CN110753044A - Identity authentication method, system, electronic equipment and storage medium - Google Patents
Identity authentication method, system, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN110753044A CN110753044A CN201910968799.6A CN201910968799A CN110753044A CN 110753044 A CN110753044 A CN 110753044A CN 201910968799 A CN201910968799 A CN 201910968799A CN 110753044 A CN110753044 A CN 110753044A
- Authority
- CN
- China
- Prior art keywords
- server
- user
- ldap server
- login information
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4523—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using lightweight directory access protocol [LDAP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application discloses an identity authentication method, which comprises the following steps: receiving server configuration parameters, and connecting an LDAP server by using the server configuration parameters; receiving user login information; the user login information comprises a user name and a login password; judging whether the standard login information stored in the authentication source comprises the user login information or not; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server; if yes, the identity authentication state is set to be authenticated, and the identity authentication efficiency can be improved. The application also discloses an identity authentication system, an electronic device and a storage medium, which have the beneficial effects.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to an identity authentication method and system, an electronic device, and a storage medium.
Background
The web (world Wide web), is a global Wide area network, and is a distributed graphical information system based on hypertext and HTTP, global, dynamic interaction, and cross-platform. The Web system is a network service established on the Internet, provides a graphical and easily accessible visual interface for a browser to search and browse information on the Internet, and documents and hyperlinks in the Web system organize information nodes on the Internet into a mutually-associated mesh structure.
In the existing Web system, the login operation of the user needs to be verified by the user of the local database so as to query the user role authority. However, in the user login method in the related art, if the service pressure of the local database is high or an abnormality occurs, the related verification data of the user cannot be queried from the local database in time, which results in low identity authentication efficiency.
Therefore, how to improve the identity authentication efficiency is a technical problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide an identity authentication method, an identity authentication system, an electronic device and a storage medium, which can improve the identity authentication efficiency.
In order to solve the above technical problem, the present application provides an identity authentication method, including:
receiving server configuration parameters, and connecting an LDAP server by using the server configuration parameters;
receiving user login information; the user login information comprises a user name and a login password;
judging whether the standard login information stored in the authentication source comprises the user login information or not; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server;
and if so, setting the identity authentication state as authentication passing.
Optionally, after the setting of the identity authentication state as authentication pass, the method further includes:
and inquiring the user attribute corresponding to the user login information, and distributing the authority corresponding to the user attribute for the user.
Optionally, the method further includes:
constructing an authority corresponding relation table; wherein, the corresponding relation between the user attribute and the authority is stored in the authority corresponding relation table;
correspondingly, the allocating the right corresponding to the user attribute to the user includes:
and distributing the authority corresponding to the user attribute for the user by inquiring the authority corresponding relation table.
Optionally, the querying the user attribute corresponding to the user login information includes:
when the local database comprises the user login information, inquiring a user attribute corresponding to the user login information according to the local database;
and when the target LDAP server comprises the user login information, inquiring the user attribute corresponding to the user login information according to the target LDAP server.
Optionally, before receiving the server configuration parameter, the method further includes:
setting standard configuration parameters for the LDAP server through a Web configuration page;
correspondingly, the connecting the LDAP server by using the server configuration parameter comprises the following steps:
sending the server configuration parameters to the LDAP server so that the LDAP server can judge whether the server configuration parameters are correct or not according to the standard configuration parameters;
when the server configuration parameters are correct, judging that the LDAP server is successfully connected; and when the server configuration parameters are incorrect, judging that the connection of the LDAP server fails.
Optionally, the server configuration parameter includes any one or a combination of a server domain name, a server port, a reference identifier, a user class name, a user directory, and a user attribute.
Optionally, the target LDAP server is an LDAP server in a third party authentication source list;
correspondingly, the method also comprises the following steps:
when authentication source deletion information is received, determining a first target LDAP server according to the authentication source deletion information, and deleting the first target LDAP server from the third party authentication source list;
and when receiving the authentication source increasing information, determining a second target LDAP server according to the authentication source increasing information, and increasing the second target LDAP server in the third party authentication source list.
The present application also provides an identity authentication system, which includes:
the server connection module is used for receiving the server configuration parameters and connecting the LDAP server by using the server configuration parameters;
the information receiving module is used for receiving user login information; the user login information comprises a user name and a login password;
the authentication module is used for judging whether the standard login information stored in the authentication source comprises the user login information; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server;
and the state setting module is used for setting the identity authentication state as authentication passing when the standard login information comprises the user login information.
The application also provides a storage medium, on which a computer program is stored, which when executed implements the steps performed by the above-mentioned identity authentication method.
The application also provides an electronic device, which comprises a memory and a processor, wherein the memory is stored with a computer program, and the processor realizes the steps executed by the identity authentication method when calling the computer program in the memory.
The application provides an identity authentication method, which comprises the steps of receiving server configuration parameters and utilizing the server configuration parameters to connect an LDAP server; receiving user login information; the user login information comprises a user name and a login password; judging whether the standard login information stored in the authentication source comprises the user login information or not; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server; and if so, setting the identity authentication state as authentication passing.
The method and the system are connected with the LDAP server according to the server configuration parameters, and the LDAP server can store standard login information, namely the LDAP server is only used as a device for storing the standard login information except a local database, so that a plurality of authentication sources jointly participate in the verification of the user login information. Therefore, after the user name and the login password input by the user are received, the user name and the password are verified by the application based on the local database and the target LDAP server so as to facilitate identity authentication operation. Because the method and the device introduce a plurality of authentication sources to participate in identity authentication operation, the influence on the score-competing authentication service due to the fact that the service pressure of part of the authentication sources is higher or abnormality occurs can be reduced, and the identity authentication efficiency is improved. The application also provides an identity authentication system, an electronic device and a storage medium, which have the beneficial effects and are not repeated herein.
Drawings
In order to more clearly illustrate the embodiments of the present application, the drawings needed for the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings can be obtained by those skilled in the art without inventive effort.
Fig. 1 is a flowchart of an identity authentication method according to an embodiment of the present application;
fig. 2 is a flowchart of a user right allocation method according to an embodiment of the present application;
FIG. 3 is a schematic diagram illustrating a multi-domain identity authentication method based on an LDAP server and a local database according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an identity authentication system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of an identity authentication method according to an embodiment of the present disclosure.
The specific steps may include:
s101: receiving server configuration parameters, and connecting an LDAP server by using the server configuration parameters;
the execution main body of this embodiment may be a Web server, the multiple clients are connected to the Web server, the clients may send server configuration parameters to the Web server so as to connect to an LDAP (Lightweight Directory access protocol) server, and the clients may also send user login information to the Web server so that the Web server performs identity authentication on the user login information based on an authentication source.
Before this step, there may be an operation of sending, by the client, the server configuration parameter to the Web server, and a specific server configuration parameter may include any one or a combination of any two of a server domain name, a server port, a reference identification name, a user class name, a user directory, and a user attribute. After receiving the server configuration parameters, the server configuration parameters may be entered in a Web configuration page for connecting to the LDAP server. Before this step, there may be an operation of setting the standard connection parameter of the LDAP server by the Web server, and if the server configuration parameter sent by the client is the standard connection parameter, the Web server may be connected to the LDAP server; and if the server configuration parameter sent by the client is not the standard connection parameter, indicating that the Web server fails to connect the LDAP server.
As a possible implementation manner, the server configuration parameters received in this step may be multiple sets of server configuration parameters for connecting multiple LDAP servers, and the LDAP server with which the connection is successful may be set as the target LDAP server. In the conventional technology, the LDAP server is used to provide directory service, but the existing LDAP server is only used as a database for querying user information, and does not complete the function of logging in a third-party system. The LDAP server in the application can store standard login information and is connected with the Web server to realize identity authentication.
As a further supplement to the above steps, before receiving the server configuration parameters, the following operations may be performed: and setting standard configuration parameters for the LDAP server through a Web configuration page. Accordingly, the relevant operation of S101 may be: sending the server configuration parameters to the LDAP server so that the LDAP server can judge whether the server configuration parameters are correct or not according to the standard configuration parameters; when the server configuration parameters are correct, judging that the LDAP server is successfully connected; and when the server configuration parameters are incorrect, judging that the connection of the LDAP server fails.
S102: receiving user login information;
the user login information received in this step may be a user name and a login password sent by the client, or the user login information may be a user name and a login password input by the user on the front-end Web page.
S103: judging whether the standard login information stored in the authentication source comprises the user login information or not; if yes, entering S104;
the authentication source mentioned in this embodiment may include a local database of a Web server and an LDAP server that has successfully accessed, and may match the user login information received in S102 with standard login information stored in all authentication sources, so as to determine whether the user login information is stored in the authentication source, if the user login information is stored, the process may enter S104, so as to set the identity authentication state as authentication pass, and if the user login information is not stored, prompt information indicating that the login has failed may be returned. The authentication source in this embodiment may include a local database and a target LDAP server, which is an LDAP server to which S101 is successfully connected.
As a possible implementation manner, the target LDAP server in this embodiment may be an LDAP server that is successfully connected and exists in a third party authentication source list, and in this embodiment, a third party authentication source name list may be set to record the LDAP server that may participate in identity authentication. On the premise that the third party authentication source list exists, the LDAP server serving as the authentication source in this embodiment is not only a server in the third party authentication source list, but also an LDAP server that is successfully connected. Correspondingly, the present embodiment may further include an operation of updating the third party authentication source list: when authentication source deletion information is received, determining a first target LDAP server according to the authentication source deletion information, and deleting the first target LDAP server from the third party authentication source list; and when receiving the authentication source increasing information, determining a second target LDAP server according to the authentication source increasing information, and increasing the second target LDAP server in the third party authentication source list.
It can be understood that there are multiple authentication sources in this embodiment, and when the standard login information stored in one or more authentication sources includes user login information, the operation of S104 may be performed to set that the user passes identity authentication.
S104: and setting the identity authentication state as authentication passing.
The step is established on the basis that the standard login information comprises the user login information, and the identity authentication state can be set to pass authentication. As a possible implementation manner, after the identity authentication state of the user or the client is set to pass authentication, the embodiment may further query the user role corresponding to the user login information, and assign the authority of the user role to the user or the client corresponding to the user login information.
In the embodiment, the LDAP server is connected according to the server configuration parameters, and the LDAP server may store the standard login information, that is, the LDAP server is only used as a device for storing the standard login information in addition to the local database, so that the verification that a plurality of authentication sources participate in the user login information together is realized. Therefore, after receiving the user name and login password input by the user, the embodiment verifies the user name and password based on the local database and the target LDAP server for identity authentication operation. Because the embodiment introduces a plurality of authentication sources to participate in the identity authentication operation, the influence on the score-competing authentication service due to the fact that the service pressure of part of the authentication sources is higher or abnormality occurs can be reduced, and the identity authentication efficiency is improved.
Referring to fig. 2, fig. 2 is a flowchart of a user right allocation method according to an embodiment of the present application; the present embodiment is a further supplement to the embodiment corresponding to fig. 1 after the operation of S104, and describes a scheme of authority allocation on the basis of successful identity authentication, and a more preferred implementation may be obtained by combining the present embodiment with the embodiment corresponding to fig. 1, and the present embodiment may include the following operations:
s201: inquiring user attributes corresponding to the user login information;
in this embodiment, a corresponding relationship between each user name and a user attribute may be recorded in advance, the user attribute may include an administrator account, a common account, a sub-account, and the like, and the user attribute may be determined according to the user name in the user login information.
If this embodiment is combined with the embodiment corresponding to fig. 1, each authentication source may store a corresponding relationship between user login information and a user attribute, and specifically, when the local database includes the user login information, the user attribute corresponding to the user login information may be queried according to the local database; when the target LDAP server includes the user login information, a user attribute corresponding to the user login information may be queried according to the target LDAP server.
S202: and distributing the authority corresponding to the user attribute for the user.
Before the step, an operation of constructing an authority corresponding relation table may exist, and the authority corresponding relation table may store the corresponding relation between the user attribute and the authority; correspondingly, the operation of assigning the authority corresponding to the user attribute to the user may be: and distributing the authority corresponding to the user attribute for the user by inquiring the authority corresponding relation table.
The flow described in the above embodiment is explained below by an embodiment in practical use. Referring to fig. 3, fig. 3 is a schematic diagram illustrating a principle of a multi-domain identity authentication method based on an LDAP server and a local database according to an embodiment of the present application, where the embodiment may include the following steps:
step 1: setting LDAP connection parameters.
Specifically, in this step, connection parameters (i.e., server configuration parameters) may be input through the Web configuration page, and the connection parameters may include an authentication server domain name, a port, a reference DN (i.e., reference identification name), a user class name, a user directory, and a user unique attribute.
Step 2: setting user role attributes and role changes.
Specifically, in this step, the role attribute of the LDAP user may be set, and for a certain user, the user role may be changed by modifying the attribute value.
And step 3: LDAP availability is checked.
Specifically, this step connects the LDAP server by using the configured connection parameters. If the connection fails, reminding the user to modify the configuration parameters; and if the connection is successful, submitting the system configuration parameters.
And 4, step 4: and opening an identity authentication source.
Specifically, in this step, the front-end Web page may view the configured LDAP server information, and open or close the authentication information source.
And 5: and inquiring the user role and returning the user authority.
Specifically, in this step, the user may input an account password to log in the Web page. The Web server can judge that the login is successful by inquiring the plurality of authentication sources, wherein one authentication source passes the verification, inquires the authority given by the role, and returns the related authority by combining the user role.
The above embodiments propose a multi-domain identity authentication policy scheme based on an LDAP server and a local database. The embodiment comprises the steps of LDAP server connection configuration, LDAP user role attribute setting and changing, background identity authentication mode adding and deleting and local database role permission query. The authentication strategy comprises a local database and an LDAP server, and only one source passes identity authentication, the authentication can be completed, and the related authority is inquired according to the role name. The configuration information of the LDAP server can be configured through a front-end Web page, an LDAP authentication source can be started and closed, and a background authentication strategy can be configured. The related parameters of the LDAP server are configured through the Web page, so that a user can log in the Web system by using the LDAP server, the lowest authority is given, and the related content of the Web page can be checked. The embodiment improves the access speed of the LDAP user and saves manpower and material resources. According to the embodiment, a plurality of LDAPs can be freely added, the background identity authentication is convenient to start or close, and a user can directly see the page display authentication source.
Referring to fig. 4, fig. 4 is a schematic structural diagram of an identity authentication system according to an embodiment of the present application, where the identity authentication system may include:
a server connection module 100 for receiving server configuration parameters and connecting an LDAP server using the server configuration parameters;
an information receiving module 200, configured to receive user login information; the user login information comprises a user name and a login password;
the authentication module 300 is configured to determine whether the standard login information stored in the authentication source includes the user login information; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server;
a state setting module 400, configured to set an identity authentication state as authentication pass when the standard login information includes the user login information.
In the embodiment, the LDAP server is connected according to the server configuration parameters, and the LDAP server may store the standard login information, that is, the LDAP server is only used as a device for storing the standard login information in addition to the local database, so that the verification that a plurality of authentication sources participate in the user login information together is realized. Therefore, after receiving the user name and login password input by the user, the embodiment verifies the user name and password based on the local database and the target LDAP server for identity authentication operation. Because the embodiment introduces a plurality of authentication sources to participate in the identity authentication operation, the influence on the score-competing authentication service due to the fact that the service pressure of part of the authentication sources is higher or abnormality occurs can be reduced, and the identity authentication efficiency is improved.
Further, the method also comprises the following steps:
and the authority distribution module is used for inquiring the user attribute corresponding to the user login information and distributing the authority corresponding to the user attribute for the user.
Further, the method also comprises the following steps:
the relation table building module is used for building an authority corresponding relation table; wherein, the corresponding relation between the user attribute and the authority is stored in the authority corresponding relation table;
correspondingly, the right assignment module comprises:
the first query unit is used for querying a user attribute corresponding to the user login information according to the local database when the local database comprises the user login information;
and a second query unit, configured to query, when the target LDAP server includes the user login information, a user attribute corresponding to the user login information according to the target LDAP server.
And the distribution unit is used for distributing the authority corresponding to the user attribute for the user by inquiring the authority corresponding relation table.
Further, the method also comprises the following steps:
the configuration module is used for setting standard configuration parameters for the LDAP server through a Web configuration page before receiving the server configuration parameters;
correspondingly, the server connection module 100 is configured to receive a server configuration parameter, and further configured to send the server configuration parameter to the LDAP server, so that the LDAP server can determine whether the server configuration parameter is correct according to the standard configuration parameter;
when the server configuration parameters are correct, judging that the LDAP server is successfully connected; and when the server configuration parameters are incorrect, judging that the connection of the LDAP server fails.
Further, the server configuration parameter includes any one or a combination of a server domain name, a server port, a reference identification name, a user class name, a user directory, and a user attribute.
Further, the target LDAP server is an LDAP server in a third party authentication source list;
correspondingly, the method also comprises the following steps:
the first list updating module is used for determining a first target LDAP server according to the authentication source deleting information and deleting the first target LDAP server from the third party authentication source list when the authentication source deleting information is received;
and the second list updating module is used for determining a second target LDAP server according to the authentication source increasing information and increasing the second target LDAP server in the third party authentication source list when receiving the authentication source increasing information.
Since the embodiment of the system part corresponds to the embodiment of the method part, the embodiment of the system part is described with reference to the embodiment of the method part, and is not repeated here.
The present application also provides a storage medium having a computer program stored thereon, which when executed, may implement the steps provided by the above-described embodiments. The storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The application further provides an electronic device, which may include a memory and a processor, where the memory stores a computer program, and the processor may implement the steps provided by the foregoing embodiments when calling the computer program in the memory. Of course, the electronic device may also include various network interfaces, power supplies, and the like.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. An identity authentication method, comprising:
receiving server configuration parameters, and connecting an LDAP server by using the server configuration parameters;
receiving user login information; the user login information comprises a user name and a login password;
judging whether the standard login information stored in the authentication source comprises the user login information or not; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server;
and if so, setting the identity authentication state as authentication passing.
2. The identity authentication method of claim 1, further comprising, after setting the identity authentication state to authentication pass:
and inquiring the user attribute corresponding to the user login information, and distributing the authority corresponding to the user attribute for the user.
3. The identity authentication method of claim 2, further comprising:
constructing an authority corresponding relation table; wherein, the corresponding relation between the user attribute and the authority is stored in the authority corresponding relation table;
correspondingly, the allocating the right corresponding to the user attribute to the user includes:
and distributing the authority corresponding to the user attribute for the user by inquiring the authority corresponding relation table.
4. The identity authentication method of claim 2, wherein querying the user attribute corresponding to the user login information comprises:
when the local database comprises the user login information, inquiring a user attribute corresponding to the user login information according to the local database;
and when the target LDAP server comprises the user login information, inquiring the user attribute corresponding to the user login information according to the target LDAP server.
5. The identity authentication method of claim 1, further comprising, before receiving the server configuration parameters:
setting standard configuration parameters for the LDAP server through a Web configuration page;
correspondingly, the connecting the LDAP server by using the server configuration parameter comprises the following steps:
sending the server configuration parameters to the LDAP server so that the LDAP server can judge whether the server configuration parameters are correct or not according to the standard configuration parameters;
when the server configuration parameters are correct, judging that the LDAP server is successfully connected; and when the server configuration parameters are incorrect, judging that the connection of the LDAP server fails.
6. The identity authentication method according to claim 1, wherein the server configuration parameter comprises any one or a combination of any two of a server domain name, a server port, a reference identification name, a user class name, a user directory and a user attribute.
7. The identity authentication method according to any one of claims 1 to 6, wherein the target LDAP server is an LDAP server in a third party authentication source list;
correspondingly, the method also comprises the following steps:
when authentication source deletion information is received, determining a first target LDAP server according to the authentication source deletion information, and deleting the first target LDAP server from the third party authentication source list;
and when receiving the authentication source increasing information, determining a second target LDAP server according to the authentication source increasing information, and increasing the second target LDAP server in the third party authentication source list.
8. An identity authentication system, comprising:
the server connection module is used for receiving the server configuration parameters and connecting the LDAP server by using the server configuration parameters;
the information receiving module is used for receiving user login information; the user login information comprises a user name and a login password;
the authentication module is used for judging whether the standard login information stored in the authentication source comprises the user login information; the authentication source comprises a local database and a target LDAP server, and the target LDAP server is a successfully connected LDAP server;
and the state setting module is used for setting the identity authentication state as authentication passing when the standard login information comprises the user login information.
9. An electronic device comprising a memory in which a computer program is stored and a processor which, when invoked by the computer program in the memory, carries out the steps of the identity authentication method according to any one of claims 1 to 7.
10. A storage medium having stored thereon computer-executable instructions which, when loaded and executed by a processor, carry out the steps of the identity authentication method as claimed in any one of claims 1 to 7.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910968799.6A CN110753044A (en) | 2019-10-12 | 2019-10-12 | Identity authentication method, system, electronic equipment and storage medium |
| PCT/CN2020/092842 WO2021068518A1 (en) | 2019-10-12 | 2020-05-28 | Identity authentication method and system, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910968799.6A CN110753044A (en) | 2019-10-12 | 2019-10-12 | Identity authentication method, system, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110753044A true CN110753044A (en) | 2020-02-04 |
Family
ID=69278173
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910968799.6A Pending CN110753044A (en) | 2019-10-12 | 2019-10-12 | Identity authentication method, system, electronic equipment and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110753044A (en) |
| WO (1) | WO2021068518A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111475553A (en) * | 2020-04-09 | 2020-07-31 | 五八有限公司 | Data query display method and device, electronic equipment and storage medium |
| CN111984965A (en) * | 2020-08-31 | 2020-11-24 | 成都安恒信息技术有限公司 | Multi-source user management authentication system and method based on operation and maintenance audit system |
| WO2021068518A1 (en) * | 2019-10-12 | 2021-04-15 | 山东英信计算机技术有限公司 | Identity authentication method and system, electronic equipment and storage medium |
| CN114844714A (en) * | 2022-05-24 | 2022-08-02 | 中国民生银行股份有限公司 | User identity authentication method and LDAP protocol-based proxy server |
| CN115150105A (en) * | 2022-09-01 | 2022-10-04 | 杭州悦数科技有限公司 | Identity authentication method and system in distributed graph database |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117354051B (en) * | 2023-12-04 | 2024-02-20 | 明阳点时科技(沈阳)有限公司 | Opensearch Dashboards unified login realization method and system |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1663222A (en) * | 2002-06-14 | 2005-08-31 | 法国电信有限公司 | System for consulting and/or updating DNS servers and/or ldap directories |
| CN1960255A (en) * | 2006-09-21 | 2007-05-09 | 上海交通大学 | Distributed access control method in multistage securities |
| CN101212457A (en) * | 2006-12-27 | 2008-07-02 | 鸿富锦精密工业(深圳)有限公司 | Webpage privilege control system and method |
| CN101605031A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of cross-domain single login system of using towards TV station |
| CN201491033U (en) * | 2009-08-20 | 2010-05-26 | 福建富士通信息软件有限公司 | Unified certification platform for operation systems |
| CN101719238A (en) * | 2009-11-30 | 2010-06-02 | 中国建设银行股份有限公司 | Method and system for managing, authenticating and authorizing unified identities |
| US7895441B2 (en) * | 2007-05-31 | 2011-02-22 | Red Hat, Inc. | LDAP grouping for digital signature creation |
| CN102843256A (en) * | 2012-05-11 | 2012-12-26 | 摩卡软件(天津)有限公司 | IT (Information Technology) system management method based on lightweight directory access protocol (LDAP) |
| WO2015052085A1 (en) * | 2013-10-07 | 2015-04-16 | Alcatel Lucent | Systems and methods for command execution authorization |
| CN105592035A (en) * | 2015-04-03 | 2016-05-18 | 中国银联股份有限公司 | Single sign on method used for multiple application systems |
| CN105656903A (en) * | 2016-01-15 | 2016-06-08 | 国家计算机网络与信息安全管理中心 | Hive platform user safety management system and application |
| CN108200099A (en) * | 2011-09-29 | 2018-06-22 | 甲骨文国际公司 | mobile application, identity relationship management |
| CN109815659A (en) * | 2018-12-15 | 2019-05-28 | 深圳壹账通智能科技有限公司 | Safety certifying method, device, electronic equipment and storage medium based on WEB project |
| CN110059471A (en) * | 2018-01-15 | 2019-07-26 | 精工爱普生株式会社 | Electronic equipment |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020116648A1 (en) * | 2000-12-14 | 2002-08-22 | Ibm Corporation | Method and apparatus for centralized storing and retrieving user password using LDAP |
| US7996674B2 (en) * | 2006-10-19 | 2011-08-09 | International Business Machines Corporation | LDAP user authentication |
| CN101431402B (en) * | 2007-11-05 | 2012-02-08 | 中兴通讯股份有限公司 | High-efficiency linking method for LDAP account source and AAA system |
| US8543712B2 (en) * | 2008-02-19 | 2013-09-24 | International Business Machines Corporation | Efficient configuration of LDAP user privileges to remotely access clients within groups |
| CN102970308B (en) * | 2012-12-21 | 2016-08-10 | 北京网康科技有限公司 | A kind of user authen method and server |
| CN108377200B (en) * | 2018-01-19 | 2020-05-05 | 北京大学 | LDAP and SLURM-based cloud user management method and system |
| CN110753044A (en) * | 2019-10-12 | 2020-02-04 | 山东英信计算机技术有限公司 | Identity authentication method, system, electronic equipment and storage medium |
-
2019
- 2019-10-12 CN CN201910968799.6A patent/CN110753044A/en active Pending
-
2020
- 2020-05-28 WO PCT/CN2020/092842 patent/WO2021068518A1/en active Application Filing
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1663222A (en) * | 2002-06-14 | 2005-08-31 | 法国电信有限公司 | System for consulting and/or updating DNS servers and/or ldap directories |
| CN1960255A (en) * | 2006-09-21 | 2007-05-09 | 上海交通大学 | Distributed access control method in multistage securities |
| CN101212457A (en) * | 2006-12-27 | 2008-07-02 | 鸿富锦精密工业(深圳)有限公司 | Webpage privilege control system and method |
| US7895441B2 (en) * | 2007-05-31 | 2011-02-22 | Red Hat, Inc. | LDAP grouping for digital signature creation |
| CN101605031A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of cross-domain single login system of using towards TV station |
| CN201491033U (en) * | 2009-08-20 | 2010-05-26 | 福建富士通信息软件有限公司 | Unified certification platform for operation systems |
| CN101719238A (en) * | 2009-11-30 | 2010-06-02 | 中国建设银行股份有限公司 | Method and system for managing, authenticating and authorizing unified identities |
| CN108200099A (en) * | 2011-09-29 | 2018-06-22 | 甲骨文国际公司 | mobile application, identity relationship management |
| CN102843256A (en) * | 2012-05-11 | 2012-12-26 | 摩卡软件(天津)有限公司 | IT (Information Technology) system management method based on lightweight directory access protocol (LDAP) |
| WO2015052085A1 (en) * | 2013-10-07 | 2015-04-16 | Alcatel Lucent | Systems and methods for command execution authorization |
| CN105592035A (en) * | 2015-04-03 | 2016-05-18 | 中国银联股份有限公司 | Single sign on method used for multiple application systems |
| CN105656903A (en) * | 2016-01-15 | 2016-06-08 | 国家计算机网络与信息安全管理中心 | Hive platform user safety management system and application |
| CN110059471A (en) * | 2018-01-15 | 2019-07-26 | 精工爱普生株式会社 | Electronic equipment |
| CN109815659A (en) * | 2018-12-15 | 2019-05-28 | 深圳壹账通智能科技有限公司 | Safety certifying method, device, electronic equipment and storage medium based on WEB project |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021068518A1 (en) * | 2019-10-12 | 2021-04-15 | 山东英信计算机技术有限公司 | Identity authentication method and system, electronic equipment and storage medium |
| CN111475553A (en) * | 2020-04-09 | 2020-07-31 | 五八有限公司 | Data query display method and device, electronic equipment and storage medium |
| CN111984965A (en) * | 2020-08-31 | 2020-11-24 | 成都安恒信息技术有限公司 | Multi-source user management authentication system and method based on operation and maintenance audit system |
| CN114844714A (en) * | 2022-05-24 | 2022-08-02 | 中国民生银行股份有限公司 | User identity authentication method and LDAP protocol-based proxy server |
| CN114844714B (en) * | 2022-05-24 | 2024-09-24 | 中国民生银行股份有限公司 | User identity authentication method and proxy server based on LDAP protocol |
| CN115150105A (en) * | 2022-09-01 | 2022-10-04 | 杭州悦数科技有限公司 | Identity authentication method and system in distributed graph database |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021068518A1 (en) | 2021-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110753044A (en) | Identity authentication method, system, electronic equipment and storage medium | |
| JP7222036B2 (en) | Model training system and method and storage medium | |
| EP3164795B1 (en) | Prompting login account | |
| JP2022000757A5 (en) | ||
| EP3100432B1 (en) | Virtual identity of a user based on disparate identity services | |
| US8838679B2 (en) | Providing state service for online application users | |
| EP2715971B1 (en) | Automating cloud service reconnections | |
| AU2017215589A1 (en) | Electronic payment service processing method and device, and electronic payment method and device | |
| JP2014182828A (en) | Systems and methods for pre-signing of dnssec enabled zones into record sets | |
| CN106685949A (en) | Container access method, container access device and container access system | |
| CN105100034A (en) | Method and apparatus for an access function in network applications | |
| CN105337925A (en) | User account management method and apparatus | |
| US9471896B2 (en) | Memo synchronization system, mobile system, and method for synchronizing memo data | |
| US20140040390A1 (en) | Publish Information on Website | |
| CN112104612A (en) | Account number merging method and device and server | |
| CN102064953A (en) | System, device and method for configuring user right information of lightweight directory access protocol (ldap) server | |
| US9177127B1 (en) | Confounder generation in knowledge-based authentication for an enterprise | |
| CN112966253A (en) | Third-party application integrated login method, login device and platform | |
| CN107748849A (en) | A kind of authority control method and system based on NFS | |
| CN107566329A (en) | A kind of access control method and device | |
| CN109933486B (en) | Logistics data monitoring processing method, device and system | |
| CN108073630B (en) | Service search access management method and system based on dynamic configuration | |
| CN109087053B (en) | Collaborative office processing method, device, equipment and medium based on association topological graph | |
| CN114301717B (en) | Single sign-on method, device, equipment and storage medium | |
| CN115733666A (en) | Password management method and device, electronic equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200204 |
|
| RJ01 | Rejection of invention patent application after publication |