CN110287682B - Login method, device and system - Google Patents

Login method, device and system Download PDF

Info

Publication number
CN110287682B
CN110287682B CN201910585136.6A CN201910585136A CN110287682B CN 110287682 B CN110287682 B CN 110287682B CN 201910585136 A CN201910585136 A CN 201910585136A CN 110287682 B CN110287682 B CN 110287682B
Authority
CN
China
Prior art keywords
login
service site
target service
access request
user terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910585136.6A
Other languages
Chinese (zh)
Other versions
CN110287682A (en
Inventor
袁春旭
赵军
杜超超
李川
孙悦
郭晓鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Trusfort Technology Co ltd
Original Assignee
Beijing Trusfort Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Trusfort Technology Co ltd filed Critical Beijing Trusfort Technology Co ltd
Priority to CN201910585136.6A priority Critical patent/CN110287682B/en
Publication of CN110287682A publication Critical patent/CN110287682A/en
Application granted granted Critical
Publication of CN110287682B publication Critical patent/CN110287682B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The application provides a login method, a login device and a login system, which comprise the following steps: receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed; receiving a first access request sent by a user terminal; the first access request carries identification information of a target service site selected by a user based on the service site list; performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed; and after receiving a second access request sent by the user terminal, acquiring page information corresponding to the target service site from the service server, and sending the page information to the user terminal. By the method, the security of single sign-on can be improved.

Description

Login method, device and system
Technical Field
The present application relates to the field of information processing technologies, and in particular, to a login method, device and system.
Background
The single sign-on mode is that a uniform sign-on interface is set for a plurality of application systems, and a user can access all the application systems under the interface only by logging on once.
At present, there are two main access methods for single sign-on, one is that after a user terminal logs in a proxy service, the user terminal logs in an application system through identity information of the application system pre-stored in the user terminal or identity information acquired from a proxy server, but this method needs to log in the application system through the user terminal by virtue of the identity information, and the security is low; the other is a mode of protocol modification, but the mode needs to change the original login mode of the application system, and the mode is complicated.
Disclosure of Invention
In view of the above, an object of the present application is to provide a login method, device and system to improve security in a single sign-on manner.
In a first aspect, an embodiment of the present application provides a login method, which is applied to a reverse proxy server, and includes:
receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed;
receiving a first access request sent by a user terminal; the first access request carries identification information of a target service site selected by a user based on the service site list;
performing identity authentication on a target service site based on the first access request and a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed, wherein the access permission instruction is used for indicating the user terminal to initiate an access request again;
and after receiving a second access request sent by the user terminal, acquiring page information corresponding to the target service site from the service server, and sending the page information to the user terminal.
With reference to the first aspect, an embodiment of the present application provides a first possible implementation manner of the first aspect, where a service site list carries a credential random number; the first access request carries a random number generated based on the random number of the certificate;
before performing identity authentication on the target service site based on the first access request and the pre-stored login credential corresponding to the user, the method further includes:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
With reference to the first aspect, an embodiment of the present application provides a second possible implementation manner of the first aspect, where before feeding back, to the user terminal, an access permission instruction corresponding to the target service site, the method further includes:
changing the login state of the user terminal in the service server from non-login to logged-in;
acquiring page information corresponding to a target service site from a service server, wherein the page information comprises:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring page information corresponding to the target service site from the service server.
With reference to the second possible implementation manner of the first aspect, an embodiment of the present application provides a third possible implementation manner of the first aspect, where before obtaining page information corresponding to a target service site from a service server, the method further includes:
determining the login time of a user terminal in a service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold value, sending the access request sent by the user terminal to the service server.
With reference to the third possible implementation manner of the first aspect, an embodiment of the present application provides a fourth possible implementation manner of the first aspect, where performing identity authentication on a target service site based on a first access request and a pre-stored login credential corresponding to a user includes:
acquiring a login certificate based on first identity information carried in the first access request and identification information of the target service site;
and sending an identity authentication request to the target service site based on the login certificate so that the target service site performs identity authentication based on the login certificate in the identity authentication request.
In a second aspect, an embodiment of the present application provides a login method, which is applied to a user terminal, and includes:
after receiving a login instruction input by a user, sending a login request to a reverse proxy server;
receiving a service site list fed back by the proxy server according to the login request;
when a selection instruction of a target service site input by a user based on a service site list is received, sending a first access request to a reverse proxy server; the first access request is used for indicating the reverse proxy server to perform identity authentication on a target service site based on a pre-stored login certificate corresponding to a user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed;
after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site, sending a second access request to the reverse proxy server; the second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from the service server;
and receiving page information of the target service site forwarded by the reverse proxy server.
In a third aspect, an embodiment of the present application provides a login system, including a user terminal and a reverse proxy server:
the user terminal is used for sending a login request to the reverse proxy server after receiving a login instruction initiated by a user; receiving a service site list fed back by the proxy server according to the login request; when a selection instruction of a target service site input by a user based on a service site list is received, sending a first access request to a reverse proxy server; after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site, sending a second access request to the reverse proxy server; receiving page information of a target service site forwarded by a reverse proxy server;
the first access request is used for indicating the reverse proxy server to perform identity authentication on a target service site based on a pre-stored login certificate corresponding to a user, and feeding back page information corresponding to the target service site to the user terminal after the identity authentication is passed;
the second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from the service server;
the reverse proxy server is used for receiving a login request sent by the user terminal, verifying the login request based on first identity information of the user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed; after receiving a first access request sent by a user terminal, performing identity authentication on a target service site based on the first access request and a pre-stored login certificate corresponding to a user, and after the identity authentication is passed, feeding back an access permission instruction corresponding to the target service site to the user terminal; and after receiving a second access request sent by the user terminal, acquiring page information corresponding to the target service site from the service server, and sending the page information to the user terminal.
With reference to the third aspect, an embodiment of the present application provides a first possible implementation manner of the third aspect, where a service site list carries a credential random number; the first access request carries a random number generated based on the random number of the certificate;
the reverse proxy server is further configured to, before performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
With reference to the third aspect, an embodiment of the present application provides a second possible implementation manner of the third aspect, where before feeding back, to the user terminal, an access permission instruction corresponding to the target service site, the reverse proxy server is further configured to:
changing the login state of the user terminal in the service server from non-login to logged-in;
the reverse proxy server is specifically configured to acquire page information corresponding to a target service site from the service server by using the following steps:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring page information corresponding to the target service site from the service server.
With reference to the second possible implementation manner of the third aspect, an embodiment of the present application provides a third possible implementation manner of the third aspect, where before obtaining, from the service server, the page information corresponding to the target service site, the reverse proxy server is further configured to:
determining the login time of a user terminal in a service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold value, sending the access request sent by the user terminal to the service server.
With reference to the third aspect, an embodiment of the present application provides a fourth possible implementation manner of the third aspect, where the reverse proxy server, when performing identity authentication on a target service site based on the first access request and a pre-stored login credential corresponding to the user, is specifically configured to:
acquiring a login certificate based on first identity information carried in the first access request and identification information of the target service site;
and sending an identity authentication request to the target service site based on the login certificate so that the target service site performs identity authentication based on the login certificate in the identity authentication request.
In a fourth aspect, an embodiment of the present application provides a login apparatus, including:
the first verification module is used for receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed;
the first receiving module is used for receiving a first access request sent by a user terminal; the first access request carries identification information of a target service site selected by a user based on the service site list;
the second verification module is used for performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed, wherein the access permission instruction is used for indicating the user terminal to initiate the access request again;
and the page information forwarding module is used for acquiring page information corresponding to the target service site from the service server after receiving a second access request sent by the user terminal, and sending the page information to the user terminal.
With reference to the fourth aspect, an embodiment of the present application provides a first possible implementation manner of the fourth aspect, where a credential random number is carried in a service site list; the first access request carries a random number generated based on the random number of the certificate;
the second verification module is further configured to, before performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
With reference to the fourth aspect, an embodiment of the present application provides a second possible implementation manner of the fourth aspect, where before feeding back, to the user terminal, an access permission instruction corresponding to the target service site, the second verification module is further configured to:
changing the login state of the user terminal in the service server from non-login to logged-in;
the page information forwarding module, when acquiring page information corresponding to the target service site from the service server, is specifically configured to:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring page information corresponding to the target service site from the service server.
With reference to the second possible implementation manner of the fourth aspect, an embodiment of the present application provides a third possible implementation manner of the fourth aspect, where before the second verification module obtains the page information corresponding to the target service site from the service server, the second verification module is further configured to:
determining the login time of a user terminal in a service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold value, sending the access request sent by the user terminal to the service server.
With reference to the fourth aspect, an embodiment of the present application provides a fourth possible implementation manner of the second aspect, where the second verification module, when performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, is specifically configured to:
acquiring a login certificate based on first identity information carried in the first access request and identification information of the target service site;
and sending an identity authentication request to the target service site based on the login certificate so that the target service site performs identity authentication based on the login certificate in the identity authentication request.
In a fifth aspect, an embodiment of the present application provides another login apparatus, including:
the first sending module is used for sending a login request to the reverse proxy server after receiving a login instruction input by a user;
the second receiving module is used for receiving a service site list fed back by the proxy server according to the login request;
the second sending module is used for sending a first access request to the reverse proxy server when receiving a selection instruction of a target service site input by a user based on the service site list; the first access request is used for indicating the reverse proxy server to perform identity authentication on a target service site based on a pre-stored login certificate corresponding to a user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed;
the third sending module is used for sending a second access request to the reverse proxy server after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site; the second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from the service server;
and the third receiving module is used for receiving the page information of the target service site forwarded by the reverse proxy server.
In a sixth aspect, an embodiment of the present application further provides an electronic device, including: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating via the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the steps of the first aspect, or any of the possible implementations of the first aspect, or the second aspect, or any of the possible implementations of the second aspect.
In a seventh aspect, this application provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and the computer program is executed by a processor to perform the steps in the first aspect, or any possible implementation manner of the first aspect, or the second aspect, or any possible implementation manner of the second aspect.
According to the login method, the login device and the login system provided by the embodiment of the application, after a first access request to a target service site sent by a user terminal is received, a found login certificate is not sent to the user terminal and the user terminal initiates a login request, but a reverse proxy server performs identity authentication on a service server by virtue of the login certificate, and after the authentication is successful and a second access request sent by the user terminal is received, the reverse proxy server directly acquires page information from the target service site.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 shows an interaction flow diagram of a login system provided in an embodiment of the present application;
fig. 2 is a schematic flowchart illustrating a login method according to an embodiment of the present application;
fig. 3 is a schematic flowchart illustrating another login method provided in an embodiment of the present application;
fig. 4 is a schematic diagram illustrating an architecture of a login apparatus 400 according to an embodiment of the present application;
fig. 5 is a schematic diagram illustrating an architecture of a login apparatus 500 according to an embodiment of the present application;
fig. 6 shows a schematic structural diagram of an electronic device 600 provided in an embodiment of the present application;
fig. 7 shows a schematic structural diagram of an electronic device 700 provided in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
To facilitate understanding of the present embodiment, a detailed description of one of the entries disclosed in the embodiments of the present application will be given first.
Example one
Referring to fig. 1, an interaction flow diagram of a login system provided in an embodiment of the present application is shown, where the login system includes a user terminal and a reverse proxy server, and an interaction between the user terminal and the reverse proxy server specifically includes the following processes:
step 101, after receiving a login instruction initiated by a user, a user terminal sends a login request to a reverse proxy server.
The user terminal receives the login instruction initiated by the user, which may be generated after the user inputs the first identity information on the login interface and clicks the login button.
The first identity information may be an account password of the user, fingerprint information of the user, voiceprint information of the user, and the like, which is not limited in the present application.
And 102, the reverse proxy server verifies based on the first identity information of the user carried in the login request, and feeds back a service site list to the user terminal after the verification is passed.
Specifically, the reverse proxy server may search whether the first identity information exists in a database in which the user identity information is stored, and if so, determine that the authentication is passed.
Step 103, when receiving a selection instruction of a target service site input by a user based on the service site list, the user terminal sends a first access request to the reverse proxy server.
And step 104, after receiving the first access request sent by the user terminal, the reverse proxy server performs identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, and after the identity authentication is passed, feeds back an access permission instruction corresponding to the target service site to the user terminal.
In a possible implementation manner, in step 102, the service site list fed back to the user terminal by the reverse proxy server carries a credential random number, and the user terminal may generate a random number based on the credential random number and then carry the generated random number in the first access request sent by the reverse proxy server.
The reverse proxy server may perform security verification based on the random number carried in the first access request and the credential random number carried in the service site list in receiving the first access request sent by the user terminal, and if the verification is passed, feedback an access permission instruction corresponding to the target service site to the user terminal.
When performing security verification based on the random number carried in the first access request and the credential random number carried in the service site list, any one of the following situations may be included:
in case one, if the random number carried in the first access request is the same as the credential random number carried in the service site list, it is determined that the authentication is passed.
And if the random number carried in the first access request is obtained by encrypting the random number of the certificate by the user terminal according to a preset encryption method, the reverse proxy server decrypts the random number according to a decryption method corresponding to the preset encryption method after receiving the first access request, and if the decrypted random number is the same as the random number of the certificate carried in the service site list, the verification is determined to be passed.
In a possible implementation manner, the reverse proxy server may store a login state of the user terminal in each service server, and if the reverse proxy server performs identity authentication on the target service site based on the first access request and a login credential stored in advance and corresponding to the user, and the identity authentication passes, the reverse proxy server may change the login state of the user terminal in the attendant server from a post-unregistered state to a logged-in state.
In an example of the present application, when the reverse proxy service performs identity authentication on a target service site based on a first access request and a pre-stored login credential corresponding to a user, the reverse proxy server may obtain the login credential based on first identity information carried in the first access request and identification information of the target service site, and then perform identity authentication on the target service site based on the login credential, after receiving the login credential, on a target service server corresponding to the target service site, based on the login credential.
The login credentials may be pre-stored in the database of the reverse proxy server, and the login credentials of different service sites of the same user may be stored separately.
In a possible application scenario, the user is not registered at the target service site, that is, the reverse proxy server cannot find the login credential corresponding to the user at the target service site from the database, at this time, the user may initiate a registration request to the target service site through the reverse proxy server to obtain the login credential, and the specific registration process will not be explained.
And 105, after receiving the access permission instruction corresponding to the target service site fed back by the reverse proxy server, the user terminal sends a second access request to the reverse proxy server.
And step 106, after receiving the second access request sent by the user terminal, the reverse proxy server obtains page information corresponding to the target service site from the service server and sends the page information to the user terminal.
In a possible implementation manner, after receiving the second access request sent by the user terminal, the reverse proxy server may further detect whether the login state of the user terminal in the service server is logged in before obtaining the page information corresponding to the target service site from the service server, and if so, obtain the page information corresponding to the target service site from the service server.
In another possible implementation, to improve the security of the system, the login time of the user terminal in the service server may be detected, and then it is detected whether a time difference between the time when the second access request is received and the login time is smaller than a preset time difference threshold, and if the time difference is smaller than the preset time difference threshold, the page information corresponding to the target service site is obtained from the service server.
In a specific implementation, when the reverse proxy server obtains the page information corresponding to the target service site from the operator server, the reverse proxy server may send the second access request sent by the user terminal to the target service server corresponding to the target service site, and then receive the page information fed back by the target service server based on the second access request.
An embodiment of the present application further provides a login method, which is applied to a reverse proxy server, and as shown in fig. 2, a flowchart of the login method provided in the embodiment of the present application is shown, and the login method includes the following steps:
step 201, receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed.
Step 202, receiving a first access request sent by a user terminal; the first access request carries identification information of a target service site selected by a user based on the service site list.
And 203, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed.
Wherein the access permission instruction is used for instructing the user terminal to initiate the access request again.
In a possible implementation manner, the service site list carries a credential random number; the first access request carries a random number generated based on the random number of the certificate;
before identity authentication is performed on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, security verification can be performed based on the random number carried in the first access request and a certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
In a possible application scenario, before an access permission instruction corresponding to the target service site is fed back to the user terminal, the login state of the user terminal in the service server may be changed from non-login to logged-in;
the acquiring, from the service server, page information corresponding to the target service site includes:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring the page information corresponding to the target service site from the service server.
In another possible application scenario, before the page information corresponding to the target service site is obtained from the service server, the method further includes:
determining the login time of the user terminal in the service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold, acquiring the page information corresponding to the target service site from a service server.
In an embodiment of the application, the performing, at the target service site, identity authentication based on the first access request and a pre-stored login credential corresponding to the user includes:
acquiring the login credential based on the first identity information carried in the first access request and the identification information of the target service site;
and sending an identity authentication request to the target business site based on the login credentials so that the target business site performs identity authentication based on the login credentials in the identity authentication request.
And step 204, after receiving the second access request sent by the user terminal, obtaining the page information corresponding to the target service site from the service server, and sending the page information to the user terminal.
The embodiment also provides another login method, which is applied to a user terminal, and is shown in fig. 3, which is a flowchart of the another login method provided in the embodiment of the present application, and the method includes the following steps:
step 301, after receiving a login instruction input by a user, sending a login request to a reverse proxy server.
And step 302, receiving a service site list fed back by the proxy server according to the login request.
Step 303, when receiving a selection instruction of a target service site input by a user based on the service site list, sending a first access request to the reverse proxy server.
The first access request is used for indicating the reverse proxy server to perform identity authentication on a target service site based on a pre-stored login certificate corresponding to a user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed;
and step 304, after receiving an access permission instruction corresponding to the target service site and fed back by the reverse proxy server based on the first access request, sending a second access request to the reverse proxy server.
The second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from the service server;
and 305, receiving the page information of the target service site forwarded by the reverse proxy server.
According to the login method and the login system provided by the embodiment of the application, after a first access request to a target service site sent by a user terminal is received, a found login certificate is not sent to the user terminal and the user terminal initiates a login request, but a reverse proxy server performs identity authentication on a service server by virtue of the login certificate, and after the authentication is successful and a second access request sent by the user terminal is received, the reverse proxy server directly acquires page information from the target service site.
Example two
The present embodiment further provides a login apparatus, referring to fig. 4, which is a schematic structural diagram of a login apparatus 400 provided in the embodiment of the present application, and the login apparatus includes a first verification module 401, a first receiving module 402, a second verification module 403, and a page information forwarding module 404, specifically:
the first authentication module 401 is configured to receive a login request sent by a user terminal, perform authentication based on first identity information of a user carried in the login request, and feed back a service site list to the user terminal after the authentication is passed;
a first receiving module 402, configured to receive a first access request sent by the user terminal; the first access request carries identification information of a target service site selected by the user based on the service site list;
a second verification module 403, configured to perform identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, and after the identity authentication passes, feed back an access permission instruction corresponding to the target service site to the user terminal, where the access permission instruction is used to instruct the user terminal to initiate an access request again;
a page information forwarding module 404, configured to, after receiving the second access request sent by the user terminal, obtain, from a service server, page information corresponding to the target service site, and send the page information to the user terminal.
In one possible design, the service site list carries a random number of a certificate; the first access request carries a random number generated based on the random number of the certificate;
the second verification module 403, before performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, is further configured to:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
In one possible design, the second verification module 403, before feeding back the access permission instruction corresponding to the target service site to the user terminal, is further configured to:
changing the login state of the user terminal in the service server from non-login to logged-in;
the page information forwarding module 404, when obtaining the page information corresponding to the target service site from the service server, is specifically configured to:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring the page information corresponding to the target service site from the service server.
In one possible design, the second verification module 403, before acquiring the page information corresponding to the target service site from the service server, is further configured to:
determining the login time of the user terminal in the service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold, acquiring the page information corresponding to the target service site from a service server.
In a possible design, when performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, the second verification module 403 is specifically configured to:
acquiring the login credential based on the first identity information carried in the first access request and the identification information of the target service site;
and sending an identity authentication request to the target business site based on the login credentials so that the target business site performs identity authentication based on the login credentials in the identity authentication request.
In addition, an embodiment of the present application further provides another login apparatus, as shown in fig. 5, which is a schematic structural diagram of the login apparatus 500 provided in this embodiment, and includes a first sending module 501, a second receiving module 502, a second sending module 503, a third sending module 504, and a third receiving module 505, specifically:
a first sending module 501, configured to send a login request to a reverse proxy server after receiving a login instruction input by a user;
a second receiving module 502, configured to receive a service site list fed back by the proxy server according to the login request;
a second sending module 503, configured to send a first access request to the reverse proxy server when receiving a selection instruction of a target service site, input by a user based on the service site list; the first access request is used for indicating the reverse proxy server to perform identity authentication on the target service site based on a pre-stored login certificate corresponding to the user, and feeding back page information corresponding to the target service site to the user terminal after the identity authentication is passed;
a third sending module 504, configured to send a second access request to the reverse proxy server after receiving an access permission instruction corresponding to the target service site and fed back by the reverse proxy server based on the first access request; the second access request is used for indicating the reverse proxy server to acquire the page information corresponding to the target service site from a service server;
a third receiving module 505, configured to receive the page information of the target service site forwarded by the reverse proxy server.
According to the login device provided by the embodiment of the application, after a first access request to a target service site sent by a user terminal is received, a found login certificate is not sent to the user terminal and the user terminal initiates a login request, but a reverse proxy server performs identity authentication on a service server by virtue of the login certificate, and after the authentication is successful and a second access request sent by the user terminal is received, the reverse proxy server directly acquires page information from the target service site.
EXAMPLE III
Based on the same technical concept, the embodiment of the application also provides the electronic equipment. Referring to fig. 6, a schematic structural diagram of an electronic device 600 provided in the embodiment of the present application includes a processor 601, a memory 602, and a bus 603. The memory 602 is used for storing execution instructions and includes a memory 6021 and an external memory 6022; the memory 6021 is also referred to as an internal memory, and is configured to temporarily store the operation data in the processor 601 and the data exchanged with the external memory 6022 such as a hard disk, the processor 601 exchanges data with the external memory 6022 through the memory 6021, and when the electronic device 600 operates, the processor 601 communicates with the memory 602 through the bus 603, so that the processor 601 executes the following instructions:
receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed;
receiving a first access request sent by the user terminal; the first access request carries identification information of a target service site selected by the user based on the service site list;
performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed, wherein the access permission instruction is used for indicating the user terminal to initiate an access request again;
and after receiving a second access request sent by the user terminal, acquiring page information corresponding to the target service site from a service server, and sending the page information to the user terminal.
In a possible design, in an instruction executed by the processor 601, the service site list carries a credential random number; the first access request carries a random number generated based on the random number of the certificate;
before performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, the instructions executed by the processor 601 further include:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
In one possible design, the instructions executed by the processor 601, before feeding back the access permission instruction corresponding to the target service site to the user terminal, further include:
changing the login state of the user terminal in the service server from non-login to logged-in;
the acquiring, from the service server, page information corresponding to the target service site includes:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring the page information corresponding to the target service site from the service server.
In one possible design, the instructions executed by the processor 601, before acquiring the page information corresponding to the target service site from the service server, further include:
determining the login time of the user terminal in the service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold, acquiring the page information corresponding to the target service site from a service server.
In one possible design, the performing, by the processor 601, an identity authentication at the target service site based on the first access request and a pre-stored login credential corresponding to the user includes:
acquiring the login credential based on the first identity information carried in the first access request and the identification information of the target service site;
and sending an identity authentication request to the target business site based on the login credentials so that the target business site performs identity authentication based on the login credentials in the identity authentication request.
Based on the same technical concept, the embodiment of the application also provides the electronic equipment. Referring to fig. 7, a schematic structural diagram of an electronic device 700 provided in the embodiment of the present application includes a processor 701, a memory 702, and a bus 703. The memory 702 is used for storing execution instructions and includes a memory 7021 and an external memory 7022; the memory 7021 is also referred to as an internal memory, and is used to temporarily store operation data in the processor 701 and data exchanged with an external memory 7022 such as a hard disk, the processor 701 exchanges data with the external memory 7022 through the memory 7021, and when the electronic device 700 is operated, the processor 701 and the memory 702 communicate with each other through the bus 703, so that the processor 701 executes the following instructions:
after receiving a login instruction input by a user, sending a login request to a reverse proxy server;
receiving a service site list fed back by the proxy server according to the login request;
when a selection instruction of a target service site input by a user based on the service site list is received, sending a first access request to the reverse proxy server; the first access request is used for indicating the reverse proxy server to perform identity authentication on the target service site based on a pre-stored login credential corresponding to the user, and after the identity authentication is passed, feeding back an access permission instruction corresponding to the target service site to the user terminal;
after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site, sending a second access request to the reverse proxy server; the second access request is used for indicating the reverse proxy server to acquire the page information corresponding to the target service site from a service server;
and receiving the page information of the target service site forwarded by the reverse proxy server.
Example four
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the login method described in any of the above embodiments.
Specifically, the storage medium can be a general-purpose storage medium, such as a removable disk, a hard disk, or the like, and when a computer program on the storage medium is executed, the steps of the login method can be executed, thereby improving the security in the single sign-on mode.
The computer program product for performing the login method provided in the embodiment of the present application includes a computer-readable storage medium storing a nonvolatile program code executable by a processor, where instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment, and is not described herein again.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present application, and are used for illustrating the technical solutions of the present application, but not limiting the same, and the scope of the present application is not limited thereto, and although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the exemplary embodiments of the present application, and are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (15)

1. A login method applied to a reverse proxy server, comprising:
receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed;
receiving a first access request sent by the user terminal; the first access request carries identification information of a target service site selected by the user based on the service site list;
performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed, wherein the access permission instruction is used for indicating the user terminal to initiate a second access request;
and after receiving the second access request sent by the user terminal, acquiring page information corresponding to the target service site from a service server, and sending the page information to the user terminal.
2. The login method according to claim 1, wherein the service site list carries a credential random number; the first access request carries a random number generated based on the random number of the certificate;
the identity authentication at the target service site based on the first access request and a pre-stored login credential corresponding to the user includes:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
3. The login method according to claim 1, wherein before feeding back the access permission instruction corresponding to the target service site to the user terminal, the method further comprises:
changing the login state of the user terminal in the service server from non-login to logged-in;
the acquiring, from the service server, page information corresponding to the target service site includes:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring the page information corresponding to the target service site from the service server.
4. The login method according to claim 3, wherein before acquiring the page information corresponding to the target service site from the service server, the method further comprises:
determining the login time of the user terminal in the service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold, acquiring the page information corresponding to the target service site from a service server.
5. The login method according to claim 1, wherein the identity authentication at the target service site based on the first access request and a pre-stored login credential corresponding to the user comprises:
acquiring the login credential based on the first identity information carried in the first access request and the identification information of the target service site;
and sending an identity authentication request to the target service site based on the login credentials so that the target service site performs identity authentication based on the login credentials carried in the identity authentication request.
6. A login method is applied to a user terminal and comprises the following steps:
after receiving a login instruction input by a user, sending a login request to a reverse proxy server;
receiving a service site list fed back by the proxy server according to the login request;
when a selection instruction of a target service site input by a user based on the service site list is received, sending a first access request to the reverse proxy server; the first access request is used for indicating the reverse proxy server to perform identity authentication on the target service site based on a pre-stored login credential corresponding to the user, and after the identity authentication is passed, feeding back an access permission instruction corresponding to the target service site to the user terminal;
after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site, sending a second access request to the reverse proxy server; the second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from a service server;
and receiving the page information of the target service site forwarded by the reverse proxy server.
7. A login system, comprising a user terminal, and a reverse proxy server:
the user terminal is used for sending a login request to the reverse proxy server after receiving a login instruction initiated by a user; receiving a service site list fed back by the proxy server according to the login request; when a selection instruction of a target service site input by a user based on the service site list is received, sending a first access request to the reverse proxy server; after receiving an access permission instruction which is fed back by the reverse proxy server based on the first access request and corresponds to the target service site, sending a second access request to the reverse proxy server; receiving page information of the target service site forwarded by the reverse proxy server;
the first access request is used for indicating the reverse proxy server to perform identity authentication on the target service site based on a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed;
the second access request is used for indicating the reverse proxy server to acquire the page information corresponding to the target service site from a service server;
the reverse proxy server is used for receiving the login request sent by the user terminal, verifying the login request based on the first identity information of the user carried in the login request, and feeding back the service site list to the user terminal after the verification is passed; after receiving the first access request sent by the user terminal, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user, and after the identity authentication is passed, feeding back an access permission instruction corresponding to the target service site to the user terminal; and after receiving a second access request sent by the user terminal, acquiring the page information corresponding to the target service site from the service server, and sending the page information to the user terminal.
8. A login apparatus, comprising:
the first verification module is used for receiving a login request sent by a user terminal, verifying based on first identity information of a user carried in the login request, and feeding back a service site list to the user terminal after the verification is passed;
a first receiving module, configured to receive a first access request sent by the user terminal; the first access request carries identification information of a target service site selected by the user based on the service site list;
the second verification module is used for performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed, wherein the access permission instruction is used for indicating the user terminal to initiate an access request again;
and the page information forwarding module is used for acquiring page information corresponding to the target service site from a service server after receiving a second access request sent by the user terminal, and sending the page information to the user terminal.
9. The login device of claim 8, wherein the service site list carries a random number of a credential; the first access request carries a random number generated based on the random number of the certificate;
the second verification module, before performing identity authentication on the target service site based on the first access request and a pre-stored login credential corresponding to the user, is further configured to:
performing security verification based on the random number carried in the first access request and the certificate random number carried in the service site list; and if the verification is passed, performing identity authentication on the target service site based on the first access request and a pre-stored login certificate corresponding to the user.
10. The login device of claim 8, wherein the second authentication module, before feeding back the access permission instruction corresponding to the target service site to the user terminal, is further configured to:
changing the login state of the user terminal in the service server from non-login to logged-in;
the page information forwarding module, when acquiring the page information corresponding to the target service site from the service server, is specifically configured to:
detecting whether the login state of the user terminal in the service server is logged in;
and if so, acquiring the page information corresponding to the target service site from the service server.
11. The login device of claim 10, wherein the second authentication module, before acquiring the page information corresponding to the target service site from the service server, is further configured to:
determining the login time of the user terminal in the service server;
detecting whether the time difference between the time of receiving the second access request and the login time is smaller than a preset time difference threshold value or not;
and if the time difference is smaller than the time difference threshold, acquiring the page information corresponding to the target service site from a service server.
12. The login apparatus according to claim 8, wherein the second verification module, when performing the identity authentication at the target service site based on the first access request and a pre-stored login credential corresponding to the user, is specifically configured to:
acquiring the login credential based on the first identity information carried in the first access request and the identification information of the target service site;
and sending an identity authentication request to the target service site based on the login credentials so that the target service site performs identity authentication based on the login credentials in the identity authentication request.
13. A login apparatus, comprising:
the first sending module is used for sending a login request to the reverse proxy server after receiving a login instruction input by a user;
the second receiving module is used for receiving a service site list fed back by the proxy server according to the login request;
the second sending module is used for sending a first access request to the reverse proxy server when receiving a selection instruction of a target service site input by a user based on the service site list; the first access request is used for indicating the reverse proxy server to perform identity authentication on the target service site based on a pre-stored login certificate corresponding to the user, and feeding back an access permission instruction corresponding to the target service site to the user terminal after the identity authentication is passed;
a third sending module, configured to send a second access request to the reverse proxy server after receiving an access permission instruction corresponding to the target service site and fed back by the reverse proxy server based on the first access request; the second access request is used for indicating the reverse proxy server to acquire page information corresponding to the target service site from a service server;
and the third receiving module is used for receiving the page information of the target service site forwarded by the reverse proxy server.
14. An electronic device, comprising: processor, memory and bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating over the bus when the electronic device is running, the machine-readable instructions when executed by the processor performing the steps of the method of logging in according to any one of claims 1 to 6.
15. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, performs the steps of the login method as claimed in any one of claims 1 to 6.
CN201910585136.6A 2019-07-01 2019-07-01 Login method, device and system Active CN110287682B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910585136.6A CN110287682B (en) 2019-07-01 2019-07-01 Login method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910585136.6A CN110287682B (en) 2019-07-01 2019-07-01 Login method, device and system

Publications (2)

Publication Number Publication Date
CN110287682A CN110287682A (en) 2019-09-27
CN110287682B true CN110287682B (en) 2020-12-04

Family

ID=68021442

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910585136.6A Active CN110287682B (en) 2019-07-01 2019-07-01 Login method, device and system

Country Status (1)

Country Link
CN (1) CN110287682B (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111093197B (en) * 2019-12-31 2021-08-27 北大方正集团有限公司 Authority authentication method, authority authentication system and computer readable storage medium
CN111131324A (en) * 2019-12-31 2020-05-08 北京网众共创科技有限公司 Login method and device of business system, storage medium and electronic device
CN111478849B (en) * 2020-04-08 2022-04-08 腾讯科技(深圳)有限公司 Service access method, device and storage medium
CN113542201B (en) * 2020-04-20 2023-04-21 上海云盾信息技术有限公司 Access control method and equipment for Internet service
CN111552942B (en) * 2020-04-27 2023-02-10 北京三快在线科技有限公司 Identity authentication method, system, device and computer storage medium
CN111556085A (en) * 2020-07-01 2020-08-18 中国银行股份有限公司 Remote access method and device based on secure gateway forwarding
CN111988336A (en) * 2020-09-02 2020-11-24 南方电网数字电网研究院有限公司 Access request processing method, device and system and computer equipment
CN112131588A (en) * 2020-09-25 2020-12-25 北京锐安科技有限公司 Application access method and device, electronic equipment and storage medium
CN112417416A (en) * 2020-11-19 2021-02-26 深圳市德普光业科技有限公司 Authentication interaction method, system and storage medium of service system
CN113051545A (en) * 2020-12-11 2021-06-29 北京芯盾时代科技有限公司 User authentication method and device
CN112559994B (en) * 2020-12-25 2023-12-01 北京百度网讯科技有限公司 Access control method, device, equipment and storage medium
CN112650999A (en) * 2020-12-29 2021-04-13 北京字节跳动网络技术有限公司 User identity authentication control method, device and system
CN114765548B (en) * 2020-12-30 2023-09-05 成都鼎桥通信技术有限公司 Target service processing method and device
CN112671798B (en) * 2020-12-31 2022-10-04 北京明朝万达科技股份有限公司 Service request method, device and system in Internet of vehicles
CN113098964B (en) * 2021-04-01 2023-01-20 如东中天能源管理有限公司 Communication connection establishing method and device, storage medium and electronic equipment
CN114980095B (en) * 2021-05-08 2023-10-27 中移互联网有限公司 Data access method and data access device
CN113381978B (en) * 2021-05-12 2023-06-27 网宿科技股份有限公司 Safe login method and device
CN113778709B (en) * 2021-08-25 2024-03-12 北京达佳互联信息技术有限公司 Interface calling method, device, server and storage medium
CN114172698A (en) * 2021-11-19 2022-03-11 重庆川仪自动化股份有限公司 Service request processing method, Web server, equipment and medium
CN117811770A (en) * 2023-12-01 2024-04-02 北京海泰方圆科技股份有限公司 Login authentication method and device, electronic equipment and readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101350717A (en) * 2007-07-18 2009-01-21 中国移动通信集团公司 Method and system for logging on third party server through instant communication software
CN105659557A (en) * 2013-09-20 2016-06-08 甲骨文国际公司 Web-based interface integration for single sign-on
US9781122B1 (en) * 2016-05-11 2017-10-03 Oracle International Corporation Multi-tenant identity and data security management cloud service
CN109218326A (en) * 2018-10-10 2019-01-15 广州虎牙信息科技有限公司 Login validation method, device, storage medium and server

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102111410B (en) * 2011-01-13 2013-07-03 中国科学院软件研究所 Agent-based single sign on (SSO) method and system
CN103888430A (en) * 2012-12-21 2014-06-25 鸿富锦精密工业(深圳)有限公司 Single-point registration system and method
CN104065616B (en) * 2013-03-20 2017-06-20 中国移动通信集团公司 Single-point logging method and system
CN107819564A (en) * 2016-09-10 2018-03-20 湖南移商动力网络技术有限公司 A kind of design method of the single-node login system based on Public Key Infrastructure

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101350717A (en) * 2007-07-18 2009-01-21 中国移动通信集团公司 Method and system for logging on third party server through instant communication software
CN105659557A (en) * 2013-09-20 2016-06-08 甲骨文国际公司 Web-based interface integration for single sign-on
US9781122B1 (en) * 2016-05-11 2017-10-03 Oracle International Corporation Multi-tenant identity and data security management cloud service
CN109218326A (en) * 2018-10-10 2019-01-15 广州虎牙信息科技有限公司 Login validation method, device, storage medium and server

Also Published As

Publication number Publication date
CN110287682A (en) 2019-09-27

Similar Documents

Publication Publication Date Title
CN110287682B (en) Login method, device and system
CN108768970B (en) Binding method of intelligent equipment, identity authentication platform and storage medium
CN108551443B (en) Application login method and device, terminal equipment and storage medium
US11539690B2 (en) Authentication system, authentication method, and application providing method
CN109471865B (en) Offline data management method, system, server and storage medium
US20220191016A1 (en) Methods, apparatuses, and computer program products for frictionless electronic signature management
CN111917773B (en) Service data processing method and device and server
CN106657152B (en) Authentication method, server and access control device
US9628282B2 (en) Universal anonymous cross-site authentication
CN110177111B (en) Information verification method, system and device
US11177963B2 (en) Method for authenticating a user based on an image relation rule and corresponding first user device, server and system
CN112235321B (en) Short message verification code anti-brushing method and device
US20240080201A1 (en) Systems and methods for enhanced mobile device authentication
CN110572468A (en) server cluster file synchronization method and device, electronic equipment and storage medium
CN112055017A (en) Single-account multi-application unified login method and device and computer equipment
US20200233947A1 (en) System and method for facilitating authentication via a short-range wireless token
CN111565179A (en) Identity verification method and device, electronic equipment and storage medium
CN110691091A (en) Data acquisition method and device based on identity authentication and computer equipment
US10250778B2 (en) Distributed smart card reader for multifunction printer
CN112398787B (en) Mailbox login verification method and device, computer equipment and storage medium
KR20130012136A (en) Information generation system and method therefor
CN110677423A (en) Data acquisition method and device based on client agent side and computer equipment
CN115567271A (en) Authentication method and device, page skip method and device, electronic equipment and medium
CN113360868A (en) Application program login method and device, computer equipment and storage medium
CN109241728B (en) Method and device for acquiring password information, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A login method, device, and system

Granted publication date: 20201204

Pledgee: Mentougou Green Sub branch of Bank of Beijing Co.,Ltd.

Pledgor: BEIJING TRUSFORT TECHNOLOGY CO.,LTD.

Registration number: Y2024110000147