drawing, " second " and " third " etc. are
For distinguishing different objects, not for description particular order.In addition, term " includes " and their any deformations, it is intended that
Non-exclusive include in covering.Such as the process, method, system, product or equipment for containing a series of steps or units do not have
It is defined in listed step or unit, but optionally further comprising the step of not listing or unit, or optionally further comprising
For the intrinsic other step or units of these process, methods, product or equipment.
The single-point logging method of the embodiment of the present invention is applied by least one server and by network and the service
In the hardware environment that the client that device is attached is constituted.Network includes but is not limited to: wide area network, Metropolitan Area Network (MAN) or local area network.
The single-point logging method of the embodiment of the present invention can be executed by server, can also be executed by client;Can also be by
Server and client side executes jointly.The server is that one kind can be automatic to carry out according to the instruction for being previously set or storing
Numerical value calculates and/or the equipment of information processing, and hardware includes but is not limited to microprocessor, specific integrated circuit (application program
Lication Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable
Gate Array, FPGA), digital processing unit (Digital Signal Processor, DSP), embedded device etc..
The server for needing to carry out single-point logging method, can directly integrate side of the invention on the server
Single-sign-on function provided by method, or installation is for realizing the client of method of the invention.For another example, provided by the present invention
Method server can also be operated in the form of Software Development Kit (Software Development Kit, SDK)
Etc. in equipment, the interface of single-sign-on function, server or other equipment are provided in the form of SDK, the interface that provides are provided
Realize single-sign-on function.
Embodiment one
As shown in fig.1, the flow chart for the single-point logging method that the embodiment of the present invention one provides.According to different requirements,
Execution sequence in the flow chart can change, and certain steps can be omitted.
S01, the logging request for receiving the login gate system that client is sent, wherein the gate system association is at least
One application system.
For example, the gate system can be the enterprise portal that informatization enterprise generally includes, the gate system
It is a kind of based on Web, different application, different business process, different back-end systems, different services and information, difference is known
The contents such as knowledge are integrated into the powerful soft ware platform in property window one by one.The gate system may be considered
One itself manageable resource set is fit.The gate system is associated at least one application system, and the application system is main
For providing the types of applications used in routine work for user, such application is related to the action of user, exists for user
Application system used in routine work.At least one described application system can be mailing system, the office automation system, specially
Industry business application system, archives economy etc., these application systems all pass through unified integrated technology and are associated in gate system.It is existing
Have in technology, the gate system can not be shared with the information in each application system, need to realize by different technical solutions
Information sharing.
In the present embodiment, the gate system can provide a logentry and an authentication interface and pass through visitor for user
Family end logs in the gate system.
The logentry can receive the username and password of user's input.
The authentication interface is api interface.
The logging request includes at least any mesh in the username and password and at least one described application system
Mark the destination address of application system.
In the present embodiment, the single-point logging method gate system receive client send logging request it
Before, further include the steps that the communication connection established between the gate system and client.The communication connection can be wired
Connection, is also possible to be wirelessly connected.
S02, a target spoke is generated, and the validity period of the target spoke is set.
In the present embodiment, the target spoke can be Token token, and the Token token can be set
Validity period.
In the present embodiment, the single-point logging method further includes that the local for storing the target spoke to browser is deposited
Store up the step in (localstorage).
In the present embodiment, LocalStorage can only store the data of key-value pair (key-value pair) form,
And key and value can only be stored as character string type, therefore when storage target spoke being locally stored to browser
Afterwards, an available fixed key, such as lops_token.
When the holding time of the target spoke being more than validity period, the target spoke is invalid token.The visitor
Family end can not access application system associated by the gate system by the invalid token.
In the present embodiment, the validity period of the target spoke can be set, for example, 6 hours.If the target enables
The holding time of board has been more than the validity period, then without carrying out subsequent verifying, directly forbids the target spoke corresponding
User accesses application system associated by the gate system.
Preferably, the single-point logging method further includes the steps that encrypting the logging request.
Specifically, it since the data that http protocol is communicated mostly are not encrypted plaintexts, including logging request, returns
Value, target spoke, cookie, head etc. data are returned, therefore, the external world is easy by the monitoring to communication channel
According to the format of request (client) and response (gate system) both sides, request and response are forged, various information are modified and steal.
So we also need to encrypt interactive information involved in each logging request process by Encryption Algorithm, to guarantee
Interaction safety.The Encryption Algorithm includes digest algorithm (such as MD5 and SHA1), symmetric encipherment algorithm (such as DES and AES) and non-right
Claim Encryption Algorithm (such as RSA).
S03, receive client send access target application system access request, wherein the access request include to
Authenticate target spoke and the corresponding API account of the target application system.
The application system is to access the subsystem of gate system certification, and user can give birth to when accessing the application system
At an access request, the access request includes obtaining Token value, institute by key lops_token from localStorage
Token value is stated to be injected towards in the request header of request.For example, the access request is { " Authorization ": 744e8
8bd3cc9f29e7bbe955f15fa4e6c915bc8eb"}。
In the present embodiment, it in order to improve safety, can also be established at least one described application system corresponding
API account.In this way, needing to judge the corresponding API account of the target application system when client access target application system
With the presence or absence of in database, being stored with all API accounts pre-established in the database.When the target application system
When corresponding API account is present in the database, illustrate that the target application system is legal application system.Pass through foundation
Then the corresponding API account of each application system can be determined that accordingly according to these legal API accounts established
The legitimacy of application system, so as to avoid some illegal application systems from stealing the data information of legal application system
And identity information of user etc., the safety of data can be effectively protected.
It is understood that the access request further includes the destination address of the target application system.
S04, the verifying access request.
In the present embodiment, it is tested by verifying target spoke, target application system and the destination address to be certified
Demonstrate,prove the access request;When the target spoke to be certified and target application system and destination address are all verified, confirmation
The access request is verified;When the target spoke to be certified and one of target application system and destination address are verified
When not passing through, confirm that the access request verifying does not pass through.
Specifically, first by confirming whether the target spoke to be certified is consistent with the target spoke of generation, and whether
Before the deadline, the target spoke to be certified is verified.When the target spoke to be certified is consistent with the target spoke of generation,
And when before the deadline, confirm that the target spoke to be certified is verified;When the mesh of the target spoke to be certified and generation
It is inconsistent to mark token, or not before the deadline when, confirm that the target spoke to be certified verifying does not pass through.
Secondly, judging that the corresponding API account of the target application system whether there is in database, when the target is answered
When being present in the database with the corresponding API account of system, confirm that the target application system is verified;When the mesh
When the corresponding API account of mark application system is not present in the database, confirm that the target application system verifying does not pass through.
Again, confirm whether the destination address in the access request is consistent with the destination address in the logging request,
When the destination address in the access request is consistent with the destination address in the logging request, confirm that the destination address is tested
Card passes through;When the destination address in destination address and the logging request in the access request is inconsistent, the mesh is confirmed
Mark address validation does not pass through.
S05, when the access request passes through verifying, allow to access the target application system.
In the present embodiment, when the access request passes through verifying, the target is accessed according to the destination address
Application system.
In the present embodiment, the single-point logging method further includes allowing institute when the logging request passes through verifying
It further comprise the step of removing the target spoke after stating the client access target application system.The same target
Token only runs primary login, can not Reusability, avoid illegal user using the target spoke having been used and log in certain
A application system ensure that the safety of each application system.
S06, when the access request is not over verifying, application system described in denied access.
In conclusion single-point logging method provided by the invention, which comprises receive the login door that client is sent
The logging request of family system, wherein the gate system is associated at least one application system;A target spoke is generated, and is arranged
The validity period of the target spoke;Receive either objective application system at least one application system described in the access that client is sent
The access request of system, wherein the access request includes target spoke to be certified and the corresponding API account of the target application system
Number;Verify the access request;And when the access request passes through verifying, allow to access the target application system.This hair
It is bright that single-sign-on secure access is controlled by token mechanism, the single-sign-on function of multiple subsystem may be implemented, without repeating
The either objective application system in the gate system is logged in the case where input username and password.It ensure that single-sign-on is visited
The anti-replay-attack asked ensure that link information is not leaked further through encryption, greatly reduce the workload of secondary development,
Shorten the development cycle, ensure that access safety, reliable, reduce O&M cost, it can be with Quick thread.
The above is only a specific embodiment of the invention, but scope of protection of the present invention is not limited thereto, for
For those skilled in the art, without departing from the concept of the premise of the invention, improvement, but these can also be made
It all belongs to the scope of protection of the present invention.
Below with reference to the 2nd to 3 figure, respectively to the functional module and hardware of the electronic equipment of the above-mentioned single-point logging method of realization
Structure is introduced.
Embodiment two
Fig. 2 is the functional block diagram in single-sign-on device preferred embodiment of the present invention.
In some embodiments, the single-sign-on device 20 is run in terminal device.The single-sign-on device 20
It may include multiple functional modules as composed by program code segments.The journey of each program segment in the single-sign-on device 20
Sequence code can store in memory, and as performed by least one processor, with execution (being detailed in Fig. 1 and its associated description)
Single-sign-on function.
In the present embodiment, function of the single-sign-on device 20 according to performed by it can be divided into multiple functions
Module.The functional module may include: receiving module 201, generation module 202, authentication module 203 and processing module 204.This
Inventing so-called module and referring to a kind of performed by least one processor and can complete a series of of fixed function
Computer program code segments, storage is in memory.It in some embodiments, will be in subsequent embodiment about the function of each module
Middle detailed description.
The receiving module 201 is used to receive the logging request of the login gate system of client transmission, wherein the door
At least one application system of family system relationship.
For example, the gate system can be the enterprise portal that informatization enterprise generally includes, the gate system
It is a kind of based on Web, different application, different business process, different back-end systems, different services and information, difference is known
The contents such as knowledge are integrated into the powerful soft ware platform in property window one by one.The gate system may be considered
One itself manageable resource set is fit.The gate system is associated at least one application system, and the application system is main
For providing the types of applications used in routine work for user, such application is related to the action of user, exists for user
Application system used in routine work.At least one described application system can be mailing system, the office automation system, specially
Industry business application system, archives economy etc., these application systems all pass through unified integrated technology and are associated in gate system.It is existing
Have in technology, the gate system can not be shared with the information in each application system, need to realize by different technical solutions
Information sharing.
In the present embodiment, the gate system can provide a logentry and an authentication interface and pass through visitor for user
Family end logs in the gate system.
The logentry can receive the username and password of user's input.
The authentication interface is api interface.
The logging request includes at least any mesh in the username and password and at least one described application system
Mark the destination address of application system.
In the present embodiment, the single-point logging method gate system receive client send logging request it
Before, further include the steps that the communication connection established between the gate system and client.The communication connection can be wired
Connection, is also possible to be wirelessly connected.
The validity period of the target spoke is arranged for generating a target spoke in the generation module 202.
In the present embodiment, the target spoke can be Token token, and the Token token can be set
Validity period.
In the present embodiment, the single-point logging method further includes that the local for storing the target spoke to browser is deposited
Store up the step in (localstorage).
In the present embodiment, LocalStorage can only store the data of key-value pair (key-value pair) form,
And key and value can only be stored as character string type, therefore when storage target spoke being locally stored to browser
Afterwards, an available fixed key, such as lops_token.
When the holding time of the target spoke being more than validity period, the target spoke is invalid token.The visitor
Family end can not access application system associated by the gate system by the invalid token.
In the present embodiment, the validity period of the target spoke can be set, for example, 6 hours.If the target enables
The holding time of board has been more than the validity period, then without carrying out subsequent verifying, directly forbids the target spoke corresponding
User accesses application system associated by the gate system.
Preferably, the single-point logging method further includes the steps that encrypting the logging request.
Specifically, it since the data that http protocol is communicated mostly are not encrypted plaintexts, including logging request, returns
Value, target spoke, cookie, head etc. data are returned, therefore, the external world is easy by the monitoring to communication channel
According to the format of request (client) and response (gate system) both sides, request and response are forged, various information are modified and steal.
So we also need to encrypt interactive information involved in each logging request process by Encryption Algorithm, to guarantee
Interaction safety.The Encryption Algorithm includes digest algorithm (such as MD5 and SHA1), symmetric encipherment algorithm (such as DES and AES) and non-right
Claim Encryption Algorithm (such as RSA).
The receiving module 201 is also used to receive the access request of the access target application system of client transmission, wherein
The access request includes target spoke to be certified and the corresponding API account of the target application system.
The application system is to access the subsystem of gate system certification, and user can give birth to when accessing the application system
At an access request, the access request includes obtaining Token value, institute by key lops_token from localStorage
Token value is stated to be injected towards in the request header of request.For example, the access request is { " Authorization ": 744e8
8bd3cc9f29e7bbe955f15fa4e6c915bc8eb"}。
In the present embodiment, it in order to improve safety, can also be established at least one described application system corresponding
API account.In this way, needing to judge the corresponding API account of the target application system when client access target application system
With the presence or absence of in database, being stored with all API accounts pre-established in the database.When the target application system
When corresponding API account is present in the database, illustrate that the target application system is legal application system.Pass through foundation
Then the corresponding API account of each application system can be determined that accordingly according to these legal API accounts established
The legitimacy of application system, so as to avoid some illegal application systems from stealing the data information of legal application system
And identity information of user etc., the safety of data can be effectively protected.
It is understood that the access request further includes the destination address of the target application system.
The authentication module 203 is for verifying the access request.
In the present embodiment, it is tested by verifying target spoke, target application system and the destination address to be certified
Demonstrate,prove the access request;When the target spoke to be certified and target application system and destination address are all verified, confirmation
The access request is verified;When the target spoke to be certified and one of target application system and destination address are verified
When not passing through, confirm that the access request verifying does not pass through.
Specifically, first by confirming whether the target spoke to be certified is consistent with the target spoke of generation, and whether
Before the deadline, the target spoke to be certified is verified.When the target spoke to be certified is consistent with the target spoke of generation,
And when before the deadline, confirm that the target spoke to be certified is verified;When the mesh of the target spoke to be certified and generation
It is inconsistent to mark token, or not before the deadline when, confirm that the target spoke to be certified verifying does not pass through.
Secondly, judging that the corresponding API account of the target application system whether there is in database, when the target is answered
When being present in the database with the corresponding API account of system, confirm that the target application system is verified;When the mesh
When the corresponding API account of mark application system is not present in the database, confirm that the target application system verifying does not pass through.
Again, confirm whether the destination address in the access request is consistent with the destination address in the logging request,
When the destination address in the access request is consistent with the destination address in the logging request, confirm that the destination address is tested
Card passes through;When the destination address in destination address and the logging request in the access request is inconsistent, the mesh is confirmed
Mark address validation does not pass through.
The processing module 204 is used for when the access request passes through verifying, allows to access the target application system.
In the present embodiment, when the access request passes through verifying, the target is accessed according to the destination address
Application system.
In the present embodiment, the single-point logging method further includes allowing institute when the logging request passes through verifying
It further comprise the step of removing the target spoke after stating the client access target application system.The same target
Token only runs primary login, can not Reusability, avoid illegal user using the target spoke having been used and log in certain
A application system ensure that the safety of each application system.
The processing module 204 is also used to when the access request is not over verifying, using being described in denied access
System.
In conclusion single-sign-on device 20 provided by the invention includes receiving module 201, generation module 202, verifying mould
Block 203 and processing module 204.The receiving module 201 is used to receive the logging request of the login gate system of client transmission,
Wherein, the gate system is associated at least one application system;The generation module 202 is set for generating a target spoke
Set the validity period of the target spoke;The receiving module 201 is also used to receive at least one described in the access of client transmission
The access request of either objective application system in application system, wherein the access request includes target spoke to be certified and described
The corresponding API account of target application system;The authentication module 203 is for verifying the access request;And the processing module
204 for allowing to access the target application system when the access request passes through verifying.The present invention passes through token mechanism control
Single-sign-on secure access processed, may be implemented the single-sign-on function of multiple subsystem, without repeatedly inputting username and password
In the case where log in either objective application system in the gate system.It ensure that the anti-replay-attack of single-sign-on access,
It ensure that link information is not leaked further through encryption, greatly reduce the workload of secondary development, shorten the development cycle, protect
Access safety, reliable has been demonstrate,proved, O&M cost is reduced, it can be with Quick thread.
The above-mentioned integrated unit realized in the form of software function module, can store and computer-readable deposit at one
In storage media.Above-mentioned software function module is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, double screen equipment or the network equipment etc.) or processor (processor) execute the present invention
The part of a embodiment the method.
Embodiment three
Fig. 3 is the schematic diagram for the server that the embodiment of the present invention three provides.
The server 3 includes: database 31, memory 32, at least one processor 33, is stored in the memory 32
In and the computer program 34 and at least one communication bus 35 that can be run at least one described processor 33.
At least one described processor 33 realizes above-mentioned single-point logging method embodiment when executing the computer program 34
In step.
Illustratively, the computer program 34 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 32, and are executed by least one described processor 33, to complete this hair
It is bright.One or more of module/units can be the series of computation machine program instruction section that can complete specific function, described
Instruction segment is for describing implementation procedure of the computer program 34 in the server 3.
The server 3 is that one kind can be automatic to carry out numerical value calculating and/or letter according to the instruction for being previously set or storing
The equipment of processing is ceased, hardware includes but is not limited to microprocessor, specific integrated circuit (application program lication
Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable Gate
Array, FPGA), digital processing unit (Digital Signal Processor, DSP), embedded device etc..Art technology
Personnel are appreciated that the schematic diagram 3 is only the example of server 3, do not constitute the restriction to server 3, may include
Than illustrating more or fewer components, certain components or different components are perhaps combined, such as the server 3 can be with
Including input-output equipment, network access equipment, bus etc..
The database (Database) 41 is to carry out the foundation of tissue, storage and management data according to data structure described
Warehouse on server 3.Database is generally divided into hierarchical database, network database and three kinds of relational database.?
In present embodiment, the database 31 is used for the API account of storage application system.
At least one described processor 33 can be central processing unit (Central Processing Unit, CPU),
It can also be other general processors, digital signal processor (Digital Signal Processor, DSP), dedicated integrated
Circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..The processor 33 can be microprocessor or the processor 33 is also possible to any conventional place
Device etc. is managed, the processor 33 is the control centre of the server 3, utilizes various interfaces and the entire server 3 of connection
Various pieces.
The memory 32 can be used for storing the computer program 34 and/or module/unit, and the processor 33 passes through
Operation executes the computer program and/or module/unit being stored in the memory 32, and calls and be stored in memory
Data in 32 realize the various functions of the server 3.The memory 32 can mainly include storing program area and storage number
According to area, wherein storing program area can application program needed for storage program area, at least one function (for example sound plays function
Energy, image player function etc.) etc.;Storage data area, which can be stored, uses created data (such as audio number according to server 3
According to, phone directory etc.) etc..In addition, memory 32 may include high-speed random access memory, it can also include non-volatile memories
Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure
Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are solid
State memory device.
Program code is stored in the memory 32, and at least one described processor 33 can call the memory 32
The program code of middle storage is to execute relevant function.For example, modules described in Fig. 3 are stored in the memory 32
In program code, and as performed by least one described processor 33, to realize the function of the modules to reach
The purpose of single-sign-on.
If the integrated module/unit of the server 3 is realized in the form of SFU software functional unit and as independent production
Product when selling or using, can store in a computer readable storage medium.Based on this understanding, the present invention realizes
All or part of the process in above-described embodiment method can also instruct relevant hardware to complete by computer program,
The computer program can be stored in a computer readable storage medium, and the computer program is being executed by processor
When, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes computer program code, described
Computer program code can be source code form, object identification code form, executable file or certain intermediate forms etc..The meter
Calculation machine readable medium may include: can carry the computer program code any entity or device, recording medium, USB flash disk,
Mobile hard disk, magnetic disk, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory
Device (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It needs to illustrate
It is that the content that the computer-readable medium includes can be fitted according to the requirement made laws in jurisdiction with patent practice
When increase and decrease, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium does not include electric carrier wave letter
Number and telecommunication signal.
Although being not shown, the server 3 can also include the power supply (such as battery) powered to all parts, preferably
, power supply can be logically contiguous by power-supply management system and at least one described processor 33, to pass through power management system
System realizes the functions such as management charging, electric discharge and power managed.Power supply can also include one or more direct current or friendship
Galvanic electricity source, recharging system, power failure detection circuit, power adapter or inverter, power supply status indicator etc. are any
Component.The server 3 can also include bluetooth module, Wi-Fi module etc., and details are not described herein.
It should be understood that the embodiment is only purposes of discussion, do not limited by this structure in patent claim.
In several embodiments provided by the present invention, it should be understood that arriving, disclosed electronic equipment and method can be with
It realizes by another way.For example, electronic equipment embodiment described above is only schematical, for example, the list
The division of member, only a kind of logical function partition, there may be another division manner in actual implementation.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in same treatment unit
It is that each unit physically exists alone, can also be integrated in same unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.This
Outside, it is clear that one word of " comprising " is not excluded for other units or, odd number is not excluded for plural number.The multiple units stated in system claims
Or device can also be implemented through software or hardware by a unit or device.The first, the second equal words are used to indicate name
Claim, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference
Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention
Technical solution is modified or equivalent replacement, without departing from the spirit of the technical scheme of the invention range.
Claims (10)
1. a kind of single-point logging method is applied in server, which is characterized in that the described method includes:
Receive the logging request for the login gate system that client is sent, wherein the gate system is associated at least one application
System;
A target spoke is generated, and the validity period of the target spoke is set;
Receive the access request of either objective application system at least one application system described in the access that client is sent;
Verify the access request;And
When the access request passes through verifying, allow to access the target application system.
2. single-point logging method as described in claim 1, which is characterized in that the logging request include it is described at least one answer
With the destination address of the either objective application system in system.
3. single-point logging method as claimed in claim 2, which is characterized in that the access request includes: the access request
Destination address including target spoke to be certified, the target application system corresponding API account and the target application system.
4. single-point logging method as claimed in claim 3, which is characterized in that answered by verifying target spoke to be certified, target
The access request is verified with the destination address of system and the target application system;
When the destination address of the target spoke to be certified and target application system and the target application system is all verified
When, confirm that the access request is verified;
When one of the destination address of the target spoke to be certified and target application system and the target application system is tested
When card does not pass through, confirm that the access request verifying does not pass through.
5. single-point logging method as claimed in claim 4, it is characterised in that:
By confirming whether the target spoke to be certified is consistent with the target spoke of generation, and whether before the deadline, to test
Demonstrate,prove the target spoke to be certified;
When the target spoke to be certified is consistent with the target spoke of generation, and before the deadline when, confirm the mesh to be certified
Mark token authentication passes through;
When the target spoke of the target spoke to be certified and generation is inconsistent, or not before the deadline when, confirmation is described wait recognize
Card target spoke verifying does not pass through;
Judge that the corresponding API account of the target application system whether there is in database;
When the corresponding API account of the target application system is present in the database, the target application system is confirmed
It is verified;
When the corresponding API account of the target application system is not present in the database, the target application system is confirmed
System verifying does not pass through;
Confirm the target application system in the access request destination address whether with the target in logging request
The destination address of application system is consistent;
When the destination address of the target application system in the access request is answered with the target in the logging request
When consistent with the destination address of system, confirm that the destination address of the target application system is verified;
The destination address and the target application in the logging request of the target application system in the access request
When the destination address of system is inconsistent, confirm that the destination address verifying of the target application system does not pass through.
6. single-point logging method as claimed in claim 4, which is characterized in that the method also includes:
When one of the destination address of the target spoke to be certified and target application system and the target application system is tested
When card does not pass through, confirm that the access request verifying does not pass through, application system described in denied access.
7. single-point logging method as described in claim 1, which is characterized in that when the logging request passes through verifying, allow
After the client accesses the target application system, the method includes removing target spoke.
8. a kind of mobile terminal single-sign-on device, which is characterized in that described device includes:
Receiving module, the logging request of the login gate system for receiving client transmission, wherein the gate system association
At least one application system;
For generating a target spoke, and the validity period of the target spoke is arranged in generation module;
The receiving module is also used to receive either objective application at least one application system described in the access of client transmission
The access request of system;
Authentication module, for verifying the access request;And
Processing module, for allowing to access the target application system when the access request passes through verifying.
9. a kind of server, which is characterized in that the server includes processor and memory, and the processor is for executing institute
Single-point logging method as claimed in any of claims 1 to 7 in one of claims is realized when stating the computer program stored in memory.
10. a kind of computer readable storage medium, computer program, feature are stored on the computer readable storage medium
It is, the computer program realizes single-sign-on side as claimed in any of claims 1 to 7 in one of claims when being executed by processor
Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811333618.4A CN109379369A (en) | 2018-11-09 | 2018-11-09 | Single-point logging method, device, server and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811333618.4A CN109379369A (en) | 2018-11-09 | 2018-11-09 | Single-point logging method, device, server and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109379369A true CN109379369A (en) | 2019-02-22 |
Family
ID=65384211
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811333618.4A Pending CN109379369A (en) | 2018-11-09 | 2018-11-09 | Single-point logging method, device, server and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109379369A (en) |
Cited By (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
CN109960924A (en) * | 2019-03-04 | 2019-07-02 | 珠海格力电器股份有限公司 | One subsystem login method, device, system and electronic equipment |
CN110636057A (en) * | 2019-09-10 | 2019-12-31 | 腾讯科技(深圳)有限公司 | Application access method and device and computer readable storage medium |
CN110704820A (en) * | 2019-09-30 | 2020-01-17 | 北京金山云网络技术有限公司 | Login processing method and device, electronic equipment and computer readable storage medium |
CN110781485A (en) * | 2019-11-07 | 2020-02-11 | 北京推想科技有限公司 | Single sign-on method and device |
CN110830493A (en) * | 2019-11-14 | 2020-02-21 | 北京京航计算通讯研究所 | Single sign-on implementation method based on intelligent enterprise portal |
CN110826049A (en) * | 2019-11-14 | 2020-02-21 | 北京京航计算通讯研究所 | Single sign-on implementation system based on intelligent enterprise portal |
CN111240863A (en) * | 2020-01-10 | 2020-06-05 | 无锡华云数据技术服务有限公司 | Data communication method, device, micro front-end system and storage medium |
CN111431908A (en) * | 2020-03-26 | 2020-07-17 | 深圳壹账通智能科技有限公司 | Access processing method and device and readable storage medium |
CN111800397A (en) * | 2020-06-23 | 2020-10-20 | 四川虹美智能科技有限公司 | Login method, device and system of intangible asset management platform |
CN112231691A (en) * | 2020-09-29 | 2021-01-15 | 新华三信息安全技术有限公司 | Equipment login method, device and system |
CN112332993A (en) * | 2020-11-03 | 2021-02-05 | 紫光云引擎科技(苏州)有限公司 | Industrial cloud application store system authentication method and system based on U-currency integration |
CN112583607A (en) * | 2020-12-22 | 2021-03-30 | 珠海格力电器股份有限公司 | Equipment access management method, device, system and storage medium |
CN112597475A (en) * | 2020-12-24 | 2021-04-02 | 深圳市九洲电器有限公司 | Instruction execution method and device, terminal equipment and storage medium |
CN112685706A (en) * | 2020-12-29 | 2021-04-20 | 平安普惠企业管理有限公司 | Request authentication method and related equipment |
CN112685719A (en) * | 2020-12-29 | 2021-04-20 | 武汉联影医疗科技有限公司 | Single sign-on method, device, system, computer equipment and storage medium |
CN112836204A (en) * | 2021-02-03 | 2021-05-25 | 中国人民财产保险股份有限公司 | Token updating method and device |
CN113014615A (en) * | 2019-12-20 | 2021-06-22 | 西安诺瓦星云科技股份有限公司 | Data synchronization method, device and system |
CN113395290A (en) * | 2021-06-30 | 2021-09-14 | 成都卫士通信息产业股份有限公司 | Mailbox login method and device, electronic equipment and readable storage medium |
CN113515395A (en) * | 2021-06-16 | 2021-10-19 | 国云科技股份有限公司 | Application access method and device based on multi-cloud management platform |
CN114765547A (en) * | 2020-12-31 | 2022-07-19 | 北京千里日成科技有限公司 | Business system access method, device, equipment and storage medium |
CN115001808A (en) * | 2022-05-31 | 2022-09-02 | 中国银行股份有限公司 | Domain user login method, device, equipment and medium |
CN115225354A (en) * | 2022-07-07 | 2022-10-21 | 通号智慧城市研究设计院有限公司 | Multi-application single sign-on method, device, computer equipment and medium |
WO2023125954A1 (en) * | 2021-12-31 | 2023-07-06 | 上海云盾信息技术有限公司 | Single sign-on method and system for third-party application, and device and medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN106790272A (en) * | 2017-02-16 | 2017-05-31 | 济南浪潮高新科技投资发展有限公司 | A kind of system and method for single-sign-on, a kind of application server |
CN107846414A (en) * | 2017-12-04 | 2018-03-27 | 山东浪潮通软信息科技有限公司 | A kind of single-point logging method and system, Centralized Authentication System |
-
2018
- 2018-11-09 CN CN201811333618.4A patent/CN109379369A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN106790272A (en) * | 2017-02-16 | 2017-05-31 | 济南浪潮高新科技投资发展有限公司 | A kind of system and method for single-sign-on, a kind of application server |
CN107846414A (en) * | 2017-12-04 | 2018-03-27 | 山东浪潮通软信息科技有限公司 | A kind of single-point logging method and system, Centralized Authentication System |
Cited By (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109960924A (en) * | 2019-03-04 | 2019-07-02 | 珠海格力电器股份有限公司 | One subsystem login method, device, system and electronic equipment |
CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
CN110636057A (en) * | 2019-09-10 | 2019-12-31 | 腾讯科技(深圳)有限公司 | Application access method and device and computer readable storage medium |
CN110636057B (en) * | 2019-09-10 | 2021-09-28 | 腾讯科技(深圳)有限公司 | Application access method and device and computer readable storage medium |
CN110704820A (en) * | 2019-09-30 | 2020-01-17 | 北京金山云网络技术有限公司 | Login processing method and device, electronic equipment and computer readable storage medium |
CN110781485A (en) * | 2019-11-07 | 2020-02-11 | 北京推想科技有限公司 | Single sign-on method and device |
CN110781485B (en) * | 2019-11-07 | 2022-02-22 | 推想医疗科技股份有限公司 | Single sign-on method and device |
CN110830493A (en) * | 2019-11-14 | 2020-02-21 | 北京京航计算通讯研究所 | Single sign-on implementation method based on intelligent enterprise portal |
CN110826049A (en) * | 2019-11-14 | 2020-02-21 | 北京京航计算通讯研究所 | Single sign-on implementation system based on intelligent enterprise portal |
CN113014615A (en) * | 2019-12-20 | 2021-06-22 | 西安诺瓦星云科技股份有限公司 | Data synchronization method, device and system |
CN113014615B (en) * | 2019-12-20 | 2023-11-14 | 西安诺瓦星云科技股份有限公司 | Data synchronization method, device and system |
CN111240863A (en) * | 2020-01-10 | 2020-06-05 | 无锡华云数据技术服务有限公司 | Data communication method, device, micro front-end system and storage medium |
CN111240863B (en) * | 2020-01-10 | 2024-02-06 | 无锡华云数据技术服务有限公司 | Data communication method, device, micro front-end system and storage medium |
CN111431908A (en) * | 2020-03-26 | 2020-07-17 | 深圳壹账通智能科技有限公司 | Access processing method and device and readable storage medium |
CN111800397A (en) * | 2020-06-23 | 2020-10-20 | 四川虹美智能科技有限公司 | Login method, device and system of intangible asset management platform |
CN112231691A (en) * | 2020-09-29 | 2021-01-15 | 新华三信息安全技术有限公司 | Equipment login method, device and system |
CN112332993A (en) * | 2020-11-03 | 2021-02-05 | 紫光云引擎科技(苏州)有限公司 | Industrial cloud application store system authentication method and system based on U-currency integration |
CN112583607A (en) * | 2020-12-22 | 2021-03-30 | 珠海格力电器股份有限公司 | Equipment access management method, device, system and storage medium |
CN112597475A (en) * | 2020-12-24 | 2021-04-02 | 深圳市九洲电器有限公司 | Instruction execution method and device, terminal equipment and storage medium |
CN112685706A (en) * | 2020-12-29 | 2021-04-20 | 平安普惠企业管理有限公司 | Request authentication method and related equipment |
CN112685719A (en) * | 2020-12-29 | 2021-04-20 | 武汉联影医疗科技有限公司 | Single sign-on method, device, system, computer equipment and storage medium |
CN114765547A (en) * | 2020-12-31 | 2022-07-19 | 北京千里日成科技有限公司 | Business system access method, device, equipment and storage medium |
CN112836204A (en) * | 2021-02-03 | 2021-05-25 | 中国人民财产保险股份有限公司 | Token updating method and device |
CN113515395A (en) * | 2021-06-16 | 2021-10-19 | 国云科技股份有限公司 | Application access method and device based on multi-cloud management platform |
CN113515395B (en) * | 2021-06-16 | 2024-01-02 | 国云科技股份有限公司 | Application access method and device based on multi-cloud management platform |
CN113395290A (en) * | 2021-06-30 | 2021-09-14 | 成都卫士通信息产业股份有限公司 | Mailbox login method and device, electronic equipment and readable storage medium |
WO2023125954A1 (en) * | 2021-12-31 | 2023-07-06 | 上海云盾信息技术有限公司 | Single sign-on method and system for third-party application, and device and medium |
CN115001808A (en) * | 2022-05-31 | 2022-09-02 | 中国银行股份有限公司 | Domain user login method, device, equipment and medium |
CN115225354A (en) * | 2022-07-07 | 2022-10-21 | 通号智慧城市研究设计院有限公司 | Multi-application single sign-on method, device, computer equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109379369A (en) | Single-point logging method, device, server and storage medium | |
CN111275857B (en) | Control method of intelligent lock and intelligent lock | |
CN106452772B (en) | Terminal authentication method and device | |
CN117150581A (en) | Secure identity and profile management system | |
CN110838065A (en) | Transaction data processing method and device | |
CN108989024A (en) | Control method, apparatus, equipment, storage medium and the corresponding vehicle communicated between electronic control unit in the car | |
CN112527912B (en) | Data processing method and device based on block chain network and computer equipment | |
CN110381075B (en) | Block chain-based equipment identity authentication method and device | |
CN109741068A (en) | Internetbank inter-bank contracting method, apparatus and system | |
CN113256297B (en) | Data processing method, device and equipment based on block chain and readable storage medium | |
CN109361508A (en) | Data transmission method, electronic equipment and computer readable storage medium | |
CN111526111B (en) | Control method, device and equipment for logging in light application and computer storage medium | |
CN111914293A (en) | Data access authority verification method and device, computer equipment and storage medium | |
CN111880919A (en) | Data scheduling method, system and computer equipment | |
CN106209734A (en) | The identity identifying method of process and device | |
CN110401613A (en) | A kind of authentication management method and relevant device | |
CN110708162A (en) | Resource acquisition method and device, computer readable medium and electronic equipment | |
CN111654375A (en) | Block chain-based edge calculation security encryption method, device and system | |
CN110266653A (en) | A kind of method for authenticating, system and terminal device | |
WO2021170049A1 (en) | Method and apparatus for recording access behavior | |
CN112235276B (en) | Master-slave equipment interaction method, device, system, electronic equipment and computer medium | |
CN109495468A (en) | Authentication method, device, electronic equipment and storage medium | |
CN106529216B (en) | Software authorization system and software authorization method based on public storage platform | |
CN108540335A (en) | The management method and managing device of device analysis report | |
CN111600701A (en) | Private key storage method and device based on block chain and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190222 |