CN110430205A - Single-point logging method, device, equipment and computer readable storage medium - Google Patents
Single-point logging method, device, equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN110430205A CN110430205A CN201910742748.1A CN201910742748A CN110430205A CN 110430205 A CN110430205 A CN 110430205A CN 201910742748 A CN201910742748 A CN 201910742748A CN 110430205 A CN110430205 A CN 110430205A
- Authority
- CN
- China
- Prior art keywords
- user information
- redis
- information
- operation requests
- session identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of single-point logging methods, this method comprises: obtaining Redis address information from preset configuration center when detecting the service starting of access side;When receiving operation requests, according to the network address of the operation requests, judge whether the operation requests are logging request;If the operation requests are logging requests, the corresponding user information of the logging request is obtained, and logs in the corresponding account of the user information;In Account Logon success, session identification is generated, Cookie is written into the session identification, and the corresponding Redis server of the Redis address information is written into the user information.The invention also discloses a kind of single-sign-on device, equipment and a kind of computer readable storage mediums.The present invention improves single-sign-on stability and safety.
Description
Technical field
The present invention relates to the big data technical field of financial technology (Fintech) more particularly to single-point logging methods, dress
It sets, equipment and computer readable storage medium.
Background technique
In recent years, with Internet technology, the especially rapid development of internet financial technology (Fintech), increasingly
More technologies (big data, distribution, block chain Blockchain, artificial intelligence etc.) are applied in financial field, with financial company
For, usually they possess multiple business platforms and correspond to multiple servers, and user is when accessing these business platforms, each business
Platform will carry out registration login, exit one by one again when exiting, and user's operation is more troublesome, in this case, enterprise
Industry forms single-node login system by the way that each business platform is deferred to single-sign-on agreement, and user only needs to log in one of industry
Business platform, so that it may access all business platforms trusted each other.
The corresponding business platform (access side) of existing single-node login system needs to call Redis phase by modification code
The storage of pass method and acquisition user information, during calling the storage of Redis correlation technique and obtaining user information, Redis
Interface can be exposed to access side, and Redis interface has a risk being tampered, the stability of single-node login system and safety compared with
It is low.
Summary of the invention
It is a primary object of the present invention to propose a kind of single-point logging method, device, equipment and computer-readable storage medium
Matter, it is intended to the stability of current single-node login system and the lower technical problem of safety.
To achieve the above object, the present invention provides a kind of single-point logging method, and the single-point logging method includes following step
It is rapid:
When detecting the service starting of access side, Redis address information is obtained from preset configuration center;
When receiving operation requests, according to the network address of the operation requests, judge the operation requests whether be
Logging request;
If the operation requests are logging requests, the corresponding user information of the logging request is obtained, and described in login
The corresponding account of user information;
In Account Logon success, session identification is generated, Cookie is written into the session identification, and by the use
The corresponding Redis server of the Redis address information is written in family information.
Optionally, described in Account Logon success, session identification is generated, the session identification is written
Cookie, and the step of Redis server that the user information write-in Redis address information is corresponding, comprising:
In Account Logon success, session identification is generated by default blocker, and the session identification is written
Cookie;
The set method in default network interface is called, it is corresponding that the Redis address information is written in the user information
Redis server.
Optionally, described when receiving operation requests, according to the network address of the operation requests, judge the operation
After the step of whether request is logging request, comprising:
If the operation requests are not logging requests, the operation is obtained from Cookie by default loading interface and is asked
Seek corresponding session identification;
The corresponding Redis server of the Redis address information is inquired by the default loading interface, described in judgement
It whether there is the corresponding user information of the session identification in Redis server;
If there are the corresponding user informations of the session identification in the Redis server, accesses the access side and connect
Mouth executes the operation requests.
Optionally, described in Account Logon success, session identification is generated, the session identification is written
Cookie, and after the step of Redis server that the user information write-in Redis address information is corresponding, comprising:
The time-out time of user information described in the Redis server is set;
When the holding time for detecting the user information reaching the time-out time, the Redis server is deleted
In the user information;
It is described that the corresponding Redis server of the Redis address information is inquired by the default loading interface, judge institute
After the step of stating user information corresponding with the presence or absence of the session identification in Redis server, further includes:
If the corresponding user information of the session identification is not present in the Redis server, prompt information is exported, with
Prompt user logs in again.
Optionally, if the operation requests are logging requests, the corresponding user information of the logging request is obtained,
And the step of logging in the user information corresponding account, comprising:
If the operation requests are logging requests, the corresponding user information of the logging request is obtained, and described in verifying
User information;
If the user information verifying does not pass through, prompt information is exported, to prompt user to input new user information;
If the user information is verified, the corresponding account of the user information is logged in.
In addition, to achieve the above object, the present invention also provides a kind of single-sign-on device, the single-sign-on device packet
It includes:
Address acquisition module, for obtaining the address Redis from preset configuration center when detecting the service starting of access side
Information;
Judgment module is requested, for according to the network address of the operation requests, judging institute when receiving operation requests
State whether operation requests are logging request;
Account Logon module obtains the corresponding use of the logging request if being logging request for the operation requests
Family information, and log in the corresponding account of the user information;
Information writing module, for generating session identification, the session identification being written in Account Logon success
Cookie, and the corresponding Redis server of the Redis address information is written into the user information.
Optionally, the information writing module, comprising:
First writing unit, for generating session identification by default blocker, and will in Account Logon success
Cookie is written in the session identification;
Second writing unit will be described in user information write-in for calling the set method in default network interface
The corresponding Redis server of Redis address information.
Optionally, the single-sign-on device, comprising:
Identifier acquisition module, if not being logging request for the operation requests, by default loading interface from
The corresponding session identification of the operation requests is obtained in Cookie;
Information inquiry module, for inquiring the corresponding Redis of the Redis address information by the default loading interface
Server judges in the Redis server with the presence or absence of the corresponding user information of the session identification;
Access execution module, if in the Redis server there are the corresponding user information of the session identification,
It accesses access side's interface and executes the operation requests.
Optionally, the single-sign-on device, further includes:
Time setup module, for the time-out time of user information described in the Redis server to be arranged;
Information deletion module, for deleting when the holding time for detecting the user information reaching the time-out time
Except the user information in the Redis server;
Login prompt module, if for the corresponding user information of the session identification to be not present in the Redis server,
Prompt information is exported, then to prompt user to log in again.
Optionally, the Account Logon module, comprising:
Information Authentication unit obtains the corresponding use of the logging request if being logging request for the operation requests
Family information, and verify the user information;
Output unit is prompted, if not passing through for user information verifying, prompt information is exported, to prompt user defeated
Enter new user information;
Account Logon unit logs in the corresponding account of the user information if being verified for the user information.
In addition, to achieve the above object, the present invention also provides a kind of single sign-on equipment, the single sign-on equipment packet
It includes: memory, processor and the corresponding meter of single-sign-on that is stored on the memory and can run on the processor
Calculation machine program, the single-sign-on corresponding computer program realize such as above-mentioned single-point logging method when being executed by the processor
The step of.
In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium
It is stored with the corresponding computer program of single-sign-on on storage medium, the corresponding computer program of the single-sign-on is by processor
It realizes when execution such as the step of above-mentioned single-point logging method.
It is single in the present invention the invention discloses a kind of single-point logging method, device, equipment and computer readable storage medium
Point login method includes: to obtain Redis address information from preset configuration center when detecting the service starting of access side;It is connecing
When receiving operation requests, according to the network address of the operation requests, judge whether the operation requests are logging request;If institute
Stating operation requests is logging request, then obtains the corresponding user information of the logging request, and it is corresponding to log in the user information
Account;In Account Logon success, session identification is generated, Cookie is written into the session identification, and by the use
The corresponding Redis server of the Redis address information is written in family information.Configuration center is preset in the embodiment of the present invention,
And Redis address information is saved to configuration center, when single sign-on equipment receives operation requests, single sign-on equipment judgement
Whether operation requests are logging request, and when operation requests are logging requests, single sign-on equipment obtains Redis from configuration center
User information in logging request is stored in the corresponding Redis of Redis address information and serviced by address information, single sign-on equipment
In device, so that access side does not need directly to dock Redis interface, single-sign-on stability and safety are improved.
Detailed description of the invention
Fig. 1 is the device structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of single-point logging method first embodiment of the present invention;
Fig. 3 is the concrete scene schematic diagram of single-point logging method first embodiment of the present invention;
Fig. 4 is the flow diagram of single-point logging method second embodiment of the present invention;
Fig. 5 is the functional block diagram of one embodiment of single-sign-on device of the present invention.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
As shown in Figure 1, Fig. 1 is the device structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to.
Single sign-on equipment of the embodiment of the present invention can be PC machine or server apparatus.
As shown in Figure 1, the single sign-on equipment may include: processor 1001, such as CPU, network interface 1004, user
Interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection between these components
Communication.User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user
Interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include having for standard
Line interface, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable storage
Device (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processing
The storage device of device 1001.
It will be understood by those skilled in the art that single sign-on equipment structure shown in Fig. 1 is not constituted to single-sign-on
The restriction of equipment, single sign-on equipment may include perhaps combining certain components or not than illustrating more or fewer components
Same component layout.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium
Believe module, Subscriber Interface Module SIM and the corresponding computer program of single-sign-on.
In single sign-on equipment shown in Fig. 1, network interface 1004 is mainly used for connecting background server, takes with backstage
Business device carries out data communication;User interface 1003 is mainly used for connecting client (user terminal), carries out data communication with client;
And processor 1001 can be used for calling the corresponding computer program of the single-sign-on stored in memory 1005, the processor
The corresponding computer program of the single-sign-on of upper operation is performed, and the method realized can refer to single-point logging method of the present invention
Each embodiment.
Based on above-mentioned hardware configuration, single-point logging method embodiment of the present invention is proposed.
It is the flow diagram of single-point logging method first embodiment of the present invention, the single-sign-on side referring to Fig. 2, Fig. 2
Method includes:
Step S10 obtains Redis address information from preset configuration center when detecting the service starting of access side.
In the present embodiment, single-point logging method is applied to single sign-on equipment, and single sign-on equipment is set to single-sign-on
The front end of system, single sign-on equipment is for handling the operation requests received on single-node login system;Specifically, the present embodiment
In, single sign-on equipment and user client, access side's business platform and single-node login system communicate to connect, for example, the first industry
Platform, the second business platform and third business platform be engaged in as access side's business platform that is interrelated and trusting, exploitation or
First business platform, the second business platform and third business platform and single-node login system are carried out communication link in advance by operation maintenance personnel
It connects, after such user logs in the first business platform, the second business platform can be accessed simultaneously by single-node login system user
With third business platform, specifically:
Preset configuration center in single sign-on equipment in the present embodiment includes Redis address information in configuration center, single
Point logging device detects access side, and in access side when corresponding business platform starting, access side sends enabled instruction to single-point and steps on
Recording apparatus, single sign-on equipment receive the enabled instruction that access side is sent, and single sign-on equipment detects the service starting of access side,
Single sign-on equipment obtains Redis address information from preset configuration center, to call Redis related side in Redis address information
Method storage obtains user information.
By preset configuration center in the present embodiment, Redis relevant configuration is deposited in into configuration center, it is hidden in the present embodiment
It hides and is realized inside single-sign-on, avoid the risk for exposing Single-point system brought by Redis.
Step S20, according to the network address of the operation requests, judges that the operation is asked when receiving operation requests
No Seeking Truth is logging request.
Single sign-on equipment receives operation requests, wherein the type of operation requests is not especially limited, that is, operation requests
It can be logging request, access request or edit requests etc., in addition, the triggering mode of operation requests is not especially limited, behaviour
Request either user actively triggering, for example, user inputs on the subscriber terminal: xxx mailbox click " entrances " trigger
Operation requests are sent to single sign-on equipment by operation requests, terminal;Operation requests can also be automatic trigger, for example, with
Daily morning automated log on xxx system queries business datum is preset in the terminal of family, then the daily morning automatic trigger behaviour of terminal
It requests, operation requests are sent to single sign-on equipment by terminal.
When single sign-on equipment receives operation requests, single sign-on equipment obtains the corresponding network address of operation requests,
Single sign-on equipment judges whether operation requests are logging request according to network address, specifically, in single sign-on equipment in advance
Setting log in network address set, single sign-on equipment by the corresponding network address of operation requests with login network address set in it is each pre-
If entry address is compared, judge the corresponding network address of operation requests whether be it is default log in network address set default step on
Address is recorded, if network address is the default default entry address logged in network address set, single sign-on equipment decision is asked
Seeking Truth logging request;If network address is not the default default entry address logged in network address set, single sign-on equipment is sentenced
Determining operation requests is not logging request.
Single sign-on equipment judges whether operation requests are logging requests in the present embodiment, to determine subsequent processing steps,
That is,
Step S30 obtains the corresponding user information of the logging request if the operation requests are logging requests, and
Log in the corresponding account of the user information.
If operation requests are logging requests, single sign-on equipment obtains the corresponding user information of logging request, wherein user
Information includes that (account identification refers to the identification information of unique identification logon account to account identification, for example, name on account, user's surname
Name, user identity demonstrate,prove number) and other account-related informations such as login password, single sign-on equipment is by user information input correspondence
Network address, execute log-in instruction, with the corresponding account of login user information;Specifically, comprising:
Step a1 obtains the corresponding user information of the logging request, and test if the operation requests are logging requests
Demonstrate,prove the user information;
Step a2 exports prompt information, if user information verifying does not pass through to prompt user to input new user
Information;
Step a3 logs in the corresponding account of the user information if the user information is verified.
In conjunction with Fig. 3, in the present embodiment, filter (filter) is preset in single sign-on equipment, wherein preset
Filter refers to that pre-set filtering code, preset filter can pass through SDK (Software Development
Kit, Software Development Kit are that some software engineers are specific software package, software frame, hardware platform, operating system etc.
The set of developing instrument when establishing application software) it realizes.
If operation requests are logging requests, preset filter does not intercept the logging request, single-point in single sign-on equipment
Logging device obtains the corresponding user information of logging request, and verifies user information;That is, pre-saving mark in single sign-on equipment
Quasi- log-on message set, each user's registration for including in standard log-on message set or actively the standard of setting logs in letter
Breath, single sign-on equipment carry out the standard log-on message in the corresponding user information of logging request and standard log-on message set
It compares, to be verified to user information, that is, if there is target criteria identical with user information in standard log-on message set
Information, then user information is verified;If there is no target criterias identical with user information to believe in standard log-on message set
Breath, then user information verifying do not pass through;If user information verifying does not pass through, single sign-on equipment exports prompt information, to mention
Show that user inputs new user information;If user information is verified, the corresponding account of single sign-on equipment login user information
Family.
Step S40 generates session identification in Account Logon success, and Cookie is written in the session identification, and
The corresponding Redis server of the Redis address information is written into the user information.
Specifically, comprising:
Step b1 generates session identification by default blocker in Account Logon success, and by the session mark
Know write-in Cookie;
Step b2 calls the set method in default network interface, and the address Redis is written in the user information and is believed
Cease corresponding Redis server.
That is, presetting blocker in single sign-on equipment, default blocker refers to pre-set in Account Logon success
For generating the code of session identification, default blocker can (Software Development Kit, software be opened by SDK
Hair kit is that some software engineers are the foundation such as specific software package, software frame, hardware platform, operating system using soft
The set of developing instrument when part) it realizes, single sign-on equipment generates session identification by default blocker, and by session identification
Cookie is written.
In conjunction with Fig. 3, single sign-on equipment calls default network interface, and (default network interface refers to be rewritten in advance
Http Session interface code, for realizing user information deposit operation) in set method, preset network interface according to set
The corresponding Redis server of Redis address information is written in user information by method.
It is understood that single sign-on equipment is corresponding by user information write-in Redis address information in the present embodiment
Redis server, in the interrelated of user's access preset foundation and the access side trusted, single sign-on equipment calls default add
Carry interface (default loading interface refers to the Http Servlet Reques interface adapted in advance, preset loading interface be used for from
Obtain user information in Redis, and user information returned and is operated) in get User Principle method, from Cookie
The corresponding session identification of middle acquisition operation requests;Single sign-on equipment inquires Redis address information pair by default loading interface
The Redis server answered obtains the corresponding user information of session identification in Redis server, then realizes single-sign-on, that is, single
Point logging device inquires in Redis server there are the corresponding user information of session identification, then the side of access response user's operation
Request;Single sign-on equipment, which inquires, is not present the corresponding user information of session identification, single sign-on equipment in Redis server
Prompt user logs in again, wherein and there are many reason of there is no session identification corresponding user informations in Redis server,
For example, the too long deleted or user of user information storage time triggers logon account and exits operation in Redis server.
Configuration center is preset in the embodiment of the present invention, and Redis address information is saved to configuration center, and single-point is stepped on
When recording apparatus receives operation requests, single sign-on equipment judges whether operation requests are logging request, is to step in operation requests
When record request, single sign-on equipment obtains Redis address information from configuration center, and single sign-on equipment is by the use in logging request
Family information is stored in the corresponding Redis server of Redis address information, so that access side does not need directly to dock Redis and connect
Mouthful, improve single-sign-on stability and safety.
Further, referring to Fig. 4, on the basis of single-point logging method first embodiment of the present invention, this invention is proposed
Method second embodiment.
The present embodiment be in first embodiment after step S20 the step of, the difference of the present embodiment and first embodiment exists
In:
Step S50 obtains institute by default loading interface if the operation requests are not logging requests from Cookie
State the corresponding session identification of operation requests.
If operation requests are not logging requests, single sign-on equipment calls default loading interface, and (default loading interface refers to
The Http Servlet Reques interface adapted in advance, default loading interface are used to obtain user information from Redis, and
User information is returned and is operated) in get User Principle method that the operation requests are obtained from Cookie is corresponding
Session identification.
That is, single sign-on equipment can generate session identification, and session identification is written to when user carries out single-sign-on
In Cookie, when user executes operation requests, single sign-on equipment can obtain session identification from Cookie, by session identification
As key value, the corresponding user information of session identification is obtained from Redis server, specifically:
Step S60 inquires the corresponding Redis server of the Redis address information by the default loading interface, sentences
Break in the Redis server with the presence or absence of the corresponding user information of the session identification.
Single sign-on equipment inquires the corresponding Redis server of Redis address information by default loading interface, and single-point is stepped on
Recording apparatus judges in Redis server with the presence or absence of the corresponding user information of session identification.
Step S70, if there are the corresponding user information of the session identification in the Redis server, described in access
Access side's interface executes the operation requests.
If single sign-on equipment determines that user is in and steps on there are session identification corresponding user information in Redis server
Record state, single sign-on equipment access access side's interface and execute operation requests, that is, single sign-on equipment passes through access side's interface tune
With the setting of set get method and acquisition session attribute value of Http Session request, set and get method can be according to session
It identifies to the setting of Redis server or querying attributes value and realizes operation requests.
Step S80, if the corresponding user information of the session identification is not present in the Redis server, output is mentioned
Show information, to prompt user to log in again.
Redis server can remove cache information, and single sign-on equipment, which is inquired, determines that there is no sessions in Redis server
Corresponding user information is identified, single sign-on equipment exports prompt information, to prompt user to log in again, in the present embodiment, benefit
The characteristic updated with Redis server buffer avoids business platform from logging in for a long time and occupies resource unmanned the case where using.
In the present embodiment, single sign-on equipment when operation requests are not logging requests, call by single sign-on equipment
Get User Principle method obtains user information in Http Servlet Request, in Http Servlet
When the user information that Request is returned, does not need user and carry out duplicate register, single sign-on equipment access access side connects
Mouth executes operation requests, so that user's operation is more convenient.
To original Http Session interface code and Http Servlet Reqeust interface code in the present embodiment
It is adapted, primary Http Session and Http Servlet Request is substituted for the realization of single-node login system,
So that access side's operation maintenance personnel does not need modification code, realizes and system zero is invaded, facilitate the operation of access side, realize use
Family unaware.
Further, on the basis of single-point logging method above-described embodiment of the present invention, propose that the method for the present invention third is real
Apply example.
The step of the present embodiment is after first embodiment step S20, the difference of the present embodiment and above-described embodiment is:
The time-out time of user information described in the Redis server is set, in the guarantor for detecting the user information
When depositing the time arrival time-out time, the user information in the Redis server is deleted.
The time-out time of user information in Redis server is arranged in single sign-on equipment, so that Redis server is according to setting
The time-out time set removes cache information automatically, and the time-out time that user information in Redis server is arranged in the present embodiment can
With by different modes realize, specifically: implementation one: single sign-on equipment according to the user gradation in user information, if
The time-out time of user information is set, for example, user gradation is level-one in user information, then the time-out time of user information is 10 points
Kind, user gradation is second level in user information, then the time-out time of user information is 20 points of kinds;Implementation two: single-sign-on
Remaining space in equipment Redis server is arranged, when the remaining space in Redis server is greater than 50%, time-out time
It is 20 points of kinds, when the remaining space in Redis server is less than or equal to 50%, time-out time is 10 points of kinds.
Single sign-on equipment when detecting that holding time of the user information in Redis server reaches time-out time,
Single sign-on equipment deletes the user information in Redis server, step S60 in second embodiment is at this moment executed, by described
Default loading interface inquires the corresponding Redis server of the Redis address information, judge in the Redis server whether
There are the corresponding user informations of the session identification, and obtained result is exactly: it is corresponding that there is no session identifications in Redis server
User information, then at this time single sign-on equipment export prompt information so that user logs in again.
In the present embodiment single sign-on equipment by the corresponding Redis server of user information write-in Redis address information it
Afterwards, single sign-on equipment can also set the holding time of user information, to reduce Redis server resource occupancy, and further
Improve safety in ground.
Referring to Fig. 5, the embodiment of the present invention also provides a kind of single-sign-on device, and the single-sign-on device includes:
Address acquisition module 10, for obtaining Redis from preset configuration center when detecting the service starting of access side
Location information;
Judgment module 20 is requested, for according to the network address of the operation requests, judging when receiving operation requests
Whether the operation requests are logging request;
It is corresponding to obtain the logging request if being logging request for the operation requests for Account Logon module 30
User information, and log in the corresponding account of the user information;
Information writing module 40, for generating session identification, the session identification being write in Account Logon success
Enter Cookie, and the corresponding Redis server of the Redis address information is written into the user information.
In one embodiment, the information writing module, comprising:
First writing unit, for generating session identification by default blocker, and will in Account Logon success
Cookie is written in the session identification;
Second writing unit will be described in user information write-in for calling the set method in default network interface
The corresponding Redis server of Redis address information.
In one embodiment, the single-sign-on device, comprising:
Identifier acquisition module, if not being logging request for the operation requests, by default loading interface from
The corresponding session identification of the operation requests is obtained in Cookie;
Information inquiry module, for inquiring the corresponding Redis of the Redis address information by the default loading interface
Server judges in the Redis server with the presence or absence of the corresponding user information of the session identification;
Access execution module, if in the Redis server there are the corresponding user information of the session identification,
It accesses access side's interface and executes the operation requests.
In one embodiment, the single-sign-on device, further includes:
Time setup module, for the time-out time of user information described in the Redis server to be arranged;
Information deletion module, for deleting when the holding time for detecting the user information reaching the time-out time
Except the user information in the Redis server;
Login prompt module, if for the corresponding user information of the session identification to be not present in the Redis server,
Prompt information is exported, then to prompt user to log in again.
In one embodiment, the Account Logon module, comprising:
Information Authentication unit obtains the corresponding use of the logging request if being logging request for the operation requests
Family information, and verify the user information;
Output unit is prompted, if not passing through for user information verifying, prompt information is exported, to prompt user defeated
Enter new user information;
Account Logon unit logs in the corresponding account of the user information if being verified for the user information.
When each functional module executes in single-sign-on device of the present invention, realize such as the step of above-mentioned single-point logging method,
It is not repeated in the present embodiment.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone,
Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (12)
1. a kind of single-point logging method, which is characterized in that the single-point logging method includes the following steps:
When detecting the service starting of access side, Redis address information is obtained from preset configuration center;
When receiving operation requests, according to the network address of the operation requests, judge whether the operation requests are login
Request;
If the operation requests are logging requests, the corresponding user information of the logging request is obtained, and log in the user
The corresponding account of information;
In Account Logon success, session identification is generated, Cookie is written into the session identification, and the user is believed
The corresponding Redis server of the Redis address information is written in breath.
2. single-point logging method as described in claim 1, which is characterized in that it is described in Account Logon success, generate meeting
Cookie is written in the session identification by words mark, and the user information write-in Redis address information is corresponding
The step of Redis server, comprising:
In Account Logon success, session identification is generated by default blocker, and the session identification is written
Cookie;
The set method in default network interface is called, it is corresponding that the Redis address information is written in the user information
Redis server.
3. single-point logging method as described in claim 1, which is characterized in that it is described when receiving operation requests, according to described
The network address of operation requests, after judging the step of whether operation requests are logging request, comprising:
If the operation requests are not logging requests, the operation requests pair are obtained from Cookie by default loading interface
The session identification answered;
The corresponding Redis server of the Redis address information is inquired by the default loading interface, judges the Redis
It whether there is the corresponding user information of the session identification in server;
If there are the corresponding user informations of the session identification in the Redis server, accesses access side's interface and hold
The row operation requests.
4. single-point logging method as claimed in claim 3, which is characterized in that it is described in Account Logon success, generate meeting
Cookie is written in the session identification by words mark, and the user information write-in Redis address information is corresponding
After the step of Redis server, further includes:
The time-out time of user information described in the Redis server is set;
When the holding time for detecting the user information reaching the time-out time, delete in the Redis server
The user information;
It is described that the corresponding Redis server of the Redis address information is inquired by the default loading interface, described in judgement
After the step of in Redis server with the presence or absence of the session identification corresponding user information, further includes:
If the corresponding user information of the session identification is not present in the Redis server, prompt information is exported, with prompt
User logs in again.
5. the single-point logging method as described in Claims 1-4 any one, which is characterized in that if the operation requests are
Logging request then obtains the corresponding user information of the logging request, and the step of logging in the user information corresponding account,
Include:
If the operation requests are logging requests, the corresponding user information of the logging request is obtained, and verify the user
Information;
If the user information verifying does not pass through, prompt information is exported, to prompt user to input new user information;
If the user information is verified, the corresponding account of the user information is logged in.
6. a kind of single-sign-on device, which is characterized in that the single-sign-on device includes:
Address acquisition module, for obtaining the address Redis from preset configuration center and believing when detecting the service starting of access side
Breath;
Judgment module is requested, for according to the network address of the operation requests, judging the behaviour when receiving operation requests
Request whether to be logging request;
Account Logon module obtains the corresponding user's letter of the logging request if being logging request for the operation requests
Breath, and log in the corresponding account of the user information;
Information writing module, for generating session identification, the session identification being written in Account Logon success
Cookie, and the corresponding Redis server of the Redis address information is written into the user information.
7. single-sign-on device as claimed in claim 6, which is characterized in that the information writing module, comprising:
First writing unit, for generating session identification by default blocker, and will be described in Account Logon success
Cookie is written in session identification;
For calling the set method in default network interface the Redis is written in the user information by the second writing unit
The corresponding Redis server of address information.
8. single-sign-on device as claimed in claim 6, which is characterized in that the single-sign-on device, comprising:
Identifier acquisition module, if not being logging request for the operation requests, through default loading interface from Cookie
Obtain the corresponding session identification of the operation requests;
Information inquiry module is serviced for inquiring the corresponding Redis of the Redis address information by the default loading interface
Device judges in the Redis server with the presence or absence of the corresponding user information of the session identification;
Execution module is accessed, if for, there are the corresponding user information of the session identification, accessing in the Redis server
Access side's interface executes the operation requests.
9. single-sign-on device as claimed in claim 8, which is characterized in that the single-sign-on device, further includes:
Time setup module, for the time-out time of user information described in the Redis server to be arranged;
Information deletion module, for deleting institute when the holding time for detecting the user information reaching the time-out time
State the user information in Redis server;
Login prompt module, if for the corresponding user information of the session identification to be not present in the Redis server, it is defeated
Prompt information out, to prompt user to log in again.
10. the single-sign-on device as described in claim 6 to 9 any one, which is characterized in that the Account Logon module, packet
It includes:
Information Authentication unit obtains the corresponding user's letter of the logging request if being logging request for the operation requests
Breath, and verify the user information;
Output unit is prompted, if not passing through for user information verifying, exports prompt information, to prompt user's input new
User information;
Account Logon unit logs in the corresponding account of the user information if being verified for the user information.
11. a kind of single sign-on equipment, which is characterized in that the single sign-on equipment includes: memory, processor and is stored in
On the memory and the corresponding computer program of single-sign-on that can run on the processor, the single-sign-on are corresponding
Computer program the step of the single-point logging method as described in any one of claims 1 to 5 is realized when being executed by the processor
Suddenly.
12. a kind of computer readable storage medium, which is characterized in that be stored with single-point on the computer readable storage medium and step on
Record corresponding computer program, the single-sign-on corresponding computer program realizes such as claim 1 when being executed by processor
The step of to single-point logging method described in any one of 5.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910742748.1A CN110430205B (en) | 2019-08-09 | 2019-08-09 | Single sign-on method, device, equipment and computer readable storage medium |
PCT/CN2020/106349 WO2021027600A1 (en) | 2019-08-09 | 2020-07-31 | Single log-in method, apparatus and device, and computer-readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910742748.1A CN110430205B (en) | 2019-08-09 | 2019-08-09 | Single sign-on method, device, equipment and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110430205A true CN110430205A (en) | 2019-11-08 |
CN110430205B CN110430205B (en) | 2023-04-18 |
Family
ID=68415762
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910742748.1A Active CN110430205B (en) | 2019-08-09 | 2019-08-09 | Single sign-on method, device, equipment and computer readable storage medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN110430205B (en) |
WO (1) | WO2021027600A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581631A (en) * | 2020-05-12 | 2020-08-25 | 西安腾营信息科技有限公司 | Single sign-on method based on redis |
CN111859068A (en) * | 2020-07-02 | 2020-10-30 | 中移(杭州)信息技术有限公司 | Message tracking method, device, server and storage medium |
CN111949308A (en) * | 2020-08-07 | 2020-11-17 | 北京字节跳动网络技术有限公司 | Software package publishing method and device |
CN111970333A (en) * | 2020-07-29 | 2020-11-20 | 深圳市钱海网络技术有限公司 | Method and device for realizing coexistence of two sessions based on same client |
WO2021027600A1 (en) * | 2019-08-09 | 2021-02-18 | 深圳前海微众银行股份有限公司 | Single log-in method, apparatus and device, and computer-readable storage medium |
CN113194079A (en) * | 2021-04-23 | 2021-07-30 | 平安科技(深圳)有限公司 | Login verification method, device, equipment and storage medium |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115866016B (en) * | 2022-11-16 | 2023-10-17 | 浪潮智慧科技有限公司 | Global exit method, equipment and medium |
CN116150037B (en) * | 2023-04-19 | 2023-07-21 | 云账户技术(天津)有限公司 | Method and device for managing user login state in use case |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016169410A1 (en) * | 2015-04-21 | 2016-10-27 | 腾讯科技(深圳)有限公司 | Login method and device, server and login system |
CN107070880A (en) * | 2017-02-16 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system of single-sign-on, a kind of authentication center's server |
CN107483418A (en) * | 2017-07-27 | 2017-12-15 | 阿里巴巴集团控股有限公司 | Login process method, method for processing business, device and server |
WO2018036314A1 (en) * | 2016-08-22 | 2018-03-01 | 中兴通讯股份有限公司 | Single-sign-on authentication method and apparatus, and storage medium |
CN108600203A (en) * | 2018-04-11 | 2018-09-28 | 四川长虹电器股份有限公司 | Secure Single Sign-on method based on Cookie and its unified certification service system |
CN108683651A (en) * | 2018-05-04 | 2018-10-19 | 山东汇贸电子口岸有限公司 | A kind of single-point logging method, server-side and system |
CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10645173B2 (en) * | 2017-10-30 | 2020-05-05 | International Business Machines Corporation | Session handling for multi-user multi-tenant web applications |
CN108737541A (en) * | 2018-05-18 | 2018-11-02 | 成都九洲迪飞科技有限责任公司 | A kind of WEB conversation management systems and management method |
CN110430205B (en) * | 2019-08-09 | 2023-04-18 | 深圳前海微众银行股份有限公司 | Single sign-on method, device, equipment and computer readable storage medium |
-
2019
- 2019-08-09 CN CN201910742748.1A patent/CN110430205B/en active Active
-
2020
- 2020-07-31 WO PCT/CN2020/106349 patent/WO2021027600A1/en active Application Filing
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016169410A1 (en) * | 2015-04-21 | 2016-10-27 | 腾讯科技(深圳)有限公司 | Login method and device, server and login system |
US20170195311A1 (en) * | 2015-04-21 | 2017-07-06 | Tencent Technology (Shenzhen) Company Limited | Login method, server, and login system |
WO2018036314A1 (en) * | 2016-08-22 | 2018-03-01 | 中兴通讯股份有限公司 | Single-sign-on authentication method and apparatus, and storage medium |
CN107070880A (en) * | 2017-02-16 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system of single-sign-on, a kind of authentication center's server |
CN107483418A (en) * | 2017-07-27 | 2017-12-15 | 阿里巴巴集团控股有限公司 | Login process method, method for processing business, device and server |
CN108600203A (en) * | 2018-04-11 | 2018-09-28 | 四川长虹电器股份有限公司 | Secure Single Sign-on method based on Cookie and its unified certification service system |
CN108683651A (en) * | 2018-05-04 | 2018-10-19 | 山东汇贸电子口岸有限公司 | A kind of single-point logging method, server-side and system |
CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
CN109936579A (en) * | 2019-03-21 | 2019-06-25 | 广东瑞恩科技有限公司 | Single-point logging method, device, equipment and computer readable storage medium |
Non-Patent Citations (1)
Title |
---|
杨义先 等编著: "《应用密码学 第2版》", 30 June 2013, 北京邮电大学出版社 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021027600A1 (en) * | 2019-08-09 | 2021-02-18 | 深圳前海微众银行股份有限公司 | Single log-in method, apparatus and device, and computer-readable storage medium |
CN111581631A (en) * | 2020-05-12 | 2020-08-25 | 西安腾营信息科技有限公司 | Single sign-on method based on redis |
CN111581631B (en) * | 2020-05-12 | 2023-03-10 | 西安腾营信息科技有限公司 | Single sign-on method based on redis |
CN111859068A (en) * | 2020-07-02 | 2020-10-30 | 中移(杭州)信息技术有限公司 | Message tracking method, device, server and storage medium |
CN111970333A (en) * | 2020-07-29 | 2020-11-20 | 深圳市钱海网络技术有限公司 | Method and device for realizing coexistence of two sessions based on same client |
CN111949308A (en) * | 2020-08-07 | 2020-11-17 | 北京字节跳动网络技术有限公司 | Software package publishing method and device |
CN113194079A (en) * | 2021-04-23 | 2021-07-30 | 平安科技(深圳)有限公司 | Login verification method, device, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN110430205B (en) | 2023-04-18 |
WO2021027600A1 (en) | 2021-02-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110430205A (en) | Single-point logging method, device, equipment and computer readable storage medium | |
US10515638B1 (en) | System, method, and computer-readable medium that facilitate voice biometrics user authentication | |
US7555552B2 (en) | Method and apparatus for policy management in a network device | |
US8738741B2 (en) | Brokering network resources | |
CN108108973A (en) | Business risk control method and device | |
US20170041432A1 (en) | Router-host logging | |
CN110287660A (en) | Access right control method, device, equipment and storage medium | |
CN110401655A (en) | Access control right management system based on user and role | |
CN110213223A (en) | Business management method, device, system, computer equipment and storage medium | |
US10803154B2 (en) | Multicomputer system for user data authentication and processing | |
CN109246076A (en) | A kind of method and apparatus of single-sign-on multisystem | |
US8612541B2 (en) | Method and apparatus for multi-tenant policy management in a network device | |
US9363663B2 (en) | Method and apparatus for providing cellphone service from any device | |
CN105022939B (en) | Information Authentication method and device | |
CN106254528A (en) | A kind of resource downloading method and buffer memory device | |
US8239921B2 (en) | System and method of retrieving a service contact identifier | |
CN109688096A (en) | Recognition methods, device, equipment and the computer readable storage medium of IP address | |
US20040220996A1 (en) | Multi-platform computer network and method of simplifying access to the multi-platform computer network | |
CN113194099A (en) | Data proxy method and proxy server | |
CN110309635A (en) | Management method, device, equipment and the computer storage medium of data quality model | |
CN106603567A (en) | WEB administrator login management method and device | |
CN113727288B (en) | Silence customer service robot based on 5G message | |
CN109861982A (en) | A kind of implementation method and device of authentication | |
CN109995889A (en) | Update method, device, gateway and the storage medium of mapping table | |
CN110336840A (en) | Third party's account register method and system for voice dialogue platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |