CN114238927A - Business system login method, system, device, computer equipment and storage medium - Google Patents

Business system login method, system, device, computer equipment and storage medium Download PDF

Info

Publication number
CN114238927A
CN114238927A CN202111486078.5A CN202111486078A CN114238927A CN 114238927 A CN114238927 A CN 114238927A CN 202111486078 A CN202111486078 A CN 202111486078A CN 114238927 A CN114238927 A CN 114238927A
Authority
CN
China
Prior art keywords
service system
login
user
business
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111486078.5A
Other languages
Chinese (zh)
Inventor
张小健
肖景辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
CCB Finetech Co Ltd
Original Assignee
China Construction Bank Corp
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp, CCB Finetech Co Ltd filed Critical China Construction Bank Corp
Priority to CN202111486078.5A priority Critical patent/CN114238927A/en
Publication of CN114238927A publication Critical patent/CN114238927A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • G06F21/1078Logging; Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services

Abstract

The application relates to a business system login method, a system, a device, computer equipment and a storage medium. The method comprises the following steps: and acquiring user information of the login user, inquiring the unified authentication library through the user information, determining whether a service system with a mapping relation with the login user exists, and if the service system with the mapping relation with the login user exists, determining a target service system from the service systems with the mapping relation with the login user and entering the target service system. By adopting the method, different service systems can be accessed by logging in the unified authentication platform once, so that the single sign-on can be rapidly accessed to the target service system, and the complexity of the service system login process is reduced.

Description

Business system login method, system, device, computer equipment and storage medium
Technical Field
The present application relates to the field of information system integration service technology, and in particular, to a method, a system, an apparatus, a computer device, and a storage medium for logging in a business system.
Background
The provincial and government affair service data administration has promoted the construction of provincial unified certification platforms, and in order to meet the construction requirements of national government affair service platforms, users at government affair terminals, industry terminals and public terminals need to log in a plurality of business systems of a digital housing integrated platform.
In the traditional technology, different business systems need to be mapped and bound with a government affair end, an industry end and a public end one by one, and after the mapping and binding are completed, users of the government affair end, the industry end and the public end respectively log in a target business system in a multi-layer mode from respective unified authentication platforms through login accounts. However, the traditional technology has the problem that the mapping process between the service system and the unified authentication platform at different ends is complex.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a business system login method, system, device, computer device, and storage medium.
A business system login method, the method comprising:
acquiring user information of a login user;
inquiring a unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
In one embodiment, the method further comprises:
and if the business system with the mapping relation with the login user exists, determining a target business system from the business systems with the mapping relation with the login user, and entering the target business system.
In one embodiment, the binding the user information and the target service system to be logged in by the logged-in user includes:
acquiring system identification information of the target service system to be logged in based on a service system binding parameter setting interface;
and binding the user information with the system identification information of the target service system.
In one embodiment, the determining a target business system from the business systems having a mapping relationship with the login user includes:
displaying the business system with a mapping relation with the login user based on a business system login interface;
acquiring a service system selection instruction based on a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by the login user;
and determining the target service system according to the service system selection instruction.
In one embodiment, the method further comprises:
if the target service system to be logged by the login user does not exist in the service system displayed on the service system login interface, acquiring system identification information of the target service system to be logged based on a service system binding parameter setting interface;
and binding the user information with the system identification information of the target service system, and entering the target service system according to a binding result.
In one embodiment, the querying, by the user information, a unified authentication library to determine whether a service system having a mapping relationship with the login user exists includes:
matching the user information with user information stored in the unified authentication library;
if the matching is successful, determining that a service system having a mapping relation with the login user exists;
and if the matching fails, determining that no business system with the mapping relation with the login user exists.
A business system login system, the system comprising: the system comprises a unified authentication platform, a unified authentication middle platform system and a service system;
the unified authentication platform is used for providing a login interface for a login user;
the uniform authentication central station system is used for executing the steps in any embodiment of the business system login method;
and the business system is used for providing business service for the login user.
A business system login apparatus, the apparatus comprising:
the user information acquisition module is used for acquiring the user information of the login user;
the query module is used for querying a unified authentication library through the user information and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
the target system determining module is used for binding the user information with a target service system to be logged in by the login user when the query result of the query module indicates that the service system which has a mapping relation with the login user does not exist, and entering the service system to be logged in according to the binding result;
and the target system login module is used for logging in the target service system according to the user information.
A computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the following steps when executing the computer program:
acquiring user information of a login user;
inquiring a unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
A storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of:
acquiring user information of a login user;
inquiring a unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
According to the business system login method, the business system login system, the device, the computer equipment and the storage medium, the computer equipment can acquire the user information of the login user, inquire the unified authentication library through the user information, determine whether the business system with the mapping relation with the login user exists, if the business system with the mapping relation with the login user does not exist, bind the user information with the target business system to be logged in by the login user, and enter the business system to be logged in according to the binding result; the method avoids the process that the target service system needs to be directly mapped and bound with the unified authentication platforms of different ends respectively, and can complete the mapping between the service system and the unified authentication platforms of different ends only by binding the user information and the target service system to be logged in by the login user through the server, thereby reducing the complexity of the mapping process between the service system and the unified authentication platforms of different ends.
Drawings
FIG. 1 is an internal configuration diagram of a computer device in the first embodiment
Fig. 2 is a schematic flow chart of a service system login method in a second embodiment;
fig. 3 is a schematic flow chart of a method for binding user information with a target service system to be logged in by a login user in the third embodiment;
FIG. 4 is a flowchart illustrating a method for determining a target business system from business systems mapped to logged-on users in a fifth embodiment;
FIG. 5 is a flowchart illustrating a method for logging in a target business system in a sixth embodiment;
fig. 6 is a block diagram showing a configuration of a service system registration device corresponding to the method in the second embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The service system login method provided by the application can be applied to the computer equipment shown in fig. 1. As shown in fig. 1, the computer apparatus includes a processor, a memory, a network interface, a display screen, and an input device, which are connected through a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities.
The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing a unified authentication library. The network interface of the computer device is used for communicating with an external endpoint through a network connection. The computer program is executed by a processor to implement a business system login method.
Those skilled in the art will appreciate that the architecture shown in fig. 1 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In addition, the data acquisition, storage, use and/or processing and the like in the embodiment all conform to relevant regulations of national laws and regulations.
In one embodiment, as shown in fig. 2, a business system login method is provided, which is described by taking the example that the method is applied to the computer device in fig. 1, and includes the following steps:
and S100, acquiring user information of the login user.
Specifically, when a login user logs in the unified authentication platform, a login account and a login password may be input on a login interface of the unified authentication platform, and then a login request is input, at this time, the computer device may obtain user information of the login user, where the user information may be the login account and the login password input when the login user logs in the unified authentication platform. The login user may input the login account and the login password by a manual input method or a voice input method, which is not limited. The input mode of the login request can be a method for triggering a login control on a login interface of the unified authentication platform through a mouse by a user, and can also be a voice input method. The login account may be an identity card number, a mobile phone number, a micro signal, a QQ number, and the like of the login user, and is only a unique identification code of the login user, which is not specifically limited. The login password may be a string of characters customized by the login user, such as a combination of numbers, letters and/or special symbols.
In this embodiment, the computer device may indirectly execute the embodiment corresponding to the service system login method through the unified authentication middlebox system. The government affair terminal can have a unified authentication platform for the government affair segment user to log in the target business system; and the industry end and the public end can share another unified authentication platform so as to allow the industry end and the public end users to log in the target service system.
S200, inquiring the unified authentication library through user information, and determining whether a service system having a mapping relation with a login user exists or not; the unified authentication library comprises a mapping relation between the user and the service system.
Specifically, the unified authentication library may store mapping relationships between all users who have logged in the unified authentication platform before the current time and the service systems that the users have logged in, and may also store user identification information, user images, and the like corresponding to the mapping relationships, where the mapping relationships may be corresponding relationships between login information of the users and the service systems, and the login information may be information of user login time, user login location, user login websites, and the like.
It should be noted that, the computer device calls the query interface through the unified authentication console system, then the query interface can determine the user identification information through the user information, then query the mapping relationship between the user corresponding to the login user in the unified authentication library and the service system according to the user identification information, or determine the user image through the user information, then query the mapping relationship between the user corresponding to the login user in the unified authentication library and the service system according to the user image, or directly query the mapping relationship between the user corresponding to the login user in the unified authentication library and the service system through the user information.
In addition, the same logged-on user may have logged on to one or more business systems before the current time. The unified authentication library may be stored in a unified authentication platform.
S300, if the business system which has the mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
Specifically, the user information may be user information corresponding to a login user who logs in the unified authentication platform. The business system can be understood as a system facing government affairs, industry and public terminals. The system facing the government affair end can be a system for conducting business handling, business auditing and business management for a main management door of a building business; the system facing the industry end can be a system provided for a surveying and mapping institution, a developer, a brokerage agency, a financial institution and the like to transact business and submit system audit of a government affair end, and the industry end can be called a bank end, a brokerage agency end and the like according to a user; the system facing the public end can be a system for providing natural people to perform business transaction, public notice inquiry and processed business inquiry. In this embodiment, various businesses such as house property transaction, public deposit, medical insurance, endowment insurance, and the like can be handled through the business system, and the business system can be a house property transaction management system, a public deposit management system, a house lease management system, a property service management system, and other business systems. The unified authentication platform can be understood as a platform for providing services such as user account authentication and single sign-on for accessing various service systems, and the single sign-on can be understood as a platform for accessing all service systems which are mutually trusted by a user only needing to log on once.
The unified authentication library not only stores the mapping relation between the users and the service system, but also stores a government affair user mapping information table, a government affair user organization relation table and a common user mapping information table; the government affair user mapping information table can store the binding relationship between the government affair end login user and the service system login user in the historical time period, the government affair user organization relationship table can store the organization information of the department where the government affair end login user is located in the historical time period, and the common user mapping information table can store the binding relationship between the login user and the service system login user in the historical time period.
It should be noted that, if the computer device determines that the query result is that the service system having a mapping relationship with the login user does not exist in the unified authentication library, this indicates that the login user has never logged in the service system through the unified authentication platform before, at this time, the computer device is required to bind the user information with the target service system to be logged in by the login user, and then enter the bound target service system. The user information may be bound to system identification information of a target service system to be logged in by a login user, the user information may also be bound to configuration information of the target service system to be logged in by the login user, and of course, the user information may also be bound to attribute information of the target service system to be logged in by the login user. The present embodiment is not limited to binding the user information with such information of the target business system.
In the business system login method, the computer equipment can acquire the user information of the login user, inquire the unified authentication library through the user information, determine whether the business system with the mapping relation with the login user exists, and bind the user information with the target business system to be logged in of the login user if the business system with the mapping relation with the login user does not exist, and then directly enter the bound target business system; the method can acquire the user information of the login user through the login unified authentication platform, and then can determine the target service system from all the service systems when determining that the service system having the mapping relation with the login user exists according to the user information, and then directly enter the target service system without repeatedly performing the login process so as to enter the target service system, thereby saving the login time; meanwhile, the method can enter different service systems by logging in the unified authentication platform once, so that the single sign-on can be rapidly entered into the target service system, and the complexity of the service system logging-in process is reduced; in addition, the method avoids the process that the target service system needs to be directly mapped and bound with the unified authentication platforms of different ends respectively, and can complete the mapping between the service system and the unified authentication platforms of different ends only by binding the user information and the target service system to be logged in by the login user through the server, thereby reducing the complexity of the mapping process between the service system and the unified authentication platforms of different ends.
As an embodiment, after the step in S200, the service system login method may further include: and if the business system with the mapping relation with the login user exists, determining a target business system from the business systems with the mapping relation with the login user, and entering the target business system.
Specifically, if the computer device determines that the query result is that a service system having a mapping relationship with the login user exists in the unified authentication library, then the login user can determine a target service system from one or more service systems that the login user has logged in, at this time, the computer device can obtain the selected information of the target service system, and the computer device directly jumps to the home page of the target service system according to the received selected information, that is, directly enters the target service system. The selected information may be identification information of the selected target service system.
When the business system having a mapping relation with the login user is determined to exist, the business system login method can determine the target business system from the business systems having the mapping relation with the login user and enter the target business system, and the method can enter the target business system without repeatedly performing the login process, so that the login time is saved; meanwhile, the method can enter the target service system by logging in the unified authentication platform once, so that the single sign-on can be rapidly entered into the target service system, and the complexity of the service system login process is reduced.
As an embodiment, as shown in fig. 3, the step of binding the user information with the target service system to be logged in by the logged-in user may be implemented by the following steps:
s500, based on the service system binding parameter setting interface, obtaining the system identification information of the target service system to be logged in.
Specifically, the login user may input a service system binding parameter setting interface opening instruction, then the computer device opens the service system binding parameter setting interface after receiving the service system binding parameter setting interface opening instruction, and the login user manually inputs the system identification information of the target service system to be logged in the service system binding parameter setting, and stores the system identification information after the setting is completed, so that the computer device may obtain the system identification information of the target service system to be logged in. The method for inputting the service system binding parameter setting interface opening instruction by the login user may be a method for triggering the service system binding parameter setting interface to open the control through a mouse, or a method for inputting voice, which is not limited to this. The system identification information of the target business system may be represented by numbers, letters, and/or special characters.
In this embodiment, the purpose of inputting the system identification information of the target service system to be logged in on the service system binding parameter setting interface is to send a service system binding request instruction to the target service system. Further, after the target service system receives the service system binding request instruction, both the uniform authentication middlebox system and the target service system in the service system login system can perform parameter configuration according to the parameter information in the registry of the target service system which is stored in advance, and after the configuration is completed, the computer equipment can bind the received system identification information of the target service system with the user information to realize the binding of the user information and the target service system. The registry of the target service system may include registration information, attribute information, configuration information, contact information of a person in charge, and the like of the target service system.
In this embodiment, the initial parameter only needs to be set once, and then each service system and the unified certification central office system can store the set registry containing the target parameter, and do not need to be set repeatedly during subsequent use.
Illustratively, the registry of the business system may typically contain the following information: the name of the service system, the name of a person in charge of the service system, a contact telephone of the person in charge of the service system, a mailbox of the person in charge of the service system, address parameters which are required to be provided for a service system management platform by the service system, address parameters which can be fed back to the service system by the service system management platform and the like. The address parameters which need to be provided for the service system management platform by the service system can include test environment server addresses (commas are used for separating a plurality of addresses), production environment domain names, service system home page addresses, newly-added user interface addresses, user login interface addresses, service system self-defined request header parameters, access connections provided for the service system, service system self-defined parameters and the like; the address parameters that the service system management platform will feed back to the service system may include an access link, a predetermined key, a service system address, a service system name, an external query interface, a logout interface, and so on. The specific information in the registry of the service system can be changed at any time according to the actual situation.
S600, binding the user information with the system identification information of the target service system.
Specifically, the computer device may associate the user information with the received system identification information of the target service system, so as to complete the binding between the user information and the target service system.
In this embodiment, after the user information is bound to the target service system, the binding information may be sent to the unified authentication platform, and the unified authentication platform synchronizes the user information and the binding information to the unified authentication library, where the binding information may be a mapping relationship between the user and the service system.
It can be understood that, before the target service system sends the system identification information to the computer device, a new user interface may be added, and the new user interface needs to satisfy the corresponding new rule. When a login user firstly enters a target service system, a newly added user interface is required to be called, user information of the login user is stored in a database of the target service system, then the target service system returns a field information, namely local _ userid, to the computer equipment, so that the computer equipment is informed that the current login user has accessed the target service system through the field information, that is, when any user accesses the target service system in a historical time period, the user information of the access user can be stored in the database of the target service system. The newly added rule may be a request header parameter and a field rule predefined by the central station system of unified authentication, for example, a timestamp of the current time unix is accurate to second, a non-repetitive random string (which cannot be repeated within ten minutes) generated by a caller, a service system number allocated during service system registration, whether verification is required after data encryption is valid, an encryption key allocated during service system registration, and the like. In addition, each time a login user accesses the target service system, the unified authentication console system can send user information to the target service system, then the target service system calls a login authorization interface, the login authorization interface can match the user information stored in the database of the target service system with the received user information of the login user, if the matching is unsuccessful, the target service system needs to send prompt information to the unified authentication console system, meanwhile, the target service system can also add a new user interface, then call the new user interface, and store the user information of the login user in the database of the target service system.
Meanwhile, each service system can also provide a user logout interface, so that after the service systems are successfully logged out, each service system can call the user logout interface to inform the unified certification middle station system that the service system is logged out.
The business system login method can bind the user information with the target business system to be logged in by the login user, and further directly enter the bound target business system, so that the target business system can be accessed by logging in the unified authentication platform once, thereby realizing that single-point login quickly enters the target business system, and reducing the complexity of the business system login process; meanwhile, the method avoids the process that the target service system needs to be directly mapped and bound with the unified authentication platforms of different ends respectively, and can complete the mapping between the service system and the unified authentication platforms of different ends only by binding the user information and the target service system to be logged in by the login user through the server, thereby reducing the complexity of the mapping process between the service system and the unified authentication platforms of different ends.
As an embodiment, as shown in fig. 4, the step of determining the target business system from the business systems having a mapping relationship with the logged-in user in S300 may be implemented by the following steps:
s310, displaying the business system with the mapping relation with the login user based on the login interface of the business system.
Specifically, if the computer device determines that the query result is that the service system having a mapping relationship with the login user exists in the unified authentication library, all the service systems having a mapping relationship with the login user may be further displayed on a service system login interface for the user to view all the service systems, so as to determine the target service system. The business system can be displayed in a visual form or a hyperlink form, and the display form of the business system is not limited.
S320, acquiring a service system selection instruction based on a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by a login user.
It can be understood that the login user may trigger the target service system displayed on the service system login interface, and then the computer device may obtain the service system selection instruction. Any service system displayed on the service system login interface can be a target service system. The method for triggering the target service system by the login user can be a method of clicking a visual graph or hyperlink corresponding to the target service system by a mouse, and can also be a voice triggering method.
S330, determining a target service system according to the service system selection instruction.
Specifically, the computer device may determine the target service system to be logged in by the login user according to the system identification information of the target service system selected by the login user.
The business system login method can display the business system with a mapping relation with a login user based on a business system login interface, obtain a business system selection instruction based on the business system login interface, determine a target business system according to the business system selection instruction, and then directly enter the target business system according to the determined target business system, can determine the target business system from all business systems, then directly enter the target business system, and can enter the target business system without repeatedly performing a login process, so that the login time is saved; meanwhile, the method quickly enters the target service system through single sign-on, thereby reducing the complexity of the service system sign-on process.
As an embodiment, after the step of S310, as shown in fig. 5, the service system login method may further include:
s340, if the target service system to be logged by the login user does not exist in the service system displayed on the service system login interface, acquiring system identification information of the target service system to be logged based on the service system binding parameter setting interface.
Specifically, the login user can judge whether a target service system to be logged in exists in all service systems displayed on a service system login interface, if it is determined that the target service system to be logged in by the login user does not exist in the service systems displayed on the service system login interface, at this time, the login user can input a service system binding parameter setting interface opening instruction, then the computer device receives the service system binding parameter setting interface opening instruction, opens the service system binding parameter setting interface, and the login user manually inputs system identification information of the target service system to be logged in service system binding parameter setting, and after the setting is completed, the system identification information is stored, and at this time, the computer device can obtain the system identification information of the target service system to be logged in.
And S350, binding the user information with the system identification information of the target service system, and entering the target service system according to the binding result.
It can be understood that the computer device may bind the user information and the system identification information of the target service system, and further, may enter the target service system according to the binding result. The binding result may include binding success and binding failure. When the binding result is that the binding is successful, the computer equipment can directly jump to the home page of the target service system and enter the bound target service system; and when the binding result is binding failure, the computer equipment can repeatedly bind until the binding is successful, and then directly jumps to the home page of the target service system.
The business system login method can enter the target business system by logging in the unified authentication platform once, so that the single sign-on can be realized to quickly enter the target business system, and the complexity of the business system login process is reduced; meanwhile, the method avoids the process that the target service system needs to be directly mapped and bound with the unified authentication platforms of different ends respectively, and can complete the mapping between the service system and the unified authentication platforms of different ends only by binding the user information and the target service system to be logged in by the login user through the server, thereby reducing the complexity of the mapping process between the service system and the unified authentication platforms of different ends.
As an embodiment, the step of querying the unified authentication library through the user information in S200 to determine whether there is a service system having a mapping relationship with the login user may specifically be implemented by the following steps: and matching the user information with the user information stored in the unified authentication library, if the matching is successful, determining that the business system with the mapping relation with the login user exists, and if the matching is failed, determining that the business system with the mapping relation with the login user does not exist.
In this embodiment, the unified authentication library may store user information of all users who have logged in the unified authentication platform before the current time and a mapping relationship between the service systems that these logged in users have logged in and respective user information.
The computer equipment can match the user information of the login user with all the user information stored in the unified authentication library one by one. If the computer equipment determines that the user information of the login user is successfully matched with all the user information stored in the unified authentication library, the user information and the corresponding mapping relation of the login user are stored in the unified authentication library, namely, the business system with the mapping relation with the login user is determined to exist, and if the computer equipment determines that the user information of the login user is unsuccessfully matched with all the user information stored in the unified authentication library, the user information and the corresponding mapping relation of the login user are not stored in the unified authentication library, namely, the business system with the mapping relation with the login user does not exist.
The business system login method can match user information with user information stored in the unified authentication library, if the matching is successful, the business system with the mapping relation with the login user is determined to exist, if the matching is failed, the business system without the mapping relation with the login user is determined to not exist, then binding processing or display processing is carried out according to the matching result to determine the target business system, so that the target business system can be directly accessed, the target business system can be accessed without repeatedly performing the login process, and the login time is saved.
Another embodiment provides a business system login system, including: the system comprises a unified authentication platform, a unified authentication middle platform system and a service system;
the unified authentication platform is used for providing a login interface for a login user;
a unified certification central office system for performing the method in any one of the embodiments corresponding to fig. 2 to 6;
and the business system is used for providing business service for the login user.
Specifically, the unified authentication middlebox system can acquire user information of a login user, query the unified authentication library through the user information, determine whether a service system having a mapping relationship with the login user exists, and if the service system having the mapping relationship with the login user exists, determine a target service system from the service systems having the mapping relationship with the login user and enter the target service system.
It should be noted that, the unified authentication platform may provide a login interface for a login user, and the login interface may be a login interface of the unified authentication platform and a login interface of the service system. Meanwhile, the unified authentication platform can also provide a service system binding parameter setting interface and a single sign-on port. Meanwhile, a plurality of service systems can be maintained and managed through one service system management platform.
It can be understood that the unified authentication middling platform system can be in communication connection with the service system and the unified authentication platform, the unified authentication middling platform system is in communication connection with the domain name gateway of the unified authentication platform through the external gateway, and the unified authentication middling platform system is in communication connection with the gateways of the service systems through the internal gateway.
In the embodiment, the unified authentication platform and the plurality of service systems can be butted through the unified authentication middle platform system, and the condition that the plurality of service systems need to be butted with different ports in the unified authentication platform one by one is avoided, so that the port butting time can be reduced, the manpower resource is saved, the workload of service system butting is reduced, meanwhile, the service system login system can uniformly enter each service system through the unified authentication platform, a single sign-on service system is realized, the problem that a login user can enter the service system only after logging in through a plurality of login accounts is avoided, the speed of logging in the service system is improved, the login time is shortened, and the complexity of logging in the service system is reduced; in addition, the service system in the service system login system can not directly perform network data interaction with the unified authentication platform, and the unified authentication platforms respectively connected with the external network are converted into the unified authentication middle platform system connected with the internal network in a unified mode, so that the structure is clearer, and the management and the maintenance are convenient.
The business system login system provided in this embodiment may implement the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In order to facilitate understanding of those skilled in the art, the service system login method provided by the present application is described by taking an execution subject as a computer device as an example, and specifically, the method includes:
(1) and acquiring user information of the login user.
(2) And matching the user information with the user information stored in the unified authentication library.
(3) And if the matching is successful, determining that a business system having a mapping relation with the login user exists.
(4) And if the matching fails, determining that no business system with the mapping relation with the login user exists.
(5) And if the business system with the mapping relation with the login user exists, displaying the business system with the mapping relation with the login user based on a login interface of the business system.
(6) Acquiring a service system selection instruction based on a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by a login user.
(7) And determining a target service system according to the service system selection instruction.
(8) And if the target service system to be logged by the login user does not exist in the service system displayed on the service system login interface, acquiring system identification information of the target service system to be logged based on the service system binding parameter setting interface.
(9) And binding the user information with the system identification information of the target service system, and entering the target service system according to the binding result.
(10) And if the service system having the mapping relation with the login user does not exist, setting an interface based on the service system binding parameters, and acquiring the system identification information of the target service system to be logged in.
(11) And binding the user information with the system identification information of the target service system, and entering the target service system according to the binding result.
For the implementation processes of (1) to (11), reference may be specifically made to the description of the above embodiments, and the implementation principles and technical effects thereof are similar and are not described herein again.
It should be understood that, although the steps in the flowcharts of fig. 2 to 5 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-5 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps or stages.
In one embodiment, as shown in fig. 6, there is provided a business system login apparatus, including: a user information obtaining module 11, an inquiring module 12, a target system determining module 13 and a target system login module 14, wherein:
a user information obtaining module 11, configured to obtain user information of a login user;
the query module 12 is configured to query the unified authentication library through the user information, and determine whether a service system having a mapping relationship with the login user exists; the unified authentication library comprises a mapping relation between the user and the service system;
and the target system determining module 13 is configured to bind the user information with the target service system to be logged in by the login user when the query result of the query module 12 indicates that the service system having a mapping relationship with the login user does not exist, and enter the service system to be logged in according to the binding result.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In one embodiment, the service system login device further includes: a binding module, wherein:
and the binding module is used for determining a target business system from the business systems having the mapping relation with the login user and entering the target business system when the query result of the query module 12 is that no business system having the mapping relation with the login user exists.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In one embodiment, the binding module includes: a first system identifier obtaining unit and a first binding unit, wherein:
the first system identification acquisition unit is used for acquiring system identification information of a target service system to be logged in through a service system binding parameter setting interface;
and the first binding unit is used for binding according to the user information and the system identification information of the target service system.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In one embodiment, the target system determination module 13 includes: the system comprises a service system display unit, a selection instruction acquisition unit and a target system determination unit, wherein:
the business system display unit is used for displaying the business system which has a mapping relation with the login user through a business system login interface;
the selection instruction acquisition unit is used for acquiring a service system selection instruction through a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by a login user;
and the target system determining unit is used for determining the target service system according to the service system selection instruction.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In one embodiment, the target system determination module 13 further includes: a second system identifier obtaining unit and a second binding unit, wherein:
the second system identification obtaining unit is used for obtaining the system identification information of the target service system to be logged based on the service system binding parameter setting interface when the target service system to be logged by the login user does not exist in the service system displayed on the service system login interface;
and the second binding unit is used for binding the user information with the system identification information of the target service system and entering the target service system according to the binding result.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
In one embodiment, the query module 12 includes: a matching unit, a first determining unit and a second determining unit, wherein:
the matching unit is used for matching the user information with the user information stored in the unified authentication library;
the first determining unit is used for determining that a business system with a mapping relation with a login user exists when the matching result of the matching unit is that the matching is successful;
and the second determining unit is used for determining that no business system with a mapping relation with the login user exists when the matching result of the matching unit is matching failure.
The service system login device provided in this embodiment may execute the method embodiments described above, and the implementation principle and technical effect are similar, which are not described herein again.
For specific limitations of the service system login device, reference may be made to the above limitations of the service system login method, which is not described herein again. All or part of the modules in the business system login device can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having a computer program stored therein, the processor implementing the following steps when executing the computer program:
acquiring user information of a login user;
inquiring the unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists; the unified authentication library comprises a mapping relation between the user and the service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
In one embodiment, a storage medium is provided having a computer program stored thereon, the computer program when executed by a processor implementing the steps of:
acquiring user information of a login user;
inquiring the unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists; the unified authentication library comprises a mapping relation between the user and the service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
In one embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, performs the steps of:
acquiring user information of a login user;
inquiring the unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists; the unified authentication library comprises a mapping relation between the user and the service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (16)

1. A method for logging in a service system, the method comprising:
acquiring user information of a login user;
inquiring a unified authentication library through the user information, and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
and if the business system which has a mapping relation with the login user does not exist, binding the user information with the target business system to be logged in by the login user, and entering the business system to be logged in according to the binding result.
2. The method of claim 1, further comprising:
and if the business system with the mapping relation with the login user exists, determining a target business system from the business systems with the mapping relation with the login user, and entering the target business system.
3. The method of claim 2, wherein the binding the user information with the target service system to which the logged-in user is to log in comprises:
acquiring system identification information of the target service system to be logged in based on a service system binding parameter setting interface;
and binding the user information with the system identification information of the target service system.
4. The method of claim 1, wherein said determining a target business system from said business systems having a mapping relationship with said logged-on user comprises:
displaying the business system with a mapping relation with the login user based on a business system login interface;
acquiring a service system selection instruction based on a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by the login user;
and determining the target service system according to the service system selection instruction.
5. The method of claim 4, further comprising:
if the target service system to be logged by the login user does not exist in the service system displayed on the service system login interface, acquiring system identification information of the target service system to be logged based on a service system binding parameter setting interface;
and binding the user information with the system identification information of the target service system, and entering the target service system according to the binding result.
6. The method of claim 1, wherein the querying a unified authentication library through the user information to determine whether a business system having a mapping relationship with the login user exists comprises:
matching the user information with user information stored in the unified authentication library;
if the matching is successful, determining that a service system having a mapping relation with the login user exists;
and if the matching fails, determining that no business system with the mapping relation with the login user exists.
7. A business system login system, the system comprising: the system comprises a unified authentication platform, a unified authentication middle platform system and a service system;
the unified authentication platform is used for providing a login interface for a login user;
the unified certification central office system for performing the steps of the method of any one of claims 1-6;
and the business system is used for providing business service for the login user.
8. A business system login apparatus, the apparatus comprising:
the user information acquisition module is used for acquiring the user information of the login user;
the query module is used for querying a unified authentication library through the user information and determining whether a service system having a mapping relation with the login user exists or not; the uniform authentication library comprises a mapping relation between a user and a service system;
and the target system determining module is used for binding the user information with the target service system to be logged in by the login user when the query result of the query module indicates that the service system which has a mapping relation with the login user does not exist, and entering the service system to be logged in according to the binding result.
9. The apparatus of claim 8, further comprising:
and the binding module is used for determining a target business system from the business systems which have the mapping relation with the login user and entering the target business system when the query result of the query module indicates that the business system which has the mapping relation with the login user exists.
10. The apparatus of claim 9, wherein the binding module comprises:
a first system identifier obtaining unit, configured to obtain system identifier information of the target service system to be logged in through a service system binding parameter setting interface;
and the first binding unit is used for binding the user information with the system identification information of the target service system.
11. The apparatus of claim 8, wherein the target system determination module comprises:
the business system display unit is used for displaying the business system which has a mapping relation with the login user through a business system login interface;
the selection instruction acquisition unit is used for acquiring a service system selection instruction through a service system login interface; the service system selection instruction comprises system identification information of a target service system selected by the login user;
and the target system determining unit is used for determining the target service system according to the service system selection instruction.
12. The apparatus of claim 11, wherein the target system determination module further comprises:
a second system identifier obtaining unit, configured to obtain, based on a service system binding parameter setting interface, system identifier information of a target service system to be logged in when the target service system to be logged in by the login user does not exist in the service system displayed on the service system login interface;
and the second binding unit is used for binding the user information with the system identification information of the target service system and entering the target service system according to a binding result.
13. The apparatus of claim 8, wherein the query module comprises:
the matching unit is used for matching the user information with the user information stored in the unified authentication library;
the first determining unit is used for determining that a business system with a mapping relation with the login user exists when the matching result of the matching unit is that the matching is successful;
and the second determining unit is used for determining that no business system with a mapping relation with the login user exists when the matching result of the matching unit is matching failure.
14. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor realizes the steps of the method according to any of claims 1-6 when executing the computer program.
15. A storage medium having a computer program stored thereon, the computer program, when being executed by a processor, realizing the steps of the method according to any of the claims 1-6.
16. A computer program product comprising a computer program, characterized in that the computer program realizes the steps of the method of any one of claims 1 to 6 when executed by a processor.
CN202111486078.5A 2021-12-07 2021-12-07 Business system login method, system, device, computer equipment and storage medium Pending CN114238927A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111486078.5A CN114238927A (en) 2021-12-07 2021-12-07 Business system login method, system, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111486078.5A CN114238927A (en) 2021-12-07 2021-12-07 Business system login method, system, device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114238927A true CN114238927A (en) 2022-03-25

Family

ID=80753712

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111486078.5A Pending CN114238927A (en) 2021-12-07 2021-12-07 Business system login method, system, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114238927A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150141A (en) * 2022-06-22 2022-10-04 青岛海信网络科技股份有限公司 Single sign-on method and single management equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150141A (en) * 2022-06-22 2022-10-04 青岛海信网络科技股份有限公司 Single sign-on method and single management equipment
CN115150141B (en) * 2022-06-22 2024-03-08 青岛海信网络科技股份有限公司 Single sign-on method and single point management equipment

Similar Documents

Publication Publication Date Title
US11588802B2 (en) Resource transfer setup and verification
US9578027B1 (en) Multiple data store authentication
US8064583B1 (en) Multiple data store authentication
CN110620782A (en) Account authentication method and device, computer equipment and storage medium
CN110266764B (en) Gateway-based internal service calling method and device and terminal equipment
CN100559819C (en) Calling system, proxy dial server apparatus and the proxy dial method that uses therewith
CN110839087B (en) Interface calling method and device, electronic equipment and computer readable storage medium
CN110289983B (en) Load balancing application creation method and device, computer equipment and storage medium
CN109246078B (en) Data interaction method and server
CN110795174B (en) Application program interface calling method, device, equipment and readable storage medium
CN110071806A (en) The method and system of data processing based on interface check
CN111431753A (en) Asset information updating method, device, equipment and storage medium
CN106844489A (en) A kind of file operation method, device and system
CN112835782B (en) Interface access test method and system
CN107133516A (en) A kind of authority control method and system
CN112131020A (en) API interface generating method, calling method, device, equipment and medium
CN113194099B (en) Data proxy method and proxy server
CN114238927A (en) Business system login method, system, device, computer equipment and storage medium
CN110691089A (en) Authentication method applied to cloud service, computer equipment and storage medium
RU2689441C1 (en) System and method of monitoring communication, and/or detecting scammers, and/or authenticating statements/allegations of belonging to any organization
CN112800410A (en) Multi-product login management method, device, equipment and storage medium
CN111260475A (en) Data processing method, block chain node point equipment and storage medium
CN112583890B (en) Message pushing method and device based on enterprise office system and computer equipment
CN115733666A (en) Password management method and device, electronic equipment and readable storage medium
CN113518155B (en) Outbound method, device, equipment and medium based on privacy conversation protection platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination