CN114301661A - Authentication method and device for application login, computing equipment and storage medium - Google Patents
Authentication method and device for application login, computing equipment and storage medium Download PDFInfo
- Publication number
- CN114301661A CN114301661A CN202111614212.5A CN202111614212A CN114301661A CN 114301661 A CN114301661 A CN 114301661A CN 202111614212 A CN202111614212 A CN 202111614212A CN 114301661 A CN114301661 A CN 114301661A
- Authority
- CN
- China
- Prior art keywords
- login
- user information
- authentication
- user
- target application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 244000035744 Hura crepitans Species 0.000 claims abstract description 34
- 238000012544 monitoring process Methods 0.000 claims abstract description 16
- 238000012545 processing Methods 0.000 claims abstract description 15
- 230000006870 function Effects 0.000 claims description 27
- 238000004891 communication Methods 0.000 claims description 19
- 238000011217 control strategy Methods 0.000 claims description 7
- 238000010276 construction Methods 0.000 claims description 5
- 230000001133 acceleration Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000003780 insertion Methods 0.000 description 2
- 230000037431 insertion Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011022 operating instruction Methods 0.000 description 1
- 230000004083 survival effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses an authentication method, an authentication device, computing equipment and a storage medium for application login, wherein the method comprises the following steps: monitoring a target application running in a sandbox; when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event; and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing. According to the method and the device, the login event of the login page is monitored, the login event is intercepted by using the hook function so as to obtain the corresponding user information, and the safety tunnel is constructed after the user information is authenticated, so that the condition that the user needs to be notified by broadcasting for many times in the prior art to be authenticated or needs to be logged in again after authentication fails is avoided, and the user experience is improved.
Description
Technical Field
The invention relates to the technical field of communication, in particular to an authentication method and device for application login, computing equipment and a storage medium.
Background
Aggregate applications (Mashup), refers to the addition of two or more applications using public or private databases/data sources together to form an integrated application. Currently, for a safe aggregation application, when uniform authentication and data transmission are performed between an original application (app) and a sandbox, a token (token) is transmitted in a broadcast mode or a user name and a password are transmitted to perform uniform authentication, and whether safety blocking is performed is determined according to an authentication result.
When the method is used for unified authentication, firstly, a user is required to modify the code logic of the original app, when the unified authentication has problems, the user is required to be notified to be offline by broadcasting again, the user experience is seriously influenced, and meanwhile, in order to ensure the authentication safety and the VPN (Virtual Private Network) channel survival, the user is required to be sent with broadcasting to notify the user to log in again; secondly, before the authentication is successful, because the behavior of the user depends on the network request, but the VPN channel is not established at this time, some initialization data requests fail, the user needs to be notified to re-initialize when the VPN channel is established, and because the code development depends on the original app technical personnel, the development time and the communication cost are high.
Disclosure of Invention
In view of the above, the present invention has been made to provide an authentication method, apparatus, computing device and storage medium for application login that overcome or at least partially solve the above-mentioned problems.
According to one aspect of the invention, an authentication method for application login is provided, which comprises the following steps:
monitoring a target application running in a sandbox;
when a login event aiming at a login page of the target application is monitored, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event;
and authenticating the user information, constructing a safety tunnel after the user information passes the authentication, and returning the login event to the target application for processing.
According to another aspect of the present invention, there is provided an authentication apparatus for application login, including:
the monitoring module is used for monitoring the target application running in the sandbox;
the intercepting module is used for intercepting the login event through a preset hook function when the target application is monitored to have the login event aiming at the login page, and acquiring and storing user information corresponding to the login event;
the authentication module is used for authenticating the user information;
and the tunnel construction module is used for constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing.
According to yet another aspect of the present invention, there is provided a computing device comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation corresponding to the authentication method for application login.
According to still another aspect of the present invention, there is provided a computer storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform an operation corresponding to the authentication method for application login.
According to the authentication method and device for application login, the computing equipment and the storage medium, the target application running in the sandbox is monitored; when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event; and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing. According to the invention, the login event of the login page is monitored, the hook function intercepts the login event so as to obtain the corresponding user information, and the security tunnel is constructed after the user information is authenticated, so that the condition that the user needs to be notified by broadcasting for many times in the prior art or the user needs to log in again after authentication fails is avoided, and the user experience is improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart illustrating an authentication method for application login according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating another authentication method for application login according to an embodiment of the present invention;
fig. 3 shows a timing diagram of an authentication method for application login according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram illustrating an authentication apparatus for application login according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a computing device provided by an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
Fig. 1 shows a flowchart of an embodiment of an authentication method for application login, as shown in fig. 1, the method includes the following steps:
step S110: a target application running in a sandbox is monitored.
Specifically, the target application in the embodiment of the present invention may be any application, such as a social application, a music application, an office application, and the like. For the application which the user needs to log in, the method in the embodiment of the invention can be executed by putting the split application of the application into the sandbox, and the split application put into the sandbox is the target application.
Step S120: when the target application is monitored to have a login event aiming at a login page, the login event is intercepted through a preset hook function, and user information corresponding to the login event is obtained and stored.
Specifically, monitoring of the sandbox for the target application is mainly to monitor whether the target application starts a login event, specifically, monitoring is performed through a hook function (hook) preset in a login page, when a login event generated by a user triggering a login button in the login page in a clicking mode or the like is monitored, the login event is intercepted through the hook function preset, and the hook is used for storing user information corresponding to the login event. Wherein the hook is created by a sandbox, and the insertion position can be set at the login entrance of the login page, etc.
In an optional manner, step S120 further includes: acquiring a view tree of a login page through a hook function; traversing each node in the view tree, and searching a user information label; and acquiring and storing the user information corresponding to the login event according to the user information label.
In an alternative manner, the user information includes at least: and the user account information and the password information are input in the login page by the user.
Specifically, a preset hook intercepts a login event, traverses each node in a view tree of a login interface through the hook, searches a user information tag, and acquires and stores user information corresponding to the login event according to the user information tag. Wherein, the view tree is a tree structure corresponding to the display part of the login page; the user information tag specifically includes a designated tag in each node in the view tree, and the user information tag refers to a tag related to user information.
Step S130: and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing.
In an optional manner, step S130 further includes: the user information can be uniformly authenticated through the authentication service end.
Specifically, the user information is uniformly authenticated through the authentication server connected with the sandbox, so that the problems that the user information is easily mistaken for authentication directly in the sandbox or in application and needs to be broadcasted for many times are solved, meanwhile, the user information is uniformly authenticated through the authentication server, and the authentication efficiency is high.
In an optional manner, after the secure tunnel is constructed, the method may further include: and pulling a control strategy aiming at the target application from the sandbox server through the security tunnel so as to control according to the control strategy.
In an optional manner, the governing policy at least includes one or more of the following policies: mobile web page acceleration policies (MIP), electronic screen capture policies, module parsing policies, control policies, security policies, and the like.
In an alternative form, the secure tunnel includes: a virtual private network secure tunnel or a zero trust secure tunnel.
Specifically, the virtual private network security tunnel may be a VPN security tunnel, and the VPN is a private network established over a public network and performs encrypted communication; the core idea of zero trust is to break the limitation of physical boundary protection and not to trust any user, equipment or system inside the physical security boundary by default; the virtual private network or the zero trust takes identity authentication as a core and takes authentication and authorization as the basis of access control, so that the security authentication is a necessary component for establishing a trusted channel between a user and the virtual private network or the zero trust, and how to conveniently and quickly establish a security tunnel for the user on the premise of the security authentication is necessary.
By adopting the method of the embodiment, the target application running in the sandbox is monitored; when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event; and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing. According to the method, the login event of the login page is monitored, the hook function intercepts the login event so as to obtain the corresponding user information, the user information is uniformly authenticated and then a safety tunnel is constructed, the condition that the user needs to be notified through broadcasting for many times in the prior art to be authenticated or the user needs to log in again after authentication fails is avoided, and the user experience is improved.
Fig. 2 is a flowchart of another embodiment of the authentication method for application login, and as shown in fig. 2, the method includes the following steps:
step S210: a target application running in a sandbox is monitored.
Step S220: judging whether the user account information of the current user is the user account information in the stored user information; if yes, go to step S230, otherwise go to step S240.
In this step, a time length threshold value can be preset, and when the interval time between the current user login time and the last login time is less than the time length threshold value, the user can automatically utilize the user account information and the password information in the user information used in the last login to log in, so that the user can log in again within the time length threshold value without inputting the user information, the login time is effectively shortened, and the login convenience is improved.
Step S230: and performing authentication by using the stored user information of the current user, constructing a safety tunnel after the authentication is passed, and then skipping to execute the step S270.
In this step, when it is determined that the user account information of the current user is the user account information in the stored user information, it is indicated that the user is a logged-in user, and the current scene is a re-login scene.
Step S240: and triggering the target application to display a login page for the current user to log in.
In this step, when it is determined that the user account information of the current user is not the user account information in the stored user information, it is indicated that the user is a non-logged-in user and the current scene is a first-time login scene, and then the target application is triggered to display the login page so that the current user inputs the user information at a corresponding position of the login page to log in.
Step S250: when the target application is monitored to have a login event aiming at a login page, the login event is intercepted through a preset hook function, and user information corresponding to the login event is obtained and stored.
Specifically, the monitoring of the sandbox on the target application is mainly to monitor whether the target application starts a login event, specifically, the monitoring is performed through a hook function (hook) preset on a login page, when it is monitored that a user generates the login event through a click event or a touch time of the login page, the login event is intercepted through the hook function preset, and the hook is used for storing user information corresponding to the login event. Wherein the hook is created by a sandbox, and the insertion position can be set at the login entrance of the login page, etc.
In an optional manner, step S250 further includes: acquiring a view tree of a login page through a hook function; traversing each node in the view tree, and searching a user information label; and acquiring and storing the user information corresponding to the login event according to the user information label.
Step S260: and authenticating the user information, and constructing a safety tunnel after the authentication is passed.
Step S270: and pulling a control strategy aiming at the target application from the sandbox server through the secure tunnel.
Step S280: and returning the login event to the target application for processing.
Specifically, in order to further improve the efficiency of user information authentication, it may be determined whether the user account information of the current user is the user account information in the user information stored in the sandbox, and if the user account information of the current user is the user account information in the user information stored in the sandbox, in order to save authentication time and improve login convenience, the user information of the current user may be directly used for authentication, and after the authentication is passed, a secure tunnel may be constructed; and if the user account information of the current user is not the user account information in the user information stored in the sandbox, triggering the target application to display a login page for the current user to log in, intercepting the login event through a preset hook function, acquiring the user information corresponding to the login event, and storing the corresponding user information to the sandbox.
Fig. 3 shows a sequence diagram of an authentication method for application login according to an embodiment of the present invention, as shown in fig. 3, a target application running in a sandbox is monitored, user information is obtained through hook of a login page, whether the user information is already stored user information is determined, if yes, the stored user information is used, a secure tunnel is initialized, the secure tunnel is constructed after authentication and authorization of a service authentication end is performed, and a management and control policy for the target application is pulled from the sandbox service end through the secure tunnel.
If the user information is not the stored user information, calling the target application, judging whether the user logs in or not through a login page of the target application, and if so, directly entering a target application display page; if not, the user inputs user information through a login page, login is carried out through a click event or a touch event, verification can be carried out in two modes in a specific application scene, one mode is that the user information is verified and stored through a hook login page, a safety tunnel is constructed after authentication and authorization of a service authentication end, and a control strategy for target application is pulled from a sandbox server through the safety tunnel; the other method is to directly carry out authentication and authentication through a login method of the target application and then carry out login.
By adopting the method of the embodiment, the target application running in the sandbox is monitored; judging whether the user account information of the current user is the user account information in the stored user information; if so, authenticating by using the stored user information of the current user, and constructing a safety tunnel after the authentication is passed; if not, triggering the target application to display a login page for the current user to log in; when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event; and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing. The method has the advantages that the login events of the login page are monitored, and the stored user information is directly authenticated, so that the authentication speed is increased; and further, the login event is intercepted through a hook function, so that the corresponding user information is obtained, a safety tunnel is constructed after the user information is subjected to unified authentication, the condition that the user needs to be notified through broadcasting for many times to perform authentication or the user needs to log in again after authentication fails in the prior art is avoided, and the user experience is improved.
Fig. 4 is a schematic structural diagram illustrating an embodiment of an authentication apparatus for application login according to the present invention. As shown in fig. 4, the apparatus includes: a monitoring module 410, an interception module 420, an authentication module 430, and a tunnel construction module 440.
A monitoring module 410 for monitoring a target application running in a sandbox.
The intercepting module 420 is configured to intercept, when it is monitored that a login event for a login page occurs in the target application, the login event through a preset hook function, and acquire and store user information corresponding to the login event.
In an optional manner, the intercept module 420 is further configured to: acquiring a view tree of a login page through a hook function; traversing each node in the view tree, and searching a user information label; and acquiring and storing the user information corresponding to the login event according to the user information label.
And an authentication module 430 for authenticating the user information.
In an optional manner, the authentication module 430 is further configured to: and performing unified authentication on the user information through the authentication server.
And the tunnel construction module 440 is configured to construct a secure tunnel after the authentication is passed, and return the login event to the target application for processing.
In an optional manner, the apparatus may further include a management and control policy pulling module (not shown in the figure) configured to pull, from the sandbox server, a management and control policy for the target application through the secure tunnel after the secure tunnel is constructed.
In an alternative manner, the user information includes at least: and the user account information and the password information are input in the login page by the user.
In an optional manner, the authentication module 430 is further configured to: judging whether the user account information of the current user is the user account information in the stored user information; if yes, the stored user information of the current user is used for authentication, and after the authentication is passed, the tunnel construction module 440 is triggered; if not, triggering the target application to display a login page for the current user to log in.
In an optional manner, the governing policy at least includes one or more of the following policies: the method comprises a mobile webpage acceleration strategy, an electronic screen capture strategy, a module analysis strategy, a control strategy and a safety strategy.
In an alternative form, the secure tunnel includes: a virtual private network secure tunnel or a zero trust secure tunnel.
By adopting the device of the embodiment, the target application running in the sandbox is monitored; when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event; and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing. The device monitors the login event of the login page, the hook function intercepts the login event to acquire the corresponding user information, and the user information is uniformly authenticated and then a safety tunnel is constructed, so that the condition that the user needs to be notified to perform authentication or authentication failure needs to be logged in again through broadcasting for many times in the prior art is avoided, and the user experience is improved.
Embodiments of the present invention provide a non-volatile computer storage medium, where at least one executable instruction is stored in the computer storage medium, and the computer executable instruction may execute any of the above method embodiments.
The executable instructions may be specifically configured to cause the processor to:
monitoring a target application running in a sandbox;
when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event;
and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing.
Fig. 5 is a schematic structural diagram of an embodiment of a computing device according to the present invention, and a specific embodiment of the present invention does not limit a specific implementation of the computing device.
As shown in fig. 5, the computing device may include:
a processor (processor), a Communications Interface (Communications Interface), a memory (memory), and a Communications bus.
Wherein: the processor, the communication interface, and the memory communicate with each other via a communication bus. A communication interface for communicating with network elements of other devices, such as clients or other servers. The processor is used for executing the program, and particularly can execute the relevant steps in the embodiment of the authentication method for the application login.
In particular, the program may include program code comprising computer operating instructions.
The processor may be a central processing unit CPU or an application Specific Integrated circuit asic or one or more Integrated circuits configured to implement embodiments of the present invention. The server comprises one or more processors, which can be the same type of processor, such as one or more CPUs; or may be different types of processors such as one or more CPUs and one or more ASICs.
And the memory is used for storing programs. The memory may comprise high-speed RAM memory, and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The program may specifically be adapted to cause a processor to perform the following operations:
monitoring a target application running in a sandbox;
when a target application is monitored to have a login event aiming at a login page, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event;
and authenticating the user information, constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing.
The algorithms or displays presented herein are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. In addition, embodiments of the present invention are not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the embodiments of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form. It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names. The steps in the above embodiments should not be construed as limiting the order of execution unless specified otherwise.
Claims (11)
1. An authentication method for application login, comprising:
monitoring a target application running in a sandbox;
when a login event aiming at a login page of the target application is monitored, intercepting the login event through a preset hook function, and acquiring and storing user information corresponding to the login event;
and authenticating the user information, constructing a safety tunnel after the user information passes the authentication, and returning the login event to the target application for processing.
2. The method of claim 1, wherein after said building a secure tunnel, the method further comprises:
and pulling a control strategy aiming at the target application from the sandbox server through the secure tunnel.
3. The method according to claim 1, wherein the intercepting the login event by a preset hook function, and obtaining and storing user information corresponding to the login event further comprises:
acquiring a view tree of the login page through the hook function;
traversing each node in the view tree, and searching a user information label;
and acquiring and storing the user information corresponding to the login event according to the user information label.
4. The method of any of claims 1-3, wherein the authenticating the user information further comprises: and performing unified authentication on the user information through an authentication server.
5. The method according to any of claims 1-4, characterized in that the user information comprises at least: and user account information and password information input by the user in the login page.
6. The method of claim 5, further comprising:
judging whether the user account information of the current user is the user account information in the stored user information;
if so, authenticating by using the stored user information of the current user, and constructing a safety tunnel after the authentication is passed; if not, triggering the target application to display a login page for the current user to log in.
7. The method of claim 2, wherein the governing policy comprises at least one or more of the following policies: the method comprises a mobile webpage acceleration strategy, an electronic screen capture strategy, a module analysis strategy, a control strategy and a safety strategy.
8. The method of any one of claims 1-7, wherein the secure tunnel comprises: a virtual private network secure tunnel or a zero trust secure tunnel.
9. An authentication apparatus for application login, comprising:
the monitoring module is used for monitoring the target application running in the sandbox;
the intercepting module is used for intercepting the login event through a preset hook function when the target application is monitored to have the login event aiming at the login page, and acquiring and storing user information corresponding to the login event;
the authentication module is used for authenticating the user information;
and the tunnel construction module is used for constructing a safety tunnel after the authentication is passed, and returning the login event to the target application for processing.
10. A computing device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the authentication method of the application login in any one of claims 1-8.
11. A computer storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform operations corresponding to an authentication method of application login according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111614212.5A CN114301661B (en) | 2021-12-27 | 2021-12-27 | Authentication method, device, computing equipment and storage medium for application login |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111614212.5A CN114301661B (en) | 2021-12-27 | 2021-12-27 | Authentication method, device, computing equipment and storage medium for application login |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114301661A true CN114301661A (en) | 2022-04-08 |
| CN114301661B CN114301661B (en) | 2024-07-02 |
Family
ID=80968873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111614212.5A Active CN114301661B (en) | 2021-12-27 | 2021-12-27 | Authentication method, device, computing equipment and storage medium for application login |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114301661B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013112642A2 (en) * | 2012-01-23 | 2013-08-01 | Headwater Partners I Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US20140032759A1 (en) * | 2011-10-11 | 2014-01-30 | Citrix Systems, Inc. | Policy-Based Application Management |
| US20140123231A1 (en) * | 2012-10-31 | 2014-05-01 | International Business Machines Corporation | Extending authentication and authorization capabilities of an application without code changes |
| US20160294810A1 (en) * | 2015-03-31 | 2016-10-06 | Sangfor Technologies Company Limited | Terminal single sign-on configuration, authentication method, and system, and application service system thereof |
| CN109327454A (en) * | 2018-11-01 | 2019-02-12 | 北京指掌易科技有限公司 | A kind of mobile application admittance control method based on user, equipment and application |
| US20190354416A1 (en) * | 2018-05-16 | 2019-11-21 | ChartIQ, Inc. | System and method for integrating multiple applications |
| CN113794718A (en) * | 2021-09-14 | 2021-12-14 | 交通运输信息安全中心有限公司 | Security authentication method and security authentication device for multiple application systems |
-
2021
- 2021-12-27 CN CN202111614212.5A patent/CN114301661B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140032759A1 (en) * | 2011-10-11 | 2014-01-30 | Citrix Systems, Inc. | Policy-Based Application Management |
| WO2013112642A2 (en) * | 2012-01-23 | 2013-08-01 | Headwater Partners I Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US20140123231A1 (en) * | 2012-10-31 | 2014-05-01 | International Business Machines Corporation | Extending authentication and authorization capabilities of an application without code changes |
| US20160294810A1 (en) * | 2015-03-31 | 2016-10-06 | Sangfor Technologies Company Limited | Terminal single sign-on configuration, authentication method, and system, and application service system thereof |
| US20190354416A1 (en) * | 2018-05-16 | 2019-11-21 | ChartIQ, Inc. | System and method for integrating multiple applications |
| CN109327454A (en) * | 2018-11-01 | 2019-02-12 | 北京指掌易科技有限公司 | A kind of mobile application admittance control method based on user, equipment and application |
| CN113794718A (en) * | 2021-09-14 | 2021-12-14 | 交通运输信息安全中心有限公司 | Security authentication method and security authentication device for multiple application systems |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114301661B (en) | 2024-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11924234B2 (en) | Analyzing client application behavior to detect anomalies and prevent access | |
| US10666686B1 (en) | Virtualized exploit detection system | |
| US10164993B2 (en) | Distributed split browser content inspection and analysis | |
| US9769155B2 (en) | Login method and apparatus, and open platform system | |
| US8464318B1 (en) | System and method for protecting web clients and web-based applications | |
| US10447726B2 (en) | Mitigating attacks on server computers by enforcing platform policies on client computers | |
| CN114342319A (en) | Honeypot for infrastructure as a service security | |
| US20100037317A1 (en) | Mehtod and system for security monitoring of the interface between a browser and an external browser module | |
| US20200272728A1 (en) | Management of login information affected by a data breach | |
| US10972481B2 (en) | Web application session security | |
| Bauer et al. | Analyzing the dangers posed by Chrome extensions | |
| CN111709023A (en) | Application isolation method and system based on trusted operating system | |
| CN113645234A (en) | Honeypot-based network defense method, system, medium and device | |
| CN107835185B (en) | Mobile terminal security service method and device based on ARM TrustZone | |
| US11128639B2 (en) | Dynamic injection or modification of headers to provide intelligence | |
| US10992759B2 (en) | Web application session security with protected session identifiers | |
| US20140208385A1 (en) | Method, apparatus and system for webpage access control | |
| CN112836186A (en) | Page control method and device | |
| US11803635B2 (en) | Passing local credentials to a secure browser session | |
| CN114301661B (en) | Authentication method, device, computing equipment and storage medium for application login | |
| CN112637171A (en) | Data traffic processing method, device, equipment, system and storage medium | |
| Liu et al. | Monitoring user-intent of cloud-based networked applications in cognitive networks | |
| CN115801476B (en) | Verification method and device for application request | |
| US9172717B2 (en) | Security-aware admission control of requests in a distributed system | |
| de Sousa | XS-Leaks Crutch: Assisted Detection & Exploitation of Cross-Site Leaks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant after: QAX Technology Group Inc. Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant before: QAX Technology Group Inc. Country or region before: China Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |
|
| GR01 | Patent grant |