CN113206821A - Cloud desktop single sign-on method, network equipment and storage medium - Google Patents
Cloud desktop single sign-on method, network equipment and storage medium Download PDFInfo
- Publication number
- CN113206821A CN113206821A CN202110264830.5A CN202110264830A CN113206821A CN 113206821 A CN113206821 A CN 113206821A CN 202110264830 A CN202110264830 A CN 202110264830A CN 113206821 A CN113206821 A CN 113206821A
- Authority
- CN
- China
- Prior art keywords
- cloud desktop
- authentication information
- user authentication
- client
- single sign
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
Abstract
The application provides a cloud desktop single sign-on method, network equipment and a storage medium, wherein the cloud desktop single sign-on method is used for receiving a connection protocol establishment request sent by a client and establishing connection; and acquiring user authentication information from the client. According to the method and the device, after the user inputs the user authentication information through the client and logs in successfully, the connection protocol is established between the client and the selected cloud desktop, the selected cloud desktop acquires the user authentication information and logs in automatically, the user operation is convenient, and errors are not prone to occurring.
Description
Technical Field
The specification relates to the technical field of communication, in particular to a cloud desktop single sign-on method, network equipment and a storage medium.
Background
The cloud desktop platform is based on a virtual desktop infrastructure, can host the desktop environment of a user to a high-performance server in a cloud desktop mode, and provides the user with almost the same user experience as a physical computer. The method is widely applied to the solution of the cloud desktop such as daily office, school teaching and the like.
The common user can log in the cloud desktop to be selected through client equipment such as a computer and the like to complete daily office work. An administrator can perform visual management and batch deployment on all cloud desktop resources to meet the requirements of a large number of users.
According to the knowledge of the inventor, a user logs in a cloud desktop through a client, and usually user authentication information such as a user name and a password is input on the client, and then the same user authentication information is input on the selected cloud desktop, so that the user can realize operation and office work on the cloud desktop on the client.
However, since the user authentication information needs to be input on both the user side and the cloud desktop, if the user authentication information is input incorrectly, normal login may not be performed, and the user needs to input the user authentication information again, which is troublesome to use.
Disclosure of Invention
In order to overcome the problems in the related art, the present specification provides a cloud desktop single sign-on method, a network device, and a storage medium.
According to a first aspect of embodiments of the present specification, there is provided a cloud desktop single sign-on method,
receiving a connection protocol establishment request sent by a client and establishing connection;
and acquiring user authentication information from the client.
Preferably, the obtaining of the user authentication information from the client includes:
initiating a request for acquiring user authentication information to a client;
and receiving client authentication information sent by the client.
Preferably, the obtaining of the user authentication information from the client includes:
and receiving client authentication information sent by the client regularly.
Preferably, after the connection protocol is established, the user authentication information is triggered to be acquired by the user.
Preferably, the automatic login is performed after the user authentication information is acquired.
Preferably, a disable mark request is sent to the client for the acquired user authentication information.
Preferably, the receiving a connection establishment protocol sent by the client and performing single sign-on component deployment before establishing the connection includes:
saving the path of the single sign-on component and filling in the default character string.
A second aspect provides a cloud desktop single sign-on method,
receiving input user authentication information and sending the user authentication information to a control server;
receiving a cloud desktop list sent by a control server, and confirming the received selected cloud desktop;
initiating a connection protocol request to the selected cloud desktop;
and acquiring a request for acquiring user authentication information initiated by the selected cloud desktop, and sending the user authentication information to the selected cloud desktop.
Preferably, a request for disabling the user authentication information sent by the selected cloud desktop is received, and the disabling marking is performed on the user authentication information.
A third aspect provides a network device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the processor executes the cloud desktop single sign-on method.
Finally, a storage medium is provided, on which computer program instructions are stored, and the program instructions are used for the cloud desktop single sign-on method when being executed by a processor.
The technical scheme provided by the embodiment of the specification can have the following beneficial effects:
in the embodiment of the description, after the user inputs the user authentication information through the client and successfully logs in, a connection protocol is established between the client and the selected cloud desktop, and the selected cloud desktop acquires the user authentication information and automatically logs in, so that the user operation is convenient and the error is not easy to make.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the specification.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present specification and together with the description, serve to explain the principles of the specification.
FIG. 1 is a schematic diagram of networking of an embodiment of the present application;
FIG. 2 is an interaction flow diagram of an embodiment of the application;
fig. 3 is an internal block diagram of a network device according to the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the specification, as detailed in the appended claims.
In order to solve the problems in the background art, the application provides a cloud desktop single sign-on method, taking fig. 1 as an example, the method includes multiple clients (client 1 and client 2) and multiple cloud desktops (cloud desktop 1, cloud desktop 2 and cloud desktop 3), where the clients and the cloud desktops are all connected to a control server and are controlled by instructions sent by the control server. In this embodiment, for example, a connection is established by selecting a cloud desktop 3 to perform cloud office operation as an example when a user logs in user authentication information at a client 2.
As shown in fig. 2, in the embodiment of the present application, a user inputs user authentication information from a client 2 to perform a login operation, the user authentication information is sent to a control server to perform login authentication, and if the authentication is successful, the control server sends a cloud desktop device list including a cloud desktop managed by the control server to the client 2, for example, the cloud desktop device list includes a cloud desktop 1, a cloud desktop 2, and a cloud desktop 3. The customer makes a cloud desktop selection from client 2. After the cloud desktop 3 is selected, a connection protocol establishing request is sent to the cloud desktop 3, and the cloud desktop 3 receives the connection establishing request sent by the client 2 and establishes connection. In the embodiment of the present application, the connection protocol may use an existing RDP, spice, or the like, and may also use a self-developed connection protocol, which is not limited herein. It should be noted that the cloud desktop includes a self-contained operating system and a self-developed running agent, and the connection establishment protocol request sent by the client can only be sent to the running agent of the cloud desktop, but the operating system does not know the request. The operating system sends a trigger login to the operating agent only after the operating agent receives the request for establishing the connection protocol, and after the operating system sends a user authentication information request to the operating agent, the operating agent sends the user authentication information request to the client and acquires the user authentication information. And the operation agent sends the user authentication information to the operating system after acquiring the user authentication information of the client, and the operating system finishes the automatic login of the user authentication information. The cloud desktop login can be realized only by inputting user authentication information once at the client, the operation is simple and convenient, and errors are not easy to occur.
It should be noted that, because the operating system and the running agent are two independent modules of the cloud desktop, deployment of the single sign-on component is required before the cloud desktop can implement the above operation. Specifically, the single sign-on component path is saved under the system directory and filled in with default strings. Thus, when the operating system enters the login process, the single sign-on component requests the user authentication information from the running agent through the named pipeline of the operating system.
When a user connects to a cloud desktop through a client, there are generally three scenarios: the cloud desktop comprises a cloud desktop shutdown state, a screen locking state and a desktop state. When the cloud desktop is in the state switching condition from the desktop state to the shutdown state or the screen locking state, the running agent of the cloud desktop sends a trigger login to the operating system of the cloud desktop, so that the operating system requests user authentication information and performs the operation of obtaining the user authentication information from the user side and automatically logging in again. For example, to avoid the above-described operations, after the operating system successfully completes the auto-login, the operating system may send a request to disable the user authentication information to the running agent. The running agent sends the forbidden user authentication information request to the client, and the client carries out forbidden marking on the user authentication information according to the request. Therefore, the operating system sends a request for obtaining the user authentication information again, and the client does not respond to the request any more because the client is marked. The problem of repeated login is avoided. When the user logs off from the client, the disable flag of the user authentication information is deleted.
The user authentication information of the present application may include a domain to which and a specified group, in addition to the user name and password which have been described previously. It should be noted that, in the present application, the self-contained operating system in the cloud desktop may be understood as, for example, a windows system or a Linux system, etc., and is not limited herein.
A network device includes a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the processor executes the cloud desktop single sign-on method, as shown in fig. 3.
A storage medium having stored thereon computer program instructions for implementing the cloud desktop single sign-on method described above when executed by a processor.
It will be understood that the present description is not limited to the precise arrangements described above and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present description is limited only by the appended claims.
The above description is only a preferred embodiment of the present disclosure, and should not be taken as limiting the present disclosure, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (11)
1. A cloud desktop single sign-on method is characterized in that,
receiving a connection protocol establishment request sent by a client and establishing connection;
and acquiring user authentication information from the client.
2. The cloud desktop single sign-on method of claim 1, wherein obtaining user authentication information from the client comprises:
initiating a request for acquiring user authentication information to the client;
and receiving client authentication information sent by the client.
3. The cloud desktop single sign-on method of claim 1, wherein obtaining user authentication information from the client comprises:
and receiving client authentication information sent by the client regularly.
4. The cloud desktop single sign-on method of claim 1, wherein after a connection protocol is established, triggering itself to obtain the user authentication information.
5. The cloud desktop single sign-on method according to claim 4, wherein automatic sign-on is performed after the user authentication information is acquired.
6. The cloud desktop single sign-on method of claim 5, wherein a disable flag request is sent to the client for the obtained user authentication information.
7. The cloud desktop single sign-on method of claim 1, wherein receiving a connection establishment protocol sent by a client and performing single sign-on component deployment before establishing a connection comprises:
saving the path of the single sign-on component and filling in the default character string.
8. A cloud desktop single sign-on method is characterized in that:
receiving input user authentication information and sending the user authentication information to a control server;
receiving a cloud desktop list sent by the control server, and confirming the received selected cloud desktop;
initiating a connection protocol request to the selected cloud desktop;
and acquiring a request for acquiring user authentication information initiated by the selected cloud desktop, and sending the user authentication information to the selected cloud desktop.
9. The cloud desktop single sign-on method of claim 8,
and receiving a request for forbidding the user authentication information sent by the selected cloud desktop, and forbidding and marking the user authentication information.
10. A network device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to perform the cloud desktop single sign-on method of any one of claims 1-7.
11. A storage medium having computer program instructions stored thereon, wherein the program instructions, when executed by a processor, are for implementing the cloud desktop single sign-on method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110264830.5A CN113206821A (en) | 2021-03-11 | 2021-03-11 | Cloud desktop single sign-on method, network equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110264830.5A CN113206821A (en) | 2021-03-11 | 2021-03-11 | Cloud desktop single sign-on method, network equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113206821A true CN113206821A (en) | 2021-08-03 |
Family
ID=77025371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110264830.5A Withdrawn CN113206821A (en) | 2021-03-11 | 2021-03-11 | Cloud desktop single sign-on method, network equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113206821A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844663A (en) * | 2022-03-02 | 2022-08-02 | 阿里巴巴(中国)有限公司 | Desktop sharing method, system, storage medium and equipment |
-
2021
- 2021-03-11 CN CN202110264830.5A patent/CN113206821A/en not_active Withdrawn
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844663A (en) * | 2022-03-02 | 2022-08-02 | 阿里巴巴(中国)有限公司 | Desktop sharing method, system, storage medium and equipment |
| CN114844663B (en) * | 2022-03-02 | 2024-03-01 | 阿里巴巴(中国)有限公司 | Desktop sharing method, system, storage medium and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10505733B2 (en) | Generating and managing a composite identity token for multi-service use | |
| US11088903B2 (en) | Hybrid cloud network configuration management | |
| US20200162454A1 (en) | Self-federation in authentication systems | |
| US10021098B2 (en) | Account login method, device, and system | |
| US8924592B2 (en) | Synchronization of server-side cookies with client-side cookies | |
| CN107925877B (en) | System and method for centralized configuration and authentication | |
| US10331505B2 (en) | Application programming interface (API) hub | |
| CN107743702B (en) | Single sign-on for hosting mobile devices | |
| EP4018617B1 (en) | Managing permissions to cloud-based resources with session-specific attributes | |
| US20140325618A1 (en) | System and method for delivering external data to a process running on a virtual machine | |
| WO2015171578A1 (en) | Task coordination in distributed systems | |
| CN107636603A (en) | Location-based device availability | |
| WO2015049825A1 (en) | Terminal authentication and registration system, method for authenticating and registering terminal, and storage medium | |
| WO2021120180A1 (en) | Virtual workspace experience visualization and optimization | |
| CN114024841A (en) | Server cluster deployment method and device, computing equipment and storage medium | |
| US7996674B2 (en) | LDAP user authentication | |
| US11722481B2 (en) | Multiple identity provider authentication system | |
| CN113206821A (en) | Cloud desktop single sign-on method, network equipment and storage medium | |
| KR20210089113A (en) | A method, an apparatus, an electronic device and a storage medium for communicating between private networks | |
| JP2022506847A (en) | Automatic keyboard mapping for virtual desktops | |
| US20230216846A1 (en) | Quantum Entanglement Communication Service | |
| CN111193776B (en) | Method, device, equipment and medium for automatically logging in client under cloud desktop environment | |
| US20210092101A1 (en) | Connecting Client Devices To Anonymous Sessions Via Helpers | |
| CN113051035A (en) | Remote control method, device and system and host machine | |
| US20230419067A1 (en) | ENHANCED QUICK RESPONSE (qr) CODE SCAN SECURITY |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210803 |