CN111259368A - Method and equipment for logging in system - Google Patents
Method and equipment for logging in system Download PDFInfo
- Publication number
- CN111259368A CN111259368A CN201911080252.9A CN201911080252A CN111259368A CN 111259368 A CN111259368 A CN 111259368A CN 201911080252 A CN201911080252 A CN 201911080252A CN 111259368 A CN111259368 A CN 111259368A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- terminal
- identification information
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012795 verification Methods 0.000 claims abstract description 107
- 230000001960 triggered effect Effects 0.000 claims abstract description 19
- 230000002452 interceptive effect Effects 0.000 claims description 20
- 238000001514 detection method Methods 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 6
- 230000000977 initiatory effect Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/41—User authentication where a single sign-on provides access to a plurality of computers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application is applicable to the technical field of computers, and provides a method and equipment for logging in a system, wherein the method comprises the following steps: when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; when the verification result is that the identity of the user is legal, logging in a second system based on the identity information of the user; and when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information to the first terminal based on the first equipment identification information. By the method, the code of the accessed system does not need to be changed, and the user can access other systems only by logging in the current system, so that the workload of developers is reduced, and the safety of the accessed system is improved.
Description
Technical Field
The present application belongs to the field of computer technologies, and in particular, to a method and an apparatus for logging in a system.
Background
In an enterprise, there are generally many application systems providing management and IT services, and with the growth of the enterprise and the development of information technology, many systems are added. In the traditional decentralized user authentication management, each service system independently performs the authentication work of the user, the user needs to remember a large number of user names and passwords, and login is performed every time the user enters one system, so that the authentication management and maintenance work of a system administrator is increased.
Thus, single sign-on applications are born. Single Sign On (SSO) is one of the popular solutions for business integration of enterprises. SSO is defined as the fact that in multiple applications, a user only needs to log in once to access all mutually trusted applications. However, the conventional single sign-on method needs to frequently intrude into the accessed service systems to modify system codes, so that the user can access the service systems by logging on once. This frequently modifies the code of the business system, increasing the workload of the developer and the risk of the business system.
Disclosure of Invention
In view of this, embodiments of the present application provide a method and an apparatus for logging in a system, so as to solve the problem that a conventional single sign-on method needs to frequently intrude multiple visited business systems to modify system codes, thereby increasing workload of developers and risk of the business systems.
A first aspect of an embodiment of the present application provides a method for logging in a system, including:
when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; the login request information comprises first equipment identification information and user identity information of the first terminal;
when the verification result is that the identity of the user is legal, logging in the second system based on the identity information of the user;
when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
The login request information further comprises first system identification information and second system identification information.
Further, in order to accurately verify whether the identity of the user is legal or not and improve the security of the system, when login request information, which is triggered by the first terminal through the first system and used for requesting to login the second system, is detected, verifying whether the identity of the user of the first terminal is legal or not based on the login request information may include:
detecting whether the user successfully logs in the first system or not based on the first system identification information and the first equipment identification information;
when the detection result is that the user successfully logs in the first system, whether the user has the authority to log in the second system is detected based on the user identity information and the second system identification information;
when the user has the authority to log in the second system, judging that the identity of the user is legal; and when the user does not have the right to log in the second system, judging that the identity of the user is illegal.
Further, to accurately and quickly determine whether a user successfully logs in to a first system, detecting whether the user successfully logs in to the first system based on the first system identification information and the first device identification information may include:
acquiring a first verification mode corresponding to the first system based on the first system identification information;
initiating a verification request to a first terminal corresponding to the first equipment identification information through the first verification mode, and acquiring a verification result; and the verification result is used for indicating whether the user successfully logs in the first system.
Further, when it is detected that the user does not successfully log in the first system, in order to timely remind the user, the method may further include:
when the detection result is that the user does not successfully log in the first system, prompt information is generated;
sending the prompt message to the first terminal based on the first equipment identification information; the prompt message is used for prompting the user to log in the first system again.
Further, in order to accurately and quickly determine whether the user has the right to log in the second system, when the detection result is that the user successfully logs in the first system, detecting whether the user has the right to log in the second system based on the user identity information and the second system identification information may include:
acquiring a second verification mode corresponding to the second system and second equipment identification information of equipment for providing service for the second system based on the second system identification information;
sending the user identity information to equipment corresponding to the second equipment identification information in the second verification mode; the user identity information is used for triggering the equipment to verify whether the user has the authority to log in the second system.
Further, this application still includes: when the verification result is that the user successfully logs in the first system, the user identity information and the second system identification information are executed, and whether the user has the authority to log in the second system is detected; or when the verification result is that the user does not successfully log in the first system, acquiring a link corresponding to the second system login interface, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
Further, when the identity of the user is illegal, in order to ensure that the user successfully logs in the second system, the method may further include: when the verification result is that the identity of the user is illegal, acquiring a link corresponding to the second system login interface, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
A second aspect of an embodiment of the present invention provides an apparatus for logging in a system, where the apparatus includes:
the verification unit is used for verifying whether the identity of a user of the first terminal is legal or not based on login request information when the login request information which is triggered by the first terminal through the first system and used for requesting to login a second system is detected; the login request information comprises first equipment identification information and user identity information of the first terminal;
the login unit is used for logging in the second system based on the user identity information when the verification result shows that the identity of the user is legal;
a sending unit, configured to, when successfully logging in the second system, obtain interface information of a quick access interface, corresponding to the first terminal, for accessing the second system, and send the interface information of the quick access interface to the first terminal based on the first device identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
The login request information further comprises first system identification information and second system identification information.
Further, the verification unit specifically includes:
a first detecting unit, configured to detect whether the user successfully logs in the first system based on the first system identification information and the first device identification information;
the second detection unit is used for detecting whether the user has the authority to log in the second system or not based on the user identity information and the second system identification information when the detection result indicates that the user successfully logs in the first system;
the judging unit is used for judging that the identity of the user is legal when the user has the authority to log in the second system; and when the user does not have the right to log in the second system, judging that the identity of the user is illegal.
Further, the apparatus further comprises:
the generating unit is used for generating prompt information when the detection result indicates that the user does not successfully log in the first system;
an information sending unit, configured to send the prompt information to the first terminal based on the first device identification information; the prompt message is used for prompting the user to log in the first system again.
Further, the first detection unit is specifically configured to:
acquiring a first verification mode corresponding to the first system based on the first system identification information;
initiating a verification request to a first terminal corresponding to the first equipment identification information through the first verification mode, and acquiring a verification result; and the verification result is used for indicating whether the user successfully logs in the first system.
Further, when the verification result indicates that the user successfully logs in the first system, the second detecting unit is specifically configured to detect whether the user has the right to log in the second system based on the user identity information and the second system identification information;
the apparatus further comprises: the link obtaining unit is used for obtaining a link corresponding to the login interface of the second system when the verification result shows that the user does not successfully log in the first system, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
Further, the second detection unit is specifically configured to:
acquiring a second verification mode corresponding to the second system and second equipment identification information of equipment for providing service for the second system based on the second system identification information;
sending the user identity information to equipment corresponding to the second equipment identification information in the second verification mode; the user identity information is used for triggering the equipment to verify whether the user has the authority to log in the second system.
Further, the apparatus further comprises:
and the link sending unit is used for acquiring the link corresponding to the second system login interface when the verification result is that the identity of the user is illegal, and sending the link to the first terminal based on the first equipment identification information.
A third aspect of the embodiments of the present invention provides another device, including a processor, an input device, an output device, and a memory, where the processor, the input device, the output device, and the memory are connected to each other, where the memory is used to store a computer program that supports a terminal to execute the above method, where the computer program includes program instructions, and the processor is configured to call the program instructions to perform the following steps:
when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; the login request information comprises first equipment identification information and user identity information of the first terminal;
when the verification result is that the identity of the user is legal, logging in the second system based on the identity information of the user;
when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
A fourth aspect of embodiments of the present invention provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the steps of:
when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; the login request information comprises first equipment identification information and user identity information of the first terminal;
when the verification result is that the identity of the user is legal, logging in the second system based on the identity information of the user;
when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
The method and the device for logging in the system provided by the embodiment of the application have the following beneficial effects:
according to the embodiment of the application, when the server detects login request information which is triggered by the first terminal through the first system and used for requesting to login the second system, whether the identity of a user of the first terminal is legal or not is verified based on the login request information; when the verification result is that the identity of the user is legal, logging in a second system based on the identity information of the user; and when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information to the first terminal based on the first equipment identification information. The interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system. By the method, the code of the accessed system does not need to be changed, and the user can access other systems only by logging in the current system, so that the workload of developers is reduced, and the safety of the accessed system is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a flowchart illustrating an implementation of a method for logging in a system according to an embodiment of the present application;
FIG. 2 is a flowchart illustrating an implementation of a method for logging into a system according to another embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a device for logging into a system according to an embodiment of the present application;
fig. 4 is a schematic diagram of a device for logging in a system according to another embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
In the application, when a user wants to log in a second system through a first system, an option displayed in a first system interface and used for directly logging in the second system can be clicked, and the first terminal generates login request information at the moment; the login request information is login request information which is triggered by the first terminal through the first system and is used for requesting to login the second system; the login request information includes first device identification information and user identity information of the first terminal. The server intercepts the login request information and verifies whether the identity of the user is legal or not based on the request information; when the user identity is legal, logging in a second system based on the user identity information; when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and when the first terminal receives the interface information of the quick access interface, jumping from the login interface of the first system to the corresponding interactive interface after the second system is successfully logged in. For a user, the user wants to log in the second system through the first system, only needs to log in the first system successfully, namely, inputs an account and a password corresponding to the first system, the login interface of the first system jumps to an interactive interface corresponding to the second system after the login is successful, and the user does not need to input information such as the account and the password corresponding to the second system.
Referring to fig. 1, fig. 1 is a schematic flowchart of a method for logging in a system according to an embodiment of the present invention. The main execution body of the method for logging in the system in the embodiment is a device for logging in the system, and the device includes, but is not limited to, a server. The method for logging in the system as shown in fig. 1 may include:
s101: when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; the login request information includes first device identification information and user identity information of the first terminal.
When detecting login request information which is triggered by a first system and used for requesting to login a second system through a first terminal, a server verifies whether the identity of a user of the first terminal is legal or not based on the login request information. The first terminal refers to a terminal provided with a first system; the first system and the second system are two different systems, and are used for providing services for users. When a user wants to log in a second system through a first system, the user can click an option displayed in a first system interface and used for directly logging in the second system, and the first terminal generates login request information at the moment; the login request information is login request information which is triggered by the first terminal through the first system and is used for requesting to login the second system; the login request information includes first device identification information and user identity information of the first terminal. The first device identification information is used to uniquely identify the first terminal, the user identity information is identity information of a user who wants to log in the second system through the first system, and the user identity information is used to uniquely identify the user, and specifically may be account information registered for the user to log in the second system, an identity number of the user, or user identity information uniquely generated for the user, and the like, which are only exemplary descriptions herein and are not limited thereto. The login request information may further include first system identification information corresponding to the first system, second system identification information corresponding to the second system, and the like.
When detecting login request information which is triggered by a first system and used for requesting to login a second system, a server verifies whether the identity of a user of the first terminal is legal or not according to the login request information. Specifically, the server detects whether the user successfully logs in the first system according to first system identification information and first equipment identification information in the login request information; and when the user is determined to successfully log in the first system, detecting whether the user has the authority to log in the second system or not according to the user identity information and the second system identification information. It may be understood that to detect whether the identity of the user of the first terminal is legitimate, it is first determined whether the user successfully logs in to the first system, and when the user successfully logs in to the first system, it is further determined whether the user has permission to log in to the second system. When the user successfully logs in the first system and has the authority to log in the second system, the used identity is considered to be legal.
Further, in order to accurately verify whether the identity of the user is legal or not and improve the security of the system, S101 may include S1011-S1012, specifically as follows:
the login request information further comprises first system identification information and second system identification information.
The login request information may further include first system identification information and second system identification information for uniquely identifying the first system and the second system, respectively.
S1011: and detecting whether the user successfully logs in the first system or not based on the first system identification information and the first equipment identification information.
The server detects whether the user of the first terminal successfully logs in the first system or not based on the first system identification information and the first equipment identification information. Specifically, the server may search, according to the first system identification information, a verification manner corresponding to the first system identification information, and initiate, through the verification manner, a verification request to the first terminal corresponding to the first device identification information; the authentication request is used for indicating the first terminal to detect whether the user successfully logs in the first system. The server may also send a login status verification request to the first terminal based on the first device identification information, where the login status verification request is used to obtain a current login status of the first system user of the first terminal, and when receiving the login status verification request, the first terminal obtains the current login status of the first system user, and returns the current login status of the user to the server. For example, the login status of the user may be that the user succeeded on the first system, that the user did not login on the first system, and so on.
Further, in order to accurately and quickly determine whether the user successfully logs into the first system, S1011 may include S10111-S10112, as follows:
s10111: and acquiring a first verification mode corresponding to the first system based on the first system identification information.
The server stores a first verification mode corresponding to the first system identification information in advance, and the first verification mode is set for the first system by a user in advance. The first verification means may be a Software Development Kit (SDK) or a request interface. The server searches for a first verification mode corresponding to the first system identification information according to the first system identification information, which is equivalent to searching for the first verification mode corresponding to the first system.
S10112: initiating a verification request to a first terminal corresponding to the first equipment identification information through the first verification mode, and acquiring a verification result; and the verification result is used for indicating whether the user successfully logs in the first system.
And the server initiates a verification request to the first terminal corresponding to the first equipment identification information through a first verification mode. For example, when the first authentication manner is a request interface, the server initiates an authentication request to the first terminal corresponding to the first device identifier through the request interface, and obtains an authentication result based on the authentication request, where the authentication result is used to indicate whether the user successfully logs in the first system. When the first authentication mode is the SDK, the server may invoke the SDK that is pre-accessed to the first terminal, and initiate an authentication request to the first terminal corresponding to the first device identification information based on the SDK. And when receiving the verification request, the first terminal judges whether the user successfully logs in the first system at present, and returns a corresponding verification result to the server, wherein the verification result is used for indicating whether the user successfully logs in the first system.
Specifically, when receiving an authentication request or an SDK sent by a server, a first terminal obtains a login state of a user of a first system, and generates an authentication result according to a current login state of the user, where the authentication result may be that the user successfully logs in the first system or that the user does not successfully log in the first system. The first terminal sends the verification result to the server, and the server receives the verification result sent by the first terminal.
Further, according to different execution results of S10112, after S10112, the method may further include: when the verification result is that the user successfully logs in the first system, the user identity information and the second system identification information are executed, and whether the user has the authority to log in the second system is detected; or when the verification result is that the user does not successfully log in the first system, acquiring a link corresponding to the second system login interface, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
Specifically, when the authentication result obtained by the server is that the user successfully logs in the first system, the authentication mode corresponding to the second system identification information can be searched according to the second system identification information, and the user identity information is sent to the device corresponding to the second device identification information through the authentication mode; the user identity information is used for indicating the equipment to detect whether the user has the authority to log in the second system. The server may also pre-store a plurality of user identity information which can be used for logging in the second system, search, by the server, whether the information matched with the user identity information exists according to the user identity information of the user, and when the information matched with the user identity information is searched, consider that the user has the right to log in the second system; and when all the stored user identity information is traversed and the information matched with the user identity information is not found, the user is considered to have no authority to log in the second system.
And when the verification result acquired by the server indicates that the user does not successfully log in the first system, the server acquires a link corresponding to a login interface of the second system, and transmits the link to the first terminal based on the first equipment identification information. The link is used for logging in the second system by the user, and can be understood as a normal login link, that is, the user can log in the second system only by using information such as an account number and a password corresponding to the second system. The identity of the user is illegal, namely the user does not have the authority to log in the second system, at the moment, the server sends a link corresponding to a login interface of the second system to the first terminal based on the first equipment identification information, the first terminal opens the link and displays an interactive interface corresponding to the link after receiving the link, and the user can input information such as an account number, a password and the like corresponding to the second system in the interactive interface to log in the second system.
Further, when the authentication result obtained by the server is that the user does not successfully log in the first system, the server may further generate a prompt message in order to prompt the user in time. Specifically, the server generates prompt information when determining that the user does not successfully log in the first system; and sending the prompt message to the first terminal based on the first equipment identification information. The prompt message is used for prompting the user to log in the first system again. For example, the prompt message may be: the system is not successfully logged in, please log in again, login failure, please log in again, etc., which are only exemplary and not limiting. The first terminal can display the prompt information on a display interface of the first system, and the user can log in the first system again after seeing the prompt information.
S1012: when the detection result is that the user successfully logs in the first system, whether the user has the authority to log in the second system is detected based on the user identity information and the second system identification information, wherein when the user has the authority to log in the second system, the identity of the user is judged to be legal; and when the user does not have the right to log in the second system, judging that the identity of the user is illegal.
And when the detection result is that the user successfully logs in the first system, detecting whether the user has the authority to log in the second system or not based on the user identity information and the second system identification information. Specifically, when the server determines that the user successfully logs in the first system, the server may search for a verification mode corresponding to the second system identification information according to the second system identification information, and send user identity information to the device corresponding to the second device identification information through the verification mode; the user identity information is used for indicating the equipment to detect whether the user has the authority to log in the second system. The server may also pre-store a plurality of user identity information which can be used for logging in the second system, search, by the server, whether the information matched with the user identity information exists according to the user identity information of the user, and when the information matched with the user identity information is searched, consider that the user has the right to log in the second system; and when all the stored user identity information is traversed and the information matched with the user identity information is not found, the user is considered to have no authority to log in the second system.
When the user has the right to log in the second system, the server judges that the identity of the user is legal. Specifically, when the server finds the information matched with the user identity information, the server considers that the user has the authority to log in the second system, and then judges that the identity of the user is legal. Or, the device corresponding to the second device identification information returns a verification result to the server, and the server determines whether the user has the right to log in the second system according to the returned verification result, thereby determining whether the identity of the user is legal. For example, when the server receives the returned verification result that the verification is passed, the server determines that the user has the authority to log in the second system, and further determines that the identity of the user is legal.
When the user does not have the right to log in the second system, the server judges that the identity of the user is illegal. Specifically, when the server does not find the information matched with the user identity information, the server considers that the user does not have the right to log in the second system, and then judges that the user identity is illegal. Or, the device corresponding to the second device identification information returns a verification result to the server, and the server determines whether the user has the right to log in the second system according to the returned verification result, thereby determining whether the identity of the user is legal. For example, when the server receives the returned verification result that the verification fails, it is determined that the user does not have the right to log in the second system, and the identity of the user is determined to be illegal.
Further, in order to accurately and quickly determine whether the user has the right to log in the second system, S1012 may include S10121-S10122, as follows:
s10121: and acquiring a second verification mode corresponding to the second system and second equipment identification information of equipment for providing service for the second system based on the second system identification information.
The server stores a second verification mode corresponding to the second system identification information in advance, and the second verification mode is set for the second system by the user in advance. The second verification means may be a software development kit SDK or a request interface. The server searches a second verification mode corresponding to the second system identification information according to the second system identification information, which is equivalent to the second verification mode corresponding to the second system. The server obtains second device identification information of a device that provides a service for the second system, where the second device identification information is used to identify the device, and the device that provides a service for the second system may be a server or a terminal, which is not limited to this.
S10122: sending the user identity information to equipment corresponding to the second equipment identification information in the second verification mode; the user identity information is used for triggering the equipment to verify whether the user has the authority to log in the second system.
And the server sends the user identity information to the equipment corresponding to the second equipment identification information in a second verification mode. For example, when the second authentication manner is a request interface, the server sends user identity information to the device corresponding to the second device identification information through the request interface, where the user identity information is used to trigger the device to authenticate whether the user has the right to log in the second system. And when the second authentication mode is the SDK, the server authenticates whether the user has the authority to log in the second system by calling the SDK accessed in advance.
S102: and when the verification result shows that the identity of the user is legal, logging in the second system based on the user identity information.
And logging in the second system based on the user identity information when the verification result is that the identity of the user is legal. Specifically, when the identity of the user is legal, the user is equivalent to have authority to log in the second system, and the user identity information of the user can be used for logging in the second system.
S103: when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
And when the second system is successfully logged in, acquiring interface information of the quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information. Specifically, when the user successfully logs in the second system based on the user identity information of the user, the server obtains interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sends the interface information to the first terminal based on the first device identification information. The interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system. Namely, when the first terminal receives the interface information of the quick access interface, the first terminal jumps from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system. For a user, the user wants to log in the second system through the first system, only needs to log in the first system successfully, namely, inputs an account and a password corresponding to the first system, the login interface of the first system jumps to an interactive interface corresponding to the second system after the login is successful, and the user does not need to input information such as the account and the password corresponding to the second system.
According to the embodiment of the application, when the server detects login request information which is triggered by the first terminal through the first system and used for requesting to login the second system, whether the identity of a user of the first terminal is legal or not is verified based on the login request information; when the verification result is that the identity of the user is legal, logging in a second system based on the identity information of the user; and when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information to the first terminal based on the first equipment identification information. The interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system. By the method, the code of the accessed system does not need to be changed, and the user can access other systems only by logging in the current system, so that the workload of developers is reduced, and the safety of the accessed system is improved.
Referring to fig. 2, fig. 2 is a schematic flowchart of a method for logging in a system according to another embodiment of the present invention. The main execution body of the method for logging in the system in the embodiment is a device for logging in the system, and the device includes, but is not limited to, a server.
The difference between this embodiment and the previous embodiment is S203, where S201, S202, and S204 in this embodiment are completely the same as S101 to S103 in the previous embodiment, and reference is specifically made to the description related to S101 to S103 in the previous embodiment, which is not repeated herein. It should be noted that S202 and S203 in this embodiment are parallel, and instead of executing S203 after S202, S202 or S203 is selected and executed according to a different execution result of S201, and after S202 is executed, S204 is continuously executed. The actual implementation process is not limited to this.
Further, when the identity of the user is illegal, in order to ensure that the user successfully logs in the second system, S203 may be further included after S201, specifically as follows:
s203: when the verification result is that the identity of the user is illegal, acquiring a link corresponding to the second system login interface, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
And when the verification result is that the identity of the user is illegal, the server acquires a link corresponding to the login interface of the second system, and sends the link to the first terminal based on the first equipment identification information. The link is used for logging in the second system by the user, and can be understood as a normal login link, that is, the user can log in the second system only by using information such as an account number and a password corresponding to the second system. The identity of the user is illegal, namely the user does not have the authority to log in the second system, at the moment, the server sends a link corresponding to a login interface of the second system to the first terminal based on the first equipment identification information, the first terminal opens the link and displays an interactive interface corresponding to the link after receiving the link, and the user can input information such as an account number, a password and the like corresponding to the second system in the interactive interface to log in the second system.
According to the embodiment of the application, when the server detects login request information which is triggered by the first terminal through the first system and used for requesting to login the second system, whether the identity of a user of the first terminal is legal or not is verified based on the login request information; when the verification result is that the identity of the user is legal, logging in a second system based on the identity information of the user; and when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information to the first terminal based on the first equipment identification information. The interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system. By the method, the code of the accessed system does not need to be changed, and the user can access other systems only by logging in the current system, so that the workload of developers is reduced, and the safety of the accessed system is improved.
Referring to fig. 3, fig. 3 is a schematic diagram of a device for logging in a system according to an embodiment of the present application. The terminal includes units for executing the steps in the embodiments corresponding to fig. 1 and fig. 2. Please refer to fig. 1 and fig. 2 for the corresponding embodiments. For convenience of explanation, only the portions related to the present embodiment are shown. Referring to fig. 3, comprising:
a checking unit 310, configured to, when it is detected that a first terminal passes login request information triggered by a first system and used for requesting to login to a second system, check whether an identity of a user of the first terminal is legal based on the login request information; the login request information comprises first equipment identification information and user identity information of the first terminal;
a login unit 320, configured to log in the second system based on the user identity information when the verification result indicates that the identity of the user is legal;
a sending unit 330, configured to, when the second system is successfully logged in, obtain interface information of a quick access interface, corresponding to the first terminal, for accessing the second system, and send the interface information of the quick access interface to the first terminal based on the first device identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
The login request information further comprises first system identification information and second system identification information.
Further, the verification unit 310 specifically includes:
a first detecting unit, configured to detect whether the user successfully logs in the first system based on the first system identification information and the first device identification information;
the second detection unit is used for detecting whether the user has the authority to log in the second system or not based on the user identity information and the second system identification information when the detection result indicates that the user successfully logs in the first system;
the judging unit is used for judging that the identity of the user is legal when the user has the authority to log in the second system; and when the user does not have the right to log in the second system, judging that the identity of the user is illegal.
Further, the apparatus further comprises:
the generating unit is used for generating prompt information when the detection result indicates that the user does not successfully log in the first system;
an information sending unit, configured to send the prompt information to the first terminal based on the first device identification information; the prompt message is used for prompting the user to log in the first system again.
Further, the first detection unit is specifically configured to:
acquiring a first verification mode corresponding to the first system based on the first system identification information;
initiating a verification request to a first terminal corresponding to the first equipment identification information through the first verification mode, and acquiring a verification result; and the verification result is used for indicating whether the user successfully logs in the first system.
Further, when the verification result indicates that the user successfully logs in the first system, the second detecting unit is specifically configured to detect whether the user has the right to log in the second system based on the user identity information and the second system identification information;
the apparatus further comprises: the link obtaining unit is used for obtaining a link corresponding to the login interface of the second system when the verification result shows that the user does not successfully log in the first system, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
Further, the second detection unit is specifically configured to:
acquiring a second verification mode corresponding to the second system and second equipment identification information of equipment for providing service for the second system based on the second system identification information;
sending the user identity information to equipment corresponding to the second equipment identification information in the second verification mode; the user identity information is used for triggering the equipment to verify whether the user has the authority to log in the second system.
Further, the apparatus further comprises:
and the link sending unit is used for acquiring the link corresponding to the second system login interface when the verification result is that the identity of the user is illegal, and sending the link to the first terminal based on the first equipment identification information.
Referring to fig. 4, fig. 4 is a schematic diagram of a device for logging in a system according to another embodiment of the present application. As shown in fig. 4, the apparatus 4 of this embodiment includes: a processor 40, a memory 41, and computer readable instructions 42 stored in the memory 41 and executable on the processor 40. The processor 40, when executing the computer readable instructions 42, implements the steps in the above-described method embodiments of the device log-in system, such as S101 to S103 shown in fig. 1. Alternatively, the processor 40, when executing the computer readable instructions 42, implements the functions of the units in the embodiments described above, such as the functions of the units 310 to 330 shown in fig. 3.
Illustratively, the computer readable instructions 42 may be divided into one or more units, which are stored in the memory 41 and executed by the processor 40 to accomplish the present application. The one or more elements may be a series of computer readable instruction segments capable of performing certain functions, which are used to describe the execution of the computer readable instructions 42 in the terminal 4. For example, the computer readable instructions 42 may be a verification unit, a login unit, and a sending unit, each of which functions as described above.
The apparatus may include, but is not limited to, a processor 40, a memory 41. Those skilled in the art will appreciate that fig. 4 is merely an example of a device 4 and does not constitute a limitation of device 4 and may include more or fewer components than shown, or some components in combination, or different components, e.g., the device may also include input output devices, network access devices, buses, etc.
The Processor 40 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 41 may be an internal storage unit of the device 4, such as a hard disk or a memory of the device 4. The memory 41 may also be an external storage device of the device 4, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the device 4. Further, the memory 41 may also include both an internal storage unit and an external storage device of the device 4. The memory 41 is used to store the computer readable instructions and other programs and data required by the device. The memory 41 may also be used to temporarily store data that has been output or is to be output.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not cause the essential features of the corresponding technical solutions to depart from the spirit scope of the technical solutions of the embodiments of the present application, and are intended to be included within the scope of the present application.
Claims (10)
1. A method of logging into a system, comprising:
when login request information which is triggered by a first system and used for requesting to login a second system is detected, the identity of a user of the first terminal is verified to be legal or not based on the login request information; the login request information comprises first equipment identification information and user identity information of the first terminal;
when the verification result is that the identity of the user is legal, logging in the second system based on the identity information of the user;
when the second system is successfully logged in, acquiring interface information of a quick access interface corresponding to the first terminal and used for accessing the second system, and sending the interface information of the quick access interface to the first terminal based on the first equipment identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
2. The method of claim 1, wherein the login request information further includes first system identification information and second system identification information, and the verifying whether the identity of the user of the first terminal is legal based on the login request information when the login request information for requesting to login to the second system, which is triggered by the first terminal through the first system, is detected comprises:
detecting whether the user successfully logs in the first system or not based on the first system identification information and the first equipment identification information;
when the detection result is that the user successfully logs in the first system, whether the user has the authority to log in the second system is detected based on the user identity information and the second system identification information;
when the user has the authority to log in the second system, judging that the identity of the user is legal; and when the user does not have the right to log in the second system, judging that the identity of the user is illegal.
3. The method of claim 2, wherein after detecting whether the user successfully logs in to the first system based on the first system identification information and the first device identification information, further comprising:
when the detection result is that the user does not successfully log in the first system, prompt information is generated;
sending the prompt message to the first terminal based on the first equipment identification information; the prompt message is used for prompting the user to log in the first system again.
4. The method of claim 2, wherein said detecting whether the user successfully logged into the first system based on the first system identification information and the first device identification information comprises:
acquiring a first verification mode corresponding to the first system based on the first system identification information;
initiating a verification request to a first terminal corresponding to the first equipment identification information through the first verification mode, and acquiring a verification result; and the verification result is used for indicating whether the user successfully logs in the first system.
5. The method of claim 4, wherein the initiating a verification request to the first terminal corresponding to the first device identification information through the first verification manner further includes, after obtaining a verification result:
when the verification result is that the user successfully logs in the first system, the user identity information and the second system identification information are executed, and whether the user has the authority to log in the second system is detected; alternatively, the first and second electrodes may be,
when the verification result is that the user does not successfully log in the first system, acquiring a link corresponding to a login interface of the second system, and sending the link to the first terminal based on the first equipment identification information; the link is used for the user to log in to the second system.
6. The method of claim 2, wherein the detecting whether the user has the right to log in to the second system based on the user identity information and the second system identification information when the detection result is that the user successfully logs in to the first system comprises:
acquiring a second verification mode corresponding to the second system and second equipment identification information of equipment for providing service for the second system based on the second system identification information;
sending the user identity information to equipment corresponding to the second equipment identification information in the second verification mode; the user identity information is used for triggering the equipment to verify whether the user has the authority to log in the second system.
7. The method according to any one of claims 1 to 6, wherein, when detecting login request information for requesting to login to a second system, which is triggered by the first terminal through the first system, and after checking whether the identity of the user of the first terminal is legal based on the login request information, the method further comprises:
and when the verification result is that the identity of the user is illegal, acquiring a link corresponding to the login interface of the second system, and sending the link to the first terminal based on the first equipment identification information.
8. An apparatus for logging into a system, comprising:
the verification unit is used for verifying whether the identity of a user of the first terminal is legal or not based on login request information when the login request information which is triggered by the first terminal through the first system and used for requesting to login a second system is detected; the login request information comprises first equipment identification information and user identity information of the first terminal;
the login unit is used for logging in the second system based on the user identity information when the verification result shows that the identity of the user is legal;
a sending unit, configured to, when successfully logging in the second system, obtain interface information of a quick access interface, corresponding to the first terminal, for accessing the second system, and send the interface information of the quick access interface to the first terminal based on the first device identification information; and the interface information of the quick access interface is used for indicating the first terminal to jump from the login interface of the first system to the corresponding interactive interface after the first terminal successfully logs in the second system.
9. An apparatus for logging into a system, comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911080252.9A CN111259368A (en) | 2019-11-07 | 2019-11-07 | Method and equipment for logging in system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911080252.9A CN111259368A (en) | 2019-11-07 | 2019-11-07 | Method and equipment for logging in system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111259368A true CN111259368A (en) | 2020-06-09 |
Family
ID=70953827
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911080252.9A Pending CN111259368A (en) | 2019-11-07 | 2019-11-07 | Method and equipment for logging in system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111259368A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111832001A (en) * | 2020-07-20 | 2020-10-27 | 国家信息中心 | Identity management method and identity management system based on block chain |
| CN112087425A (en) * | 2020-07-30 | 2020-12-15 | 山东浪潮通软信息科技有限公司 | Login method, equipment and medium of ERP software system |
| CN112637167A (en) * | 2020-12-15 | 2021-04-09 | 平安资产管理有限责任公司 | System login method and device, computer equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104270391A (en) * | 2014-10-24 | 2015-01-07 | 中国建设银行股份有限公司 | Method and device for processing access request |
| CN105072133A (en) * | 2015-08-28 | 2015-11-18 | 北京金山安全软件有限公司 | Login method and device for application program |
| CN105282126A (en) * | 2014-07-24 | 2016-01-27 | 腾讯科技(北京)有限公司 | Login authentication method, terminal and server |
| CN106790252A (en) * | 2017-01-24 | 2017-05-31 | 北京奇虎科技有限公司 | Log-on message sharing method and device |
| CN107294917A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | One kind trusts login method and device |
| CN107645486A (en) * | 2016-12-28 | 2018-01-30 | 平安科技(深圳)有限公司 | Login authentication method and device |
-
2019
- 2019-11-07 CN CN201911080252.9A patent/CN111259368A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105282126A (en) * | 2014-07-24 | 2016-01-27 | 腾讯科技(北京)有限公司 | Login authentication method, terminal and server |
| CN104270391A (en) * | 2014-10-24 | 2015-01-07 | 中国建设银行股份有限公司 | Method and device for processing access request |
| CN105072133A (en) * | 2015-08-28 | 2015-11-18 | 北京金山安全软件有限公司 | Login method and device for application program |
| CN107294917A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | One kind trusts login method and device |
| CN107645486A (en) * | 2016-12-28 | 2018-01-30 | 平安科技(深圳)有限公司 | Login authentication method and device |
| CN106790252A (en) * | 2017-01-24 | 2017-05-31 | 北京奇虎科技有限公司 | Log-on message sharing method and device |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111832001A (en) * | 2020-07-20 | 2020-10-27 | 国家信息中心 | Identity management method and identity management system based on block chain |
| CN111832001B (en) * | 2020-07-20 | 2024-05-24 | 国家信息中心 | Identity management method and identity management system based on block chain |
| CN112087425A (en) * | 2020-07-30 | 2020-12-15 | 山东浪潮通软信息科技有限公司 | Login method, equipment and medium of ERP software system |
| CN112087425B (en) * | 2020-07-30 | 2022-11-29 | 浪潮通用软件有限公司 | Login method, equipment and medium of ERP software system |
| CN112637167A (en) * | 2020-12-15 | 2021-04-09 | 平安资产管理有限责任公司 | System login method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9525684B1 (en) | Device-specific tokens for authentication | |
| US10212151B2 (en) | Method for operating a designated service, service unlocking method, and terminal | |
| CN105591743B (en) | Method and device for identity authentication through equipment operation characteristics of user terminal | |
| US9934310B2 (en) | Determining repeat website users via browser uniqueness tracking | |
| US9225744B1 (en) | Constrained credentialed impersonation | |
| US11418499B2 (en) | Password security | |
| KR20150036104A (en) | Method, client, server and system of login verification | |
| CN110365684B (en) | Access control method and device for application cluster and electronic equipment | |
| US20160381001A1 (en) | Method and apparatus for identity authentication between systems | |
| WO2015090042A1 (en) | A validity verification method and intermediate server | |
| CN111262889A (en) | Authority authentication method, device, equipment and medium for cloud service | |
| CN111259368A (en) | Method and equipment for logging in system | |
| CN107241329B (en) | Account login processing method and device | |
| CN112491776B (en) | Security authentication method and related equipment | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| CN111783049A (en) | User information processing method and system based on block chain | |
| CN110601832A (en) | Data access method and device | |
| CN115695012A (en) | Login request processing method and device, electronic equipment and storage medium | |
| US20180039771A1 (en) | Method of and server for authorizing execution of an application on an electronic device | |
| CN110647736A (en) | Plug-in agent system login method and device, computer equipment and storage medium | |
| CN113761498A (en) | Third party login information hosting method, system, equipment and storage medium | |
| CN111355583B (en) | Service providing system, method, device, electronic equipment and storage medium | |
| CN111371811A (en) | Resource calling method, resource calling device, client and service server | |
| CN116015824A (en) | Unified authentication method, equipment and medium for platform | |
| CN112528286B (en) | Terminal equipment safety detection method, associated equipment and computer program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200609 |