CN109861982A - A kind of implementation method and device of authentication - Google Patents
A kind of implementation method and device of authentication Download PDFInfo
- Publication number
- CN109861982A CN109861982A CN201811636333.8A CN201811636333A CN109861982A CN 109861982 A CN109861982 A CN 109861982A CN 201811636333 A CN201811636333 A CN 201811636333A CN 109861982 A CN109861982 A CN 109861982A
- Authority
- CN
- China
- Prior art keywords
- client
- address
- authentication
- server
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the present invention provides the implementation method and device of a kind of authentication, applied to the server in local area network, which comprises when receiving the access request of client in local area network, obtains the IP address of the client;According to pre-set IP address list in the IP address of the client and server, the identity of the client is authenticated.The embodiment of the present invention improves the maintenance convenience of authentication information.
Description
Technical field
The present embodiments relate to field of computer technology more particularly to the implementation methods and device of a kind of authentication.
Background technique
With the fast development of network technology, in order to guarantee the safety of company information, most enterprise is provided with enterprise
Internal local area network, i.e., only internal staff can log in the server of enterprise in local area network.Certainly, in order into one
Step guarantees the safety of corporate resources, internal staff equally needs when resource in access internal enterprise resources in local area network
Want authentication.
Currently, common identification authentication mode is the mode that username and password is combined.But in enterprises, if right
Limited internal resource, such as the resource that administrator a small amount of only in enterprise can access, it is same using creation user name
It accesses with the mode of password, this causes not only to need to store corresponding access information for a long time in the database, but also in this way
Username and password usually also need that access authority is arranged, this make in account executive be easy by other with administrator weigh
The account maloperation of limit.
In conclusion there is certification when carrying out authentication by the combination of username and password in the prior art
The more inconvenient problem of maintenance of information.
Summary of the invention
The embodiment of the present invention provides the implementation method and device of a kind of authentication, to solve passing through use in the prior art
The combination of name in an account book encrypted code carries out the problem that existing authentication information maintenance is more inconvenient when authentication.
In order to solve the above-mentioned technical problem, in a first aspect, the embodiment of the present invention provides a kind of implementation method of authentication,
Applied to the server in local area network, which comprises
When receiving the access request of client in local area network, the IP address of the client is obtained;
According to pre-set IP address list in the IP address of the client and server, to the body of the client
Part is authenticated.
Second aspect, the embodiment of the present invention provide a kind of realization device of authentication, applied to the service in local area network
Device, described device include:
Module is obtained, for when receiving the access request of client in local area network, obtaining the IP of the client
Location;
Authentication module, it is right for pre-set IP address list in the IP address and server according to the client
The identity of the client is authenticated.
The third aspect, the embodiment of the present invention provides a kind of electronic equipment, including memory, processor and is stored in memory
Computer program that is upper and can running on a processor, the processor realize the identity when executing the computer program
The step of implementation method of certification.
Fourth aspect, the embodiment of the present invention provide a kind of non-transient computer readable storage medium, are stored thereon with calculating
Machine program, when which is executed by processor the step of the implementation method of the realization authentication.
The implementation method and device of authentication provided in an embodiment of the present invention, by receiving client in local area network
Access request when, obtain the IP address of client, and according to pre-set IP in the IP address of client and server
Location list authenticates the identity of client, realizes in the local area network of enterprises only by the IP address of client
The identity of user is verified, so that server only needs the IP address list for allowing to access in background maintenance, is avoided
Asking for storage space of database is occupied when carrying out authentication by the combination of username and password in the prior art
Topic, and avoids other maloperations of administrator's account to user account, and make user do not have to additional records user name and
Password, improves the maintenance convenience of authentication information, and facilitates the operation of user.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 shows the step flow charts of the implementation method of authentication in the embodiment of the present invention;
Fig. 2 indicates the schematic diagram of client access server in the embodiment of the present invention;
Fig. 3 indicates the schematic diagram accessed between system in the embodiment of the present invention;
Fig. 4 indicates the module frame chart of the realization device of authentication in the embodiment of the present invention;
Fig. 5 indicates the entity structure schematic diagram of electronic equipment in the embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
As shown in Figure 1, for the step flow chart of the implementation method of authentication in the embodiment of the present invention, this method is applied to
Server in local area network, includes the following steps:
Step 101: when receiving the access request of client in local area network, obtaining the IP address of client.
In this step, specifically, the local area network in the present embodiment can be the local area network of enterprises.
In addition, specifically, when the server in local area network receives the access request with the client in local area network,
The IP address of available client.
Step 102: according to pre-set IP address list in the IP address of client and server, to the body of client
Part is authenticated.
In this step, specifically, being previously provided with one in server allows to access the IP address list of server.Work as clothes
After business device gets the IP address for the client for issuing access request, it can allow to access with this according to the IP address of client
The IP address list of server authenticates the identity of client.
Wherein, the pre-set IP address list in the IP address and server according to the client, to the visitor
When the identity at family end is authenticated, the IP address of client can be compared with the IP address in IP address list.
Specifically, determining when the IP address of the client is present in the IP address list to the client
Authentication success;When the IP address of the client is not present in the IP address list, determine to the client
Authentication failure.
It may refer to Fig. 2 herein to be illustrated above-described embodiment.
For example, the IP address of client 1 is IP in Fig. 21, the IP address of client 2 is IPn+1, server sets in advance
That sets allows the IP address for including in the IP address list for accessing server to be IP1, IP2... ... IPn.At this point, when server connects
When receiving the access request of client 1, server is by the IP address IP of client 11In pre-set IP address list
IP address is compared, and detects the IP address IP of the client 1 at this time1It is present in IP address list, it is determined that client
The authentication success at end 1.In addition, when server receives the access request of client 2, server is by the IP of client 2
Address ipn+1It is compared with the IP address in pre-set IP address list, detects the IP address of the client 2 at this time
IPn+1Not in IP address list, it is determined that fail to the authentication of client 2.
In this way, by the IP address of client and the pre-set IP address list of server-side, to the identity of client into
The mode of row certification, the safety based on local area network ensure that the safety of this kind of authentication mode, in addition, this kind of authentication mode
So that only need to allow at background maintenance one of server the IP address list accessed, compared with the existing technology in user name and
The authentication mode that password is combined, avoids and safeguards username and password in the database, so as to avoid to database purchase
The occupancy in space, and the maloperation that other administrator's accounts correspond to account to client is avoided, while it is additional to avoid user
Account and password are recorded, so that facilitating the operation of user while the maintenance convenience for improving authentication information.
In addition, in embodiments of the present invention, the pre-set IP in the IP address and server according to the client
Address list, after being authenticated to the identity of the client, can also when the authentication to the client success when,
The client is allowed to access the server;When the authentication failure to the client, refuse the client
Access request.
In this way, allowing client to access server, and in the body to client in the authentication success to client
When part authentification failure, refuses the access request of client, ensure that the safety of server access.
In addition, in embodiments of the present invention, it, can also be according to institute after allowing the client to access the server
The default corresponding relationship preset between resource in the IP address in IP address list and the server is stated, the client is allowed
Access the default resource, and to the access result for presetting resource described in the client feedback.
Specifically, being preset between resource in the IP address being previously provided in server in IP address list and server
Preset relation, so that, can be directly according to IP address in the IP address list after allowing client to access server
With the preset relation between resource default in server, client is allowed to access the default resource, and default to client feedback
The access of resource is as a result, i.e. to request results corresponding to client feedback access request, to realize based on IP address to clothes
The efficient access for the interior limitation resource of device of being engaged in.
In addition, it should be noted that above-described embodiment can be applied equally between two systems.For example, such as Fig. 3
It is shown, it is assumed that system A and system B to be provided in local area network, then system A can access system B by the way of IP address certification
In resource.
Specifically, A system and B system can be deployed on same server, different servers can also be deployed in
On, it is specifically described herein not to this.In addition, specifically, being the front end applications of system A or the backstage of system A without road
In the interface of calling system B backstage offer, i.e., when sending access request to system B, system B, which can pass through, obtains system A
The IP address of place machine, and the side that the IP address of machine where system A is compared with the system B IP address list safeguarded
Formula realizes the authentication of system A, i.e., to the front end applications of system A or backstage feedback authentication result.Certainly, the authentication result
Authentification failure result when including authentification failure and request results corresponding to access request when authenticating successfully.
In this way, method provided in this embodiment, by obtaining visitor when receiving the access request of client in local area network
The IP address at family end, and according to pre-set IP address list in the IP address of client and server, to the body of client
Part is authenticated, and is realized and is only tested by the IP address of client the identity of user in the local area network of enterprises
Card avoids and is passing through in the prior art so that server only needs the IP address list for allowing to access in background maintenance
The combination of username and password carries out the problem of occupying storage space of database when authentication, and avoids other pipes
Maloperation of the pipe account to user account is managed, and user is made not have to additional records username and password, improves authentication information
Maintenance convenience, and facilitate the operation of user.
As shown in figure 4, the device is applied to office for the module frame chart of the realization device of authentication in the embodiment of the present invention
Server in the net of domain, described device include:
Module 401 is obtained, for obtaining the IP of the client when receiving the access request of client in local area network
Address;
Authentication module 402, for pre-set IP address list in the IP address and server according to the client,
The identity of the client is authenticated.
Optionally, the authentication module 402 includes:
First authentication unit, for determining to institute when the IP address of the client is present in the IP address list
State the authentication success of client;
Second authentication unit determines pair for when the IP address of the client is not present in the IP address list
The authentication of the client fails.
Optionally, described device further include:
Allow access modules, for allowing client access institute when the authentication success to the client
State server;
Denied access module, for refusing the access of the client when the authentication failure to the client
Request.
Optionally, described device further include:
Feedback module, for being preset between resource according in the IP address in the IP address list and the server
Default corresponding relationship allows the client to access the default resource, and to presetting resource described in the client feedback
Access result.
The realization device of authentication provided in an embodiment of the present invention, by the access for receiving client in local area network
When request, the IP address of client is obtained, and according to pre-set IP address list in the IP address of client and server,
The identity of client is authenticated, is realized in the local area network of enterprises only by the IP address of client to user's
Identity is verified, so that server only needs the IP address list for allowing to access in background maintenance, avoids existing skill
The problem of occupying storage space of database when carrying out authentication by the combination of username and password in art, and keep away
Other maloperations of management pipe account to user account are exempted from, and user are made not have to additional records username and password, has improved
The maintenance convenience of authentication information, and facilitate the operation of user.
In addition, as shown in figure 5, being the entity structure schematic diagram of electronic equipment provided in an embodiment of the present invention, which sets
Standby may include: processor (processor) 510,520, memory communication interface (Communications Interface)
(memory) 530 and communication bus 540, wherein processor 510, communication interface 520, memory 530 pass through communication bus 540
Complete mutual communication.Processor 510 can call the meter that is stored on memory 530 and can run on processor 510
Calculation machine program, the method to execute the various embodiments described above offer, for example, when the access for receiving client in local area network is asked
When asking, the IP address of the client is obtained;According to pre-set IP address in the IP address of the client and server
List authenticates the identity of the client.
In addition, the logical order in above-mentioned memory 530 can be realized by way of SFU software functional unit and conduct
Independent product when selling or using, can store in a computer readable storage medium.Based on this understanding, originally
Substantially the part of the part that contributes to existing technology or the technical solution can be in other words for the technical solution of invention
The form of software product embodies, which is stored in a storage medium, including some instructions to
So that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation of the present invention
The all or part of the steps of example the method.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. it is various
It can store the medium of program code.
The embodiment of the present invention also provides a kind of non-transient computer readable storage medium, is stored thereon with computer program,
The computer program is implemented to carry out the various embodiments described above offer method when being executed by processor, for example, when receiving
In local area network when the access request of client, the IP address of the client is obtained;According to the IP address kimonos of the client
Pre-set IP address list in business device, authenticates the identity of the client.
The apparatus embodiments described above are merely exemplary, wherein described, unit can as illustrated by the separation member
It is physically separated with being or may not be, component shown as a unit may or may not be physics list
Member, it can it is in one place, or may be distributed over multiple network units.It can be selected according to the actual needs
In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness
Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation
Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (10)
1. a kind of implementation method of authentication, applied to the server in local area network, which is characterized in that the described method includes:
When receiving the access request of client in local area network, the IP address of the client is obtained;
According to pre-set IP address list in the IP address of the client and server, to the identity of the client into
Row certification.
2. the method according to claim 1, wherein in the IP address and server according to the client
Pre-set IP address list authenticates the identity of the client, comprising:
When the IP address of the client is present in the IP address list, determine to the authentication of the client at
Function;
When the IP address of the client is not present in the IP address list, determine that the authentication to the client is lost
It loses.
3. the method according to claim 1, wherein in the IP address and server according to the client
Pre-set IP address list, after being authenticated to the identity of the client, the method also includes:
When the authentication success to the client, the client is allowed to access the server;
When the authentication failure to the client, refuse the access request of the client.
4. according to the method described in claim 3, it is characterized in that, it is described allow the client access the server it
Afterwards, the method also includes:
According to the default corresponding relationship preset in the IP address in the IP address list and the server between resource, allow
The client accesses the default resource, and to the access result for presetting resource described in the client feedback.
5. a kind of realization device of authentication, applied to the server in local area network, which is characterized in that described device includes:
Module is obtained, for obtaining the IP address of the client when receiving the access request of client in local area network;
Authentication module, for pre-set IP address list in the IP address and server according to the client, to described
The identity of client is authenticated.
6. device according to claim 5, which is characterized in that the authentication module includes:
First authentication unit, for determining to the visitor when the IP address of the client is present in the IP address list
The authentication success at family end;
Second authentication unit, for determining to described when the IP address of the client is not present in the IP address list
The authentication of client fails.
7. device according to claim 5, which is characterized in that described device further include:
Allow access modules, for allowing the client to access the clothes when the authentication success to the client
Business device;
Denied access module, for refusing the access request of the client when the authentication failure to the client.
8. device according to claim 7, which is characterized in that described device further include:
Feedback module, for default between resource according to being preset in the IP address in the IP address list and the server
Corresponding relationship allows the client to access the default resource, and the access to default resource described in the client feedback
As a result.
9. a kind of electronic equipment including memory, processor and stores the calculating that can be run on a memory and on a processor
Machine program, which is characterized in that the processor is realized when executing the computer program such as any one of claims 1 to 4 institute
The step of implementation method for the authentication stated.
10. a kind of non-transient computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer
The step of implementation method of authentication according to any one of claims 1 to 4 is realized when program is executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811636333.8A CN109861982A (en) | 2018-12-29 | 2018-12-29 | A kind of implementation method and device of authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811636333.8A CN109861982A (en) | 2018-12-29 | 2018-12-29 | A kind of implementation method and device of authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109861982A true CN109861982A (en) | 2019-06-07 |
Family
ID=66893295
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811636333.8A Pending CN109861982A (en) | 2018-12-29 | 2018-12-29 | A kind of implementation method and device of authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109861982A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
CN114363001A (en) * | 2021-12-06 | 2022-04-15 | 国网安徽省电力有限公司超高压分公司 | Method, system and storage medium for client access limitation based on offline configuration |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102546568A (en) * | 2010-12-31 | 2012-07-04 | 华为技术有限公司 | Method and device for Internet protocol (IP) terminal being accessed into network |
CN106302400A (en) * | 2016-07-29 | 2017-01-04 | 锐捷网络股份有限公司 | The processing method and processing device of access request |
CN106331010A (en) * | 2015-06-29 | 2017-01-11 | 中兴通讯股份有限公司 | Network file access control method and device |
CN108696540A (en) * | 2018-07-18 | 2018-10-23 | 安徽云图信息技术有限公司 | A kind of authorizing secure system and its authorization method |
CN108989290A (en) * | 2018-06-21 | 2018-12-11 | 上海二三四五网络科技有限公司 | A kind of control method and control device for realizing server network access limitation in outer net |
-
2018
- 2018-12-29 CN CN201811636333.8A patent/CN109861982A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102546568A (en) * | 2010-12-31 | 2012-07-04 | 华为技术有限公司 | Method and device for Internet protocol (IP) terminal being accessed into network |
CN106331010A (en) * | 2015-06-29 | 2017-01-11 | 中兴通讯股份有限公司 | Network file access control method and device |
CN106302400A (en) * | 2016-07-29 | 2017-01-04 | 锐捷网络股份有限公司 | The processing method and processing device of access request |
CN108989290A (en) * | 2018-06-21 | 2018-12-11 | 上海二三四五网络科技有限公司 | A kind of control method and control device for realizing server network access limitation in outer net |
CN108696540A (en) * | 2018-07-18 | 2018-10-23 | 安徽云图信息技术有限公司 | A kind of authorizing secure system and its authorization method |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
CN114363001A (en) * | 2021-12-06 | 2022-04-15 | 国网安徽省电力有限公司超高压分公司 | Method, system and storage medium for client access limitation based on offline configuration |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109413032B (en) | Single sign-on method, computer readable storage medium and gateway | |
CN107172054B (en) | Authority authentication method, device and system based on CAS | |
CN112597472B (en) | Single sign-on method, device and storage medium | |
US10666669B2 (en) | Securing services in a networked computing environment | |
CN111033502B (en) | Authentication using biometric data and irreversible functions via blockchain | |
CN109510849B (en) | Cloud-storage account authentication method and device | |
US9787659B2 (en) | Techniques for secure access management in virtual environments | |
US10178096B2 (en) | Enhanced data leakage detection in cloud services | |
US10574699B1 (en) | Load balancer request processing | |
CN110620782A (en) | Account authentication method and device, computer equipment and storage medium | |
CN110049048B (en) | Data access method, equipment and readable medium for government affair public service | |
US9225744B1 (en) | Constrained credentialed impersonation | |
CN111786969B (en) | Single sign-on method, device and system | |
CN110572395B (en) | Identity verification method and system | |
US10178103B2 (en) | System and method for accessing a service | |
CN112580006A (en) | Access right control method and device of multi-cloud system and authentication server | |
CN105162775A (en) | Logging method and device of virtual machine | |
US9866587B2 (en) | Identifying suspicious activity in a load test | |
CN105991614A (en) | Open authorization, resource access method and device, and a server | |
CN110971566A (en) | Account unified management method, system and computer readable storage medium | |
CN107566329A (en) | A kind of access control method and device | |
CN105162774A (en) | Virtual machine login method and device used for terminal | |
CN107645474B (en) | Method and device for logging in open platform | |
CN109861982A (en) | A kind of implementation method and device of authentication | |
CN102420808A (en) | Method for realizing single signon on telecom on-line business hall |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190607 |
|
RJ01 | Rejection of invention patent application after publication |