CN110958275A - Portal authentication roaming method and device and computer equipment - Google Patents

Portal authentication roaming method and device and computer equipment Download PDF

Info

Publication number
CN110958275A
CN110958275A CN201911426199.3A CN201911426199A CN110958275A CN 110958275 A CN110958275 A CN 110958275A CN 201911426199 A CN201911426199 A CN 201911426199A CN 110958275 A CN110958275 A CN 110958275A
Authority
CN
China
Prior art keywords
user terminal
portal authentication
request
accessing
cookie information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911426199.3A
Other languages
Chinese (zh)
Other versions
CN110958275B (en
Inventor
雷振华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201911426199.3A priority Critical patent/CN110958275B/en
Publication of CN110958275A publication Critical patent/CN110958275A/en
Application granted granted Critical
Publication of CN110958275B publication Critical patent/CN110958275B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Abstract

The application provides a Portal authentication roaming method, a Portal authentication roaming device and computer equipment. The method is applied to Portal authentication equipment and comprises the following steps: sending a redirected URL to the user terminal based on a request of the user terminal for accessing the network resource, wherein the URL is used for pointing to a designated page; and receiving a request for accessing the specified page by the user terminal, and if the request carries the Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal. When the user of the user terminal goes to another place for office, even if the IP address changes, the user does not need to perform Portal authentication again when accessing network resources through the user terminal. Compared with the prior art, the technical scheme does not need to execute SNMP polling to update ARP information, effectively shortens the time consumed by judging whether Portal authentication needs to be repeated or not, improves the user experience, does not need Portal authentication equipment to occupy resources to execute the SNMP polling, and effectively improves the running speed of the Portal authentication equipment.

Description

Portal authentication roaming method and device and computer equipment
Technical Field
The application relates to the technical field of networks, in particular to a Portal authentication roaming method, a Portal authentication roaming device and computer equipment.
Background
In large-scale enterprises, companies or colleges and universities, in order to guarantee network security and trace the source of the online behavior of employees, a Portal authentication function is generally started, that is, identity authentication is provided for users in the form of a webpage. However, people in different departments or different buildings often need to work cooperatively across departments and buildings, and the problem of repeated authentication can occur. For example, a certain employee in department a uses a terminal such as a laptop computer to perform Portal authentication at his/her station to access the network, and when the employee temporarily enters department B, the terminal automatically acquires a new IP address, and then the terminal needs to perform Portal authentication again to access the network.
Since the change of the office location does not cause the change of the MAC address of the terminal, in the related art, the MAC address of the terminal is identified to determine whether the terminal needs to perform Portal authentication again. The Portal authentication device obtains Address Resolution Protocol (ARP) information of the gateway device through Simple Network Management Protocol (SNMP), and after the terminal of the employee performs the Portal authentication, the Portal authentication device records online user information such as an IP Address and an MAC Address of the terminal. If the employee goes to another place to work, the Portal authentication equipment acquires the ARP information of the gateway equipment through the SNMP, if the MAC address of the terminal of the employee is in the online user information table of the Portal authentication equipment, re-authentication of the terminal is not needed, and the IP address flow corresponding to the MAC address can be directly put through so that the user can directly use the terminal to access the network.
However, since the network is basically three-layer forwarding, the Portal authentication device cannot directly obtain the ARP information of the terminal through the ARP message, the ARP information of the terminal must be obtained through the SNMP or similar protocol, and the ARP information is learned through the SNMP with a polling period, so that when the employee goes to another place for office, the employee cannot immediately access the network because the SNMP polling is not executed, and the Portal authentication device cannot search the corresponding MAC address according to the changed IP address and re-authenticate the employee. After SNMP polling is needed, the Portal authentication equipment does not perform Portal authentication again after updating the ARP information of the user. Therefore, the MAC address is adopted to judge that time-consuming polling is required, which affects user experience. In addition, a plurality of access gateways often exist in a large network, and the Portal authentication equipment repeatedly updates ARP information according to the SNMP polling period, so that the processing performance of the equipment is influenced.
Disclosure of Invention
In order to overcome the problems in the related art, the application provides a Portal authentication roaming method, a Portal authentication roaming device and computer equipment.
According to a first aspect of the embodiments of the present application, there is provided a Portal authentication roaming method applied to a Portal authentication device, the method including:
the method comprises the steps that a Uniform Resource Locator (URL) which is redirected to a user terminal is used for pointing to a specified page based on a request of the user terminal for accessing network resources;
and receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
According to a second aspect of the embodiments of the present application, there is provided a Portal authentication roaming method applied to a user equipment, the method including:
sending a request for accessing network resources to Portal authentication equipment;
receiving a redirected Uniform Resource Locator (URL) sent by Portal authentication equipment, wherein the URL is used for pointing to a designated page;
sending a request for accessing the specified page so that the Portal authentication equipment determines whether to authenticate the local terminal equipment; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
According to a third aspect of the embodiments of the present application, there is provided a Portal authentication system, comprising a user terminal and a Portal authentication device,
the user terminal is used for sending a request for accessing network resources to Portal authentication equipment and receiving a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, wherein the URL is used for pointing to a specified page; and sending a request to access the specified page;
the Portal authentication device is used for redirecting the URL to the user terminal based on the request of the user terminal for accessing the network resource, an
And receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
According to a fourth aspect of the embodiments of the present application, there is provided a Portal authentication roaming apparatus, applied to a Portal authentication device, the apparatus including:
the system comprises a redirection module, a URL module and a display module, wherein the redirection module is used for redirecting a Uniform Resource Locator (URL) to a user terminal based on a request of the user terminal for accessing network resources, and the URL is used for pointing to a specified page;
and the authentication module is used for receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries the Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
According to a fifth aspect of the embodiments of the present application, there is provided a Portal authentication roaming apparatus, applied to a user terminal, the apparatus including:
the first sending module is used for sending a request for accessing network resources to the Portal authentication equipment;
the receiving module is used for receiving a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, and the URL is used for pointing to a specified page;
the second sending module is used for sending a request for accessing the specified page so as to enable the Portal authentication equipment to determine whether to authenticate the local terminal equipment; the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the Cookie information of the specified page is carried in the request for determining to access the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
in the technical scheme, Portal authentication equipment redirects the URL of the specified page to the user terminal based on a network access request sent by the user terminal so that the user terminal requests to access the specified page; the request access of the user terminal to the appointed page carries Cookie information, the Portal authentication equipment can judge whether the user terminal needs to be re-authenticated according to online state information which is included in the Cookie information and is subjected to Portal authentication, and if the user terminal does not need to be re-authenticated, the network access request of the user terminal can be put through, so that the user terminal can directly access network resources. Thus, even if the IP address changes when the user of the user terminal goes to another place for office, the user can access the network resource through the user terminal without Portal authentication again, and the user terminal can realize the roaming of the Portal authentication passed by the previous place. Compared with the related technology, the technical scheme does not need to execute SNMP polling to update ARP information, effectively shortens the time consumed by judging whether Portal authentication needs to be repeated or not, improves the user experience, does not need Portal authentication equipment to occupy resources to execute the SNMP polling, and effectively improves the running speed of the Portal authentication equipment.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1A is a diagram illustrating an application scenario of a Portal authentication roaming method according to an exemplary embodiment of the present application.
Fig. 1B is a flowchart illustrating a Portal authentication roaming method according to an exemplary embodiment of the present application.
Fig. 2 is a flowchart illustrating a process of performing Portal authentication for the first time according to an exemplary embodiment of the present application.
Fig. 3 is a flowchart illustrating another method for Portal authenticated roaming according to an exemplary embodiment of the present application.
Fig. 4 is an interaction flow diagram of a Portal authentication system according to an exemplary embodiment of the present application.
Fig. 5 is a schematic structural diagram of a Portal authentication roaming apparatus according to an exemplary embodiment of the present application.
Fig. 6 is a schematic structural diagram of another Portal authentication roaming apparatus according to an exemplary embodiment of the present application.
Fig. 7 is a schematic structural diagram of a computer device according to an exemplary embodiment of the present application.
Fig. 8 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
The following describes in detail a Portal authentication roaming method, apparatus, main control board and frame device according to the present application with reference to the accompanying drawings. The features of the following examples and embodiments may be combined with each other without conflict.
The application provides a Portal authentication roaming method, which can be applied to Portal authentication equipment, wherein the Portal authentication equipment can be a Portal authentication server or other equipment capable of providing Portal authentication, and the Portal authentication roaming method is not specifically limited in the application.
Before describing the Portal authentication roaming method, a scenario in which the Portal authentication roaming method can be applied is described. Fig. 1A is a diagram illustrating an application scenario of a Portal authentication roaming method according to an exemplary embodiment of the present application. The application scenario includes a user terminal 11, an access device 12 and a Portal authentication device 13, where the access device 12 is in communication connection with the user terminal 11 and the Portal authentication device 13, respectively. A network access request initiated by the user terminal 11 may be received via the access device 12 and the access device 12 may redirect the network access request to the Portal authentication device 13 to determine whether the user terminal 11 performs Portal authentication.
The user terminal may be a computer, a laptop, a smart phone, a tablet computer, a PDA (personal digital Assistant), and other devices, and the electronic device may be loaded with a web browser to provide a service for a user to access a network resource through the web browser. A user may input a URL (Uniform Resource Locator) of a network Resource to be accessed through a browser of the user terminal to request to access the network Resource corresponding to the URL. The user terminal may request access to the network resource through a wired network or a wireless network. The present application is not particularly limited. The access device may be a switch, a router, an access controller, or the like, and the present application is not limited specifically.
Fig. 1B is a flowchart illustrating a Portal authentication roaming method according to an exemplary embodiment of the present application. As shown in fig. 1B, the Portal authentication roaming method includes the following steps 101 to 102:
step 101, based on a request for accessing network resources sent by a user terminal, sending a redirected URL to the user terminal, where the URL points to a specified page.
In step 101, the request for accessing a network resource may refer to an HTTP request initiated by the user terminal for accessing any network resource. The content displayed by the designated page may be whether the user has been authenticated by Portal in the current network and is currently online.
102, receiving a request of the user terminal for accessing the specified page;
step 103, if the request for accessing the specified page carries the Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
It should be understood that the Portal authentication roaming method of this embodiment may be applicable to the same local area network, where the user terminal has already passed the Portal authentication in the first location, and then when the user terminal needs to access the network resource in the second location, the Portal authentication device executes the Portal authentication roaming method of this embodiment to determine whether the user terminal needs to perform the Portal authentication again.
In one possible implementation manner of the present application, the online status information in the Cookie information includes a user identifier of the user terminal, a first IP address, and an authentication expiration time.
The request for accessing the designated page sent by the user terminal to the Portal authentication device may or may not contain Cookie information. When a user terminal accesses a specified page for the first time, a request for accessing the specified page does not carry Cookie information; when the user terminal accesses the specified page once and is successfully authenticated, the Cookie information is carried in the request for accessing the specified page when the user terminal accesses the specified webpage again, so that whether the user accesses the specified page for the first time can be determined according to whether the Cookie information is carried in the request for accessing the specified page, if the Cookie information is accessed for the first time, Portal authentication is initiated to the user terminal, and if the Cookie information is not accessed for the first time, whether Portal authentication needs to be initiated to the user terminal again is further determined according to the China-year online user information of the Cookie information.
It should be understood that the Cookie information may be generated by the Portal authentication device from the online status information after the user terminal passes Portal authentication for the first time, and sent to the user terminal, and the user terminal receives the Cookie and stores the Cookie in the local of the user terminal.
The user identifier of the user terminal may be an identifier used by the user of the user terminal for Portal authentication, and the identifier may describe the uniqueness of the user, for example, the identifier may be a user account; as another example, the identification may be a username. The identification may include any combination of one or more of upper and lower case letters, numbers, punctuation marks.
The first IP address may be an IP address where the user identifies that Portal authentication has been performed at a first location within the same local area network. It is understood that the presence information may include a first IP address, or a plurality of first IP addresses, where a first IP address may generally refer to an IP address where the user identification has been Portal authenticated at a plurality of locations within the same lan. The IP address used by the user terminal to access the network resource at the second location is different from the first IP address, and is distinguished as a table, and may be called as a second IP address. The request to access the network resource may also carry a second IP address.
The authentication expiration time may refer to the validity time that the Portal authentication can be maintained at other IP addresses at other locations within the same LAN. Alternatively, the user identification may not need to re-perform Portal authentication when accessing network resources at the IP address during the authentication expiration time. Otherwise, if the authentication expiration time is exceeded, the Portal authentication needs to be performed again when the user identification accesses the network resource on the IP address. The authentication expiration time may also be the validity time of the Cookie information. The following describes in detail how the Portal authentication device determines whether to authenticate the user terminal based on the Cookie information:
in the first case: if the current time exceeds the authentication expiration time, the URL of the Portal authentication page is redirected to the user terminal.
This situation means that the valid time that the user identification in the Cookie information can maintain through the Portal authentication passed by other IP addresses is expired before, and the user identification accesses the network resource through the second IP address at this time needs to perform the Portal authentication again, so that the Portal authentication equipment redirects the URL of the Portal authentication page to the user terminal, so that the user terminal requests the URL of the Portal authentication page to perform the Portal authentication again.
In the second case: and if the current time does not exceed the authentication expiration time and the user identifier and the first IP address of the user terminal are unsuccessfully matched with the pre-stored online user information, redirecting the URL of the Portal authentication page to the user terminal.
However, the user identifier and the first IP address in the Cookie information cannot be queried in the online user information pre-stored by the Portal authentication device, which indicates that the user of the Portal authentication may perform operations such as account logout and the like to enable the corresponding user account to be in an offline state, and therefore, the Portal authentication needs to be performed again. The Portal authentication equipment redirects the URL of the Portal authentication page to the user terminal so that the user terminal requests the URL of the Portal authentication page to perform Portal authentication again.
It will be appreciated that the Portal authentication device allows access to network resources for the user terminal after the Portal authentication is re-performed in the first and second cases.
In the third case: and if the current time does not exceed the authentication expiration time and the user identifier and the first IP address of the user terminal can be successfully matched with the pre-stored online user information, allowing the user terminal to access network resources.
The condition is that the effective time of the previous Portal authentication is not expired, and the Portal authentication equipment can inquire the online user information prestored in the Portal authentication equipment to obtain the information consistent with the user identification and the first IP address in the Cookie information, wherein the user identification is in an online state. Therefore, the user identification can access the network resource by the second IP address without re-Portal authentication, and the request for accessing the network resource sent by the user terminal is put through so that the user terminal can access the network resource.
In one possible implementation manner of the present application, after determining not to authenticate the user terminal, the method further includes: and generating new Cookie information and sending the new Cookie information to the user terminal, wherein the new Cookie information comprises the user identification, the first IP address, the second IP address and the updated authentication expiration time of the user terminal. Therefore, before the user terminal requests to access network resources by other IP addresses (for example, a third IP address), the Portal authentication equipment can be redirected to a corresponding specified page, when the user terminal requests to access the specified page, the request carries new Cookie information, and the Portal authentication equipment utilizes the updated online user information to be matched with the new Cookie information to determine whether the user terminal needs to perform Portal authentication again.
In one possible embodiment of the present application, the updated authentication expiration time may be counted from the time when it is determined that the user terminal does not need to re-authenticate again. In another possible embodiment of the present application, the updated authentication expiration time may also be counted from the time of generating new Cookie information.
In one possible implementation manner of the present application, after determining not to authenticate the user terminal, the method further includes: and adding the second IP address carried by the request for accessing the network resource to the online user information. Therefore, the online state of the user terminal accessing the network resource at the second IP address can be added to online user information prestored by the Portal authentication device, the Portal authentication device can also generate new Cookie information according to the updated online user information and send the Cookie information to the user terminal, so that the Portal authentication device can be redirected to a corresponding appointed page before the user terminal requests to access the network resource at other IP addresses, when the user terminal requests to access the appointed page, the request carries the new Cookie information, and the Portal authentication device matches the new Cookie information by using the updated online user information to determine whether the user terminal needs to perform Portal authentication again.
It should be understood that the two steps of generating new Cookie information and updating online user information by the Portal authentication device may be executed in tandem or simultaneously, and are not limited in detail herein.
It should be noted that, in this case, when the user terminal accesses the network resource with the second IP address, the Portal authentication needs to be performed again or the situation that the Portal authentication needs not to be performed again is determined, the second IP address may be added to the online user information, and the Portal authentication device may also generate new Cookie information according to the updated online user information and send the Cookie information to the user terminal.
In one possible embodiment of the present application, the authentication expiration time may be updated to a Portal authentication expiration time from the current time. It should be noted that, in this case, when the user terminal accesses the network resource by using the second IP address, the current time may be used as the starting point of the updated authentication expiration time, if the Portal authentication needs to be performed again or the situation that the Portal authentication needs not to be performed again is determined. Therefore, the authentication expiration time can be prolonged, and the user experience is improved.
In the method of the embodiment, when the user of the user terminal goes to another place for office, even if the IP address changes, the user does not need to carry out Portal authentication again when accessing network resources through the user terminal, and the Portal authentication roaming that the user terminal passes through at the previous place can be realized. Compared with the related technology, the technical scheme does not need to execute SNMP polling to update ARP information, effectively shortens the time consumed by judging whether Portal authentication needs to be repeated or not, improves the user experience, does not need Portal authentication equipment to occupy resources to execute the SNMP polling, and effectively improves the running speed of the Portal authentication equipment.
Fig. 2 is a schematic flow chart of a first time Portal authentication process according to an exemplary embodiment of the present application, and in order to more clearly describe the first time Portal authentication process, the flow related to the present embodiment is an interaction flow of a user terminal and a Portal authentication device. As shown in fig. 2, the Portal authentication process includes steps 201 to 206:
step 201, the user terminal sends a request for accessing network resources to the Portal authentication device.
Step 202, the Protal authentication device sends the redirected URL to the user terminal based on the request for accessing the network resource, and the URL points to the designated page.
In step 203, since the user terminal accesses the specified web page for the first time, the request for accessing the network resource does not carry the Cookie information, and therefore, the Portal authentication device needs to perform Portal authentication on the user terminal. The specific authentication process can refer to the following steps: (Steps 203a through 203c are not shown in FIG. 2)
In step 203a, the Portal authentication equipment redirects the URL of the Portal authentication page to the user terminal.
Step 203b, the user terminal submits the user identification and the authentication password to the Portal authentication equipment.
And step 203c, the Portal authentication equipment authenticates according to the user identification and the authentication password.
And step 204, after passing the authentication, the Protal authentication equipment stores the online state information of the user terminal, so that when the user accesses a specified page, the fact that the user terminal passes the Portal authentication and the associated user identifier is in an online state is displayed to the user terminal, and the user is prompted to access network resources.
Step 205, the Protal authentication device redirects the URL of the designated page to the user terminal again, and generates Cookie information for the online status information subjected to the Portal authentication and sends the Cookie information to the user terminal.
And step 206, the user terminal stores the Cookie information in local.
The application also provides another Portal authentication roaming method, and the Portal authentication roaming method is applied to the user terminal. Fig. 3 is a flowchart illustrating another method for Portal authenticated roaming according to an exemplary embodiment of the present application. As shown in fig. 3, the Portal authentication roaming method includes steps 301 to 302:
step 301, sending a request for accessing network resources to a Portal authentication device;
step 302, receiving a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, wherein the URL is used for pointing to a specified page;
step 303, sending a request for accessing the specified page, so that the Portal authentication device determines whether to authenticate the local terminal device; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
The Porta l authentication roaming method applied to the user terminal in the embodiment shown in fig. 3 is the same as the related art in the Portal authentication roaming method applied to the Portal authentication device in the above embodiment, and is not described herein again.
Fig. 4 is an interaction flow diagram of a Portal authentication system according to an exemplary embodiment of the present application. The Portal authentication system 40 comprises a user terminal 41 and a Portal authentication device 42, the user terminal being in communication connection with the Portal authentication device. The structure of the Portal authentication system can be similar to that of the application scenario diagram of fig. 1A, and is not repeated herein. As shown in fig. 4, the interactive process of the Portal authentication system includes:
the user terminal 41 sends a request for accessing network resources to Portal authentication equipment, and receives a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, wherein the URL is used for pointing to a specified page; and sending a request to access the specified page;
portal authentication device 42 redirects the URL to the user terminal based on the user terminal's request to access the network resource, an
And receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
It should be understood that, generally, the Portal authentication system may further include an access device, and the user terminal and the Portal authentication device may be in communication connection through the access device, or in other words, the user terminal and the Portal authentication device are in indirect communication connection, which may be specifically referred to the application scenario diagram shown in fig. 1A. Since the access device mainly plays a forwarding role in Portal authentication, the embodiment does not mainly describe the access device. It is understood that a Portal authentication system including a user terminal, an access device, and a Portal authentication device may also be included in the scope of the present application.
The application also provides a Portal authentication roaming device which can be applied to Portal authentication equipment. Fig. 5 is a schematic structural diagram of a Portal authentication roaming apparatus according to an exemplary embodiment of the present application. As shown in fig. 5, the apparatus 50 includes:
a redirection module 501, configured to redirect a uniform resource locator URL to a user terminal based on a request of the user terminal to access a network resource, where the URL is used to point to a specified page;
an authentication module 502, configured to receive a request for the user terminal to access the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determine whether to authenticate the user terminal based on the Cookie information, where the Cookie information includes online status information that the user terminal has performed Portal authentication.
The application also provides another Portal authentication roaming device, and the Portal authentication roaming device can be applied to the user terminal. Fig. 6 is a schematic structural diagram of another Portal authentication roaming apparatus according to an exemplary embodiment of the present application. As shown in fig. 6, the apparatus 60 includes:
a first sending module 601, configured to send a request for accessing a network resource to a Portal authentication device;
a receiving module 602, configured to receive a redirected uniform resource locator URL sent by the Portal authentication device, where the URL is used to point to a specified page;
a second sending module 603, configured to send a request for accessing the specified page, so that the Portal authentication device determines whether to authenticate the local device; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, wherein the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The application also provides a computer device which can be a Portal authentication server or other devices capable of providing Portal authentication. Fig. 7 is a schematic structural diagram of a computer device according to an exemplary embodiment of the present application. As shown in fig. 7, the computer device 70 comprises a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the program:
sending a redirected Uniform Resource Locator (URL) to a user terminal based on a request of the user terminal for accessing network resources, wherein the URL is used for pointing to a designated page;
and receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
The present application further provides an electronic device, which may be a computer, a portable computer, a smart phone, a tablet computer, a PDA (Personal Digital Assistant), and the like, and the electronic device may be loaded with a web browser to provide a user with access to a network resource. Fig. 8 is a block diagram illustrating an electronic device according to an exemplary embodiment of the present application. As shown in fig. 8, the computer device 80 comprises a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the program:
sending a request for accessing network resources to Portal authentication equipment;
receiving a redirected Uniform Resource Locator (URL) sent by Portal authentication equipment, wherein the URL is used for pointing to a designated page;
sending a request for accessing the specified page so that the Portal authentication equipment determines whether to authenticate the local terminal equipment; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
The present application also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps performed in a Portal authentication device.
The present application also provides another computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps performed by the user terminal in the present application.
Embodiments of the present application may take the form of a computer program product embodied on one or more readable media having program code embodied therein, including but not limited to disk storage, CD-ROM, optical storage, and the like. Computer-usable readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer readable media include, but are not limited to: phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), erasable programmable read only memory (EEPROM), flash memory or other memory technologies, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic tape storage or other magnetic storage devices, or any other non-transmission medium, may be used to store information that may be accessed by a computing device.
The foregoing description of specific embodiments of the present application has been presented. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (10)

1. A Portal authentication roaming method is applied to Portal authentication equipment, and comprises the following steps:
sending a redirected Uniform Resource Locator (URL) to a user terminal based on a request of the user terminal for accessing network resources, wherein the URL is used for pointing to a designated page;
and receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
2. The Portal authenticated roaming method of claim 1, wherein the presence information includes a subscriber identity, a first IP address, and an authentication expiration time of the user terminal;
the step of determining whether to authenticate the user terminal based on the Cookie information includes:
if the current time does not exceed the authentication expiration time and the user identifier and the first IP address of the user terminal are matched with the pre-stored online user information, allowing the user terminal to access network resources;
and if the user identification and the first IP address of the user terminal are not matched with the pre-stored online user information or the current time exceeds the authentication expiration time, performing Portal authentication on the user terminal.
3. The Portal authentication roaming method of claim 2, wherein after determining not to authenticate the user terminal, the method further comprises:
and adding the second IP address carried in the request for accessing the network resource to the online user information.
4. The Portal authenticated roaming method of claim 2 or 3, wherein after determining that the user terminal is not authenticated, the method further comprises:
and generating new Cookie information and sending the new Cookie information to the user terminal, wherein the new Cookie information comprises the user identification, the first IP address, the second IP address and the updated authentication expiration time of the user terminal.
5. The Portal authentication roaming method of claim 1, wherein if no Cookie information is carried in the request to access the specified page, the method further comprises:
initiating Portal authentication to the user terminal, storing the online state information of the user terminal after the authentication is successful, and sending the redirected URL to the user terminal;
and after receiving a request for the user terminal to access the specified page, generating Cookie information from the stored online state information and sending the Cookie information to the user terminal.
6. A Portal authentication roaming method is applied to a user terminal, and comprises the following steps:
sending a request for accessing network resources to Portal authentication equipment;
receiving a redirected Uniform Resource Locator (URL) sent by Portal authentication equipment, wherein the URL is used for pointing to a designated page;
sending a request for accessing the specified page so that the Portal authentication equipment determines whether to authenticate the local terminal equipment; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
7. A Portal authentication system is characterized by comprising a user terminal and Portal authentication equipment,
the user terminal is used for sending a request for accessing network resources to Portal authentication equipment and receiving a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, wherein the URL is used for pointing to a specified page; and sending a request to access the specified page;
the Portal authentication device is used for redirecting the URL to the user terminal based on the request of the user terminal for accessing the network resource, an
And receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
8. A Portal authentication roaming device is applied to Portal authentication equipment, and the device comprises:
the system comprises a redirection module, a URL module and a display module, wherein the redirection module is used for redirecting a Uniform Resource Locator (URL) to a user terminal based on a request of the user terminal for accessing network resources, and the URL is used for pointing to a specified page;
and the authentication module is used for receiving a request of the user terminal for accessing the specified page, and if the request for accessing the specified page carries the Cookie information of the specified page, determining whether to authenticate the user terminal based on the Cookie information, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
9. A Portal authenticated roaming device, for application to a user terminal, the device comprising:
the first sending module is used for sending a request for accessing network resources to the Portal authentication equipment;
the receiving module is used for receiving a redirected Uniform Resource Locator (URL) sent by the Portal authentication equipment, and the URL is used for pointing to a specified page;
the second sending module is used for sending a request for accessing the specified page so as to enable the Portal authentication equipment to determine whether to authenticate the local terminal equipment; and the Portal authentication equipment determines whether to authenticate local equipment or not based on the Cookie information under the condition that the request for accessing the specified page is determined to carry the Cookie information of the specified page, wherein the Cookie information comprises online state information of Portal authentication of the user terminal.
10. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the Portal authentication roaming method as claimed in any one of claims 1 to 5 are implemented by the processor when executing the program.
CN201911426199.3A 2019-12-30 2019-12-30 Portal authentication roaming method and device and computer equipment Active CN110958275B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911426199.3A CN110958275B (en) 2019-12-30 2019-12-30 Portal authentication roaming method and device and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911426199.3A CN110958275B (en) 2019-12-30 2019-12-30 Portal authentication roaming method and device and computer equipment

Publications (2)

Publication Number Publication Date
CN110958275A true CN110958275A (en) 2020-04-03
CN110958275B CN110958275B (en) 2021-11-23

Family

ID=69985370

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911426199.3A Active CN110958275B (en) 2019-12-30 2019-12-30 Portal authentication roaming method and device and computer equipment

Country Status (1)

Country Link
CN (1) CN110958275B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113037769A (en) * 2021-03-28 2021-06-25 杭州迪普科技股份有限公司 Network resource access method and device
WO2022105096A1 (en) * 2020-11-20 2022-05-27 华为技术有限公司 Trusted terminal determination method and related device
CN116980233A (en) * 2023-09-21 2023-10-31 宝略科技(浙江)有限公司 Authorization verification method, system and medium for discrete data high-frequency access

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140369335A1 (en) * 2011-12-16 2014-12-18 Telefonaktiebolaget L M Ericsson (Publ) Method and a network node for connecting a user device to a wireless local area network
CN106488453A (en) * 2016-12-07 2017-03-08 上海斐讯数据通信技术有限公司 A kind of method and system of portal certification
CN106658498A (en) * 2016-12-05 2017-05-10 上海斐讯数据通信技术有限公司 Portal approved quick roaming method and WiFi device
CN107529191A (en) * 2017-07-31 2017-12-29 安徽四创电子股份有限公司 A kind of method based on RADIUS and PORTAL agreements record user terminal downtime
CN109951487A (en) * 2019-03-22 2019-06-28 杭州迪普科技股份有限公司 A kind of portal authentication method and device
CN110401951A (en) * 2018-04-25 2019-11-01 华为技术有限公司 Authenticate the methods, devices and systems of terminal in WLAN

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140369335A1 (en) * 2011-12-16 2014-12-18 Telefonaktiebolaget L M Ericsson (Publ) Method and a network node for connecting a user device to a wireless local area network
CN106658498A (en) * 2016-12-05 2017-05-10 上海斐讯数据通信技术有限公司 Portal approved quick roaming method and WiFi device
CN106488453A (en) * 2016-12-07 2017-03-08 上海斐讯数据通信技术有限公司 A kind of method and system of portal certification
CN107529191A (en) * 2017-07-31 2017-12-29 安徽四创电子股份有限公司 A kind of method based on RADIUS and PORTAL agreements record user terminal downtime
CN110401951A (en) * 2018-04-25 2019-11-01 华为技术有限公司 Authenticate the methods, devices and systems of terminal in WLAN
CN109951487A (en) * 2019-03-22 2019-06-28 杭州迪普科技股份有限公司 A kind of portal authentication method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022105096A1 (en) * 2020-11-20 2022-05-27 华为技术有限公司 Trusted terminal determination method and related device
CN113037769A (en) * 2021-03-28 2021-06-25 杭州迪普科技股份有限公司 Network resource access method and device
CN113037769B (en) * 2021-03-28 2023-04-18 杭州迪普科技股份有限公司 Network resource access method and device
CN116980233A (en) * 2023-09-21 2023-10-31 宝略科技(浙江)有限公司 Authorization verification method, system and medium for discrete data high-frequency access
CN116980233B (en) * 2023-09-21 2024-01-30 宝略科技(浙江)有限公司 Authorization verification method and system for discrete data during high-frequency access

Also Published As

Publication number Publication date
CN110958275B (en) 2021-11-23

Similar Documents

Publication Publication Date Title
CN110958275B (en) Portal authentication roaming method and device and computer equipment
CN109639740B (en) Login state sharing method and device based on equipment ID
US10721320B2 (en) Redirection method, apparatus, and system
EP3319293B1 (en) Cross-terminal login-free method and device
CN108337677B (en) Network authentication method and device
CN106170964B (en) User virtual identity based on different identity services
CN105450582B (en) Method for processing business, terminal, server and system
CN105991614B (en) It is a kind of it is open authorization, resource access method and device, server
US8291481B2 (en) Sessionless redirection in terminal services
CN104159225A (en) Wireless network based real-name registration system management method and system
WO2017177691A1 (en) Portal authentication method and system
CN105991640B (en) Handle the method and device of HTTP request
CN101764808A (en) Authentication processing method and system for automatic login as well as server
CN106453349B (en) Account login method and device
CN109769249B (en) Authentication method, system and device
CN103200159A (en) Network access method and equipment
CN109218389A (en) The method, apparatus and storage medium and electronic equipment of processing business request
CN106603556B (en) Single-point logging method, apparatus and system
CN104348786A (en) Method, device and system for password recovery
CN108809969B (en) Authentication method, system and device
CN106209816B (en) A kind of web camera login method and system
US8769623B2 (en) Grouping multiple network addresses of a subscriber into a single communication session
CN107682372A (en) User profile for Portal escapes obtains and authentication method, device and access device
CN106899564A (en) A kind of login method and device
CN110430062B (en) Login request processing method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant