CN111935151A - Cross-domain unified login method and device - Google Patents
Cross-domain unified login method and device Download PDFInfo
- Publication number
- CN111935151A CN111935151A CN202010801933.6A CN202010801933A CN111935151A CN 111935151 A CN111935151 A CN 111935151A CN 202010801933 A CN202010801933 A CN 202010801933A CN 111935151 A CN111935151 A CN 111935151A
- Authority
- CN
- China
- Prior art keywords
- login
- unique identification
- identification code
- information
- domain names
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Abstract
The invention discloses a cross-domain unified login method and a device, and the method comprises the following steps: receiving a login request of a user for accessing a preset website; the login request comprises login information; obtaining cookie information of a preset website, and judging whether a user successfully logs in by adopting the cookie information; when the user does not successfully log in, log in the information and verify; when the verification is passed, generating a unique identification code of a preset website; traversing a plurality of second-level domain names, and generating a redirection address based on the second-level domain names and the unique identification code; redirecting the login request to each redirection address in sequence, and setting a unique identification code in a cookie of a secondary domain name of the redirection address; and after traversing the plurality of second-level domain names, redirecting the login information to a preset website to complete login. By the method and the system, even if the website application needs to be upgraded and maintained so that the all-weather normal operation cannot be achieved, login-free access to the website can be realized.
Description
Technical Field
The invention relates to the technical field of cross-domain login, in particular to a cross-domain unified login method and a cross-domain unified login device.
Background
With the rapid development of company activity business, the application systems of each business block tend to be segmented at higher fine granularity. Thus, more and more domain names are used. When a user accesses different websites, login operation is often required to achieve access to the websites.
In the prior art, the situation that a user needs to log in repeatedly when accessing different websites is avoided mainly by cross-domain unified login, and the user experience of the websites is improved.
The current cross-domain unified login scheme is mainly characterized in that a user logs in a pass system, then the pass system directly accesses an interface of each website, and sets cookie, and when the user accesses other websites again, the cookie is acquired and is checked to be logged in the pass system, so that unified login is realized.
However, when a website application needs to be upgraded and maintained so as not to achieve all-weather normal operation, it may happen that login-free access of the website is missed at the time of login.
Disclosure of Invention
The invention provides a cross-domain unified login method and a cross-domain unified login device, which are used for solving the technical problem that login-free access of a website is omitted during login when the website application in the prior art needs to be upgraded and maintained so that all-weather normal operation cannot be achieved.
The invention provides a cross-domain unified login method which is applied to a unified login system, wherein a plurality of second-level domain names are registered in the unified login system; the method comprises the following steps:
receiving a login request of a user for accessing a preset website; the login request comprises login information;
obtaining cookie information of the preset website, and judging whether the user successfully logs in by adopting the cookie information;
when the user does not log in successfully, log in verification is carried out on the login information;
when the verification is passed, generating a unique identification code of the preset website;
traversing a plurality of the secondary domain names, and generating a redirection address based on the secondary domain names and the unique identification code;
redirecting the login request to each redirection address in sequence, and setting the unique identification code in a cookie of a secondary domain name of the redirection address;
and after traversing the plurality of second-level domain names, redirecting the login information to the preset website for login.
Optionally, the step of obtaining cookie information of the preset website and determining whether the user successfully logs in by using the cookie information includes:
acquiring cookie information of the preset website, and judging whether the cookie information contains a logged unique identification code of the preset website;
and if the logged unique identification code of the preset website does not exist in the cookie information, judging that the user does not log in successfully.
Optionally, the method further comprises:
and if the logged unique identification code of the preset website exists in the cookie information and user session information corresponding to the logged unique identification code exists in preset session storage service, judging that the login is successful.
Optionally, the step of generating the unique identification code of the preset website when the verification is passed includes:
and when the verification is passed, acquiring a current system time stamp, encrypting the current system time stamp and the login information, and generating the unique identification code of the preset website.
Optionally, after the step of generating the unique identification code of the preset website when the verification passes, the method further includes:
saving the unique identification code in the session storage service.
Optionally, the step of traversing a plurality of the secondary domain names and generating a redirection address based on the secondary domain names and the unique identification code includes:
traversing a plurality of second-level domain names, and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and sequentially splicing the unique identification code in each third-level domain name to generate a redirection address.
The invention provides a cross-domain unified login device which is applied to a unified login system, wherein a plurality of second-level domain names are registered in the unified login system; the device comprises:
the login request receiving module is used for receiving a login request of a user for accessing a preset website; the login request comprises login information;
the judging module is used for acquiring cookie information of the preset website and judging whether the user successfully logs in by adopting the cookie information;
the login verification module is used for performing login verification on the login information when the user does not successfully log in;
the unique identification code generating module is used for generating the unique identification code of the preset website when the verification is passed;
the redirection address generation module is used for traversing the secondary domain names and generating redirection addresses based on the secondary domain names and the unique identification codes;
the unique identification code setting module is used for redirecting the login request to each redirection address in sequence and setting the unique identification code in a cookie of a secondary domain name of the redirection address;
and the redirection module is used for redirecting the login information to the preset website for login after the traversal of the plurality of second-level domain names is finished.
Optionally, the determining module includes:
the judgment submodule is used for acquiring cookie information of the preset website and judging whether the cookie information contains the logged unique identification code of the preset website;
and the login failure determination submodule is used for determining that the user is not successfully logged in if the logged-in unique identification code of the preset website does not exist in the cookie information.
Optionally, the determining module further includes:
and the login success judging submodule is used for judging that the login is successful if the logged-in unique identification code of the preset website exists in the cookie information and user session information corresponding to the logged-in unique identification code exists in the preset session storage service.
Optionally, the unique identification code generating module includes:
and the unique identification code generation submodule is used for acquiring a current system time stamp when the verification is passed, encrypting the current system time stamp and the login information and generating the unique identification code of the preset website.
Optionally, the method further comprises:
and the storage module is used for storing the unique identification code in the session storage service.
Optionally, the redirection address generating module includes:
the third-level domain name generation sub-module is used for traversing a plurality of second-level domain names and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and the redirection address generation submodule is used for sequentially splicing the unique identification code in each three-level domain name to generate a redirection address.
The electronic device provided by the invention comprises a memory and a processor, wherein the memory stores a computer program, and when the computer program is executed by the processor, the processor executes the steps of the cross-domain unified login method.
The invention provides a computer readable storage medium, on which a computer program is stored, which, when executed by the processor, implements a cross-domain unified login method as described in any one of the above.
According to the technical scheme, the invention has the following advantages: the method comprises the steps of generating a unique identification code of a preset website when the preset website is logged in for the first time, generating redirection addresses based on the unique identification code and a secondary domain name, and setting the unique identification code in a cookie of the secondary domain name when a login request is redirected to each redirection address. Because the address pointed by each redirection is a unified login system, and cookie is set for the second-level domain name of the current request domain name once during each redirection, the purpose of cross-domain unified login of the website corresponding to the third-level domain name without sense can be realized based on the principle that the lower-level domain name can share the cookie of the upper-level domain name. Because the invention does not actually access the website corresponding to the third-level domain name, even if the website application needs upgrading maintenance so as not to achieve all-weather normal operation, the login-free access of the website can be realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without inventive exercise.
Fig. 1 is a flowchart illustrating steps of a cross-domain unified login method according to an embodiment of the present invention;
fig. 2 is a flowchart of a step of determining whether a user successfully logs in according to an embodiment of the present invention;
FIG. 3 is a flowchart of authorizing login via a third party platform according to an embodiment of the present invention;
fig. 4 is a flowchart illustrating steps of generating a redirection address according to an embodiment of the present invention;
fig. 5 is a flowchart of redirection login according to an embodiment of the present invention;
fig. 6 is a flowchart of a cross-domain unified login method according to an embodiment of the present invention;
fig. 7 is a block diagram of a cross-domain unified login apparatus according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a cross-domain unified login method and a cross-domain unified login device, which are used for solving the technical problem that login-free access of a website is omitted during login when the website application in the prior art needs to be upgraded and maintained so that all-weather normal operation cannot be achieved.
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the embodiments described below are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart illustrating steps of a cross-domain unified login method according to an embodiment of the present invention.
The invention provides a cross-domain unified login method, which is applied to a unified login system, wherein a plurality of second-level domain names are registered in the unified login system; the method comprises the following steps:
in the embodiment of the invention, when a user accesses a preset website, a login request is generated by filling in login information (comprising a user name, a password and authentication code information), a login address of the website is clicked, the unified login system can be skipped to, and a browser submits the login information and cookie information filled in by the user to the unified login system.
and after receiving the login information submitted by the user, the unified login system can judge whether the user successfully logs in the website according to the cookie information.
In one example, referring to fig. 2, step 102 may include the following sub-steps:
s11, acquiring cookie information of the preset website, and judging whether the cookie information contains the unique identification code of the preset website;
and S12, if the logged unique identification code of the preset website does not exist in the cookie information, determining that the user has not logged in successfully.
And S13, if the logged unique identification code of the preset website exists in the cookie information and the user session information corresponding to the logged unique identification code exists in the preset session storage service, judging that the login is successful.
Specifically, after receiving login information submitted by a user, the unified login system first checks whether a registered unique identification code (common _ session _ id) exists in cookie information of a preset website, and if the registered unique identification code exists in the cookie information of the preset website and session information corresponding to the registered unique identification code exists in session storage service, it is determined that the user successfully logs in, and at this time, corresponding website information may be directly returned to the user. If not, the user is considered not logged in.
103, when the user does not log in successfully, performing login verification on the login information;
in the embodiment of the invention, login verification can be carried out according to three methods of authorized login, mobile phone number login and account password login of the third-party platform, and whether login information is correct or not is judged.
Taking the third-party platform authorized login as an example, the third-party platform (such as a wechat public number, a wechat applet, a pay pal, a hundredth applet, and the like) authorized login supports the OAuth2.0 authorization standard, OAuth (open authorization) is a standard protocol of the internet, and OAuth2.0 is a continuation version of the OAuth protocol. OAuth allows users to authorize third-party websites or applications, access resources that the user stores on other websites, without the need to provide the third-party websites with usernames and passwords or share the content of their data.
The specific process is shown in fig. 3, and includes:
a. and the user selects a third-party platform to authorize login at a website, a mobile phone APP, an enterprise application and the like, and the unified login system requests authorization from a resource owner of the third-party platform.
b. The resource owner of the third party platform agrees to the authorization and redirects to the previously specified address, while appending an authorization code, i.e., token.
c. And the unified login system acquires the access token from the authorization server of the third-party platform according to the authorization code returned by the resource owner.
d. And the authorization server of the third-party platform returns an access token, namely an access token, to the unified login system and refreshes the access token.
e. The unified login system obtains the protected resource from the resource server of the third party platform through the access token.
f. The third party platform returns the corresponding resource (third party platform ID, avatar, nickname, etc.). And meanwhile, the unified login system binds and maps the user account (if a new user generates a new user account) and the platform ID returned by the third-party platform, so as to complete authorization verification.
Taking the login verification of the mobile phone number as an example, the verification process specifically comprises the following steps:
a1, selecting a mobile phone number for login and verification by a user at a website, a mobile phone APP, an enterprise application and the like, and inputting the mobile phone number.
b1, the unified login system verifies whether the format of the mobile phone number is correct, such as whether the mobile phone number is composed of numbers with preset length.
c1, when the format of the mobile phone number is verified to be correct, generating a verification code, and sending a short message verification code to the mobile phone bound with the mobile phone number.
d1, inputting the short message verification code by the user.
e1, the unified login system judges whether the verification code is correct, if so, the login information is judged to pass the login verification.
f1, the unified login system binds and maps the user account (if the new user generates a new user account) and the mobile phone number.
Taking account password login authentication as an example, the authentication process may specifically include the following steps:
a2, selecting an account password for login verification by a user at a website, a mobile phone APP, an enterprise application and the like, and inputting the account password.
b2, after the unified login system receives the account password, performing MD5 encryption on the account password, then inquiring whether a user consistent with the account password filled by the user exists in the unified login system, and if so, judging that the user passes the verification.
104, when the verification is passed, generating a unique identification code of a preset website;
in the embodiment of the invention, when the login information passes the login verification, the IP and the account ID of the user can be acquired from the login information, and the MD5 encryption is carried out by combining the current system timestamp to be used as the unique identification code of the user for the login.
MD5 is a widely used cryptographic hash function that generates a 128-bit (16-byte) hash value to ensure that the information transfer is complete and consistent.
Further, after the unique identification code of the user login is generated, the unique identification code needs to be stored in the session storage service for login-free verification when the website is accessed next time.
in the embodiment of the invention, a plurality of second-level domain names are registered in the unified login system. After the unique identification code of the user for logging in at this time is generated, all the second-level domain names in the unified login system can be traversed, and the redirection address is generated based on the second-level domain names and the unique identification code.
In one example, as shown in fig. 4, step 105 may include the following sub-steps:
s21, traversing a plurality of second-level domain names, and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and S22, sequentially splicing the unique identification code in each tertiary domain name to generate a redirection address.
Specifically, in the embodiment of the present invention, after the unique identification code of the user login at this time is generated, the second-level domain name registered in the unified login system may be circularly traversed, and a "passport" is spliced in the second-level domain name to form a third-level domain name, and at the same time, the unique identification code of the user login at this time is spliced to form an access address to be redirected.
In one example, the formed redirect address may be as follows:
http://passport.pconline.com.cn/passport3/c?s=F2DD2BBFC93AEB370C4885A9EF4B7F9050F98349BB149AF913863DFC1B50CB28812F6BF71F5110A3&u=mb49640359&auto=90&r=http://passport.pcauto.com.cn/passport3/c?s=&r=http://passport.pcbaby.com.cn/passport3/c?s=&r=http://passport3.pchouse.com.cn/passport3/c?s=&r=。
and step 107, after traversing of the plurality of second-level domain names is finished, redirecting the login information to a preset website for login.
In the embodiment of the invention, after the redirection address is formed, the access of the login request is redirected to the redirection address, after the target address receives the request, the user unique identification code in the received request parameter is set into the cookie of the secondary domain name and is used as the user unique identification code of the next redirection request, and the user unique identification code is transmitted to the following requests in sequence; and then redirecting the request to the next address, and so on until all the registered second-level domain names finish accessing.
Taking the registered website corresponding to the second-level domain name in the unified login system as an example, including a computer network, a car network, a parent subnet and a home network, the redirection address for each time is shown in table 1:
TABLE 1
In the embodiment of the invention, the address pointed by each redirection is a uniform login system, and a cookie is set for the secondary domain name of the current request domain name each time a redirection request is received. According to the principle that the lower-level domain name of the browser can share the cookie of the upper-level domain name, the three-level domain name corresponding to the second-level domain name shares the cookie information, namely all websites corresponding to the three-level domain name share the cookie, so that the purpose of cross-domain unified login of a target website without senses is achieved.
For ease of understanding, the flow of redirection registration according to the embodiment of the present invention is described based on the redirection address in table 1. Referring to fig. 5, fig. 5 is a flowchart of redirection login according to an embodiment of the present invention.
In the embodiment of the invention, after the redirection address is formed, firstly, the login request is redirected for the first time, the redirection request aiming at passport3.pconline.com.cn is received, and a cookie is set for the second-level domain name pconline.com.cn; secondly, carrying out redirection for the second time, receiving a redirection request aiming at passport3.pcauto. com. cn, and setting a cookie for a second-level domain name pcauto. com. cn; then, carrying out third redirection, receiving a redirection request aiming at passport3.pcbaby.com.cn, and setting cookie for a second-level domain name pcbaby.com.cn; finally, carrying out fourth redirection, then aiming at the redirection request of passport3.pchouse.com.cn, and setting cookie for the second-level domain name pchouse.com.cn; all secondary domain names are visited so far, and the login is successfully redirected to the website of the initial login.
The method comprises the steps of generating a unique identification code of a preset website when the preset website is logged in for the first time, generating redirection addresses based on the unique identification code and a secondary domain name, and setting the unique identification code in a cookie of the secondary domain name when a login request is redirected to each redirection address. Because the address pointed by each redirection is a unified login system, and cookie is set for the second-level domain name of the current request domain name once during each redirection, the purpose of cross-domain unified login of the website corresponding to the third-level domain name without sense can be realized based on the principle that the lower-level domain name can share the cookie of the upper-level domain name. Because the invention does not actually access the website corresponding to the third-level domain name, even if the website application needs upgrading maintenance so as not to achieve all-weather normal operation, the login-free access of the website can be realized.
For convenience of understanding, the following describes a flow of a cross-domain unified login method provided in an embodiment of the present invention by using a specific example.
Referring to fig. 6, fig. 6 is a flowchart of a cross-domain unified login method according to an embodiment of the present invention.
As shown in fig. 6, when the user initially accesses the computer network registered in the unified login system, the unified login system does not have the unique identification code of the computer network registered at this time because of the initial login, and therefore login authentication is required. Specifically, login verification can be performed through three modes, namely authorized login verification of a third-party platform, login verification of a mobile phone number and login verification of an account password. And after the authentication is passed, performing MD5 encryption by adopting the user IP, the account ID and the current system timestamp to serve as a unique identification code of the user for logging in at this time, and storing the unique identification code in a session storage service of the unified logging-in system. And then setting a third-level domain name for the second-level domain name in the second-level domain name registration table, circularly accessing the third-level domain name, and setting cookie for the corresponding second-level domain name. And when all the second-level domain names are set, completing login and returning the corresponding interface of the computer network to the user. And then, when the user accesses other websites (such as a car network, a parent-child network and a home network) in the unified login system again, only the corresponding cookie needs to be acquired for login verification.
Referring to fig. 7, fig. 7 is a block diagram illustrating a cross-domain unified entry apparatus according to an embodiment of the present invention.
The invention provides a cross-domain unified login device which is applied to a unified login system, wherein a plurality of second-level domain names are registered in the unified login system; the device comprises:
a login request receiving module 701, configured to receive a login request for a user to access a preset website; the login request comprises login information;
a determining module 702, configured to obtain cookie information of a preset website, and determine whether a user successfully logs in by using the cookie information;
a login verification module 703, configured to perform login verification on login information when the user does not successfully log in;
the unique identification code generating module 704 is used for generating a unique identification code of a preset website when the verification is passed;
a redirect address generation module 705 configured to traverse a plurality of secondary domain names and generate a redirect address based on the secondary domain names and the unique identification code;
the unique identification code setting module 706 is used for redirecting the login request to each redirection address in sequence and setting a unique identification code in a cookie of a secondary domain name of the redirection address;
and a redirection module 707, configured to redirect the login information to a preset website for login after the traversal of the multiple secondary domain names is finished.
Optionally, the determining module 702 includes:
the judgment submodule is used for acquiring cookie information of the preset website and judging whether the cookie information contains a logged unique identification code of the preset website;
and the login failure judgment submodule is used for judging that the user successfully logs in if the cookie information does not have the logged-in unique identification code of the preset website.
Optionally, the determining module 702 further includes:
and the login success judging submodule is used for judging that the login is successful if the logged-in unique identification code of the preset website exists in the cookie information and the user session information corresponding to the logged-in unique identification code exists in the preset session storage service.
Optionally, the unique identification code generating module 704 includes:
and the unique identification code generation submodule is used for acquiring the current system timestamp when the verification is passed, encrypting the current system timestamp and the login information and generating the unique identification code of the preset website.
Optionally, the method further comprises:
and the storage module is used for storing the unique identification code in the session storage service.
Optionally, the redirection address generating module 705 includes:
the third-level domain name generation sub-module is used for traversing a plurality of second-level domain names and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and the redirection address generation submodule is used for sequentially splicing the unique identification code in each three-level domain name to generate a redirection address.
The electronic device provided by the present invention includes a memory and a processor, wherein the memory stores a computer program, and when the computer program is executed by the processor, the processor executes the steps of the cross-domain unified login method according to any of the above embodiments.
The present invention provides a computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by the processor, implements the cross-domain unified login method according to any of the above embodiments.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative; for example, the division of the unit is only a logic function division, and other division modes can be provided in actual implementation; for example, various elements or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of implementing the solution of the present embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A cross-domain unified login method is characterized by being applied to a unified login system, wherein a plurality of second-level domain names are registered in the unified login system; the method comprises the following steps:
receiving a login request of a user for accessing a preset website; the login request comprises login information;
obtaining cookie information of the preset website, and judging whether the user successfully logs in by adopting the cookie information;
when the user does not log in successfully, log in verification is carried out on the login information;
when the verification is passed, generating a unique identification code of the preset website;
traversing a plurality of the secondary domain names, and generating a redirection address based on the secondary domain names and the unique identification code;
redirecting the login request to each redirection address in sequence, and setting the unique identification code in a cookie of a secondary domain name of the redirection address;
and after traversing the plurality of second-level domain names, redirecting the login information to the preset website for login.
2. The method according to claim 1, wherein the step of obtaining cookie information of the preset website and determining whether the user successfully logs in by using the cookie information comprises:
acquiring cookie information of the preset website, and judging whether the cookie information contains a logged unique identification code of the preset website;
and if the logged unique identification code of the preset website does not exist in the cookie information, judging that the user does not log in successfully.
3. The method of claim 2, further comprising:
and if the logged unique identification code of the preset website exists in the cookie information and user session information corresponding to the logged unique identification code exists in preset session storage service, judging that the login is successful.
4. The method of claim 3, wherein the step of generating the unique identification code of the preset website when the authentication is passed comprises:
and when the verification is passed, acquiring a current system time stamp, encrypting the current system time stamp and the login information, and generating the unique identification code of the preset website.
5. The method of claim 4, wherein the step of generating the unique identification code of the predetermined website when the authentication is passed further comprises:
saving the unique identification code in the session storage service.
6. The method of claim 1, wherein traversing a plurality of the secondary domain names and generating a redirect address based on the secondary domain names and the unique identification code comprises:
traversing a plurality of second-level domain names, and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and sequentially splicing the unique identification code in each third-level domain name to generate a redirection address.
7. A cross-domain unified login device is characterized by being applied to a unified login system, wherein a plurality of secondary domain names are registered in the unified login system; the device comprises:
the login request receiving module is used for receiving a login request of a user for accessing a preset website; the login request comprises login information;
the judging module is used for acquiring cookie information of the preset website and judging whether the user successfully logs in by adopting the cookie information;
the login verification module is used for performing login verification on the login information when the user does not successfully log in;
the unique identification code generating module is used for generating the unique identification code of the preset website when the verification is passed;
the redirection address generation module is used for traversing the secondary domain names and generating redirection addresses based on the secondary domain names and the unique identification codes;
the unique identification code setting module is used for redirecting the login request to each redirection address in sequence and setting the unique identification code in a cookie of a secondary domain name of the redirection address;
and the redirection module is used for redirecting the login information to the preset website for login after the traversal of the plurality of second-level domain names is finished.
8. The apparatus of claim 7, wherein the redirection address generation module comprises:
the third-level domain name generation sub-module is used for traversing a plurality of second-level domain names and sequentially splicing preset fields on the second-level domain names to generate corresponding third-level domain names;
and the redirection address generation submodule is used for sequentially splicing the unique identification code in each three-level domain name to generate a redirection address.
9. An electronic device, comprising a memory and a processor, wherein the memory stores a computer program, and the computer program, when executed by the processor, causes the processor to perform the steps of the cross-domain unified login method according to any of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements a cross-domain unified login method according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010801933.6A CN111935151B (en) | 2020-08-11 | 2020-08-11 | Cross-domain unified login method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010801933.6A CN111935151B (en) | 2020-08-11 | 2020-08-11 | Cross-domain unified login method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111935151A true CN111935151A (en) | 2020-11-13 |
| CN111935151B CN111935151B (en) | 2022-05-10 |
Family
ID=73310521
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010801933.6A Active CN111935151B (en) | 2020-08-11 | 2020-08-11 | Cross-domain unified login method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111935151B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113344567A (en) * | 2021-06-23 | 2021-09-03 | 支付宝(杭州)信息技术有限公司 | Method, device, equipment and medium for accessing payment page of aggregation code |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120254429A1 (en) * | 2011-03-31 | 2012-10-04 | International Business Machine Corporation | Non-Intrusive Single Sign-On Mechanism in Cloud Services |
| US20160241536A1 (en) * | 2015-02-13 | 2016-08-18 | Wepay, Inc. | System and methods for user authentication across multiple domains |
| CN106612290A (en) * | 2017-01-19 | 2017-05-03 | 河海大学 | Cross-domain single sign-on method for system integration |
| CN106936853A (en) * | 2017-04-26 | 2017-07-07 | 河海大学 | A kind of system-oriented integrated cross-domain single login system and method |
| CN107872455A (en) * | 2017-11-09 | 2018-04-03 | 武汉虹旭信息技术有限责任公司 | A kind of cross-domain single login system and its method |
| CN109359446A (en) * | 2018-09-27 | 2019-02-19 | 天涯社区网络科技股份有限公司 | A kind of cross-domain login validation method in internet |
-
2020
- 2020-08-11 CN CN202010801933.6A patent/CN111935151B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120254429A1 (en) * | 2011-03-31 | 2012-10-04 | International Business Machine Corporation | Non-Intrusive Single Sign-On Mechanism in Cloud Services |
| US20160241536A1 (en) * | 2015-02-13 | 2016-08-18 | Wepay, Inc. | System and methods for user authentication across multiple domains |
| CN106612290A (en) * | 2017-01-19 | 2017-05-03 | 河海大学 | Cross-domain single sign-on method for system integration |
| CN106936853A (en) * | 2017-04-26 | 2017-07-07 | 河海大学 | A kind of system-oriented integrated cross-domain single login system and method |
| CN107872455A (en) * | 2017-11-09 | 2018-04-03 | 武汉虹旭信息技术有限责任公司 | A kind of cross-domain single login system and its method |
| CN109359446A (en) * | 2018-09-27 | 2019-02-19 | 天涯社区网络科技股份有限公司 | A kind of cross-domain login validation method in internet |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113344567A (en) * | 2021-06-23 | 2021-09-03 | 支付宝(杭州)信息技术有限公司 | Method, device, equipment and medium for accessing payment page of aggregation code |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111935151B (en) | 2022-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111131242B (en) | Authority control method, device and system | |
| TWI659313B (en) | Automatic login method and device between multiple websites | |
| US7640578B2 (en) | System and method for providing secure communication between computer systems | |
| US8819800B2 (en) | Protecting user information | |
| TWI608743B (en) | Method, server and system for managing wireless network login password sharing function | |
| JP4880699B2 (en) | Method, system, and apparatus for protecting a service account | |
| CN109547458B (en) | Login verification method and device, computer equipment and storage medium | |
| CN104954330B (en) | A kind of methods, devices and systems to be conducted interviews to data resource | |
| CN101420416B (en) | Identity management platform, service server, login system and method, and federation method | |
| US20220394026A1 (en) | Network identity protection method and device, and electronic equipment and storage medium | |
| CN111030812A (en) | Token verification method, device, storage medium and server | |
| US20100100950A1 (en) | Context-based adaptive authentication for data and services access in a network | |
| KR102001544B1 (en) | Apparatus and method to enable a user authentication in a communication system | |
| CN111355713B (en) | Proxy access method, device, proxy gateway and readable storage medium | |
| CN104104654A (en) | Method and device for setting Wifi access authority and Wifi authentication | |
| CN108259457B (en) | WEB authentication method and device | |
| CN106209727B (en) | Session access method and device | |
| CN103220261A (en) | Proxy method, device and system of open authentication application program interface | |
| CN113381979A (en) | Access request proxy method and proxy server | |
| CN101764808A (en) | Authentication processing method and system for automatic login as well as server | |
| CN107196909A (en) | Invitation registration method and device | |
| CN112491890A (en) | Access method and device | |
| CN111786996B (en) | Cross-domain synchronous login state method and device and cross-domain synchronous login system | |
| CN113922982A (en) | Login method, electronic device and computer-readable storage medium | |
| CA2844888A1 (en) | System and method of extending a host website |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |