CN111953632A - Authentication login method of NAS (network attached storage) equipment, mobile terminal and server - Google Patents
Authentication login method of NAS (network attached storage) equipment, mobile terminal and server Download PDFInfo
- Publication number
- CN111953632A CN111953632A CN201910401929.8A CN201910401929A CN111953632A CN 111953632 A CN111953632 A CN 111953632A CN 201910401929 A CN201910401929 A CN 201910401929A CN 111953632 A CN111953632 A CN 111953632A
- Authority
- CN
- China
- Prior art keywords
- identification number
- user identification
- login
- server
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a verification login method of NAS equipment, a mobile terminal and a server, wherein the method comprises the following steps: when a login request triggering instruction of a user is received, acquiring a user identification number of a mobile terminal and a session number sent by a server during registration; sending a login request to a server according to the user identification number and the session number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server; and displaying a login success view returned by the server according to the user identification number and the session number. By the technical scheme, the safety and the convenience of the use of the NAS device are improved, and the cost of verification and login of the NAS device is reduced.
Description
Technical Field
The invention relates to the technical field of authentication of NAS equipment, in particular to an authentication login method of NAS equipment, a mobile terminal and a server.
Background
In this mobile internet era today, the amount of data produced by homes is growing dramatically, and most homes are therefore configured with NAS devices for storage. To facilitate the interaction of the PC with the NAS device, the NAS device will typically support one or more file transfer protocols, such as FTP, WebDAV, SMB/CIFS/SMB2, and the like. In addition, the manufacturer of the NAS device also provides the APP of the mobile terminal, and the terminal user can operate the NAS device through the APP. The following describes the existing NAS device user authentication scheme and its disadvantages.
The first scheme is as follows: the NAS server only requires the user to provide a user name and a password when the user logs in, and the user name and the password are static and are preset by the server. The first scheme has the following disadvantages: the user needs to remember the username and password and, if changed, needs to be reconfigured on the server. Static passwords have the possibility of being forgotten and lost due to the need to remember. In addition, because the static password is basically fixed and unchanged, the static password is easy to crack, and certain potential safety hazard exists.
Scheme II: the NAS device is added into a Windows domain, a Windows domain management controller is used for managing users, and the domain users log in a trusted mode. The second scheme has the following defects: the NAS device needs to support a corresponding protocol and interface of the authentication server of the third party, which is complicated to implement and needs higher configured hardware support, resulting in increased cost.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a method for verifying and logging in NAS equipment, which is applied to a mobile terminal for verifying and logging in the NAS equipment and is used for improving the use safety and convenience of the NAS equipment and reducing the cost of verifying and logging in the NAS equipment, and the method comprises the following steps:
when a login request triggering instruction of a user is received, acquiring a user identification number of a mobile terminal and a session number sent by a server during registration;
sending a login request to a server according to the user identification number and the conversation number; the server generates the conversation number according to the user identification number of the mobile terminal when registering;
and displaying a login success view returned by the server according to the user identification number and the session number.
The embodiment of the invention also provides a verification login method of the NAS device, which is applied to a verification login server of the NAS device and is used for improving the use safety and convenience of the NAS device and reducing the verification login cost of the NAS device, and the method comprises the following steps:
receiving a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
verifying the user according to the user identification number and the conversation number;
and when the verification is passed, returning a login success view to the mobile terminal.
The embodiment of the invention also provides a mobile terminal for authentication login of the NAS device, which is used for improving the use safety and convenience of the NAS device and reducing the authentication login cost of the NAS device, and comprises the following components:
the first acquisition unit is used for acquiring a user identification number of the mobile terminal and a session number sent by the server during registration when a login request triggering instruction of a user is received;
the login request unit is used for sending a login request to a server according to the user identification number and the conversation number; the server generates the conversation number according to the user identification number of the mobile terminal when registering;
and the first display unit is used for displaying a login success view returned by the server according to the user identification number and the session number.
The embodiment of the invention also provides an authentication login server of the NAS device, which is used for improving the use safety and convenience of the NAS device and reducing the authentication login cost of the NAS device, and comprises the following components:
a first receiving unit, configured to receive a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
the verification unit is used for verifying the user according to the user identification number and the conversation number;
and the returning unit is used for returning the login success view to the mobile terminal when the verification is passed.
The embodiment of the invention also provides computer equipment, which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor executes the authentication login method of the NAS equipment.
An embodiment of the present invention further provides a computer-readable storage medium storing a computer program for executing the method for authenticating a login of a NAS device.
The technical scheme provided by the embodiment of the invention comprises the following steps: receiving a login request triggering instruction of a user at a verification login mobile terminal of NAS equipment, and acquiring a user identification number of the mobile terminal and a session number sent by a server during registration when the login request triggering instruction of the user is received; sending a login request to a server according to the user identification number and the session number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server; receiving a login request sent by a mobile terminal at an authentication login server of NAS equipment; the login request comprises a user identification number and a conversation number; verifying the user according to the user identification number and the conversation number; when the authentication is passed, a login success view is returned to the mobile terminal, and the mobile terminal displays the login success view returned by the server according to the user identification number and the conversation number, so that the authentication is completed according to the double factors of the public code and the user identification number held by the server, the NAS device server is safely logged in without a password, the use safety and convenience of the NAS device are improved, and the authentication and login cost of the NAS device is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a schematic structural diagram of an authentication login system of a NAS device in an embodiment of the present invention;
fig. 2 is a schematic flowchart of an authentication login method applied to a NAS device of a mobile terminal in an embodiment of the present invention;
fig. 3 is a flowchart illustrating an authentication login method applied to a NAS device of a server in an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a mobile terminal for authenticating login of a NAS device according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of an authentication login server of the NAS device according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of the authentication login of the NAS device in the embodiment of the present invention;
FIG. 7 is a schematic diagram of an application scenario of authentication login of a NAS device in an embodiment of the present invention;
fig. 8 is a schematic view of an application scenario in which a PC user login account is returned to a mobile terminal in the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
Before describing the embodiments of the present invention, terms related to the embodiments of the present invention will be described below.
1. NAS: a device connected to the network and having data storage function.
2. SMB/CIFS/SMB 2: the smb (server Message block) communication protocol is a protocol established by Microsoft (Microsoft) and Intel (Intel) in 1987, and is mainly used as a communication protocol of a Microsoft network.
3. WebDAV (Web-based Distributed authentication and version) is a communication protocol based on the HTTP1.1 protocol. The method expands HTTP1.1, adds some new methods besides several HTTP standard methods such as GET, POST, HEAD and the like, enables an application program to directly read and write a Web Server, supports Locking (Locking) and unlocking (Unlock) of a write file, and can also support version control of the file.
4. And (3) authentication certificate: authentication is the act of determining whether the authenticator's true identity and his (her) asserted identity match. The authenticator needs the authenticatee to provide corresponding identification material to verify that its identity matches the purported identity. In computer languages, the identification here has a proprietary name, namely a Credential (Authentication Credential).
Since the inventor finds the technical problems mentioned in the background art, a user authentication and authorization method which is suitable for the NAS device in the field of mobile application, relatively safe, relatively simple and easy to implement is provided, that is, a verification login scheme of the NAS device is provided. The authentication login scheme of the NAS device is described in detail below.
Fig. 1 is a schematic structural diagram of an authentication login system of a NAS device in an embodiment of the present invention, and as shown in fig. 1, the system includes: a mobile terminal 10 for authenticated login of NAS device and a server 20(NAS device server) for authenticated login of NAS device. The mobile terminal 10 of the NAS device for verifying login receives a login request trigger instruction of a user, for example, by clicking a login request button on a display interface, when the login request trigger instruction of the user is received, a user identification number of the mobile terminal and a session number sent by a server during registration are obtained; sending a login request to a server according to the user identification number and the session number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server; at this time, the server 20 for authentication login of the NAS device receives a login request from the mobile terminal; the login request comprises a user identification number and a conversation number; verifying the user according to the user identification number and the conversation number; when the verification is passed, returning a login success view to the mobile terminal; at this time, the mobile terminal 10 for verifying login of the NAS device receives and displays a login success view returned by the server according to the user identification number and the session number, so that verification is completed by double factors according to the public code and the user identification number held by the server, the NAS device server is safely logged in without a password (without inputting the password by the user), the use safety and convenience of the NAS device are improved, and the cost of verifying login of the NAS device is reduced.
The mobile terminal 10 for authenticating and logging in the NAS device, the method for authenticating and logging in the NAS device applied to the mobile terminal, the server 20 for authenticating and logging in the NAS device, and the method for authenticating and logging in the NAS device applied to the server will be described in detail below.
First, an authentication login method applied to a NAS device of a mobile terminal is introduced.
Fig. 2 is a schematic flowchart of an authentication login method applied to a NAS device of a mobile terminal in an embodiment of the present invention, and as shown in fig. 2, the method includes the following steps:
step 101: when a login request triggering instruction of a user is received, acquiring a user identification number of a mobile terminal and a session number sent by a server during registration;
step 102: sending a login request to a server according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code held by the server and the user identification number of the mobile terminal;
step 103: and displaying a login success view returned by the server according to the user identification number and the session number.
When the scheme provided by the embodiment of the present invention is implemented, assuming that a user a wants to log in an NAS device server to operate an NAS device, first, the user a logs in the mobile terminal 10 through the authentication of the NAS device to receive a login request trigger instruction of the user, for example, by clicking a login request button on a display interface, and when receiving the login request trigger instruction of the user a, the mobile terminal 10 obtains a user identification number of the mobile terminal and a session number sent by the server during registration; sending a login request to a server according to the user identification number and the conversation number; the server 20 for verifying login of the NAS equipment receives the login request, verifies the user according to the user identification number and the session number, and returns a login success view to the mobile terminal when the verification is passed; the authentication login mobile terminal 10 of the NAS device receives and displays a login success view returned by the server according to the user identification number and the session number, and at this time, the user can operate the NAS device through the mobile terminal.
Compared with the prior art, the scheme provided by the embodiment of the invention realizes that the authentication is completed by double factors according to the public code and the user identification number held by the server, and the NAS device server is safely logged in without a password, so that the use safety and convenience of the NAS device are improved, and the authentication and login cost of the NAS device is reduced.
In specific implementation, the NAS device server and the mobile terminal each hold a part of an authentication (verification login) credential, where the part held by the server may be published to all NAS device users, is a common part of the credential (referred to as a common code in the embodiment of the present invention), and may be a serial number of the NAS device or a common access password set on the server; the part held by the mobile terminal may be a unique terminal device number owned by each mobile terminal, from which the mobile terminal generates a unique user identification number, which is a private part of the credential. Specifically, the mobile terminal registers with a public code held by the server and a user identification number of the mobile terminal, and after the registration is successful, the mobile terminal receives a Session number (Session Id), and the Session number becomes invalid after a certain time. The mobile terminal uses the user identification number and the conversation number to log in, so that the user can log in without a password.
In an embodiment, the method for authenticating and logging in the NAS device may further include:
when a trigger instruction sent by a user when logging in NAS equipment on a PC is received, a public code held by a server and a user identification number of a mobile terminal are obtained;
sending a request for generating a PC end user login account to a server according to the public code and the user identification number;
displaying a PC end user login account generated according to the public code and the user identification number; and the PC end user login account is used for logging in the server on the PC.
In specific implementation, when a user needs to connect the NAS device to a PC for operation, an account used by the PC for login may come from a current user of the mobile terminal, the account is requested by the mobile terminal, and is generated at the server, and finally the server returns the generated account to the mobile terminal. Compared with the prior art, the method and the device reduce the management operation of the user on the server, improve the use safety and convenience of the NAS device, and reduce the authentication login cost of the NAS device.
During specific implementation, the PC side login account also has failure time, the failure can be set in the mobile terminal APP after specific time, and after the user logs in on the PC through the account, the given authority is equivalent to the authority of the current user of the mobile terminal APP.
In one embodiment, the user may be registered as follows:
when a registration request triggering instruction of a user is received, a public code held by a server and a user identification number of a mobile terminal are acquired;
sending a registration request to a server according to the public code and the user identification number;
and receiving a conversation number generated by the server according to the user identification number of the mobile terminal, and displaying a successful registration view returned by the server according to the public code and the user identification number.
In one embodiment, the user may be unregistered as follows:
when a registration cancellation request triggering instruction of a user is received, a public code held by a server and a user identification number of a mobile terminal are acquired;
sending a request for canceling registration to a server according to the public code and the user identification number;
and receiving and displaying a result of the deregistration processing returned according to the public code and the user identification number.
Secondly, an authentication login method applied to the NAS device of the server is introduced.
Based on the same inventive concept, the embodiment of the present invention further provides an authentication login method applied to a NAS device of a server, as in the following embodiments. Since the principle of solving the problem of the authentication login method applied to the NAS device of the server is similar to that of the authentication login method applied to the NAS device of the mobile terminal, the implementation of the authentication login method applied to the NAS device of the server may refer to the implementation of the authentication login method applied to the NAS device of the mobile terminal, and repeated details are not repeated. As used hereinafter, the term "module" or "unit" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 3 is a flowchart illustrating an authentication login method applied to a NAS device of a server in an embodiment of the present invention, and as shown in fig. 3, the method includes the following steps:
step 201: receiving a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
step 202: verifying the user according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code held by the server and the user identification number of the mobile terminal;
step 203: and when the verification is passed, returning a login success view to the mobile terminal.
In one embodiment, authenticating the user according to the user identification number and the session number may include:
checking whether the user identification number is qualified or not, whether the user identification number exists in a registered list or not, and whether the session number is the same as a session number generated when the user identification number is registered in a server or not;
when the verification is passed, returning the login success view to the mobile terminal may include:
and returning a login success view to the mobile terminal when the user identification number is qualified, the user identification number exists in the registered list and the conversation number is the same as the conversation number generated in the server during registration.
In an embodiment, the method for authenticating and logging in the NAS device may further include:
receiving a request for generating a PC end user login account; the request for generating the PC terminal user login account comprises a public code and a user identification number;
generating a PC end user login account according to the public code and the user identification number;
sending the PC end user login account to a mobile terminal; and the PC end user login account is used for logging in the server on the PC.
In one embodiment, the user may be registered as follows:
receiving a registration request; the registration request comprises a public code and a user identification number;
registering the user according to the public code and the user identification number, and generating a conversation number associated with the user identification number of the mobile terminal;
and when the registration is completed, returning the conversation number and the successful registration view to the mobile terminal.
In one embodiment, registering the user according to the public code and the user identification number may include:
the public code in the registration request is verified to be the same as the public code in the server configuration file, the user identification number is qualified, and the user registration is successful.
In one embodiment, the user may be unregistered as follows:
receiving a request for canceling registration; the request for canceling registration comprises a public code and a user identification number;
according to the public code and the user identification number, the user is unregistered;
and returning the unregistered processing result to the mobile terminal.
In one embodiment, deregistering the user based on the public code and the user identification number may include:
and when the public code in the request for canceling the registration is checked to be the same as the public code in the server configuration file, and the user identification number is qualified and registered, deleting the user identification number from the registered list to finish canceling the registration.
Thirdly, the authentication of the NAS device is introduced to log in the mobile terminal.
Based on the same inventive concept, the embodiment of the present invention further provides an authenticated login mobile terminal of a NAS device, as in the following embodiments. Since the principle of the NAS device for verifying login to the mobile terminal to solve the problem is similar to the above method for verifying login applied to the NAS device of the mobile terminal, the implementation of the NAS device for verifying login to the mobile terminal may refer to the implementation of the above method for verifying login applied to the NAS device of the mobile terminal, and repeated parts are not described again. As used hereinafter, the term "module" or "unit" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 4 is a schematic structural diagram of an authenticated login mobile terminal of a NAS device in an embodiment of the present invention, and as shown in fig. 4, the authenticated login mobile terminal of the NAS device includes:
a first obtaining unit 11, configured to obtain a user identification number of a mobile terminal and a session number sent by a server during registration when a login request triggering instruction of a user is received;
a login request unit 12, configured to send a login request to a server according to the user identification number and the session number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code held by the server and the user identification number of the mobile terminal;
and the first display unit 13 is used for displaying a login success view returned by the server according to the user identification number and the session number.
In an embodiment, the verifying the login mobile terminal of the NAS device may further include:
the second acquisition unit is used for acquiring the public code held by the server and the user identification number of the mobile terminal when receiving a trigger instruction sent by a user when logging in the NAS device on the PC;
the account generation request unit is used for sending a request for generating a PC end user login account to the server according to the public code and the user identification number;
the second display unit is used for displaying the PC terminal user login account generated according to the public code and the user identification number; and the PC end user login account is used for logging in the server on the PC.
In an embodiment, the verifying the login mobile terminal of the NAS device may further include: a first registration unit to:
when a registration request triggering instruction of a user is received, a public code held by a server and a user identification number of a mobile terminal are acquired;
sending a registration request to a server according to the public code and the user identification number;
and receiving a conversation number generated by the server according to the user identification number of the mobile terminal, and displaying a successful registration view returned by the server according to the public code and the user identification number.
In an embodiment, the verifying the login mobile terminal of the NAS device may further include: a first deregistration unit, the first deregistration unit operable to:
when a registration cancellation request triggering instruction of a user is received, a public code held by a server and a user identification number of a mobile terminal are acquired;
sending a request for canceling registration to a server according to the public code and the user identification number;
and receiving and displaying a result of the deregistration processing returned according to the public code and the user identification number.
Fourth, next, an authentication login server of the NAS device is introduced.
Based on the same inventive concept, an authentication login server of a NAS device is further provided in the embodiments of the present invention, as in the following embodiments. Since the principle of solving the problem of the authentication login server of the NAS device is similar to the authentication login method of the NAS device applied to the server, the implementation of the authentication login server of the NAS device may refer to the implementation of the authentication login method of the NAS device applied to the server, and repeated details are not repeated. As used hereinafter, the term "module" or "unit" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 5 is a schematic structural diagram of an authentication login server of a NAS device in an embodiment of the present invention, and as shown in fig. 5, the authentication login server of the NAS device includes:
a first receiving unit 21, configured to receive a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
the verification unit 22 is used for verifying the user according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code held by the server and the user identification number of the mobile terminal;
and the returning unit 23 is used for returning the login success view to the mobile terminal when the authentication is passed.
In one embodiment, the verification unit may be specifically configured to: checking whether the user identification number is qualified or not, whether the user identification number exists in a registered list or not, and whether the session number is the same as a session number generated when the user identification number is registered in a server or not;
the return unit is specifically configured to: and returning a login success view to the mobile terminal when the user identification number is qualified, the user identification number exists in the registered list and the conversation number is the same as the conversation number generated in the server during registration.
In an embodiment, the authentication login server of the NAS device may further include:
the second receiving unit is used for receiving a request for generating a PC end user login account; the request for generating the PC terminal user login account comprises a public code and a user identification number;
the account generating unit is used for generating a PC end user login account according to the public code and the user identification number;
the sending unit is used for sending the PC end user login account to the mobile terminal; and the PC end user login account is used for logging in the server on the PC.
In an embodiment, the authentication login server of the NAS device may further include a second registration unit, where the second registration unit may be configured to:
receiving a registration request; the registration request comprises a public code and a user identification number;
registering the user according to the public code and the user identification number, and generating a conversation number associated with the user identification number of the mobile terminal;
and when the registration is completed, returning the conversation number and the successful registration view to the mobile terminal.
In an embodiment, the authentication login server of the NAS device may further include a second unregistering unit, where the second unregistering unit may be configured to:
receiving a request for canceling registration; the request for canceling registration comprises a public code and a user identification number;
according to the public code and the user identification number, the user is unregistered;
and returning the unregistered processing result to the mobile terminal.
Fig. 6 to 8 are further combined to illustrate an example to facilitate understanding of how the present invention is implemented.
In particular, a proprietary protocol (hereinafter referred to as a user management protocol, which may include the above-mentioned authentication login method applied to the NAS device of the mobile terminal and the server) is used between the mobile terminal (APP) and the NAS device server for user account management, and the protocol may be implemented based on UDP, TCP, NetBIOS, and other protocols. The fields contained in the protocol request network packet are: firstly, public codes are obtained; a user identification number; and ③ random integer. The executable operation codes include: firstly, registering a user; secondly, logging in by the user; the user cancels the registration; and fourthly, generating a PC end user login account. The NAS device (NAS device in fig. 7) must run a server of the above protocol to listen to the request sent by the mobile terminal APP and execute the operation specified by the operation code.
As shown in fig. 6 and 7, the specific process of interacting between the mobile terminal and the NAS device server, implementing two-factor authentication, logging in the server without a password, and dynamically acquiring the PC login account to implement secure use of the NAS device on the PC may be:
1. the server program on the NAS device is started.
2. The mobile terminal generates an equipment number when being started for the first time, generates a user identification number according to the equipment number, and sets the user identification number as a current user identification number. The mobile terminal typically uses the MAC address of the network adapter as the device number.
3. After the mobile terminal APP is opened, if the user is unregistered, the registration operation is required. The method comprises the steps that a user inputs a serial number of NAS equipment or a public access password set by an administrator on a mobile terminal APP and stores the serial number or the public access password as a current public code, the mobile terminal generates a request network packet (registration request) defined in a user management protocol, a public code field of the request packet is set as the current public code, a user identification number field is set as a current user identification number of the mobile terminal, an operation code is user registration, and the request packet is encrypted and then sent to a server. After the server receives the request packet, the server decrypts the request packet, if the public code in the packet is the same as the public code in the server configuration file and the user identification number is qualified, the user is successfully registered, and the server returns the session number associated with the user identification. The server stores the user identification number in a registered list.
4. And after the registration is successful, the mobile terminal stores the conversation number returned by the server. An SMB (or WebDAV, or FTP) client is created on the mobile terminal, and the user identification number and session number are used as the username and password when logging in to the server.
5. When a user needs to connect NAS equipment on a PC for operation, the user enters a view (a part of an APP interface of the mobile terminal) of a display PC side login account of the mobile terminal APP, and clicks a button for acquiring the PC login account on the view. The mobile terminal generates a request network packet (a request for generating a PC end user login account) defined in a user management protocol, sets a public code field of the request packet as a current public code, sets a user identification number field as a current user identification number of the mobile terminal, generates the PC end user login account through an operation code, encrypts the request packet and sends the request packet to a server. And after receiving the request packet, the server decrypts the request packet, and if the public code in the packet is the same as the public code in the server configuration file and the user identification number is qualified, the server can generate a PC-side user login account by calling a dynamic generation module of the PC-side login account and return the generated login account. After the mobile terminal receives the feedback (Response), the login account is displayed on the view (as shown in fig. 8).
6. The mobile terminal may deregister after the user registration is successful. When the registration is to be cancelled, a request network packet (a request for canceling the registration) defined in a user management protocol is generated, a public code field of the request packet is set as a current public code, a user identification number field is set as a current user identification number of the mobile terminal, an operation code is used for canceling the registration of a user, and the request packet is encrypted and then sent to a server. After receiving the request packet, the server decrypts the request packet, if the public code in the packet is the same as the public code in the server configuration file, and the user identification number is qualified and registered, deletes the user identification number from the registered list, and returns the processing result to the mobile terminal.
As can be seen from the above, with respect to user authentication, the operations allowed by the mobile terminal may include: firstly, registering a user; the user cancels the registration; and logging in. The operation allowed by the PC side can be login.
The embodiment of the invention also provides computer equipment, which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor executes the authentication login method of the NAS equipment.
An embodiment of the present invention further provides a computer-readable storage medium storing a computer program for executing the method for authenticating a login of a NAS device.
The technical scheme provided by the embodiment of the invention has the beneficial technical effects that:
1. the NAS device (comprising a server) and the mobile terminal jointly hold double-factor authentication (a public code held by the server and a user identification number of the mobile terminal) of an authentication certificate, and the double-factor authentication improves the overall security of the NAS device.
2. The mobile terminal does not have a password login mode and the PC terminal uses the dynamic user account applied by the mobile terminal to log in and use the NAS device, so that the management operation of a user on the server is reduced, and the convenience and the safety of the user using the NAS device are improved.
3. Compared with the existing scheme that the NAS device is added into a Windows domain and a domain user logs in a trusted mode, the method is relatively simple and easy to implement, does not need a third-party authentication server, improves the convenience of using the NAS device by the user, and reduces the cost of verifying and logging in the NAS device.
In summary, the technical scheme provided by the embodiment of the invention improves the safety and convenience of the use of the NAS device and reduces the cost of the authentication login of the NAS device.
It will be apparent to those skilled in the art that the modules or steps of the embodiments of the invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes may be made to the embodiment of the present invention by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An authentication login method of a NAS device, comprising:
when a login request triggering instruction of a user is received, acquiring a user identification number of a mobile terminal and a session number sent by a server during registration;
sending a login request to a server according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server;
and displaying a login success view returned by the server according to the user identification number and the session number.
2. The method for authenticated login of a NAS device of claim 1, further comprising:
when a trigger instruction sent by a user when logging in NAS equipment on a PC is received, a public code held by a server and a user identification number of a mobile terminal are obtained;
sending a request for generating a PC end user login account to a server according to the public code and the user identification number;
displaying a PC end user login account generated according to the public code and the user identification number; and the PC end user login account is used for logging in the server on the PC.
3. The method for authenticated login of NAS device of claim 1, wherein the user is registered as follows:
when a registration request triggering instruction of a user is received, a public code held by a server and a user identification number of a mobile terminal are acquired;
sending a registration request to a server according to the public code and the user identification number;
and receiving a conversation number generated by the server according to the user identification number of the mobile terminal, and displaying a successful registration view returned by the server according to the public code and the user identification number.
4. An authentication login method of a NAS device, comprising:
receiving a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
verifying the user according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server;
and when the verification is passed, returning a login success view to the mobile terminal.
5. The authenticated login method of NAS device of claim 4, further comprising:
receiving a request for generating a PC end user login account; the request for generating the PC terminal user login account comprises a public code and a user identification number;
generating a PC end user login account according to the public code and the user identification number;
sending the PC end user login account to a mobile terminal; and the PC end user login account is used for logging in the server on the PC.
6. The method for authenticated login of NAS device of claim 4, wherein the user is registered as follows:
receiving a registration request; the registration request comprises a public code and a user identification number;
registering the user according to the public code and the user identification number, and generating a conversation number associated with the user identification number of the mobile terminal;
and when the registration is completed, returning the conversation number and the successful registration view to the mobile terminal.
7. An authenticated login mobile terminal for a NAS device, comprising:
the first acquisition unit is used for acquiring a user identification number of the mobile terminal and a session number sent by the server during registration when a login request triggering instruction of a user is received;
the login request unit is used for sending a login request to a server according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server;
and the first display unit is used for displaying a login success view returned by the server according to the user identification number and the session number.
8. An authentication login server of a NAS device, comprising:
a first receiving unit, configured to receive a login request sent by a mobile terminal; the login request comprises a user identification number and a conversation number;
the verification unit is used for verifying the user according to the user identification number and the conversation number; the conversation number is generated by the server according to the user identification number of the mobile terminal when the registration is completed according to the public code and the user identification number held by the server;
and the returning unit is used for returning the login success view to the mobile terminal when the verification is passed.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910401929.8A CN111953632A (en) | 2019-05-15 | 2019-05-15 | Authentication login method of NAS (network attached storage) equipment, mobile terminal and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910401929.8A CN111953632A (en) | 2019-05-15 | 2019-05-15 | Authentication login method of NAS (network attached storage) equipment, mobile terminal and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111953632A true CN111953632A (en) | 2020-11-17 |
Family
ID=73335800
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910401929.8A Pending CN111953632A (en) | 2019-05-15 | 2019-05-15 | Authentication login method of NAS (network attached storage) equipment, mobile terminal and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111953632A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378171A (en) * | 2010-08-16 | 2012-03-14 | 中国移动通信集团公司 | Automatic authentication method and system thereof, Portal server, and RADIUS server |
| CN104980401A (en) * | 2014-04-09 | 2015-10-14 | 北京亿赛通科技发展有限责任公司 | Secure data storage system and secure data storage and reading method of NAS server |
| US20160004693A1 (en) * | 2014-07-01 | 2016-01-07 | International Business Machines Corporation | Id management for a network attached storage system |
| CN109408487A (en) * | 2018-11-01 | 2019-03-01 | 郑州云海信息技术有限公司 | Document handling system and method under a kind of NAS file system |
-
2019
- 2019-05-15 CN CN201910401929.8A patent/CN111953632A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378171A (en) * | 2010-08-16 | 2012-03-14 | 中国移动通信集团公司 | Automatic authentication method and system thereof, Portal server, and RADIUS server |
| CN104980401A (en) * | 2014-04-09 | 2015-10-14 | 北京亿赛通科技发展有限责任公司 | Secure data storage system and secure data storage and reading method of NAS server |
| US20160004693A1 (en) * | 2014-07-01 | 2016-01-07 | International Business Machines Corporation | Id management for a network attached storage system |
| CN109408487A (en) * | 2018-11-01 | 2019-03-01 | 郑州云海信息技术有限公司 | Document handling system and method under a kind of NAS file system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11258605B2 (en) | Out-of-band remote authentication | |
| CN107332808B (en) | Cloud desktop authentication method, server and terminal | |
| CN110381031B (en) | Single sign-on method, device, equipment and computer readable storage medium | |
| EP3525415A1 (en) | Information processing system and control method therefor | |
| US5586260A (en) | Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms | |
| US8544073B2 (en) | Multi-platform single sign-on database driver | |
| Chadwick et al. | Adding federated identity management to openstack | |
| JP6929181B2 (en) | Devices and their control methods and programs | |
| CN107347068A (en) | Single-point logging method and system, electronic equipment | |
| CN105991614B (en) | It is a kind of it is open authorization, resource access method and device, server | |
| US20090031125A1 (en) | Method and Apparatus for Using a Third Party Authentication Server | |
| US20140075513A1 (en) | Device token protocol for authorization and persistent authentication shared across applications | |
| US20080034412A1 (en) | System to prevent misuse of access rights in a single sign on environment | |
| JPWO2011089712A1 (en) | Authentication method, authentication system, and authentication program | |
| US8601264B2 (en) | Systems and methods of user authentication | |
| CN111953681B (en) | DNS identity authentication method and terminal | |
| CN113742676A (en) | Login management method, device, server, system and storage medium | |
| US8832812B1 (en) | Methods and apparatus for authenticating a user multiple times during a session | |
| CN112929388B (en) | Network identity cross-device application rapid authentication method and system, and user agent device | |
| CN112966242A (en) | User name and password authentication method, device and equipment and readable storage medium | |
| US11805128B2 (en) | Methods and authentication server for authentication of users requesting access to a restricted data resource | |
| US11750597B2 (en) | Unattended authentication in HTTP using time-based one-time passwords | |
| CN111953632A (en) | Authentication login method of NAS (network attached storage) equipment, mobile terminal and server | |
| Köhler et al. | Federating hpc access via saml: Towards a plug-and-play solution | |
| US12052247B2 (en) | Delegation based access to secure systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20201117 |