CN109688127A - A kind of web authentication method for supporting HTTPS page jump - Google Patents
A kind of web authentication method for supporting HTTPS page jump Download PDFInfo
- Publication number
- CN109688127A CN109688127A CN201811567494.6A CN201811567494A CN109688127A CN 109688127 A CN109688127 A CN 109688127A CN 201811567494 A CN201811567494 A CN 201811567494A CN 109688127 A CN109688127 A CN 109688127A
- Authority
- CN
- China
- Prior art keywords
- user
- network address
- server
- page
- web authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The present invention provides a kind of web authentication method for supporting HTTPS page jump, when user is in browser access target network address, following process: S1, computer access request is carried out;S2, data redirection, data packet is redirected to using the mode of DNAT the Goahead certificate server of locally-supported HTTPS agreement, Goahead certificate server disguises oneself as the server of target network address and subscriber's main station is established TCP, SSL and connect, and carries out data transmission;S3, confirmation and strategy of letting pass, the disguise oneself as server of target network address of Goahead certificate server sends certification page to user browser, after user inputs username and password, the page that jumps to specified network address according to the function of web authentication setting if correct or accessed before.The beneficial effects of the present invention are: providing a kind of web authentication method, the problem of existing web authentication cannot support HTTPS agreement page jump is overcome.
Description
Technical field
The present invention relates to web authentication method more particularly to a kind of web authentication methods for supporting HTTPS page jump.
Background technique
Existing traditional web authentication implementation: when user uses browse request Internet resources, if web server
Using http protocol, browser then jumps to certification page, and user carries out network access authentication on the page jumped;If web services
Device can not then jump to certification page using HTTPS protocol browser, and user it is expected that the resource of request can not be on the page just
Often load, the strong influence experience of user.
As more and more web servers use safer HTTPS agreement, the drawbacks of current web authentication method day
It is beneficial obvious.
Therefore, how a kind of web authentication that can support HTTPS agreement is provided, is that those skilled in the art urgently solve
Certainly the technical issues of.
Summary of the invention
In order to solve the problems in the prior art, the present invention provides a kind of web authentication sides for supporting HTTPS page jump
Method.
The present invention provides a kind of web authentication methods for supporting HTTPS page jump, when user is in browser access target
When network address, following process is carried out:
S1, computer access request, user export target network address in browser, when data packet passes through portal module, sentence
Whether the user of breaking needs to carry out authentication operation, if it is desired, then enters next step, if you do not need to then letting pass;
Data packet is redirected to locally-supported HTTPS agreement using the mode of DNAT by S2, data redirection
Goahead certificate server, Goahead certificate server disguises oneself as the server of target network address and subscriber's main station establish TCP,
SSL connection, carries out data transmission;
S3, confirmation and let pass strategy, Goahead certificate server disguise oneself as target network address server send certification page
To user browser, after user inputs username and password, specified net is jumped to according to the function of web authentication setting if correct
Location or the page accessed before.
As a further improvement of the present invention, in step sl, when there is data packet to reach portal module, process flow
It is as follows:
S11, judge whether the web services of user request use HTTPS agreement, if it is, entering step S12, such as
Fruit is not the data packet of then letting pass;
S12, judge whether it is and authenticated user or authentication-exempt user, if it is not, then S2 is entered step, if it is, putting
The row data packet.
The beneficial effects of the present invention are: through the above scheme, a kind of web authentication method for supporting HTTPS agreement is provided,
The web server for supporting HTTPS agreement is built in the router and the user that disguises oneself as it is expected the web server of access, gives user
The return authentication page can support access to use the website pop-up certification page of HTTPS agreement.
Detailed description of the invention
Fig. 1 is a kind of networking diagram for the web authentication method for supporting HTTPS page jump of the present invention.
Fig. 2 is a kind of network sequence figure for the web authentication method for supporting HTTPS page jump of the present invention.
Fig. 3 is a kind of redirection flow chart for the web authentication method for supporting HTTPS page jump of the present invention.
Specific embodiment
The invention will be further described for explanation and specific embodiment with reference to the accompanying drawing.
As shown in Figure 1 to Figure 3, a kind of web authentication method for supporting HTTPS page jump, when user accesses in browser
When www.xxx.com, process is as follows:
(1) pc access is requested
User exports https: //www.xxx.com in browser, and data packet passes through portal module (redirection module)
Judge whether the user needs to carry out authentication operation, redirects if necessary.
(2) data redirection
Data packet is redirected to using the mode of DNAT the Goahead certificate server of locally-supported HTTPS agreement.
Goahead certificate server disguises oneself as the server of www.xxx.com and subscriber's main station is established TCP, SSL and connect, and carries out data
Transmission.
(3) confirm and let pass tactful
The disguise oneself as server of www.xxx.com of Goahead certificate server sends certification page to user browser, use
After family inputs username and password, specified network address is jumped to according to the function of web authentication setting if correct or is visited before
The page asked.
Portal module when accessing internet for user, forces user to jump to certification page.When there is TCP uplink report
When text reaches the network equipment, process flow is following (see Fig. 3):
(1) judge whether the web services of user request use HTTPS agreement, if it is walk in next step, be not to put
The row data packet.
(2) whether it is to have authenticated user or authentication-exempt user, otherwise turns in next step, be to let pass
(3) data packet is redirected to goahead server, the server user that disguises oneself as it is expected the server and use of access
TCP, SSL connection, the return authentication page are established in family.
So far, redirection process is completed, and user will be forced to jump to certification page.
HTTPS is a kind of very high application layer protocol of safety, it has used SSL to encrypt data.Due to nothing
Content in method decrypted data packet is redirected using traditional means as returned to 302 according to message content after acquisition HTTP message
Etc. methods be unable to meet demand.The present invention builds the web server for supporting HTTPS agreement in the router and disguises oneself as user's phase
It hopes the web server of access, gives user's return authentication page, access can be supported to use the website pop-up certification of HTTPS agreement
The page.
The above content is a further detailed description of the present invention in conjunction with specific preferred embodiments, and it cannot be said that
Specific implementation of the invention is only limited to these instructions.For those of ordinary skill in the art to which the present invention belongs, exist
Under the premise of not departing from present inventive concept, a number of simple deductions or replacements can also be made, all shall be regarded as belonging to of the invention
Protection scope.
Claims (2)
1. a kind of web authentication method for supporting HTTPS page jump, when user is in browser access target network address, feature
It is, carries out following process:
S1, computer access request, user export target network address in browser, and when data packet passes through portal module, judgement should
Whether user needs to carry out authentication operation, if it is desired, then enters next step, if you do not need to then letting pass;
S2, data redirection recognize the Goahead that data packet is redirected to locally-supported HTTPS agreement using the mode of DNAT
Server is demonstrate,proved, Goahead certificate server disguises oneself as the server of target network address and subscriber's main station is established TCP, SSL and connect, into
The transmission of row data;
S3, confirmation and let pass strategy, Goahead certificate server disguise oneself as target network address server send certification page to use
Family browser, after user inputs username and password, if correct according to the function of web authentication setting jump to specified network address or
The page accessed before person.
2. the web authentication method according to claim 1 for supporting HTTPS page jump, it is characterised in that: in step S1
In, when there is data packet to reach portal module, process flow is as follows:
S11, judge whether the web services of user request use HTTPS agreement, if it is, S12 is entered step, if not
It is the data packet of then letting pass;
S12, judge whether it is and authenticated user or authentication-exempt user, if it is not, then S2 is entered step, it should if it is, letting pass
Data packet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811567494.6A CN109688127A (en) | 2018-12-20 | 2018-12-20 | A kind of web authentication method for supporting HTTPS page jump |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811567494.6A CN109688127A (en) | 2018-12-20 | 2018-12-20 | A kind of web authentication method for supporting HTTPS page jump |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109688127A true CN109688127A (en) | 2019-04-26 |
Family
ID=66188539
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811567494.6A Pending CN109688127A (en) | 2018-12-20 | 2018-12-20 | A kind of web authentication method for supporting HTTPS page jump |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109688127A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770161A (en) * | 2020-06-28 | 2020-10-13 | 北京百度网讯科技有限公司 | https sniffing jump method and device |
| CN113805880A (en) * | 2021-09-06 | 2021-12-17 | 南京联创信息科技有限公司 | Method for solving request failure of https protocol under shiro framework |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120072531A1 (en) * | 2010-09-22 | 2012-03-22 | Canon Kabushiki Kaisha | Information processing apparatus and control method therefor |
| CN104427499A (en) * | 2013-09-11 | 2015-03-18 | 中国电信股份有限公司 | Wireless local area network (WLAN) access authentication method and system based on World Wide Web |
| CN106603491A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Portal authentication method based on https protocol, and router |
| CN107181798A (en) * | 2017-05-15 | 2017-09-19 | 上海斐讯数据通信技术有限公司 | A kind of realization method and system of network access |
| CN107395582A (en) * | 2017-07-14 | 2017-11-24 | 上海斐讯数据通信技术有限公司 | Portal authentication devices and system |
| CN108282783A (en) * | 2017-09-15 | 2018-07-13 | 广州市动景计算机科技有限公司 | Public wifi authentication methods, device, user terminal and storage medium |
| CN108449386A (en) * | 2018-02-24 | 2018-08-24 | 深圳市联软科技股份有限公司 | A kind of method, medium and equipment redirecting access request |
| CN108494825A (en) * | 2018-02-24 | 2018-09-04 | 深圳市联软科技股份有限公司 | A kind of method, medium and equipment redirecting access request |
-
2018
- 2018-12-20 CN CN201811567494.6A patent/CN109688127A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120072531A1 (en) * | 2010-09-22 | 2012-03-22 | Canon Kabushiki Kaisha | Information processing apparatus and control method therefor |
| CN104427499A (en) * | 2013-09-11 | 2015-03-18 | 中国电信股份有限公司 | Wireless local area network (WLAN) access authentication method and system based on World Wide Web |
| CN106603491A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Portal authentication method based on https protocol, and router |
| CN107181798A (en) * | 2017-05-15 | 2017-09-19 | 上海斐讯数据通信技术有限公司 | A kind of realization method and system of network access |
| CN107395582A (en) * | 2017-07-14 | 2017-11-24 | 上海斐讯数据通信技术有限公司 | Portal authentication devices and system |
| CN108282783A (en) * | 2017-09-15 | 2018-07-13 | 广州市动景计算机科技有限公司 | Public wifi authentication methods, device, user terminal and storage medium |
| CN108449386A (en) * | 2018-02-24 | 2018-08-24 | 深圳市联软科技股份有限公司 | A kind of method, medium and equipment redirecting access request |
| CN108494825A (en) * | 2018-02-24 | 2018-09-04 | 深圳市联软科技股份有限公司 | A kind of method, medium and equipment redirecting access request |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770161A (en) * | 2020-06-28 | 2020-10-13 | 北京百度网讯科技有限公司 | https sniffing jump method and device |
| CN111770161B (en) * | 2020-06-28 | 2022-06-07 | 北京百度网讯科技有限公司 | https sniffing jump method and device |
| CN113805880A (en) * | 2021-09-06 | 2021-12-17 | 南京联创信息科技有限公司 | Method for solving request failure of https protocol under shiro framework |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103825881B (en) | The reorientation method and device of WLAN user are realized based on wireless access controller AC | |
| EP3395037B1 (en) | Single sign-on authentication via browser for client application | |
| CN102984173B (en) | Network access control method and system | |
| CN103024740B (en) | Method and system for accessing internet by mobile terminal | |
| CN104662873B (en) | For reducing the method and apparatus of the core network flow as caused by migration | |
| EP3120591B1 (en) | User identifier based device, identity and activity management system | |
| CN102624729B (en) | Web authentication method, device and system | |
| CN105991589A (en) | Method, apparatus, and system for redirection | |
| CN108092988B (en) | Non-perception authentication and authorization network system and method based on dynamic temporary password creation | |
| CN103796278A (en) | Mobile terminal wireless network access control method | |
| CN102710667B (en) | Method for realizing Portal authentication server attack prevention and broadband access server | |
| CN110505188B (en) | Terminal authentication method, related equipment and authentication system | |
| CN109561010B (en) | Message processing method, electronic equipment and readable storage medium | |
| CN104683296B (en) | Safety certifying method and system | |
| CN109688127A (en) | A kind of web authentication method for supporting HTTPS page jump | |
| CN108200039B (en) | Non-perception authentication and authorization system and method based on dynamic establishment of temporary account password | |
| CN104811439A (en) | Portal authentication method and device | |
| CN102045398B (en) | Portal-based distributed control method and equipment | |
| CA3040804C (en) | Portal aggregation service mapping subscriber device identifiers to portal addresses to which connection and authentication requests are redirected and facilitating mass subscriber apparatus configuration | |
| CN103986793B (en) | A kind of method and system of lifting Portal certification IP address service efficiencies | |
| CN107395582A (en) | Portal authentication devices and system | |
| CN109274657A (en) | A kind of method and system carrying out access authentication based on WEB | |
| CN106454817B (en) | A kind of wlan authentication method and system, AP equipment | |
| CN104917742A (en) | Information transmission method and apparatus | |
| CN104917728A (en) | Implementation method of cross-terminal single sign-on system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190426 |
|
| RJ01 | Rejection of invention patent application after publication |