CN112235285A - Method and system for user authentication mode and service based on non-session - Google Patents

Method and system for user authentication mode and service based on non-session Download PDF

Info

Publication number
CN112235285A
CN112235285A CN202011084383.7A CN202011084383A CN112235285A CN 112235285 A CN112235285 A CN 112235285A CN 202011084383 A CN202011084383 A CN 202011084383A CN 112235285 A CN112235285 A CN 112235285A
Authority
CN
China
Prior art keywords
token
authentication
sdk
application client
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011084383.7A
Other languages
Chinese (zh)
Other versions
CN112235285B (en
Inventor
罗宝利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Langchao Intelligent Medical Technology Co ltd
Original Assignee
Shandong Health Medical Big Data Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Health Medical Big Data Co ltd filed Critical Shandong Health Medical Big Data Co ltd
Priority to CN202011084383.7A priority Critical patent/CN112235285B/en
Publication of CN112235285A publication Critical patent/CN112235285A/en
Application granted granted Critical
Publication of CN112235285B publication Critical patent/CN112235285B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a method and a system for a user authentication mode and a service based on non-conversation, belonging to the technical field of user authentication, aiming at solving the technical problem of how to realize an authentication system supporting a multi-client mode and a micro-service mode, and adopting the technical scheme as follows: the method provides Java SDK through a unified authentication center, and simultaneously provides a Restful API interface, ensures the diversity and cross-programming language of butt joint, realizes the authentication and authorization process based on a JavaWeb filter in the Java SDK, and butt joint with the service of the authentication center; the unified user authentication service is realized by java, based on OAuth2.0 protocol standard, and adopts Json Web Token type to package and integrate user, role and menu authority functions, thereby realizing external user authentication and authorization functions. The invention also provides a system for the non-session-based user authentication mode and service.

Description

Method and system for user authentication mode and service based on non-session
Technical Field
The invention relates to the technical field of user authentication, in particular to a method and a system for a user authentication mode and service based on non-conversation.
Background
In the era of big data and cloud computing, technical middleboxes, business middleboxes and large and small application systems are developed, a large website is really composed of split individual services or application systems behind, in order to improve user experience, the requirement that the whole website service can be accessed only by logging in once is provided, and therefore the technical concept of single sign-on is also provided.
Meanwhile, if each system in a large enterprise develops a set of user authentication service, huge repetitive labor and time waste can be caused, a large number of complicated application systems are not convenient for the management of a user system, and huge maintenance cost is caused for operators.
With the progress of technology, clients such as a mobile terminal and a browser terminal become more and more complicated, and it is necessary to unify authentication modes for different clients. The CAS mode based on conversation in the prior art is increasingly incapable of supporting fine-grained, clustered and distributed micro-service background modes. Therefore, how to implement an authentication system supporting a multi-client mode and a micro-service mode is a technical problem to be solved urgently at present.
Disclosure of Invention
The technical task of the invention is to provide a method and a system for a non-session-based user authentication mode and service, so as to solve the problem of how to realize an authentication system supporting a multi-client mode and a micro-service mode.
The technical task of the invention is realized according to the following mode, a method based on user authentication mode and service of non-conversation, said method provides Java SDK through unifying the authentication center, provide Restful API interface at the same time, guarantee the diversity and cross programming language nature of the butt joint, realize the course of authentication, authentication on the basis of Java Web filter in Java SDK, and butt joint with the service of the authentication center;
the unified user authentication service is realized by java, based on OAuth2.0 protocol standard, and adopts Json Web Token type to package and integrate user, role and menu authority functions, thereby realizing external user authentication and authorization functions.
Preferably, the OAuth2.0 protocol standard is based on the realization of a plurality of token obtaining modes of the OAuth2.0 protocol by a unified authentication center, and meanwhile, the expansion mode of obtaining the token through a short message verification code of a mobile phone is realized by connecting a short message platform.
Preferably, when the expansion mode for obtaining the token is applied in the development process, the expansion mode is selected according to the scene of the expansion mode, and the specific steps are as follows:
using a default login page, enabling the front end and the rear end not to be separated, and enabling the rear end to acquire a scene of a token;
secondly, a default login page is used, the front end and the back end are separated, and the front end acquires a scene of the token;
thirdly, customizing a login page and acquiring a scene of the token through a background;
and (IV) acquiring a token scene by the short message verification code.
Preferably, the default login page is used, the front end and the back end are not separated, and the process of the back end acquiring the scene of the token is as follows:
firstly, an application client requests an authentication server to acquire a code according to a client _ id and a redirect _ url;
secondly, the authentication server is redirected to a client _ url and carries the code to the application client;
the application client side exchanges token with the authentication server according to the code;
fourthly, the authentication server responds to the token of the application client.
Preferably, the default login page is used, the front end and the back end are separated, and the process of the front end acquiring the scene of the token is as follows:
calling a hidden token acquisition interface by an application client: http:// ip: port/oauth/authorize? The page automatically jumps to a login page provided by the authentication server;
after the user inputs an account password to log in, the page automatically jumps to CALLBACK _ URL, and the authentication server carrying # access _ token is redirected to redirect _ URL, and the anchor access _ token is redirected to the application client; the CALLBACK _ URL is an address of the application client front end, the application client front end needs to acquire an access _ token, and the requests carry the token;
and thirdly, adding a filter to the application client background, and checking the token transmitted by the application client front end (a token checking interface).
Preferably, the process of customizing the login page and obtaining the scene of the token through the background specifically comprises the following steps:
firstly, the application client calls an interface of a password type acquisition token to acquire an access _ token according to a user name and a password of a user in a background of the application client through a user-defined login page;
obtaining a token, writing the token into a cookie at the front end of the application client, and carrying the token with the request to access the background of the application client;
preferably, the process of obtaining the scene of the token by the short message verification code is as follows:
firstly, the application client requests an authentication server to acquire a verification code according to the mobile phone number;
secondly, the application client acquires a token from the authentication server according to the short message verification code;
and thirdly, the authentication server responds to the application client token.
Preferably, the Token type of the Json Web Token is jwt, jwt is a Token in Json format, and payload carries non-sensitive information and information of Token timeout time, and also carries signature verification, so that a non-session and stateless Token form is realized.
A system for non-session based user authentication patterns and services, the system comprising,
the browser is used for accessing the resources of the resource server and redirecting the accessed resources, and is also used for logging in and authorizing the authentication server;
the resource server is used for verifying the token and carrying the token authentication SDK, and is also used for responding resources to the browser;
the authentication SDK is used for redirecting an authentication center login page to the browser, writing the token into a set _ cookie, redirecting the token to a target resource, allowing the resource of the resource server to be accessed, checking the token, acquiring the token according to the code and carrying token authentication;
and the authentication server is used for calling back the code of the authentication SDK and responding to token.
Preferably, the working process of the system is as follows:
s1, the browser accesses the resource of the resource server;
s2, verifying the token of the resource server by the authentication SDK;
s3, the authentication server verifies the token of the authentication SDK;
s4, when the verification fails, the authentication SDK is redirected to the login page of the authentication center of the browser;
s5, the browser logs in and authorizes the authentication server;
s6, the authentication server calls back the code to the authentication SDK;
s7, the authentication SDK acquires token from the authentication server according to the code;
s8, the corresponding token of the authentication server;
s9, the authentication SDK writes the token into the set-cookie and redirects the token to the target resource of the browser;
s10, the browser redirects the resources accessing the resource server;
s11, the resource server carries token to authenticate to the authentication SDK;
s12, carrying token authentication to an authentication server by the authentication SDK;
s13, the authentication server successfully authenticates and feeds back to the authentication SDK;
s14, authenticating the SDK to allow the resource of the resource server to be accessed;
and S15, the resource server responds to the resources of the browser.
The method and the system for the user authentication mode and service based on the non-session have the following advantages that:
the invention is researched and developed based on the Oauth2.0 standard, the framework is relatively mature and stable, and the development difficulty is also reduced;
secondly, the developed service supports various databases in a plug-in mode, hot plug of the service is realized, and the risk of restarting is reduced;
thirdly, the invention provides support for a plurality of development language systems, and the application is more flexible;
the client side realizes a non-session and stateless token through JWT, and the server side does not need to store, so that the space utilization rate is greatly improved;
the invention supports authentication, authentication and the like, has strong and flexible functions, and simultaneously realizes the unified management of a user system, the unified management of user authority and the unified management of tenant information; the method also provides tenant allocation, isolation modes of users under the tenant, role-authority control based on RBAC, an interface for obtaining a menu tree data structure, and authentication interfaces for obtaining various tokens such as an authorization code formula, a hidden type, a password formula and the like;
the invention encapsulates and integrates the functions of user, role and menu authority, thus realizing the unified user authentication center of external user authentication and authorization function, which is characterized by the dimensionality of tenant, user, role and authority.
Drawings
The invention is further described below with reference to the accompanying drawings.
FIG. 1 is a block diagram of a service project;
FIG. 2 is an interaction flow diagram of a system based on non-session based user authentication patterns and services;
FIG. 3 is a flow chart of a scenario in which a default login page is used, the front end and the back end are not separated, and the back end acquires a token;
FIG. 4 is a flow diagram of a scenario in which a front-end obtains tokens using a default login page, with the front-end separated;
FIG. 5 is a flow diagram of a scenario in which a user-defined login page is obtained through a background;
FIG. 6 is a flow chart of a scenario in which a token is obtained from a short message authentication code;
fig. 7 is a schematic diagram of a business application interfacing to a unified authentication cloud service;
figure 8 is a schematic diagram of a tenant hierarchy.
Detailed Description
The non-session based user authentication mode and service method and system of the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments.
Example 1:
the invention relates to a method for user authentication mode and service based on non-conversation, which provides Java SDK through a unified authentication center and provides a Restful API interface at the same time, ensures the diversity and cross-programming language of butt joint, realizes the authentication and authentication process based on a JavaWeb filter in the Java SDK and butt joint with the service of the authentication center;
the unified user authentication service is realized by java, based on OAuth2.0 protocol standard, and adopts Json Web Token type to package and integrate user, role and menu authority functions, thereby realizing external user authentication and authorization functions.
The invention realizes the unified management of the user system, the unified management of the user authority and the unified management of the tenant information; meanwhile, the system also provides interfaces for tenant allocation, isolation modes of users under the tenants, role-authority control based on RBAC (role-based access control) and acquisition of a menu tree data structure, and provides authentication and authorization interfaces for various acquisition tokens such as an authorization code type, a hidden type and a password type, as shown in figure 1.
The OAuth2.0 protocol standard is based on the realization of various token obtaining modes of the OAuth2.0 protocol by a unified authentication center, and meanwhile, the expansion mode of obtaining the token through a short message verification code of a mobile phone is realized by connecting a short message platform. When the expansion mode for obtaining the token is applied to the development process, the selection is carried out according to the scene of the token, and the specific steps are as follows:
using a default login page, enabling the front end and the rear end not to be separated, and enabling the rear end to acquire a scene of a token; as shown in fig. 3, the following is detailed:
firstly, an application client requests an authentication server to acquire a code according to a client _ id and a redirect _ url;
secondly, the authentication server is redirected to a client _ url and carries the code to the application client;
the application client side exchanges token with the authentication server according to the code;
fourthly, the authentication server responds to the token of the application client.
Secondly, a default login page is used, the front end and the back end are separated, and the front end acquires a scene of the token; as shown in fig. 4, the following is detailed:
calling a hidden token acquisition interface by an application client: http:// ip: port/oauth/authorize? The page automatically jumps to a login page provided by the authentication server;
after the user inputs an account password to log in, the page automatically jumps to CALLBACK _ URL, and the authentication server carrying # access _ token is redirected to redirect _ URL, and the anchor access _ token is redirected to the application client; the CALLBACK _ URL is an address of the application client front end, the application client front end needs to acquire an access _ token, and the requests carry the token;
and thirdly, adding a filter to the application client background, and checking the token transmitted by the application client front end (a token checking interface).
Thirdly, customizing a login page and acquiring a scene of the token through a background; as shown in fig. 5, the following is detailed:
firstly, the application client calls an interface of a password type acquisition token to acquire an access _ token according to a user name and a password of a user in a background of the application client through a user-defined login page;
obtaining a token, writing the token into a cookie at the front end of the application client, and carrying the token with the request to access the background of the application client;
(IV) a scene of obtaining the token by the short message verification code is shown in the attached figure 6, and the scene is as follows:
firstly, the application client requests an authentication server to acquire a verification code according to the mobile phone number;
secondly, the application client acquires a token from the authentication server according to the short message verification code;
and thirdly, the authentication server responds to the application client token.
The Token type of the Json Web Token is described as follows:
the http protocol is a stateless protocol, and this means that if a user provides a user name and a password to our application for user authentication, the user needs to perform user authentication again when requesting next time, because it cannot know which user issued the request according to the http protocol, in order to make the application recognize which user issued the request, only one piece of user login information can be stored in the server, and this login information is transferred to the browser in response to tell it to be stored as a cookie, so that the application can recognize which user the request came from when requesting next time, which is the traditional session-based authentication. Jwt is a token in json format, which carries non-sensitive information and token timeout time information in payload, and also carries signature verification, thus realizing a non-session and stateless token form.
The role-right control based on RBAC is explained as follows:
in RBAC, permissions are associated with roles, and users gain the permissions of the appropriate roles by becoming members of those roles. This greatly simplifies the management of rights. Therefore, management is hierarchical and interdependent, the authority is given to the role, and the role is given to the user, so that the authority design is clear and management is convenient.
The multi-tenant cloud model is illustrated as follows:
and providing a cloud tenant mode, opening a tenant application API interface, and butting the business application to the unified authentication cloud service by applying for the tenant, as shown in fig. 7.
A completely isolated tenant environment is provided, and the tenant manages users, roles, menus, organizations and the like under its own system, as shown in fig. 8.
Example 2:
the invention relates to a system based on non-session user authentication mode and service, which comprises,
the browser is used for accessing the resources of the resource server and redirecting the accessed resources, and is also used for logging in and authorizing the authentication server;
the resource server is used for verifying the token and carrying the token authentication SDK, and is also used for responding resources to the browser;
the authentication SDK is used for redirecting an authentication center login page to the browser, writing the token into a set _ cookie, redirecting the token to a target resource, allowing the resource of the resource server to be accessed, checking the token, acquiring the token according to the code and carrying token authentication;
and the authentication server is used for calling back the code of the authentication SDK and responding to token.
As shown in fig. 2, the working process of the system is as follows:
s1, the browser accesses the resource of the resource server;
s2, verifying the token of the resource server by the authentication SDK;
s3, the authentication server verifies the token of the authentication SDK;
s4, when the verification fails, the authentication SDK is redirected to the login page of the authentication center of the browser;
s5, the browser logs in and authorizes the authentication server;
s6, the authentication server calls back the code to the authentication SDK;
s7, the authentication SDK acquires token from the authentication server according to the code;
s8, the corresponding token of the authentication server;
s9, the authentication SDK writes the token into the set-cookie and redirects the token to the target resource of the browser;
s10, the browser redirects the resources accessing the resource server;
s11, the resource server carries token to authenticate to the authentication SDK;
s12, carrying token authentication to an authentication server by the authentication SDK;
s13, the authentication server successfully authenticates and feeds back to the authentication SDK;
s14, authenticating the SDK to allow the resource of the resource server to be accessed;
and S15, the resource server responds to the resources of the browser.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A method based on user authentication mode and service of non-conversation, characterized by that, this method provides Java SDK through the unified authentication center, provide Restful API interface at the same time, guarantee the diversity of the butt joint and cross programming language nature, realize the course of authentication, authentication on the basis of Java Web filter in Java SDK, and butt joint with the service of the authentication center;
the unified user authentication service is realized by java, based on OAuth2.0 protocol standard, and adopts Json Web Token type to package and integrate user, role and menu authority functions, thereby realizing external user authentication and authorization functions.
2. The method of claim 1, wherein the oauth2.0 protocol-based method is implemented by a unified authentication center for multiple token acquisition modes of oauth2.0 protocol, and the method is implemented by docking a short message platform to acquire a token expansion mode through a mobile phone short message verification code.
3. The method of claim 1, wherein the expansion mode for obtaining the token is selected according to a context of the user when the expansion mode is applied in a development process, and specifically comprises the following steps:
using a default login page, enabling the front end and the rear end not to be separated, and enabling the rear end to acquire a scene of a token;
secondly, a default login page is used, the front end and the back end are separated, and the front end acquires a scene of the token;
thirdly, customizing a login page and acquiring a scene of the token through a background;
and (IV) acquiring a token scene by the short message verification code.
4. The method of claim 3, wherein a default login page is used, the front end and the back end are not separated, and the process of the back end obtaining the scene of the token is as follows:
firstly, an application client requests an authentication server to acquire a code according to a client _ id and a redirect _ url;
secondly, the authentication server is redirected to a client _ url and carries the code to the application client;
the application client side exchanges token with the authentication server according to the code;
fourthly, the authentication server responds to the token of the application client.
5. The method of claim 3, wherein a default login page is used, the front end and the back end are separated, and the process of the front end obtaining the scene of the token is as follows:
calling a hidden token acquisition interface by an application client: http:// ip: port/oauth/authorize? The page automatically jumps to a login page provided by the authentication server;
after the user inputs an account password to log in, the page automatically jumps to CALLBACK _ URL, and the authentication server carrying # access _ token is redirected to redirect _ URL, and the anchor access _ token is redirected to the application client; the CALLBACK _ URL is an address of the application client front end, the application client front end needs to acquire an access _ token, and the requests carry the token;
thirdly, the background of the application client needs to add a filter, and the token transmitted by the front end of the application client is verified.
6. The method of claim 3, wherein the process of customizing the login page and obtaining the scene of the token through the background is as follows:
firstly, the application client calls an interface of a password type acquisition token to acquire an access _ token according to a user name and a password of a user in a background of the application client through a user-defined login page;
and secondly, writing the cookie to the front end of the application client after the token is obtained, and carrying the token to access the background of the application client by the request.
7. The method for non-session based user authentication mode and service as claimed in any of claims 3-6, wherein the process of the short message verification code obtaining the scene of the token is as follows:
firstly, the application client requests an authentication server to acquire a verification code according to the mobile phone number;
secondly, the application client acquires a token from the authentication server according to the short message verification code;
and thirdly, the authentication server responds to the application client token.
8. The method of claim 1, wherein the Token type of the Json Web Token is jwt, jwt is a Token in Json format, and payload carries non-sensitive information and Token timeout time information, and also carries signature verification, thereby implementing a non-conversational and stateless Token form.
9. A system for non-session based user authentication mode and services, the system comprising,
the browser is used for accessing the resources of the resource server and redirecting the accessed resources, and is also used for logging in and authorizing the authentication server;
the resource server is used for verifying the token and carrying the token authentication SDK, and is also used for responding resources to the browser;
the authentication SDK is used for redirecting an authentication center login page to the browser, writing the token into a set _ cookie, redirecting the token to a target resource, allowing the resource of the resource server to be accessed, checking the token, acquiring the token according to the code and carrying token authentication;
and the authentication server is used for calling back the code of the authentication SDK and responding to token.
10. The system of claim 9, wherein the system is configured to operate as follows:
s1, the browser accesses the resource of the resource server;
s2, verifying the token of the resource server by the authentication SDK;
s3, the authentication server verifies the token of the authentication SDK;
s4, when the verification fails, the authentication SDK is redirected to the login page of the authentication center of the browser;
s5, the browser logs in and authorizes the authentication server;
s6, the authentication server calls back the code to the authentication SDK;
s7, the authentication SDK acquires token from the authentication server according to the code;
s8, the corresponding token of the authentication server;
s9, the authentication SDK writes the token into the set-cookie and redirects the token to the target resource of the browser;
s10, the browser redirects the resources accessing the resource server;
s11, the resource server carries token to authenticate to the authentication SDK;
s12, carrying token authentication to an authentication server by the authentication SDK;
s13, the authentication server successfully authenticates and feeds back to the authentication SDK;
s14, authenticating the SDK to allow the resource of the resource server to be accessed;
and S15, the resource server responds to the resources of the browser.
CN202011084383.7A 2020-10-12 2020-10-12 Method and system for user authentication mode and service based on non-session Active CN112235285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011084383.7A CN112235285B (en) 2020-10-12 2020-10-12 Method and system for user authentication mode and service based on non-session

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011084383.7A CN112235285B (en) 2020-10-12 2020-10-12 Method and system for user authentication mode and service based on non-session

Publications (2)

Publication Number Publication Date
CN112235285A true CN112235285A (en) 2021-01-15
CN112235285B CN112235285B (en) 2023-01-10

Family

ID=74112128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011084383.7A Active CN112235285B (en) 2020-10-12 2020-10-12 Method and system for user authentication mode and service based on non-session

Country Status (1)

Country Link
CN (1) CN112235285B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794679A (en) * 2021-08-02 2021-12-14 浪潮软件股份有限公司 Method and system for preventing automatic script number robbing
CN113839966A (en) * 2021-11-26 2021-12-24 北京慧点科技有限公司 Security management system based on micro-service
CN113992415A (en) * 2021-10-28 2022-01-28 重庆忽米网络科技有限公司 Unified authentication and authorization method based on OAuth2 protocol
CN114037107A (en) * 2021-11-16 2022-02-11 中国农业银行股份有限公司深圳市分行 Method, system and storage medium for realizing bank multi-terminal appointment number taking
CN114143039A (en) * 2021-11-05 2022-03-04 中国电子科技集团公司第十五研究所 Global multistage unified safe data transmission method and server cluster
CN114157565A (en) * 2022-02-08 2022-03-08 南京芒可可信息科技有限公司 System and method for supporting privatized deployment
CN115085944A (en) * 2022-08-22 2022-09-20 四川蜀天信息技术有限公司 Multi-space scene RESTful API unified user authentication management method and system
CN117411725A (en) * 2023-12-13 2024-01-16 深圳竹云科技股份有限公司 Portal application authentication method and device and computer equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120266229A1 (en) * 2011-04-12 2012-10-18 Salesforce.Com, Inc. Inter-application management of user credential data
US20140331240A1 (en) * 2012-01-20 2014-11-06 Huawei Technologies Co., Ltd. Method, device and system for using and invoking oauth api
CN111131301A (en) * 2019-12-31 2020-05-08 江苏徐工信息技术股份有限公司 Unified authentication and authorization scheme

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120266229A1 (en) * 2011-04-12 2012-10-18 Salesforce.Com, Inc. Inter-application management of user credential data
US20140331240A1 (en) * 2012-01-20 2014-11-06 Huawei Technologies Co., Ltd. Method, device and system for using and invoking oauth api
CN111131301A (en) * 2019-12-31 2020-05-08 江苏徐工信息技术股份有限公司 Unified authentication and authorization scheme

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张寅等: "基于JDBC的微博信息采集及处理技术", 《信息安全与通信保密》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794679A (en) * 2021-08-02 2021-12-14 浪潮软件股份有限公司 Method and system for preventing automatic script number robbing
CN113794679B (en) * 2021-08-02 2023-04-18 浪潮软件股份有限公司 Method and system for preventing automatic script number robbing
CN113992415A (en) * 2021-10-28 2022-01-28 重庆忽米网络科技有限公司 Unified authentication and authorization method based on OAuth2 protocol
CN114143039A (en) * 2021-11-05 2022-03-04 中国电子科技集团公司第十五研究所 Global multistage unified safe data transmission method and server cluster
CN114143039B (en) * 2021-11-05 2024-04-16 中国电子科技集团公司第十五研究所 Global multistage unified secure data transmission method and server cluster
CN114037107A (en) * 2021-11-16 2022-02-11 中国农业银行股份有限公司深圳市分行 Method, system and storage medium for realizing bank multi-terminal appointment number taking
CN113839966A (en) * 2021-11-26 2021-12-24 北京慧点科技有限公司 Security management system based on micro-service
CN113839966B (en) * 2021-11-26 2022-02-22 北京慧点科技有限公司 Security management system based on micro-service
CN114157565A (en) * 2022-02-08 2022-03-08 南京芒可可信息科技有限公司 System and method for supporting privatized deployment
CN115085944A (en) * 2022-08-22 2022-09-20 四川蜀天信息技术有限公司 Multi-space scene RESTful API unified user authentication management method and system
CN117411725A (en) * 2023-12-13 2024-01-16 深圳竹云科技股份有限公司 Portal application authentication method and device and computer equipment
CN117411725B (en) * 2023-12-13 2024-04-30 深圳竹云科技股份有限公司 Portal application authentication method and device and computer equipment

Also Published As

Publication number Publication date
CN112235285B (en) 2023-01-10

Similar Documents

Publication Publication Date Title
CN112235285B (en) Method and system for user authentication mode and service based on non-session
CN109981561B (en) User authentication method for migrating single-body architecture system to micro-service architecture
US8381271B2 (en) Method and system for providing user access to a secure application
US10728235B2 (en) System and method for mobile single sign-on integration
US11283805B2 (en) Cloud device account configuration method, apparatus and system, and data processing method
CN113630377B (en) Single sign-on for hosted mobile devices
US11526620B2 (en) Impersonation for a federated user
EP3550784B1 (en) Resource sharing method, device and system
US11477641B2 (en) System and method for authentication session transfer using application download links
WO2016173199A1 (en) Mobile application single sign-on method and device
WO2020134838A1 (en) Authority verification method and related device
JP2018522323A (en) Voice communication processing method and system, electronic apparatus, and storage medium
CN112583834B (en) Method and device for single sign-on through gateway
CN116170234B (en) Single sign-on method and system based on virtual account authentication
US9887872B2 (en) Hybrid application environments including hosted applications and application servers for interacting with data in enterprise environments
US10623370B1 (en) Secure data flow for virtual workspaces
EP1903741A1 (en) Method and system for providing user access to a secure application
AU2006201131B2 (en) Method and system for providing user access to a secure application
CN115834252B (en) Service access method and system
US11889000B2 (en) Shared device secure access
Mahajan et al. Window azure Active Directory Services for Maintaining Security & Access Control
AU2006220381B2 (en) Method and system for providing user access to a secure application
Li An AWS-Based Remote Access System for Software-Defined Wireless Testbeds
CN117459245A (en) Method, device and system for accessing identity data
CN114422212A (en) Industrial Internet device cloud connection method, system and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20221103

Address after: 250100 room 3108, 31 / F, building S02, Langchao Science Park, No. 1036 Langchao Road, Jinan area, China (Shandong) pilot Free Trade Zone, Jinan, Shandong

Applicant after: Shandong Langchao Intelligent Medical Technology Co.,Ltd.

Address before: Room 215, east block, Xiyuan building, intersection of Shun'an Road, Yantai Road, Huaiyin District, Jinan City, Shandong Province

Applicant before: SHANDONG HEALTH MEDICAL BIG DATA Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant