CN110460613A - A kind of gateway portal authentication method - Google Patents
A kind of gateway portal authentication method Download PDFInfo
- Publication number
- CN110460613A CN110460613A CN201910770070.8A CN201910770070A CN110460613A CN 110460613 A CN110460613 A CN 110460613A CN 201910770070 A CN201910770070 A CN 201910770070A CN 110460613 A CN110460613 A CN 110460613A
- Authority
- CN
- China
- Prior art keywords
- gateway
- wireless terminal
- portal
- certification
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000001514 detection method Methods 0.000 claims abstract description 9
- 238000012795 verification Methods 0.000 description 4
- 230000003993 interaction Effects 0.000 description 3
- 244000062793 Sorghum vulgare Species 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 235000019713 millet Nutrition 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of gateway portal authentication methods in Portal authentication techniques field, after including the following steps: step S10, gateways and starting, carry out dns resolution to the detection domain name of various brands terminal and cache parsing result;Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;Step S30, the Portal certification page that filtered redirection data packet is redirected to gateway local is carried out Portal certification by gateway;Step S40, wireless terminal is based on the parsing result and accesses internet.The present invention has the advantages that being greatly improved the pop-up speed of Portal certification page, loading velocity, and then it is greatly improved user experience.
Description
Technical field
The present invention relates to Portal authentication techniques fields, refer in particular to a kind of gateway portal authentication method.
Background technique
Portal authentication techniques are a kind of identity identifying technologies easy to use, for verifying the client body of access network
Part.When unauthenticated user online, user is forced to log on to specified portal website, user can be with free access service therein;
If user needs to access other resources in internet, it is necessary to be authenticated in the Web site, certification can just make after passing through
With specific Internet resources.
Portal authenticating step is as follows: 1, when unverified client using Web browser access internet, this HTTP request
In the authentication processing unit by that can be redirected to Portal server when gateway, which returns to client
The web authentication page;2, user submits after input authentication information in certification page;3, the authentication processing unit of Portal server
It is communicated and is authenticated with certificate server using the authentication information of user;4, after certification passes through, Portal server opens gateway
The access of upper client and internet allows client to access internet.
Traditional wireless terminal can issue network detection packet when connecting gateway, and gateway will after receiving network detection packet
Page reorientation to Portal server, wireless terminal carries out automatic pop-up.But there are the following problems for traditional mode: 1,
Non- buffered in advance dns resolution is not filtered incoherent request data package, causes the automatic pop-up of wireless terminal slower;2,
Verification process need to be interacted with Portal server, cause certification page load after pop-up slower.
Therefore, how a kind of gateway portal authentication method to be provided, realize promoted Portal certification page pop-up speed,
Loading velocity becomes a urgent problem to be solved.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of gateway portal authentication method, realizes and promote Portal
The pop-up speed of certification page, loading velocity.
The present invention is implemented as follows: a kind of gateway portal authentication method, includes the following steps:
Step S10, after gateways and starting, dns resolution is carried out to the detection domain name of various brands terminal and caches parsing result;
Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;
Step S30, gateway by filtered redirection data packet be redirected to the Portal certification page of gateway local into
Row Portal certification;
Step S40, wireless terminal is based on the parsing result and accesses internet.
Further, any step of the Portal server in step S10, step S20, step S30 and step S40
Suddenly, configuration information is issued, gateway information is obtained or obtains the wireless terminal information of gateway authentication to gateway is asynchronous.
Further, the configuration information includes at least wireless terminal white list, wireless terminal blacklist and roaming
Wireless terminal information.
Further, the step S20 is specifically included:
Step S21, wireless terminal connects gateway, and sends to gateway and redirect data packet;
Step S22, gateway filters non-browser according to the browser field in the user agent's parameter for redirecting data packet
Redirection data packet.
Further, the browser field include at least UC, ApacheBench, MicroMessenger, G3WLAN or
Person Mozilla.
Further, the step S30 is specifically included:
Step S31, filtered redirection data packet is redirected to gateway local by JavaScript by gateway
Portal certification page;
Step S32, gateway judges the wireless terminal white list of local cache and whether wireless terminal blacklist includes this
The wireless terminal of secondary certification enters step S40 if wireless terminal white list contains the wireless terminal of this certification;If wireless
Terminal blacklist contains the wireless terminal of this certification, then terminates process;If wireless terminal white list and the black name of wireless terminal
Dan Jun does not contain the wireless terminal of this certification, then enters step S33;
Step S33, wireless terminal inputs Portal authentication information, Portal certification of the gateway according to input by browser
Information judges whether certification passes through, if certification passes through, wireless terminal of letting pass in the firewall rule of gateway, and enter step
S40;If certification does not pass through, terminate process.
The present invention has the advantages that
1, by carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result,
And the redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, greatly
Improve the pop-up speed of Portal certification page.
2, it being transferred to gateway by authenticating Portal from Portal server, avoids gateway in Portal verification process
Interaction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
Detailed description of the invention
The present invention is further illustrated in conjunction with the embodiments with reference to the accompanying drawings.
Fig. 1 is a kind of flow chart of gateway portal authentication method of the present invention.
Fig. 2 is a kind of schematic block circuit diagram of gateway portal authentication method of the present invention.
Specific embodiment
It please refers to shown in Fig. 1 to Fig. 2, a kind of preferred embodiment of gateway portal authentication method of the present invention, including as follows
Step:
Step S10, after gateways and starting, dns resolution is carried out to the detection domain name of various brands terminal and caches parsing result;
Dns resolution is that domain name is directed toward web space IP, allows people that one kind of website is accessed by the domain name registered with can be convenient
Service;Such as in advance to the connectivitycheck.platfo of the captive.apple.com of ios system, Huawei's mobile phone
Rm.hicloud.com, millet mobile phone the domain names such as connect.room.miui.com do dns resolution;
Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;
Step S30, gateway by filtered redirection data packet be redirected to the Portal certification page of gateway local into
Row Portal certification;
Step S40, wireless terminal is based on the parsing result and accesses internet, without carrying out dns resolution again.
Either step of the Portal server in step S10, step S20, step S30 and step S40, it is different to gateway
Step issues configuration information, obtains gateway information or obtains the wireless terminal information of gateway authentication, i.e. Portal server can be with
Asynchronous interactive is carried out with gateway at any time.
The wireless terminal that the configuration information includes at least wireless terminal white list, wireless terminal blacklist and roaming is believed
Breath;If wireless terminal is in wireless terminal white list, needing not move through Portal certification may have access to internet;If wireless whole
End must not then access internet in wireless terminal blacklist.
The step S20 is specifically included:
Step S21, wireless terminal connects gateway, and sends to gateway and redirect data packet;
Step S22, gateway foundation redirects the browser field in user agent's parameter (UserAgent) of data packet,
Filter the redirection data packet of non-browser.
The browser field include at least UC, ApacheBench, MicroMessenger, G3WLAN or
Mozilla。
By carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result, and
The redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, filters out APP
The data packet of hair reduces the processing load of HTTP, is greatly improved the pop-up speed of Portal certification page.
The step S30 is specifically included:
Step S31, filtered redirection data packet is redirected to gateway local by JavaScript by gateway
Portal certification page;
Step S32, gateway judges the wireless terminal white list of local cache and whether wireless terminal blacklist includes this
The wireless terminal of secondary certification enters step S40 if wireless terminal white list contains the wireless terminal of this certification;If wireless
Terminal blacklist contains the wireless terminal of this certification, then terminates process;If wireless terminal white list and the black name of wireless terminal
Dan Jun does not contain the wireless terminal of this certification, then enters step S33;
Step S33, wireless terminal inputs Portal authentication information, Portal certification of the gateway according to input by browser
Information judges whether certification passes through, if certification passes through, wireless terminal of letting pass in the firewall rule of gateway, and enter step
S40;If certification does not pass through, terminate process.
From Portal server be transferred to gateway by authenticating Portal, avoid in Portal verification process gateway and
Interaction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
In conclusion the present invention has the advantages that
1, by carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result,
And the redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, greatly
Improve the pop-up speed of Portal certification page.
2, it being transferred to gateway by authenticating Portal from Portal server, avoids gateway in Portal verification process
Interaction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
Although specific embodiments of the present invention have been described above, those familiar with the art should be managed
Solution, we are merely exemplary described specific embodiment, rather than for the restriction to the scope of the present invention, it is familiar with this
The technical staff in field should be covered of the invention according to modification and variation equivalent made by spirit of the invention
In scope of the claimed protection.
Claims (6)
1. a kind of gateway portal authentication method, characterized by the following steps:
Step S10, after gateways and starting, dns resolution is carried out to the detection domain name of various brands terminal and caches parsing result;
Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;
Step S30, gateway carries out the Portal certification page that filtered redirection data packet is redirected to gateway local
Portal certification;
Step S40, wireless terminal is based on the parsing result and accesses internet.
2. a kind of gateway portal authentication method as described in claim 1, it is characterised in that: Portal server is in step
Either step in S10, step S20, step S30 and step S40 issues configuration information, acquisition gateway letter to gateway is asynchronous
Breath or the wireless terminal information for obtaining gateway authentication.
3. a kind of gateway portal authentication method as claimed in claim 2, it is characterised in that: the configuration information includes at least
The wireless terminal information of wireless terminal white list, wireless terminal blacklist and roaming.
4. a kind of gateway portal authentication method as described in claim 1, it is characterised in that: the step S20 is specifically included:
Step S21, wireless terminal connects gateway, and sends to gateway and redirect data packet;
Step S22, gateway filters the weight of non-browser according to the browser field in the user agent's parameter for redirecting data packet
Directional data packet.
5. a kind of gateway portal authentication method as claimed in claim 4, it is characterised in that: the browser field is at least wrapped
Include UC, ApacheBench, MicroMessenger, G3WLAN or Mozilla.
6. a kind of gateway portal authentication method as described in claim 1, it is characterised in that: the step S30 is specifically included:
Step S31, filtered redirection data packet is redirected to the Portal of gateway local by gateway by JavaScript
Certification page;
Step S32, gateway judges whether the wireless terminal white list of local cache and wireless terminal blacklist are recognized comprising this
The wireless terminal of card enters step S40 if wireless terminal white list contains the wireless terminal of this certification;If wireless terminal
Blacklist contains the wireless terminal of this certification, then terminates process;If wireless terminal white list and wireless terminal blacklist are equal
Wireless terminal without containing this certification, then enter step S33;
Step S33, wireless terminal inputs Portal authentication information, Portal authentication information of the gateway according to input by browser
Judge whether certification passes through, if certification passes through, wireless terminal of letting pass in the firewall rule of gateway, and enter step S40;
If certification does not pass through, terminate process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910770070.8A CN110460613A (en) | 2019-08-20 | 2019-08-20 | A kind of gateway portal authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910770070.8A CN110460613A (en) | 2019-08-20 | 2019-08-20 | A kind of gateway portal authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110460613A true CN110460613A (en) | 2019-11-15 |
Family
ID=68487995
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910770070.8A Pending CN110460613A (en) | 2019-08-20 | 2019-08-20 | A kind of gateway portal authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110460613A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115913780A (en) * | 2022-12-28 | 2023-04-04 | 四川长虹电器股份有限公司 | Method for Android TV to perform WIFI authentication without browser |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143177A (en) * | 2011-03-30 | 2011-08-03 | 北京星网锐捷网络技术有限公司 | Portal authentication method, Portal authentication device,Portal authentication equipment and Portal authentication system |
| CN105516981A (en) * | 2015-12-21 | 2016-04-20 | 深圳维盟科技有限公司 | Intelligent WiFi authentication system |
| CN105873058A (en) * | 2016-06-08 | 2016-08-17 | 深圳市梧桐世界科技股份有限公司 | Local portal caching method |
| CN106161669A (en) * | 2015-04-28 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of quick domain name analytic method and system and terminal thereof and server |
| US20170289122A1 (en) * | 2014-01-27 | 2017-10-05 | Time Warner Cable Enterprises Llc | Wireless gateway, network access, and management |
-
2019
- 2019-08-20 CN CN201910770070.8A patent/CN110460613A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143177A (en) * | 2011-03-30 | 2011-08-03 | 北京星网锐捷网络技术有限公司 | Portal authentication method, Portal authentication device,Portal authentication equipment and Portal authentication system |
| US20170289122A1 (en) * | 2014-01-27 | 2017-10-05 | Time Warner Cable Enterprises Llc | Wireless gateway, network access, and management |
| CN106161669A (en) * | 2015-04-28 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of quick domain name analytic method and system and terminal thereof and server |
| CN105516981A (en) * | 2015-12-21 | 2016-04-20 | 深圳维盟科技有限公司 | Intelligent WiFi authentication system |
| CN105873058A (en) * | 2016-06-08 | 2016-08-17 | 深圳市梧桐世界科技股份有限公司 | Local portal caching method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115913780A (en) * | 2022-12-28 | 2023-04-04 | 四川长虹电器股份有限公司 | Method for Android TV to perform WIFI authentication without browser |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106131079B (en) | Authentication method, system and proxy server | |
| CN104158808B (en) | Portal authentication method and its device based on APP applications | |
| CN102984173B (en) | Network access control method and system | |
| CN103825881B (en) | The reorientation method and device of WLAN user are realized based on wireless access controller AC | |
| CN103024740B (en) | Method and system for accessing internet by mobile terminal | |
| Buchanan et al. | Analysis of the adoption of security headers in HTTP | |
| CN101702717B (en) | Method, system and equipment for authenticating Portal | |
| CN108809988A (en) | A kind of authentication method and system of request | |
| CN107046544B (en) | Method and device for identifying illegal access request to website | |
| JP2020057363A (en) | Method and program for security assertion markup language (saml) service provider-initiated single sign-on | |
| CN102143177B (en) | Portal authentication method, Portal authentication device,Portal authentication equipment and Portal authentication system | |
| CN108259457B (en) | WEB authentication method and device | |
| CN111431838A (en) | Method and device for single-point login and single-point logout in cluster and API gateway | |
| CN102571846A (en) | Method and device for forwarding hyper text transport protocol (HTTP) request | |
| US9787678B2 (en) | Multifactor authentication for mail server access | |
| CN102710667B (en) | Method for realizing Portal authentication server attack prevention and broadband access server | |
| CN105592046B (en) | A kind of authentication-exempt access method and device | |
| WO2017177691A1 (en) | Portal authentication method and system | |
| CN105991518B (en) | Network access verifying method and device | |
| CN104836812A (en) | Portal authentication method, device and system | |
| CN115022047B (en) | Account login method and device based on multi-cloud gateway, computer equipment and medium | |
| CN110557358A (en) | Honeypot server communication method, SSLStrip man-in-the-middle attack perception method and related device | |
| CN109040069A (en) | A kind of dissemination method, delivery system and the access method of cloud application program | |
| CN109561010B (en) | Message processing method, electronic equipment and readable storage medium | |
| CN107239308A (en) | A kind of calling function realization method and system of browser |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191115 |