CN110768998B - Visual integrated single sign-on method, device, medium and electronic equipment - Google Patents
Visual integrated single sign-on method, device, medium and electronic equipment Download PDFInfo
- Publication number
- CN110768998B CN110768998B CN201911046797.8A CN201911046797A CN110768998B CN 110768998 B CN110768998 B CN 110768998B CN 201911046797 A CN201911046797 A CN 201911046797A CN 110768998 B CN110768998 B CN 110768998B
- Authority
- CN
- China
- Prior art keywords
- point group
- group model
- user
- determining
- single sign
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Abstract
The present disclosure provides a method of visually integrating single sign-on, a device of visually integrating single sign-on, a computer readable storage medium and an electronic device; relates to the technical field of data communication. The visual integrated single sign-on method comprises the following steps: acquiring a system identifier in a first area of a visual page; determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems; and determining an authentication center corresponding to the single-point group model so that an access user can log in a plurality of application systems contained in the single-point group model through the authentication center. The method for visually integrating the single sign-on can overcome the problem of complex operation of single sign-on setting to a certain extent, and further improves the flexibility of the integrated single sign-on.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method for visually integrating single sign-on, a device for visually integrating single sign-on, a computer-readable storage medium, and an electronic device.
Background
With the continuous popularization of electronic services, service systems become more and more huge, and single sign-on among a plurality of systems is particularly important. The single sign-on means that a user can access all mutually trusted systems only by logging on once, and the trouble of multiple login of the user can be avoided.
Generally, if a plurality of systems integrate single sign-on, the codes of the systems need to be modified to realize mutual trust among the systems, unified sign-on, and if a certain system needs to go out independently, the codes still need to be modified again, resulting in the problems of complex and inflexible operation.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure aims to provide a method for visually integrating single sign-on, a device for visually integrating single sign-on, a computer-readable storage medium, and an electronic device, so as to overcome the problem of difficulty in integrating single sign-on to a certain extent, and further improve the efficiency of single sign-on integration.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to a first aspect of the present disclosure, there is provided a method of visualizing an integrated single sign-on, comprising:
acquiring a system identifier in a first area of a visual page;
determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems;
and determining an authentication center corresponding to the single-point group model so that an access user can log in a plurality of application systems contained in the single-point group model through the authentication center.
In an exemplary embodiment of the present disclosure, before the obtaining the system identifier in the first area of the visualization page, the method further includes:
generating system identifications of all application systems in the visual page;
and moving the system identifier in response to the dragging operation of the user on the system identifier so as to determine the system identifier contained in the first area.
In an exemplary embodiment of the present disclosure, after determining the single point group model by the system identification in the first region, the method further includes:
generating identification information of the single-point group model, and displaying the identification information in a second area;
responding to the clicking operation of the user in the second area on the identification information, and determining a target single point group model selected by the user;
and controlling the target single point group model according to the control operation of the user.
In an exemplary embodiment of the present disclosure, the controlling the target single point group model according to the control operation of the user includes:
if the control operation is a first user operation, displaying the model information of the target single-point group model;
and if the control operation is a second user operation, changing the target single point group model.
In an exemplary embodiment of the present disclosure, the presenting model information of the target single-point group model includes:
and displaying the attribute information of each application system contained in the target single-point group model.
In an exemplary embodiment of the disclosure, the modifying the target single point group model includes:
and deleting the application systems contained in the target single-point group model, or adding the application systems into the target single-point group model.
In an exemplary embodiment of the present disclosure, before determining the authentication center corresponding to the single-point group model, the method further includes:
verifying whether the single-point group model starts single-point login;
and if the single-point group model does not start single-point login, sending prompt information to prompt a user to start single-point login.
According to a second aspect of the present disclosure, there is provided an apparatus for visual integrated single sign-on, comprising an application system acquisition module, a model determination module, and a single sign-on module, wherein:
the application system acquisition module is used for acquiring a system identifier in a first area of a visual page;
the model determining module is used for determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems;
and the single sign-on module is used for determining an authentication center corresponding to the single point group model so that an access user can sign on a plurality of application systems contained in the single point group model through the authentication center.
In an exemplary embodiment of the present disclosure, the apparatus for visualizing an integrated single sign-on further comprises:
the identification generation module is used for generating system identifications of all application systems in the visualization page;
and the identification selection module is used for responding to the drag operation of the user on the system identification and moving the system identification so as to determine the system identification contained in the first area.
In an exemplary embodiment of the present disclosure, the apparatus for visualizing an integrated single sign-on further comprises:
the identification display module is used for generating identification information of the single-point group model and displaying the identification information in a second area;
the model selection module is used for responding to the clicking operation of the user on the identification information in the second area and determining a target single point group model selected by the user;
and the model control module is used for controlling the target single point group model according to the control operation of the user.
In an exemplary embodiment of the present disclosure, the model control module specifically includes:
the first control unit is used for displaying the model information of the target single-point group model if the control operation is a first user operation;
and the second control unit is used for changing the target single point group model if the control operation is a second user operation.
In an exemplary embodiment of the disclosure, the first control unit is specifically configured to: and displaying the attribute information of each application system contained in the target single-point group model.
In an exemplary embodiment of the disclosure, the second control unit is specifically configured to: and deleting the application systems contained in the target single-point group model, or adding the application systems into the target single-point group model.
In an exemplary embodiment of the present disclosure, the visualization integrated single sign-on device further includes:
the verification module is used for verifying whether the single-point group model starts single-point login;
and the prompting module is used for sending prompting information to prompt a user to start single sign-on if the single sign-on is not started by the single point group model.
According to a third aspect of the present disclosure, there is provided an electronic device comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the method of any one of the above via execution of the executable instructions.
According to a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any one of the above.
Exemplary embodiments of the present disclosure may have some or all of the following benefits:
in the method for visually integrating single sign-on provided by an exemplary embodiment of the present disclosure, on one hand, the application system integrating single sign-on is determined through the visual page, and different application systems integrating single sign-on are organized in units of a single cluster model, without manually modifying a code, so that the operation is simple, the time cost and the labor cost of integrating single sign-on are saved, and the efficiency of integrating single sign-on is improved. On the other hand, each application system can be flexibly integrated through the single-point cluster model, and the flexibility of integrating single sign-on can be improved. On the other hand, the operation process of the integrated single sign-on can be visually and clearly embodied through the visual page, so that the operation of a user is more convenient, and the user experience is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
Fig. 1 schematically illustrates a flow diagram of a method of visualizing an integrated single sign-on according to one embodiment of the present disclosure;
FIG. 2 schematically illustrates a flow diagram of a method of visualizing an integrated single sign-on according to another embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow chart of a method of visualizing an integrated single sign-on according to another embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow chart of a method of visualizing an integrated single sign-on according to another embodiment of the present disclosure;
fig. 5 schematically illustrates a block diagram of an apparatus for visualizing an integrated single sign-on according to an embodiment of the present disclosure;
FIG. 6 schematically illustrates a system architecture diagram for implementing a method for visualization of integrated single sign-on in accordance with one embodiment of the present disclosure;
FIG. 7 illustrates a schematic structural diagram of a computer system suitable for use with the electronic device to implement embodiments of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The technical solution of the embodiment of the present disclosure is explained in detail below:
in one solution provided by the inventor, a plurality of application systems can be integrated into a single sign-on by modifying the code of the application system, but modifying the code of each integrated application system is very labor-intensive, resulting in a great deal of time consumption. Moreover, if some application system needs to be independently removed from the single sign-on, or a new application system needs to be added into the single sign-on, the code needs to be modified again, the operation is complex, the efficiency is low, and repeated operation is easy to cause.
Based on one or more of the problems set forth above, the present example embodiments provide a method of visually integrating single sign-on. Referring to fig. 1, the method for visualizing integrated single sign-on may include the following steps:
step S110: a system identification in a first region of a visualization page is obtained.
Step S120: and determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems.
Step S130: and determining an authentication center corresponding to the single-point group model so that an access user can log in a plurality of application systems contained in the single-point group model through the authentication center.
In the method for visually integrating single sign-on provided by an exemplary embodiment of the present disclosure, on one hand, the application system integrating single sign-on is determined through the visual page, and different application systems integrating single sign-on are organized in units of a single cluster model, without manually modifying a code, so that the operation is simple, the time cost and the labor cost of integrating single sign-on are saved, and the efficiency of integrating single sign-on is improved. On the other hand, each application system can be flexibly integrated through the single-point cluster model, and the flexibility of integrating single sign-on can be improved. On the other hand, the operation process of the integrated single sign-on can be visually and clearly embodied through the visual page, so that the operation of a user is more convenient, and the user experience is improved.
The above steps of the present exemplary embodiment will be described in more detail below.
In step S110, a system identification in a first region of a visualization page is obtained.
In this embodiment, a visual page may be provided, where the visual page may include a User Interface (UI), and the visual Interface may be generated by a graphical User Interface design. And, the visual interface can be a web front-end page, and by providing a web service, the user can acquire the visual page through a web page link. The system identifier refers to identification information of an application system, and the identification information may include text, pictures, or other forms of information, such as characters, which are not limited in this embodiment.
The visualization page may include one or more components, such as a panel control, and a specific region, denoted as a first region, may be determined in the visualization page by defining the size of the component. Text, pictures, etc. may be displayed in the first area, i.e. the first area may comprise a plurality of elements. The coordinate range of the first area can be determined according to the coordinates of each element in the visual page, so that the elements in the coordinate range are determined, whether system identification exists in the elements is judged, and if the system identification exists in the elements, the system identification is extracted, and the system identification in the first area is obtained.
Optionally, a system identifier of the application system that needs to integrate single sign-on, such as an icon, a name, an identification number, and the like of the system, may be obtained first, and then the elements included in the first area may be extracted and matched with the obtained system identifier. If the image contained in the first area is consistent with the icon of the application system, it may be determined that the application system is contained in the first area; if the identification number of the element contained in the first area is consistent with the system identification, the application system can also be determined to be contained in the first area, so that all the system identifications contained in the first area are obtained.
In an exemplary embodiment, before acquiring the system identifier in the first area, step S201 and step S202 may be further included, as shown in fig. 2. Wherein:
step S201, generating system identifications of all application systems in the visual page;
step S202, responding to the drag operation of the user to the system identifier, and moving the system identifier so as to determine the system identifier contained in the first area.
In step S201, system identifiers of all application systems that need to integrate single sign-on are displayed in a visual page, for example, icons of the application systems may be displayed in the page, and names of the application systems are displayed at corresponding icons; or, when the user clicks a certain icon, the name, identification number and other information of the application system corresponding to the icon are displayed. In other embodiments of the present disclosure, the identifier of the application system may be displayed in other manners, for example, the identifier of the application system is displayed as a list, or displayed through another page, and the like, which also belong to the scope of the present disclosure.
In step S202, the displayed system identifier of the application system may be moved, and the system identifier may be moved to a corresponding position along with the drag operation of the user, so as to determine the system identifier in the first area. In the embodiment, the application system integrating the single sign-on can be flexibly combined according to the wishes of the user, and the user can determine which application system needs to integrate the single sign-on, so that the icon of the application system needing to integrate the single sign-on is dragged to the first area, the single sign-on is integrated, and the flexibility is greatly enhanced.
In other embodiments of the present disclosure, the application system that needs to integrate the single sign-on may be determined in other manners, for example, a list of the application systems is displayed, each line in the list may be displayed as a system identifier of one application system, and a certain line is selected by a user operation, so that the corresponding system identifier is displayed at the first area.
In step S120, a single point group model is determined according to the system identifier in the first area, where the single point group model includes a plurality of application systems.
The single point crowd model may include multiple application systems that require integrated single sign-on. Different application systems are included in different single-point group models, and the single-point login can be realized in different modes, for example, the single-point login is realized through cookies, the page redirection is realized, and the like. And determining the application system corresponding to the system identifier through all the system identifiers contained in the first area, thereby obtaining the application system needing integrated single sign-on.
For example, the combination of the plurality of application systems in the first area may be implemented by a canvas tool, and the application systems in the first area may be determined as a single point group model by a confirmation button after the combination is finished. The user may then again make other combinations of application systems to determine another single point group model. That is, a plurality of single point group models can be specified in step S110 and step S120, and this embodiment is not particularly limited thereto.
In an exemplary embodiment, after determining the single point group model through the system identifier in the first area, steps S301 to S303 may be further included, as shown in fig. 3. Wherein:
in step S301, identification information of the single point group model is generated, and the identification information is displayed in a second area. The identification information may include images, characters, and the like, and may also include numbers, letters, and the like, which is not particularly limited in this embodiment. A second area can be further included in the visualization page, and identification information can be generated for each single point group model, so that the identification information of the determined single point group model can be displayed in the second area. For example, an icon for each single point group model may be displayed in the second area; or displaying the name of the single point group model, etc.
In step S302, in response to a click operation of the user on the identification information in the second area, a target single point group model selected by the user is determined. And detecting the clicking operation of the second area, and if the clicking position of the user is within a certain range of the display position of the identification information, determining that the single point group model corresponding to the identification information is the target single point group model selected by the user. Of course, the target single point group model may be determined in other manners, for example, an input box may be provided in the second area, and the corresponding target single point group model may be determined by the identification number input by the user.
In step S303, the target single point group model is controlled according to the control operation of the user. For example, after the user clicks some identification information, a control page may be presented, which may include various control operations, such as starting a single sign-on, logging off a single sign-on, and so on. And controlling the target single-point group model according to the control operation selected by the user click.
In the embodiment, the process of the integrated single sign-on can be more intuitively presented through the visual page, so that the user is guided to integrate the single sign-on, the method is easy and simple, the time cost can be reduced, and the single sign-on efficiency is improved.
In some embodiments, controlling the target single-point group model according to the control operation of the user may include the following ways: if the control operation is a first user operation, displaying the model information of the target single-point group model; and if the control operation is a second user operation, changing the target single point group model. Wherein:
in this embodiment, the single-point cluster model may correspond to a plurality of tasks, each of which is implemented by a control operation, for example, the tasks may be to open a single-point login, close the single-point login, and delete an application system included in the single-point cluster model. For example, a user operation for implementing each task may be predefined, so that when the corresponding operation is detected, the corresponding task is executed. The predefined user operations may include a first user operation and a second user operation, and after the control operation of the user is detected, the control operation is matched with a plurality of predefined operations, so as to execute a task matched with the control operation. And if the control operation is matched with the first operation, displaying the model information of the target single-point group model, and if the control operation is matched with the second operation, changing the target single-point group. The first operation and the second operation may include double-clicking, button clicking, and other operations, such as sliding, dragging, and the like.
For example, when a double click is detected at the identification information corresponding to the target single point group model, the model information of the target single point group model may be displayed, and when a click on the "set" button is detected, the target single point group model may be changed.
Specifically, modifying the target singleton group model may include deleting the application systems included in the target singleton group model, for example, when a "set" button is detected to be clicked, system identifiers of all the application systems included in the target singleton group model are displayed, and a radio box is displayed at each identifier, so that the selected application system is deleted. In other embodiments of the present disclosure, the application system in the target single-point group model may be deleted in other manners, for example, when the system identifier is dragged to the target area, the application system corresponding to the system identifier is deleted from the target single-point group model, and the like.
Specifically, the model information showing the target single-point group model may include attribute information showing each application system included in the target single-point group model. The attribute information of the application system may include a system identifier of the application system, an interface address of the application system, or functional description information of the application system, and may also include other information, such as an operation specification of the application system, an association between the application systems, and the like.
In other embodiments of the present disclosure, the single-point group model may be controlled in multiple ways, for example, attribute information of multiple application systems included in the single-point group model is displayed through a first user operation, on the basis, one of the application systems is selected through a second user operation to serve as a target application system, and the target application system is deleted from the target single-point group model through a third user operation; alternatively, a single sign-on of the single point group model is started through a first user operation, so that the single sign-on of each application system in the single point group model is started, and the like, which also belong to the protection scope of the present disclosure.
In step S130, an authentication center corresponding to the single point group model is determined, so that an access user logs in a plurality of application systems included in the single point group model through the authentication center.
An authentication center may refer to an application for authenticating and authorizing a user, and the application may provide a login page through which user information, such as a user name and a password, is received and then verified after receiving the user information. If the user information can be matched with the information of the stored registered user, the user passes the verification, the authorization information of the user is generated, and the application system can verify the user through the authorization information so as to determine whether to accept the access of the user to the resource.
The application systems in the same single-point cluster model may share the same user table, which may refer to a table that stores user information. The user table may include a user name and a password, and may also include other user information, such as an address, a user log, a user age, and the like, which is not limited in this embodiment. For example, when the user logs in the authentication center, the user name and the password may be input, then the authentication center obtains the data in the table, matches the input user name and the password with the obtained data, and if the matching is successful, the user passes the verification.
Each single-point group model corresponds to an authentication center, the authentication center can establish a global session with a user after the user passes verification, and when a certain client user requests resources in an application system, the application system can verify the user through the global session of the authentication center, so that a local session with the user is established. That is to say, if a user requests a resource of an application system in the single-point group model, the application system may detect whether a global session exists, and if so, obtain authorization information of the user corresponding to the global session, so that the user is directly authenticated through the authorization information, and the user is accepted to access the resource.
Before determining the authentication center, it can also be verified whether the single point group model starts single sign-on. Each single point group model can start single sign-on or close single sign-on, if the single point group model does not start single sign-on, a user needs to log in each application system when needing to access a plurality of application systems. Therefore, if the single sign-on is not started by the verification single point group model, prompt information can be sent, and therefore a user is prompted to start the single sign-on. If the single-point group model starts single-point login, when a user requests to access a certain application system, the application system detects whether the user has global session, if not, the user jumps to a login page of an authentication center, and if the user has global session, the user can directly access each application system in the single-point group model without logging again, so that one-point login and one-point login are realized, and the efficiency is greatly improved.
As shown in fig. 4, the present embodiment may include steps S401 to S408, in which:
in step S401, the user accesses the first system and jumps to the authentication center; in step S402, the authentication center verifies the user identity through the user name and password; in step S403, storing the verification result in the global cookie and the cache; in step S404, jumping to the second system; that is, the user accesses another system through an access interface of the other system; in step S405, it is determined whether the second system and the first system are included in the same point group model; if so, step S406 is performed. In step S406, it is determined whether the single point group model starts single sign-on; if so, step S407 is performed. In step S407, the user identity is authenticated based on the global cookie, and if the authentication is successful, step S408 is performed. In step S408, the authentication information is stored in the local cookie to display the user access information for the user to browse. The cookie is a global session cookie in step S403, and the cookie is a local session cookie in step S408. The cookie refers to data recorded and stored by a client corresponding to the user, and can be used for the server to identify the client.
Through the embodiment, the same single-point group model only logs in once, and when the user jumps to another application system, whether the system accessed by the user is in the same single-point group model is judged, so that the user does not need to log in again when accessing other application systems in the single-point group model.
It should be noted that the steps in fig. 4 are a summary of the above specific embodiment, and therefore, steps S401 to S408 are described in the above specific embodiment, and are not described again here.
Further, in the present exemplary embodiment, an apparatus for visually integrating single sign-on is also provided, which is configured to execute the method for visually integrating single sign-on of the present disclosure. The visual integrated single sign-on device can be applied to a server or terminal equipment.
Referring to fig. 5, the apparatus 500 for visualizing integrated single sign-on may include: an application system acquisition module 510, a model determination module 520, and a single sign-on model, wherein:
an application system obtaining module 510, configured to obtain a system identifier in a first region of a visualization page;
a model determining module 520, configured to determine a single point group model according to the system identifier in the first area, where the single point group model includes a plurality of application systems;
a single sign-on module 530, configured to determine an authentication center corresponding to the single point group model, so that an access user logs in a plurality of application systems included in the single point group model through the authentication center.
As can be seen, with the implementation of the device for visually integrating single sign-on shown in fig. 5, on one hand, the application system for integrating single sign-on is determined through the visual page, and different application systems for single sign-on are organized in units of single cluster models, without manually modifying codes, the operation is simple, the time cost and the labor cost for integrating single sign-on are saved, and the efficiency for integrating single sign-on is improved. On the other hand, each application system can be flexibly integrated through the single-point cluster model, and the flexibility of integrating single sign-on can be improved. On the other hand, the operation process of the integrated single sign-on can be visually and clearly embodied through the visual page, so that the operation of a user is more convenient, and the user experience is improved.
In an exemplary embodiment of the present disclosure, the apparatus 500 for visualizing integrated single sign-on may further include:
the identification generation module is used for generating system identifications of all application systems in the visualization page;
and the identification selection module is used for responding to the drag operation of the user on the system identification and moving the system identification so as to determine the system identification contained in the first area.
In an exemplary embodiment of the present disclosure, the apparatus 500 for visualizing integrated single sign-on may further include:
the identification display module is used for generating identification information of the single-point group model and displaying the identification information in a second area;
the model selection module is used for responding to the clicking operation of the user on the identification information in the second area and determining a target single point group model selected by the user;
and the model control module is used for controlling the target single point group model according to the control operation of the user.
In an exemplary embodiment of the disclosure, the model control module may specifically include:
the first control unit is used for displaying the model information of the target single-point group model if the control operation is a first user operation;
and the second control unit is used for changing the target single point group model if the control operation is a second user operation.
In an exemplary embodiment of the disclosure, the first control unit may specifically be configured to: and displaying the attribute information of each application system contained in the target single-point group model.
In an exemplary embodiment of the disclosure, the second control unit may specifically be configured to: and deleting the application systems contained in the target single-point group model, or adding the application systems into the target single-point group model.
In an exemplary embodiment of the present disclosure, the visualization integrated single sign-on device may further include:
the verification module is used for verifying whether the single-point group model starts single-point login;
and the prompting module is used for sending prompting information to prompt a user to start single sign-on if the single sign-on is not started by the single point group model.
For details that are not disclosed in the embodiments of the apparatus of the present disclosure, please refer to the embodiments of the method of the visually integrated single sign-on described above for the details that are not disclosed in the embodiments of the apparatus of the present disclosure.
Referring to fig. 6, fig. 6 is a schematic diagram illustrating a system architecture of an exemplary application environment to which a method for visualizing an integrated single sign-on and an apparatus for visualizing an integrated single sign-on according to an embodiment of the present disclosure may be applied.
As shown in fig. 6, the system architecture 600 may include one or more of terminal devices 601, 602, 603, a network 604, and a server 605. The network 604 serves to provide a medium for communication links between the terminal devices 601, 602, 603 and the server 605. Network 604 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
The terminal devices 601, 602, 603 may be various electronic devices having a display screen, including but not limited to desktop computers, portable computers, smart phones, tablet computers, and the like. It should be understood that the number of terminal devices, networks, and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation. For example, server 605 may be a server cluster composed of a plurality of servers, or the like.
The method for visualizing integrated single sign-on provided by the embodiments of the present disclosure is generally performed by the server 605, and accordingly, the apparatus for visualizing integrated single sign-on is generally disposed in the server 605. However, it is easily understood by those skilled in the art that the method for visualizing integrated single sign-on provided in the embodiment of the present disclosure may also be executed by the terminal device 601, 602, 603, and accordingly, the apparatus for visualizing integrated single sign-on may also be disposed in the terminal device 601, 602, 603, which is not particularly limited in this exemplary embodiment.
For example, in an exemplary embodiment, the server 605 may obtain a system identifier in a first region of the visualization page, and determine the single point group model according to the obtained system identifier, and further determine an authentication center corresponding to the single point group model, so that all application systems in the single point group model perform single sign-on through the authentication center.
FIG. 7 illustrates a schematic structural diagram of a computer system suitable for use with the electronic device to implement embodiments of the present disclosure.
It should be noted that the computer system 700 of the electronic device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of the application of the embodiments of the present disclosure.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for system operation are also stored. The CPU 701, the ROM702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, the processes described below with reference to the flowcharts may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program, when executed by a Central Processing Unit (CPU)701, performs various functions defined in the methods and apparatus of the present application.
It should be noted that the computer readable media shown in the present disclosure may be computer readable signal media or computer readable storage media or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software, or may be implemented by hardware, and the described units may also be disposed in a processor. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by an electronic device, cause the electronic device to implement the method as described in the embodiments below. For example, the electronic device may implement the steps shown in fig. 1 and 2, and so on.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (9)
1. A method of visually integrating single sign-on, comprising:
generating system identifications of all application systems in a visual page;
responding to the drag operation of the user on the system identifier, and moving the system identifier;
determining a coordinate range of a first area according to coordinates of each element in the visual page, determining the elements in the coordinate range, judging whether system identification exists in the elements in the coordinate range, and if so, acquiring the system identification in the first area;
determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems;
and determining an authentication center corresponding to the single-point group model so that an access user can log in a plurality of application systems contained in the single-point group model through the authentication center.
2. The method of claim 1, wherein after determining the single point group model via the system identification in the first region, further comprising:
generating identification information of the single-point group model, and displaying the identification information in a second area;
responding to the clicking operation of the user in the second area on the identification information, and determining a target single point group model selected by the user;
and controlling the target single point group model according to the control operation of the user.
3. The method of claim 2, wherein the controlling the target single point group model according to the user's control operation comprises:
if the control operation is a first user operation, displaying the model information of the target single-point group model;
and if the control operation is a second user operation, changing the target single point group model.
4. The method of claim 3, wherein the presenting model information of the target single point group model comprises:
and displaying the attribute information of each application system contained in the target single-point group model.
5. The method of claim 3, wherein the modifying the target single point group model comprises:
and deleting the application systems contained in the target single-point group model, or adding the application systems into the target single-point group model.
6. The method of claim 1, wherein before determining the certificate authority corresponding to the single point group model, further comprising:
verifying whether the single-point group model starts single-point login;
and if the single-point group model does not start single-point login, sending prompt information to prompt a user to start single-point login.
7. An apparatus for visually integrating single sign-on, comprising:
the identification generation module is used for generating system identifications of all application systems in the visual page;
the identification selection module is used for responding to the dragging operation of the system identification by the user and moving the system identification;
the application system acquisition module is used for determining a coordinate range of a first area according to the coordinates of each element in the visual page, determining the elements in the coordinate range and judging whether system identification exists in the elements in the coordinate range, and if so, acquiring the system identification in the first area;
the model determining module is used for determining a single point group model through the system identification in the first area, wherein the single point group model comprises a plurality of application systems;
and the single sign-on module is used for determining an authentication center corresponding to the single point group model so that an access user can sign on a plurality of application systems contained in the single point group model through the authentication center.
8. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1-6.
9. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1-6 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911046797.8A CN110768998B (en) | 2019-10-30 | 2019-10-30 | Visual integrated single sign-on method, device, medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911046797.8A CN110768998B (en) | 2019-10-30 | 2019-10-30 | Visual integrated single sign-on method, device, medium and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110768998A CN110768998A (en) | 2020-02-07 |
| CN110768998B true CN110768998B (en) | 2022-01-04 |
Family
ID=69333268
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911046797.8A Active CN110768998B (en) | 2019-10-30 | 2019-10-30 | Visual integrated single sign-on method, device, medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110768998B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103631598A (en) * | 2013-12-09 | 2014-03-12 | 国家电网公司 | Interface integration method and system thereof |
| CN106170001A (en) * | 2016-08-27 | 2016-11-30 | 威海兴达信息科技有限公司 | A kind of single-sign-on management system |
| CN108959902A (en) * | 2018-06-07 | 2018-12-07 | 北京百悟科技有限公司 | A kind of mutli-system integration platform and method, computer readable storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9336377B2 (en) * | 2010-04-21 | 2016-05-10 | Lexmark International Technology Sarl | Synchronized sign-on methods for non-programmatic integration systems |
-
2019
- 2019-10-30 CN CN201911046797.8A patent/CN110768998B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103631598A (en) * | 2013-12-09 | 2014-03-12 | 国家电网公司 | Interface integration method and system thereof |
| CN106170001A (en) * | 2016-08-27 | 2016-11-30 | 威海兴达信息科技有限公司 | A kind of single-sign-on management system |
| CN108959902A (en) * | 2018-06-07 | 2018-12-07 | 北京百悟科技有限公司 | A kind of mutli-system integration platform and method, computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110768998A (en) | 2020-02-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10116643B2 (en) | Virtualized data storage and management of policy and credential data sources | |
| JP6707127B2 (en) | Access server authenticity check initiated by end user | |
| CN110708346B (en) | Information processing system and method | |
| US11132114B2 (en) | Method and apparatus for generating customized visualization component | |
| CN111104675A (en) | Method and device for detecting system security vulnerability | |
| US11750590B2 (en) | Single sign-on (SSO) user techniques using client side encryption and decryption | |
| CN109726545B (en) | Information display method, equipment, computer readable storage medium and device | |
| CN111241523A (en) | Authentication processing method, device, equipment and storage medium | |
| US9405890B1 (en) | Easy login on wearable device and wearable device applications | |
| CN110768998B (en) | Visual integrated single sign-on method, device, medium and electronic equipment | |
| CN111030900A (en) | Authentication-free login method and device and electronic equipment | |
| CN110765445B (en) | Method and device for processing request | |
| CN111147470A (en) | Account authorization method and device and electronic equipment | |
| US20230412598A1 (en) | Efficient Generation of Identity Provider Integrations | |
| CN115297019B (en) | Management method of Internet of things application platform, internet of things system, equipment and medium | |
| CN113572763B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN111125676B (en) | Joint authorization method and device | |
| CN113760727A (en) | Interface regression testing method and device | |
| CN117254979A (en) | Multi-cloud access method, device, equipment and storage medium | |
| CN117113324A (en) | Authorization method, device, equipment and storage medium of application account | |
| CN113449228A (en) | Page rendering method and device | |
| CN116644404A (en) | Applet login method and device and related equipment | |
| CN113704080A (en) | Automatic testing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |