WO2015003520A1 - 一种对用户的合法性进行验证的方法、装置及系统 - Google Patents
一种对用户的合法性进行验证的方法、装置及系统 Download PDFInfo
- Publication number
- WO2015003520A1 WO2015003520A1 PCT/CN2014/076308 CN2014076308W WO2015003520A1 WO 2015003520 A1 WO2015003520 A1 WO 2015003520A1 CN 2014076308 W CN2014076308 W CN 2014076308W WO 2015003520 A1 WO2015003520 A1 WO 2015003520A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- webrtc
- user
- verification
- token
- impi
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000012795 verification Methods 0.000 claims abstract description 268
- 238000004891 communication Methods 0.000 claims abstract description 15
- 230000004044 response Effects 0.000 claims description 99
- 238000005516 engineering process Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 230000000977 initiatory effect Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000012546 transfer Methods 0.000 description 3
- 239000000835 fiber Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
- H04L65/1016—IP multimedia subsystem [IMS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Definitions
- the present invention relates to the field of communication technologies, and in particular, to a method, device and system for verifying the legitimacy of a user.
- Web Real-Time Communications (WebRTC) technology is a technology that supports real-time audio and video communication in a browser. This technology enables web-based video conferencing.
- the WebRTC client Before the WebRTC client communicates with other users using the WebRTC client, the WebRTC client needs to log in using the WebRTC user's username and password.
- the user name of the WebRTC user is allocated by the WebRTC server, and the WebRTC server saves the username of the WebRTC user and the password set by the WebRTC user.
- the WebRTC server needs to verify the validity of the WebRTC user, that is, the WebRTC server needs to determine whether the username and password used by the WebRTC client to log in are match.
- the WebRTC client can be connected to the IMS and the call control and IMS service can be provided.
- the username used by the WebRTC client to log in may also be an IP Multimedia Private Identity (IMI) assigned by the JMS network operator to the WebRTC user when the WebRTC user subscribes to the IMS service.
- IMS network operator refers to provide the WebRTC user Network operator of IMS service.
- the inventor believes that the prior art has at least the following problems:
- the WebRTC client uses the WebRTC server to log in to the user name assigned by the WebRTC user
- the WebRTC server can directly perform the legality of the WebRTC user. verification.
- the WebRTC client uses the IMPI of the WebRTC user to log in, under the existing WebRTC architecture, there is no effective mechanism for verifying the legitimacy of the WebRTC user.
- an object of the embodiments of the present invention is to provide a method, device, and system for verifying the legitimacy of a user, so that the WebRTC client can log in to the WebRTC when using the IMPI of the WebRTC user to log in.
- the user's legality is verified.
- the first aspect of the present invention provides a method for verifying the validity of a user, including: the user authentication device receives user authentication information sent by a WebRTC client, where the user authentication information includes a user name and password of the WebRTC user.
- the user name is IMPI;
- the user authentication device obtains a password corresponding to the IMPI saved by a Home Subscriber Server (HSS) according to the IMPI; the user verification device saves according to the password in the user verification information and the HSS
- the password corresponding to the IMPI is used to verify the legality of the WebRTC user.
- the user verification device is a WebRTC server, and the user verification device acquires, according to the IMPI, a password that is saved by the HSS and corresponding to the IMPI, including:
- the WebRTC server sends a password request to the HSS, the password request carries the IMPI; the WebRTC server receives a password response sent by the HSS, and the password response carries a password corresponding to the IMPI saved by the HSS. password.
- the second possible implementation in the first aspect In conjunction with the first possible implementation of the first aspect, the second possible implementation in the first aspect, the WebRTC server generates a token having a one-to-one correspondence with the IMPI, and saves a correspondence between the token and the IMPI; The WebRTC server sends a user authentication success response to the WebRTC client, and the user verification success response carries the token.
- the WebRTC Receiving by the server, a token verification request sent by the WebRTC gateway, where the token verification request is sent by the WebRTC gateway to the WebRTC server after receiving the first registration request sent by the WebRTC client, where the first The registration request carries a token, the token verification request carries a token in the first registration request; the WebRTC server determines whether the WebRTC server stores a token in the token verification request; The WebRTC server saves the token in the token verification request, and the WebRTC server sends a token verification success response to the WebRTC gateway.
- the service-call The Serving-Call Session Control Function (S-CSCF) device receives the second registration request sent by the WebRTC gateway by using an Interrogating-Call Session Control Function (I-CSCF) device.
- the second registration request carries a user verification pass identifier; the S-CSCF device sends a registration success response to the WebRTC client according to the user verification by using the identifier.
- the second registration request further carries the identifier of the IMPI and the WebRTC gateway, where the S - the SCSCF device acquires the identifier of the WebRTC gateway corresponding to the IMPI saved by the HSS, and determines the identifier of the WebRTC gateway corresponding to the IMPI saved by the HSS, before the CSCF device sends the registration success response to the WebRTC client according to the user authentication.
- the identifier of the WebRTC gateway is the same as the identifier of the WebRTC gateway carried in the second registration request, and if the same, sends the registration success response to the WebRTC client.
- the user verification device is the HSS, and the user verification device receives the user verification information sent by the WebRTC client, including:
- the HSS receives the user authentication information sent by the WebRTC client through a WebRTC server.
- the user authentication device is configured according to a password in the user authentication information and a location saved by the HSS The password corresponding to the IMPI is verified, and the validity of the WebRTC user is verified, including:
- the user verification device determines whether the password in the user verification information is the same as the password corresponding to the IMPI saved by the HSS, and if the same, the user verification device determines that the verification is successful; otherwise, the user verification device Make sure the verification failed.
- an embodiment of the present invention provides a user authentication device, including:
- a receiving unit configured to receive user authentication information sent by a WebRTC client, where the user authentication information includes a username and password of a WebRTC user, and the user name is IMPI;
- An obtaining unit configured to acquire, according to the IMPI received by the receiving unit, a password corresponding to the IMPI saved by the HSS;
- a verification unit configured to verify validity of the WebRTC user according to the password received by the receiving unit and the password obtained by the acquiring unit.
- the user authentication device is a WebRTC server, and the device further includes a sending unit, where the acquiring unit is specifically configured to send a password to the HSS by using the sending unit. Requesting, the password request carries the IMPI, and receiving, by the receiving unit, a password response sent by the HSS, where the password response carries the HSS and the The password corresponding to IMPI.
- the user authentication device further includes a token generating unit, where the token generating unit is configured to After verifying the validity of the validity of the WebRTC user, the verification unit generates a token having a one-to-one correspondence with the IMPI, and saves a correspondence between the token and the IMPI;
- the sending unit is further configured to send a user verification success response to the WebRTC client, where the user verification success response carries the token generated by the token generation unit.
- the receiving unit is further configured to send the user verification to the WebRTC client at the sending unit After the successful response, the token verification request sent by the WebRTC gateway is received, and the token verification request is sent by the WebRTC gateway to the WebRTC server after receiving the first registration request sent by the WebRTC client, where The first registration request carries a token, and the token verification request carries a token in the first registration request;
- the verification unit is further configured to determine whether the user verification device saves a token in the token verification request;
- the sending unit is further configured to send a token verification success response to the WebRTC gateway when the verification unit determines that the user verification device saves the token in the token verification request.
- the user verification device is the HSS, and the receiving unit is specifically configured to receive, by using a WebRTC server, the user verification information sent by the WebRTC client.
- the verification unit is specifically configured to determine Whether the password received by the receiving unit is the same as the password acquired by the acquiring unit, and if the same, the verification is successful; otherwise, the verification fails.
- an embodiment of the present invention provides a system for verifying validity of a user, including WebRTC server and HSS, where
- the WebRTC server is configured to receive user authentication information sent by a WebRTC client, where the user authentication information includes a username and a password of a WebRTC user, the user name is an IMPI, and the password request carrying the IMPI is sent to the HSS. ;
- the HSS is configured to receive a password request that is sent by the WebRTC server to carry the IMPI, obtain a password corresponding to the IMPI saved by the HSS, and send a password response to the WebRTC server, where the password response carries a password corresponding to the IMPI saved by the HSS; the WebRTC server is further configured to receive the password response, and use the password in the user verification information and a password in the password response message to the WebRTC The user's legality is verified.
- an embodiment of the present invention provides a system for verifying validity of a user, including a WebRTC server and an HSS, where
- the WebRTC server is configured to receive user authentication information sent by a WebRTC client, where the user authentication information includes a username and a password of a WebRTC user, and the user name is IMPI, and the user verification information is sent to the HSS;
- the HSS is configured to receive the user authentication information that is sent by the WebRTC server, and obtain a password corresponding to the IMPI saved by the HSS according to an IMPI in the user authentication information, and according to the user verification information.
- the password in the password and the password corresponding to the IMPI saved by the HSS are used to verify the validity of the WebRTC user.
- the method, device and system for verifying the legitimacy of a user are provided by the embodiment of the present invention.
- the user authentication device receives the IMPI sent by the WebRTC client.
- the user verification device can verify the legality of the WebRTC user according to the password in the user verification information and the password corresponding to the IMPI saved by the HSS, thereby solving the problem.
- the user verification device can verify the legality of the WebRTC user according to the password in the user verification information and the password corresponding to the IMPI saved by the HSS, thereby solving the problem.
- FIG. 1 is a system architecture diagram for verifying the legitimacy of a user according to an embodiment of the present invention
- FIG. 2 is a flowchart of a method for verifying the legitimacy of a user according to an embodiment of the present invention
- FIG. 4 is a flowchart of still another method for verifying the legitimacy of a user according to an embodiment of the present invention.
- FIG. 5 is a structural diagram of a system for verifying the legitimacy of a user according to an embodiment of the present invention
- FIG. 6 is a structural diagram of another system for verifying the legitimacy of a user according to an embodiment of the present invention.
- FIG. 7 is a structural diagram of a user authentication device according to an embodiment of the present invention
- FIG. 8 is a structural diagram of another user authentication device according to an embodiment of the present invention.
- the WebRTC server is also called WebRTC portal (Portal, the WebRTC server can be connected to the home subscriber server through the new RTC interface (Home Subscriber Server, HSS) communicates, HSS stores user data of IMS users; WebRTC gateway is mainly used to convert between Hypertext Transfer Protocol (HTTP) messages and Session Initiation Protocol (SIP) messages.
- HTTP Hypertext Transfer Protocol
- SIP Session Initiation Protocol
- the WebRTC client can initiate registration with the Call Session Control Function (CSCF) device through the WebRTC gateway.
- CSCF Call Session Control Function
- the WebRTC client can send the registration request to the proxy-call session control function through the WebRTC gateway (Proxy- a Call Session Control Function (P-CSCF) device, after receiving the registration request, the P-CSCF device sends the registration request to an Interrogating-Call Session Control Function (I-CSCF) a device, after the I-CSCF device finds a Serving-Call Session Control Function (S-CSCF) device to which the WebRTC user belongs in the HSS, sends the message to the S-CSCF device Registration request.
- P-CSCF Call Session Control Function
- I-CSCF Interrogating-Call Session Control Function
- S-CSCF Serving-Call Session Control Function
- the WebRTC client when the WebRTC client logs in using the IMPI of the WebRTC user, the WebRTC client needs to send user authentication information to the WebRTC server.
- the WebRTC server verifies the validity of the WebRTC user according to the user verification information, or the WebRTC server forwards the user verification information to the HSS, and the HSS authenticates the validity of the WebRTC user.
- the user authentication information includes a username and password of the WebRTC user, and the username is IMPI.
- the embodiment of the present invention provides a method for verifying the legitimacy of a user, as shown in FIG. 2, including:
- the user authentication device receives user authentication information sent by the WebRTC client, where the user authentication information includes a user name and password of the WebRTC user, and the user name is IMPI;
- the user authentication device may be a WebRTC server or an HSS. After the WebRTC client receives the username and password input by the WebRTC user, the WebRTC client sends user authentication information including the username and password to the user. Verifying the device; when the user authentication device is an HSS, the HSS may receive the WebRTC client through a WebRTC server The user verification information sent;
- the WebRTC user in the embodiment of the present invention is also an IMS user.
- the IMS user refers to the user who has signed the IMS service
- the so-called WebRTC user refers to the user who has signed the WebRTC service.
- the user verification device acquires, according to the IMPI, a password that is saved by the HSS and corresponding to the IMPI.
- the HSS stores a correspondence between the IMPI and a password set when the WebRTC user subscribes to the IMS service.
- the WebRTC server may send a bearer to the HSS.
- the password request of the IMPI is obtained, and the password corresponding to the IMPI saved by the HSS is obtained by the password response sent by the HSS;
- the HSS may directly according to the IMPI Obtaining a password corresponding to the IMPI saved by the HSS;
- the HSS updates the saved password corresponding to the IMPI to the changed password of the WebRTC user. That is to say, according to the IMPI, the latest password set by the WebRTC user can be found in the HSS;
- the user authentication device verifies the legality of the WebRTC user according to the password in the user authentication information and the password corresponding to the IMPI saved by the HSS.
- the user authentication device may be used.
- the following methods verify the legality of the WebRTC user:
- the user verification device determines whether the password in the user verification information is the same as the password corresponding to the IMPI saved by the HSS, and if the same, the user verification device determines that the verification is successful, otherwise the user verification device determines verification failed.
- a method for verifying the legitimacy of a user when the WebRTC client logs in using the IMPPI of the WebRTC user, the user authentication device receives the After the user authentication information including the IMPI and the password sent by the WebRTC client, the user authentication device can legalize the WebRTC user according to the password in the user authentication information and the password corresponding to the IMPI saved by the HSS.
- the verification is performed to solve the problem existing in the prior art.
- the WebRTC server receives the user verification by adding a communication interface between the WebRTC server and the HSS.
- the user verification information may be forwarded to the HSS, and the validity of the WebRTC user is verified by the HSS; again, when the user verification device is a WebRTC server, when the WebRTC server receives
- the WebRTC server may request the HSS to save to the HSS. a password corresponding to the IMPI, thereby enabling the WebRTC server to also legalize the WebRTC user authenticating.
- FIG. 3 is a flowchart of a method for verifying the validity of a user according to an embodiment of the present invention.
- the embodiment of the present invention is applied to a scenario where a user authentication device is a WebRTC server, that is, in the embodiment of the present invention, The validity of the WebRTC user is verified by the WebRTC server.
- the method provided by the embodiment of the present invention includes:
- the WebRTC client sends a page login request to the WebRTC server;
- the login page request may be an HTTP GET request or an HTTP POST request
- the WebRTC client receives a page login response sent by the WebRTC server, and presents a login page.
- the WebRTC client After receiving the user name and password input by the WebRTC user, the WebRTC client sends user authentication information to the WebRTC server, where the user verification information includes the user name and the password of the WebRTC user,
- the username is IMPI;
- the WebRTC client may request via HTTP GET or The HTTP POST request sends the user authentication information to the WebRTC server, which is not limited by the embodiment of the present invention; the WebRTC user uses the IMPI provided by the IMS network operator as the user name when the WebRTC user subscribes to the IMS service. Log in;
- the WebRTC server sends a password request to the HSS, where the password request carries the IMPI;
- the password request may be a Diameter request
- the WebRTC server may send the password request to the HSS by using an RTC interface between the WebRTC server and the HSS.
- the HSS searches for a password that is saved corresponding to the IMPI, and sends the found password to the WebRTC server by using a password response.
- the HSS stores the user data of the IMS user. Since the WebRTC user in the embodiment of the present invention is also an IMS user, the HSS stores the IMPI and the password between the WebRTC user. Correspondingly, the HSS may find a password corresponding to the IMPI according to the IMPI of the WebRTC user;
- the WebRTC server verifies the validity of the WebRTC user according to the password in the user authentication information and the password corresponding to the IMPI saved by the HSS. If the verification is successful, step S308 is performed, otherwise, Go to step S307;
- the WebRTC server may verify the validity of the WebRTC user in the following manner:
- the WebRTC server determines whether the password in the user verification information is the same as the password corresponding to the IMPI saved by the HSS, and if the same, the WebRTC server determines that the verification is successful; otherwise, the WebRTC server determines that the verification fails. ;
- the WebRTC server sends a user verification failure response to the WebRTC client, and the embodiment of the present invention ends;
- the WebRTC server generates a token (Token) having a one-to-one correspondence with the IMPI, and saves a correspondence between the token and the IMPI.
- token Token
- the token may be a verification code.
- the WebRTC server may use a hash algorithm to generate and the IMPI according to the IMPI and password in the user verification information. a one-to-one correspondence token;
- the WebRTC server sends a user authentication success response to the WebRTC client, where the user verification success response carries the token;
- the WebRTC server may send a user verification success response to the WebRTC client before, after, or at the same time as the correspondence between the token and the IMPI, which is not performed by the embodiment of the present invention.
- the WebRTC server further stores a correspondence between the identifier of the WebRTC gateway and the IMPI, and the WebRTC server may find the identifier of the WebRTC gateway corresponding to the IMPI according to the IMPI; the WebRTC server may Sending, by the user verification success response, the identifier of the WebRTC gateway to the WebRTC client, that is, carrying the identifier of the WebRTC gateway in the user verification success response;
- the identifier of the WebRTC gateway is used to identify the WebRTC gateway.
- the WebRTC gateway identifier may be an IP address of the WebRTC gateway.
- the WebRTC client establishes a communication connection between the WebRTC client and the WebRTC gateway;
- the webRTC client may establish a web socket connection between the webRTC client and the webRTC gateway according to the IP address of the webRTC client and the IP address of the webRTC gateway.
- the WebRTC client sends a first registration request carrying a token to the WebRTC gateway by using the communication connection;
- the embodiment of the present invention does not limit the specific form of the first registration request, as an example.
- the first registration request may be an HTTP request, or may be a WebSocket request using HTTP at the bottom;
- the first registration request may further carry the IMPI
- the WebRTC gateway After receiving the first registration request, the WebRTC gateway sends a token verification request to the WebRTC server, where the token verification request carries a token in the first registration request.
- the token verification request may be an HTTP GET request, or may be an HTTP POST request, which is not limited by the embodiment of the present invention
- the token verification request may further carry the IMPI
- the WebRTC server determines whether the token in the token verification request is valid, if yes, step S316 is performed, otherwise step S314 is performed;
- the WebRTC server may determine whether the token in the token verification request is valid in any of the following manners:
- the WebRTC server determines whether the WebRTC server saves the token in the token verification request, and if the token in the token verification request is saved, determines the token verification request The token is valid, otherwise it is determined that the token in the token verification request is invalid;
- the WebRTC server saves the correspondence between the token and the IMPI when generating the token, if the WebRTC server determines that the token in the token verification request is saved, then Therefore, it can be determined that the token in the token verification request is valid; mode 2: the first registration request and the token verification request can also carry the IMPI, and the WebRTC server determines the WebRTC server. Whether the saved token corresponding to the IMPI is the same as the token in the token verification request, if the same, determining that the token in the token verification request is valid, otherwise, determining the token verification request Invalid token in ;
- the WebRTC server sends a token verification failure response to the WebRTC gateway.
- the token verification failure response may be an HTTP response.
- the WebRTC gateway sends a registration failure response to the WebRTC client, where the embodiment of the present invention ends;
- the registration failure response may be an HTTP response
- the WebRTC server sends a token verification success response to the WebRTC gateway, where the WebRTC server may obtain the saved IMPI corresponding to the token according to the token, according to the IMPI. Obtaining an IP Multimedia Public Identity (IMMU) corresponding to the IMPI saved by the WebRTC server, and sending the IMPI and the IMPU to the WebRTC gateway by using the token verification success response;
- IMMU IP Multimedia Public Identity
- the token verification success response may be an HTTP response, such as HTTP 200 OK;
- the WebRTC gateway sends a second certificate registration request to the S-CSCF device by using the I-CSCF device, where the second registration request carries a user verification pass identifier;
- the user authentication is used to notify the S-CSCF device that the WebRTC user has passed the verification, and the second registration request may be a SIP request.
- the second registration request may further carry the IMPU, and the WebRTC gateway sends the second registration request to the I-CSCF device by using a P-CSCF device, where the I-CSCF device is according to the IMPU. Searching, in the HSS, an address of the S-CSCF corresponding to the IMPU, and sending the second registration request to the S-CSCF according to the address of the S-CSCF that is found;
- the second registration request may further carry the identifier of the WebRTC gateway and the IMPI;
- step S318-S319 may be continued, or step S320 may be directly performed by skipping steps S318-S319;
- S318 The S-CSCF device acquires an identifier of the WebRTC gateway that is saved by the HSS and is associated with the IMPI, and determines that the identifier of the WebRTC gateway corresponding to the IMPI saved by the HSS is carried in the second registration request. Is the identity of the WebRTC gateway the same, if the same, then execute Step S320, otherwise, step S319 is performed;
- the HSS may request the identifier of the WebRTC gateway corresponding to the IMPI to the WebRTC server in advance, and save the identifier.
- the S-CSCF device when the S-CSCF device receives the second registration request, the S-CSCF device searches for the IMPI in the HSS.
- S319 The S-CSCF device sends a registration failure response to the WebRTC client.
- S320 The S-CSCF device sends a registration success response to the WebRTC client by using the identifier according to the user verification.
- the step may further include:
- S320a The S-CSCF device sends a session initiation protocol-based registration success response to the WebRTC gateway.
- S320b The WebRTC gateway sends a registration success response based on the hypertext transmission protocol to the WebRTC client.
- session initiation protocol-based registration success response refers to a registration success response in the form of a session initiation protocol, such as SIP 200 OK.
- hypertext transfer protocol-based registration success response refers to the use of hypertext.
- the registration of the transport protocol format was successfully responded, such as HTTP 200 OK.
- the WebRTC gateway may record status information (eg, activation status information) of the WebRTC user.
- status information eg, activation status information
- the communication connection between the WebRTC client and the WebRTC gateway may be maintained in an activated state, and the WebRTC gateway is periodically A SIP-based re-registration request is sent to the S-CSCF device.
- a method for verifying the legitimacy of a user when a WebRTC guest
- the client uses the IMPI of the WebRTC user to log in
- the user authentication device can be based on the password in the user authentication information and The password corresponding to the IMPI saved by the HSS verifies the legality of the WebRTC user, thereby solving the problems existing in the prior art;
- the user authentication device is a WebRTC server
- the WebRTC server may request the HSS from the HSS.
- the WebRTC gateway can send a second registration request carrying the user authentication identifier to the S-CSCF device. So that the S-CSCF device can directly go to the WebRT after receiving the second registration request.
- the C client sends a registration success response, and the WebRTC user is not required to be authenticated, thereby reducing the processing load of the S-CSCF.
- FIG. 4 is a flowchart of a method for verifying the validity of a user according to an embodiment of the present invention.
- the embodiment of the present invention is applied to a scenario where a user authentication device is an HSS, that is, in the embodiment of the present invention,
- the method for verifying the validity of the WebRTC user by the HSS includes:
- S404 The WebRTC server sends the user verification information to the HSS.
- the HSS acquires a password corresponding to the IMPI saved by the HSS according to the IMPI in the user verification information.
- the HSS stores the user data of the IMS user, because the present The WebRTC user in the embodiment is also an IMS user. Therefore, the HSS stores the correspondence between the IMPI and the password of the WebRTC user, and the HSS can find the location according to the IMPI of the WebRTC user.
- step S406 The HSS verifies the validity of the WebRTC user according to the password in the user authentication information and the password corresponding to the IMPI saved by the HSS. If the verification is successful, step S408 is performed. Otherwise, Go to step S407:
- the HSS may verify the legality of the WebRTC user in the following manner:
- the HSS determines whether the password in the user authentication information is the same as the password corresponding to the IMPI saved by the HSS, and if the same, the HSS determines that the verification is successful; otherwise, the HSS determines that the verification fails;
- the HSS sends a user verification failure response to the WebRTC client by using the WebRTC server, where the embodiment of the present invention ends;
- the HSS sends a verification pass message to the WebRTC server.
- the method for verifying the legitimacy of a user is provided by the embodiment of the present invention.
- the user authentication device uses the IMPI of the WebRTC user to log in
- the user authentication device receives the user including the IMPI and the password sent by the WebRTC client.
- the user verification device can verify the legality of the WebRTC user according to the password in the user verification information and the password corresponding to the IMPI saved by the HSS, thereby solving the existing technology.
- the WebRTC server can forward the user authentication information after receiving the user authentication information by adding a communication interface between the WebRTC server and the HSS.
- the WebRTC gateway may send a second registration request carrying the user authentication pass identifier to the S-CSCF device, so that the S-CSCF device is After receiving the second registration request, you can Sending the registration success response directly to the WebRTC client, and no need to authenticate the WebRTC user, thereby reducing the processing load of the S-CSCF; in addition, the S-CSCF device receiving the second registration request First, the WebRTC gateway in the second registration request is sent for verification, and the registration success response is sent to the WebRTC client after the verification is passed, so that the WebRTC client can only initiate registration through a specific WebRTC gateway. As shown in FIG. 5, a system for verifying the legitimacy of a user is applied to a scenario in which a WebRTC server verifies the validity of a WebRTC user, and the system includes a WebRTC server 501 and an HSS 502. ,among them,
- the WebRTC server 501 is configured to receive user authentication information sent by a WebRTC client, where the user authentication information includes a username and password of a WebRTC user, the user name is IMPI, and the password carrying the IMPI is sent to the HSS 502. Request
- the HSS 502 is configured to receive a password request that is sent by the WebRTC server 501 to carry the IMPI, obtain a password corresponding to the IMPI saved by the HSS, and send a password response to the WebRTC server 501, where The password response carries a password corresponding to the IMPI saved by the HSS;
- the WebRTC server 501 is further configured to receive the password response, and verify the validity of the WebRTC user according to the password in the user verification information and the password in the password response message.
- FIG. 6 another system for verifying the legitimacy of a user according to an embodiment of the present invention is applied to a scenario in which the validity of a WebRTC user is verified by an HSS, and the system includes a WebRTC server 601 and an HSS. 602 , wherein
- the WebRTC server 601 is configured to receive user authentication information sent by a WebRTC client, where the user authentication information includes a username and a password of a WebRTC user, the user name is an IMPI, and the user authentication information is sent to the HSS 602.
- the HSS 602 is configured to receive the user verification information sent by the WebRTC server 601, and obtain a password corresponding to the IMPI saved by the HSS 602 according to an IMPI in the user verification information, and according to the The password in the user authentication information and the password corresponding to the IMPI saved by the HSS 602 are verified for the validity of the WebRTC user.
- a user authentication device may be applied to a system as shown in FIG. 5 or 6.
- the user authentication device includes:
- the receiving unit 701 is configured to receive user authentication information sent by the WebRTC client, where the user verification information includes a username and password of the WebRTC user, and the user name is IMPI;
- the obtaining unit 702 is configured to obtain, according to the IMPI received by the receiving unit 701, a password that is saved by the HSS and corresponding to the IMPI.
- the verification unit 703 is configured to verify the legality of the WebRTC user according to the password received by the receiving unit 701 and the password acquired by the obtaining unit 702.
- the verification unit 703 may be specifically configured to determine whether the password received by the receiving unit 701 is the same as the password acquired by the obtaining unit 702. If the password is the same, it is determined that the verification is successful; otherwise, the verification fails. .
- the user verification device may be
- the WebRTC server that is, the validity of the WebRTC user is verified by the WebRTC server
- the user authentication device further includes a sending unit
- the obtaining unit 703 is specifically configured to send a password request to the HSS by using the sending unit, the password Requesting to carry the IMPI, and receiving, by the receiving unit 701, a password response sent by the HSS, where the password response carries a password corresponding to the IMPI saved by the HSS.
- the user authentication device may further include a token generating unit, where the token generating unit is configured to generate a one-to-one correspondence with the IMPI after the verification unit 703 successfully verifies the validity of the WebRTC user. a token of the relationship, and storing a correspondence between the token and the IMPI; the sending unit is further configured to send a user verification success response to the WebRTC client, The user verification success response carries the token generated by the token generation unit.
- the receiving unit 701 may be further configured to: after the sending unit sends the user verification success response to the WebRTC client, receive a token verification request sent by a WebRTC gateway, where the token verification request is The WebRTC gateway sends the first registration request sent by the WebRTC client to the WebRTC server, where the first registration request carries a token, and the token verification request carries the first registration request.
- Token
- the verification unit 703 is further configured to determine whether the user verification device saves the token in the token verification request;
- the sending unit is further configured to send a token verification success response to the WebRTC gateway when the verification unit 703 determines that the user verification device saves the token in the token verification request.
- the first registration request and the token verification request may further carry the IMPI
- the verification unit 703 further It may be used to determine whether the token corresponding to the IMPI saved by the user verification device is the same as the token in the token verification request received by the receiving unit 701; the sending unit may also be used in the verification
- the unit 703 determines that the token corresponding to the IMPI saved by the user verification device is the same as the token in the token verification request, and sends a token verification success response to the WebRTC gateway.
- the user authentication device may be the HSS, that is, the validity of the WebRTC user is verified by the HSS, and the receiving unit 701 may be specifically configured to pass The WebRTC server receives the user test sent by the WebRTC client
- another user authentication device may be applied to the system shown in FIG. 5 or 6, the user authentication device includes:
- the receiver 801 is configured to receive user authentication information sent by the WebRTC client, where the user authentication information includes a user name and password of the WebRTC user, and the user name is an IMPI;
- the processor 802 is configured to obtain, according to the UI received by the receiver 801, a password corresponding to the UI saved by the HSS, and according to the password received by the receiver 801 and the HSS and the HSS corresponding to the UI A password that verifies the legitimacy of the WebRTC user.
- the processor 802 may be specifically configured to determine whether the password received by the receiver 801 is the same as the password corresponding to the IMPI saved by the HSS, and if the same, the verification is successful; otherwise, , to determine the verification failed.
- the user verification device may be
- the WebRTC server that is, the validity of the WebRTC user is verified by the WebRTC server
- the user authentication device further includes a sender; the processor 802 is specifically configured to send a password request to the HSS by using the sender, the password
- the request carries the IMPI, and receives, by the receiver 801, a password response sent by the HSS, where the password response carries a password corresponding to the IMPI saved by the HSS.
- the processor 802 is further configured to: after the validity verification of the validity of the WebRTC user is successful, generate a token having a one-to-one correspondence with the IMPI, and save a correspondence between the token and the IMPI. ;
- the transmitter is further configured to send a user authentication success response to the WebRTC client, and the user verification success response carries the token generated by the processor 802.
- the receiver 801 may be further configured to: after the sender sends the user verification success response to the WebRTC client, receive a token verification request sent by a WebRTC gateway, where the token verification request is The WebRTC gateway sends the first registration request sent by the WebRTC client to the WebRTC server, where the first registration request carries a token, and the token verification request carries the first registration request.
- Token
- the processor 802 is further configured to determine whether the user verification device saves the token in the token verification request;
- the transmitter may be further configured to determine, at the processor 802, that the user verification device saves When the token in the token verification request is described, a token verification success response is sent to the WebRTC gateway.
- the first registration request and the token verification request may further carry the IMPI
- the processor 802 further It may be used to determine whether the token corresponding to the IMPI saved by the user verification device is the same as the token in the token verification request received by the receiver 801; the sender may also be used in the processing
- the router 802 determines that the token corresponding to the IMPI saved by the user authentication device is the same as the token in the token verification request, and sends a token verification success response to the WebRTC gateway.
- the user authentication device may be the HSS, that is, the validity of the WebRTC user is verified by the HSS, and the receiver 801 may be specifically configured to pass
- the WebRTC server receives a method, a device, and a system for verifying the legitimacy of a user provided by the user of the WebRTC client, and when the WebRTC client uses the IMPI of the WebRTC user to log in, After the user authentication device receives the user authentication information that is sent by the WebRTC client and includes the IMPI and the password, the user authentication device can be configured according to the password in the user authentication information and the password corresponding to the IMPI saved by the HSS.
- the WebRTC server may request the HSS to save the password corresponding to the IMPI saved by the HSS, so that the WebRTC server can also verify the validity of the WebRTC user;
- the WebRTC server may forward the user authentication information to the HSS after receiving the user authentication information by adding a communication interface between the WebRTC server and the HSS.
- the WebRTC gateway may send a second registration request carrying the user authentication pass identifier to the S-CSCF device, so that the S-CSCF device may directly send the WebRTC client after receiving the second registration request.
- the sending a registration success response does not need to authenticate the WebRTC user, thereby reducing the processing load of the S-CSCF.
- the S-CSCF device first sends the second registration request when receiving the second registration request.
- the WebRTC gateway in the second registration request performs verification, and sends a registration success response to the WebRTC client after the verification is passed, so that the WebRTC client can only initiate registration through a specific WebRTC gateway.
- Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
- a storage medium may be any available media that can be accessed by a computer.
- computer readable media may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, disk storage media or other magnetic storage device, or can be used for carrying or storing in the form of an instruction or data structure.
- connection may suitably be a computer readable medium.
- the software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave
- coaxial cable , fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwaves are included in the fixing of the associated media.
- disks and discs include compact discs (CD I laser discs, optical discs, digital versatile discs (DVD floppy discs and Blu-ray discs, in which discs are usually magnetically replicated, while discs are laser-reproduced) Optically replicated data.
- CD I laser discs compact discs
- optical discs optical discs
- DVD floppy discs and Blu-ray discs in which discs are usually magnetically replicated, while discs are laser-reproduced
- each embodiment in this specification is described in a progressive manner.
- the same similar parts between the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments.
- the description is relatively simple, and the execution process of each unit specific function can be referred to the partial description of the method embodiment.
- the device embodiments described above are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, ie may be located in one place. Or it can be distributed to multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment. Those of ordinary skill in the art can understand and implement without any creative effort.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Telephonic Communication Services (AREA)
- Information Transfer Between Computers (AREA)
Abstract
本发明涉及通信技术领域,尤其涉及一种对用户的合法性进行验证的方法、装置及系统。本发明实施例提供一种对用户的合法性进行验证的方法,用户验证设备接收WebRTC客户端发送的用户验证信息,所述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为IMPI,所述用户验证设备根据所述IMPI,获取HSS保存的与所述IMPI对应的密码,并根据所述用户验证信息中的密码以及所述HSS保存的与所述IMPI对应的密码,对所述WebRTC用户的合法性进行验证。通过本发明实施例提供的方法,使用户验证设备在WebRTC客户端使用WebRTC用户的IMPI进行登陆时,能够对所述WebRTC用户的合法性进行验证。
Description
一种对用户的合法性进行验证的方法、 装置及系统 本申请要求于 2013年 7月 8日提交中国专利局、申请号为 201310284428.9、 发明名称为"一种对用户的合法性进行验证的方法、 装置及系统"的中国专利申 请的优先权,其全部内容通过引用结合在本申请中。 技术领域
本发明涉及通信技术领域,尤其涉及一种对用户的合法性进行验证的方 法、 装置及系统。
背景技术
网页实时通信( Web Real-Time Communications, WebRTC )技术是一种在 浏览器内支持音视频实时通信的技术,通过该技术,可以实现基于网页的视频 会议。 在 WebRTC 用户使用 WebRTC 客户端与其他用户进行通信之前,该 WebRTC客户端需要使用该 WebRTC用户的用户名和密码进行登陆。 其中, 该 WebRTC用户的用户名由 WebRTC服务器进行分配,该 WebRTC服务器保 存有该 WebRTC用户的用户名以及该 WebRTC用户设置的密码。 为了确保用户的合法性,在该 WebRTC客户端进行登陆时,该 WebRTC 服务器需要对该 WebRTC用户的合法性进行验证,即该 WebRTC服务器需要 确定该 WebRTC客户端登陆时所使用的用户名与密码是否匹配。
由于网际协议( Internet Protocol , IP )多媒体子系统(IP Multimedia Subsystem , IMS )独立于接入技术且基于 IP通道,因此,可以将 WebRTC客 户端接入到 IMS并由 IMS实现呼叫控制并提供多媒体业务。这时,该 WebRTC 客户端登陆时所使用的用户名还可以是该 WebRTC用户签约 IMS业务时 JMS 网络运营商为该 WebRTC用户分配的网际协议多媒体私有标识( IP Multimedia Private Identity , IMPI )。 其中, IMS网络运营商是指为该 WebRTC用户提供
IMS业务的网络运营商。 通过对现有技术的分析,发明人认为现有技术至少存在以下问题: 当 WebRTC客户端使用 WebRTC服务器为 WebRTC用户分配的用户名进 行登陆时,该 WebRTC服务器可以直接对该 WebRTC用户的合法性进行验证。 但是,当该 WebRTC客户端使用该 WebRTC用户的 IMPI进行登陆时,在现有 的 WebRTC架构下,还不存在一种能够对该 WebRTC用户的合法性进行验证 的有效机制。
发明内容
为克服现有技术的缺陷,本发明实施例的目的在于提供一种对用户的合法 性进行验证的方法、 装置及系统,以便在 WebRTC客户端使用 WebRTC用户 的 IMPI进行登录时,能够对该 WebRTC用户的合法性进行验证。 第一方面,本发明实施例提供一种对用户的合法性进行验证的方法,包括: 用户验证设备接收 WebRTC客户端发送的用户验证信息,所述用户验证信 息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI;
所述用户验证设备根据所述 IMPI ,获取归属用户服务器( Home Subscriber Server , HSS )保存的与所述 IMPI对应的密码; 所述用户验证设备根据所述用户验证信息中的密码以及所述 HSS 保存的 与所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证。 在第一方面的第一种可能的实施方式中,所述用户验证设备为 WebRTC服 务器,则所述用户验证设备根据所述 IMPI ,获取所述 HSS保存的与所述 IMPI 对应的密码,包括:
所述 WebRTC服务器向所述 HSS发送密码请求,所述密码请求携带所述 IMPI;所述 WebRTC服务器接收所述 HSS发送的密码响应,所述密码响应携 带所述 HSS保存的与所述 IMPI对应的密码。
结合第一方面的第一种可能的实施方式,在第一方面的第二种可能的实施
方式中,在对所述 WebRTC用户的合法性验证成功之后,所述 WebRTC服务器 生成与所述 IMPI具有一一对应关系的令牌,并保存所述令牌与所述 IMPI的对 应关系;所述 WebRTC服务器向所述 WebRTC客户端发送用户验证成功响应, 所述用户验证成功响应携带所述令牌。
结合第一方面的第二种可能的实施方式,在第一方面的第三种可能的实施 方式中,在所述 WebRTC服务器向所述 WebRTC客户端发送所述用户验证成功 响应之后,所述 WebRTC服务器接收 WebRTC网关发送的令牌验证请求,所述 令牌验证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一注册 请求后向所述 WebRTC服务器发送的,其中,所述第一注册请求携带令牌,所 述令牌验证请求携带所述第一注册请求中的令牌;所述 WebRTC服务器判断所 述 WebRTC 服务器是否保存有所述令牌验证请求中的令牌;若所述 WebRTC 服务器保存有所述令牌验证请求中的令牌,则所述 WebRTC 服务器向所述 WebRTC网关发送令牌验证成功响应。
结合第一方面的第三种可能的实施方式,在第一方面的第四种可能的实施 方式中,在所述 WebRTC服务器向所述 WebRTC网关发送所述令牌验证成功响 应之后,服务 -呼叫会话控制功能(Serving-Call Session Control Function , S-CSCF )设备通过查询 -呼叫会话控制功能( Interrogating-Call Session Control Function , I-CSCF )设备接收所述 WebRTC网关发送的发送的第二注册请求, 所述第二注册请求携带用户验证通过标识;所述 S-CSCF设备根据所述用户验 证通过标识,向所述 WebRTC客户端发送注册成功响应。
结合第一方面的第四种可能的实施方式,在第一方面的第五种可能的实施 方式中,所述第二注册请求还携带所述 IMPI以及所述 WebRTC网关的标识, 在所述 S-CSCF设备根据所述用户验证通过标识,向所述 WebRTC客户端发送 所述注册成功响应之前,所述 S-CSCF设备获取所述 HSS保存的与所述 IMPI 对应的 WebRTC 网关的标识,并判断所述 HSS 保存的与所述 IMPI 对应的
WebRTC网关的标识与所述第二注册请求中携带的 WebRTC网关的标识是否相 同,若相同,则向所述 WebRTC客户端发送所述注册成功响应。
在第一方面的第六种可能的实施方式中,所述用户验证设备为所述 HSS , 则所述用户验证设备接收所述 WebRTC 客户端发送的所述用户验证信息,包 括:
所述 HSS通过 WebRTC服务器接收所述 WebRTC客户端发送的所述用户 验证信息。
结合第一方面,或第一方面的第一至第六种可能的实施方式中的任意一种 实施方式,所述用户验证设备根据所述用户验证信息中的密码以及所述 HSS 保存的与所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证,包 括:
所述用户验证设备判断所述用户验证信息中的密码与所述 HSS 保存的与 所述 IMPI对应的密码是否相同,若相同,则所述用户验证设备确定验证成功; 否则,所述用户验证设备确定验证失败。
第二方面,本发明实施例提供一种用户验证设备,包括:
接收单元,用于接收 WebRTC客户端发送的用户验证信息,所述用户验证 信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI;
获取单元,用于根据所述接收单元接收的 IMPI ,获取 HSS保存的与所述 IMPI对应的密码;
验证单元,用于根据所述接收单元接收的密码以及所述获取单元获取的密 码,对所述 WebRTC用户的合法性进行验证。
在第二方面的第一种可能的实施方式中,所述用户验证设备为 WebRTC服 务器,所述设备还包括发送单元,则所述获取单元具体用于通过所述发送单元 向所述 HSS发送密码请求,所述密码请求携带所述 IMPI ,并通过所述接收单 元接收所述 HSS发送的密码响应,所述密码响应携带所述 HSS保存的与所述
IMPI对应的密码。
结合第二方面的第一种可能的实施方式,在第二方面的第二种可能的实施 方式中,所述用户验证设备还包括令牌生成单元,所述令牌生成单元用于在所 述验证单元对所述 WebRTC用户的合法性验证成功之后,生成与所述 IMPI具 有一一对应关系的令牌,并保存所述令牌与所述 IMPI的对应关系;
所述发送单元还用于向所述 WebRTC客户端发送用户验证成功响应,所述 用户验证成功响应携带所述令牌生成单元生成的令牌。
结合第二方面的第二种可能的实施方式,在第二方面的第三种可能的实施 方式中,所述接收单元还用于在所述发送单元向所述 WebRTC客户端发送所述 用户验证成功响应之后,接收 WebRTC网关发送的令牌验证请求,所述令牌验 证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一注册请求后 向所述 WebRTC服务器发送的,其中,所述第一注册请求携带令牌,所述令牌 验证请求携带所述第一注册请求中的令牌;
所述验证单元还用于判断所述用户验证设备是否保存有所述令牌验证请 求中的令牌;
所述发送单元还用于在所述验证单元确定所述用户验证设备保存有所述 令牌验证请求中的令牌时,向所述 WebRTC网关发送令牌验证成功响应。
在第二方面的第四种可能的实施方式中,所述用户验证设备为所述 HSS , 则所述接收单元具体用于通过 WebRTC服务器接收所述 WebRTC客户端发送的 所述用户验证信息。
结合第二方面,或第二方面的第一至第四种可能的实施方式中的任意一种 实施方式,在第二方面的第五种可能的实施方式中,所述验证单元具体用于判 断所述接收单元接收的密码与所述获取单元获取的密码是否相同,若相同,则 确定验证成功;否则,确定验证失败。
第三方面,本发明实施例提供一种对用户的合法性进行验证的系统,包括
WebRTC服务器以及 HSS ,其中,
所述 WebRTC服务器,用于接收 WebRTC客户端发送的用户验证信息,所 述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI ,并 向所述 HSS发送携带所述 IMPI的密码请求;
所述 HSS ,用于接收所述 WebRTC服务器发送的携带所述 IMPI的密码请 求,获取所述 HSS保存的与所述 IMPI对应的密码,并向所述 WebRTC服务器 发送密码响应,所述密码响应携带所述 HSS保存的与所述 IMPI对应的密码; 所述 WebRTC服务器,还用于接收所述密码响应,根据所述用户验证信息 中的密码以及所述密码响应消息中的密码,对所述 WebRTC用户的合法性进行 验证。
第四方面,本发明实施例提供一种对用户的合法性进行验证的系统,包括 WebRTC服务器以及 HSS ,其中,
所述 WebRTC服务器,用于接收 WebRTC客户端发送的用户验证信息,所 述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI ,并 向所述 HSS发送所述用户验证信息;
所述 HSS ,用于接收所述 WebRTC服务器发送的所述用户验证信息,根据 所述用户验证信息中的 IMPI ,获取所述 HSS保存的与所述 IMPI对应的密码, 并根据所述用户验证信息中的密码以及所述 HSS保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证。
本发明实施例提供的一种对用户的合法性进行验证的方法、 装置及系统, 当 WebRTC客户端使用 WebRTC用户的 IMPI进行登陆时,在用户验证设备接 收到所述 WebRTC客户端发送的包含 IMPI和密码的用户验证信息后,所述用 户验证设备能够根据所述用户验证信息中的密码以及 HSS保存的与所述 IMPI 对应的密码,对所述 WebRTC用户的合法性进行验证,从而解决了现有技术存 在的问题。
附图说明
为了更清楚地说明本发明实施例的技术方案,下面将对实施例或现有技术 描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅 是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动 的前提下,还可以根据这些附图获得其他的附图。
图 1为本发明实施例提供的一种对用户的合法性进行验证的系统架构图; 图 2为本发明实施例提供的一种对用户的合法性进行验证的方法流程图; 图 3 为本发明实施例提供的另一种对用户的合法性进行验证的方法流程 图;
图 4 为本发明实施例提供的又一种对用户的合法性进行验证的方法流程 图;
图 5为本发明实施例提供的一种对用户的合法性进行验证的系统结构图; 图 6 为本发明实施例提供的另一种对用户的合法性进行验证的系统结构 图;
图 7为本发明实施例提供的一种用户验证设备的结构图; 图 8为本发明实施例提供的另一种用户验证设备的结构图。
具体实施方式
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清 楚、 完整地描述,显然,所描述的实施例仅仅是本发明的一部分实施例,而不 是全部实施例。 基于本发明中的实施例,本领域普通技术人员在没有作出创造 性劳动前提下获得的所有其他实施例,都属于本发明保护的范围。
如图 1所示,为本发明实施例提供的一种对用户的合法性进行验证的系统 架构图。 其中, WebRTC服务器也称为 WebRTC入口(Portal 所述 WebRTC 服务器可以通过新增的 RTC接口与归属用户服务器( Home Subscriber Server ,
HSS )进行通信, HSS保存有 IMS用户的用户数据; WebRTC网关主要用于在 超文本传输协议(Hypertext Transfer Protocol , HTTP )消息与会话发起协议 ( Session Initiation Protocol , SIP )消息之间进行转换。 WebRTC客户端可以通 过 WebRTC网关向呼叫会话控制功能( Call Session Control Function , CSCF ) 设备发起注册,具体地,所述 WebRTC客户端可以通过 WebRTC网关将注册请 求发送到代理 -呼叫会话控制功能(Proxy-Call Session Control Function , P-CSCF )设备,所述 P-CSCF设备接收到所述注册请求后,将所述注册请求发 送到查询 -呼叫会话控制功能(Interrogating-Call Session Control Function , I-CSCF )设备,所述 I-CSCF设备在所述 HSS中查找到 WebRTC用户归属的服 务-呼叫会话控制功能( Serving-Call Session Control Function , S-CSCF )设备后, 向所述 S-CSCF设备发送所述注册请求。
其中,在所述 WebRTC客户端使用 WebRTC用户的 IMPI进行登陆时,所 述 WebRTC 客户端需要向所述 WebRTC 服务器发送用户验证信息。 所述 WebRTC 服务器根据所述用户验证信息对所述 WebRTC 用户的合法性进行验 证,或者,所述 WebRTC服务器向 HSS转发所述用户验证信息,由所述 HSS 对所述 WebRTC 用户的合法性进行验证。 其中,所述用户验证信息包括所述 WebRTC用户的用户名和密码,所述用户名为 IMPI。
基于图 1 所示的系统架构图,本发明实施例提供一种对用户的合法性进行 验证的方法,如图 2所示,包括:
S201:用户验证设备接收 WebRTC客户端发送的用户验证信息,所述用户 验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI;
其中,所述用户验证设备可以是 WebRTC服务器或 HSS ,在所述 WebRTC 客户端接收到 WebRTC用户输入的用户名和密码后,所述 WebRTC客户端将包 含用户名和密码的用户验证信息发送到所述用户验证设备;当所述用户验证设 备是 HSS时,所述 HSS可以通过 WebRTC服务器接收所述 WebRTC客户端发
送的所述用户验证信息;
其中,需要说明的是,本发明实施例中的 WebRTC用户同时也是 IMS用 户,在本发明实施例中,所谓 IMS 用户是指签约了 IMS 业务的用户,所谓 WebRTC用户是指签约了 WebRTC业务的用户;
5202:所述用户验证设备根据所述 IMPI ,获取 HSS 保存的与所述 IMPI 对应的密码;
其中,所述 HSS保存有所述 IMPI与所述 WebRTC用户签约 IMS业务时 所设置的密码的对应关系;当所述用户验证设备是 WebRTC 服务器时,所述 WebRTC服务器可以向所述 HSS发送携带所述 IMPI的密码请求,并通过所述 HSS发送的密码响应获得所述 HSS保存的与所述 IMPI对应的密码;当所述用 户验证设备是所述 HSS时,所述 HSS可以直接根据所述 IMPI ,获取所述 HSS 保存的与所述 IMPI对应的密码;
其中,需要说明的是,当所述 WebRTC用户更改了其所签约的 IMS业务 的密码时 ,所述 HSS会将已保存的与所述 IMPI对应的密码更新为所述 WebRTC 用户更改后的密码,也就是说,根据所述 IMPI就可以在所述 HSS中查找到所 述 WebRTC用户最新设置的密码;
5203:所述用户验证设备根据所述用户验证信息中的密码以及所述 HSS 保存的与所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证; 其中,所述用户验证设备可以采用以下方式对所述 WebRTC用户的合法性 进行验证:
所述用户验证设备判断所述用户验证信息中的密码与所述 HSS 保存的与 所述 IMPI对应的密码是否相同,若相同,则所述用户验证设备确定验证成功, 否则所述用户验证设备确定验证失败。
本发明实施例提供的一种对用户的合法性进行验证的方法,当 WebRTC客 户端使用 WebRTC 用户的 IMPI 进行登陆时,在用户验证设备接收到所述
WebRTC客户端发送的包含 IMPI和密码的用户验证信息后,所述用户验证设 备能够根据所述用户验证信息中的密码以及 HSS保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证,从而解决了现有技术存在的问题; 其次,在所述用户验证设备是 HSS时,通过在 WebRTC服务器与所述 HSS之 间新增通信接口 ,使得 WebRTC服务器在接收到所述用户验证信息后,可以将 所述用户验证信息转发给所述 HSS ,由所述 HSS对所述 WebRTC用户的合法 性进行验证;再次,在所述用户验证设备是 WebRTC服务器时,当所述 WebRTC 服务器接收到所述用户验证信息时,虽然由于安全性的原因,所述 WebRTC服 务器没有保存所述 WebRTC用户签约的 IMS业务的密码等用户数据,但是所 述 WebRTC服务器可以向所述 HSS请求所述 HSS保存的与所述 IMPI对应的 密码,从而使得所述 WebRTC服务器也能够对所述 WebRTC用户的合法性进行 验证。 如图 3所示,为本发明实施例提供的一种对用户的合法性进行验证的方法 流程图,本发明实施例应用于用户验证设备是 WebRTC服务器的场景,即在本 发明实施例中,由 WebRTC服务器对 WebRTC用户的合法性进行验证,本发明 实施例提供的方法包括:
5301: WebRTC客户端向 WebRTC服务器发送页面登陆请求;
其中,作为示例而非限定,所述登陆页面请求可以是一个 HTTP GET请求, 也可以是一个 HTTP POST请求;
5302:所述 WebRTC客户端接收所述 WebRTC服务器发送的页面登陆响 应,并呈现登陆页面;
5303:在接收到 WebRTC用户输入的用户名和密码后,所述 WebRTC客 户端向所述 WebRTC 服务器发送用户验证信息,所述用户验证信息包括所述 WebRTC用户的所述用户名和所述密码,所述用户名为 IMPI;
其中,需要说明的是,所述 WebRTC客户端可以通过 HTTP GET请求或
HTTP POST请求向所述 WebRTC服务器发送所述用户验证信息,本发明实施 例并不对此进行限定;所述 WebRTC用户将所述 WebRTC用户签约 IMS业务 时 IMS网络运营商提供的所述 IMPI作为用户名进行登陆;
5304:所述 WebRTC服务器向 HSS发送密码请求,所述密码请求携带所 述 IMPI;
其中,所述密码请求可以是一个 Diameter请求,所述 WebRTC服务器可以 通过所述 WebRTC服务器与所述 HSS之间的 RTC接口 ,向所述 HSS发送所述 密码请求;
5305:所述 HSS查找其保存的与所述 IMPI对应的密码,并将查找到的密 码通过密码响应发送给所述 WebRTC服务器;
其中,需要说明的是,所述 HSS保存有 IMS用户的用户数据,由于本发 明实施例中的 WebRTC用户同时也是 IMS用户,因此,所述 HSS保存有所述 WebRTC用户的 IMPI与密码之间的对应关系,所述 HSS 可以根据所述所述 WebRTC用户的 IMPI查找到与所述 IMPI对应的密码;
5306:所述 WebRTC服务器根据所述用户验证信息中的密码以及所述 HSS 保存的与所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证,若 验证成功,则执行步骤 S308 ,否则,执行步骤 S307;
其中,所述 WebRTC服务器可以采用以下方式对所述 WebRTC用户的合法 性进行验证:
所述 WebRTC服务器判断所述用户验证信息中的密码与所述 HSS保存的 与所述 IMPI对应的密码是否相同,若相同,则所述 WebRTC服务器确定验证 成功;否则,所述 WebRTC服务器确定验证失败;
5307:所述 WebRTC服务器向所述 WebRTC客户端发送用户验证失败响 应,本发明实施例结束;
其中,需要说明的是,所述用户验证失败响应可以是一个 HTTP响应;
5308:所述 WebRTC服务器生成与所述 IMPI 具有一一对应关系的令牌 ( Token ) ,并保存所述令牌与所述 IMPI的对应关系;
其中,需要说明的是,所述令牌可以是一个验证码,作为示例而非限定, 所述 WebRTC服务器可以利用哈希算法,根据所述用户验证信息中的 IMPI和 密码生成与所述 IMPI具有一一对应关系的令牌;
5309:所述 WebRTC服务器向所述 WebRTC客户端发送用户验证成功响 应,所述用户验证成功响应携带所述令牌;
其中,需要说明的是,所述 WebRTC 服务器可以在保存所述令牌与所述 IMPI的对应关系之前、 之后或同时向所述 WebRTC客户端发送用户验证成功 响应,本发明实施例并不对此进行限定;
其中,所述 WebRTC服务器还保存有 WebRTC网关的标识与所述 IMPI之 间对应关系,所述 WebRTC服务器可以根据所述 IMPI ,查找到与所述 IMPI对 应的 WebRTC网关的标识;所述 WebRTC服务器可以通过所述用户验证成功响 应将所述 WebRTC网关的标识发送给所述 WebRTC客户端,也就是说可以在所 述用户验证成功响应中携带所述 WebRTC网关的标识;
其中,所述 WebRTC网关的标识用于标识所述 WebRTC网关,作为示例而 非限定,所述 WebRTC网关标识可以是所述 WebRTC网关的 IP地址;
5310:所述 WebRTC客户端建立所述 WebRTC客户端与 WebRTC网关之 间的通信连接;
其中,所述 WebRTC客户端可以根据所述 WebRTC客户端的 IP地址以及 所述 WebRTC网关的 IP地址,建立所述 WebRTC客户端与所述 WebRTC网关 之间的网页套接字( WebSocket )连接;
5311:所述 WebRTC客户端通过所述通信连接向所述 WebRTC网关发送携 带令牌的第一注册请求;
其中,本发明实施例并不限定所述第一注册请求的具体形式,作为示例而
非限定,所述第一注册请求可以是一个 HTTP 请求,也可以是一个底层采用 HTTP的 WebSocket请求;
其中,需要说明的是,所述第一注册请求还可以携带所述 IMPI;
5312:所述 WebRTC 网关接收到所述第一注册请求后,向所述 WebRTC 服务器发送令牌验证请求,所述令牌验证请求携带所述第一注册请求中的令 牌;
其中,所述令牌验证请求可以是 HTTP GET请求,也可以是 HTTP POST 请求,本发明实施例并不对此进行限定;
其中,需要说明的是,所述令牌验证请求还可以携带所述 IMPI;
5313:所述 WebRTC服务器判断所述令牌验证请求中的令牌是否有效,若 有效,则执行步骤 S316 ,否则执行步骤 S314;
其中,所述 WebRTC服务器可以采用以下任一方式判断所述令牌验证请求 中的令牌是否有效:
方式一:所述 WebRTC服务器判断所述 WebRTC服务器是否保存有所述令 牌验证请求中的令牌,若保存有所述令牌验证请求中的令牌,则确定所述令牌 验证请求中的令牌有效,否则确定所述令牌验证请求中的令牌无效;
其中,需要说明的是,由于所述 WebRTC服务器在生成令牌时,保存了令 牌与 IMPI的对应关系,因此,如果所述 WebRTC服务器确定保存有所述令牌 验证请求中的令牌,那么也就能够确定该令牌验证请求中的令牌是有效的; 方式二: 由于所述第一注册请求以及所述令牌验证请求还可以携带所述 IMPI ,所述 WebRTC服务器判断所述 WebRTC服务器保存的与所述 IMPI对应 的令牌是否与所述令牌验证请求中的令牌相同,若相同,则确定所述令牌验证 请求中的令牌有效,否则,确定所述令牌验证请求中的令牌无效;
5314:所述 WebRTC服务器向所述 WebRTC网关发送令牌验证失败响应; 其中,需要说明的是,所述令牌验证失败响应可以是一个 HTTP响应;
5315:所述 WebRTC网关向所述 WebRTC客户端发送注册失败响应,本 发明实施例结束;
其中,需要说明的是,所述注册失败响应可以是一个 HTTP响应;
5316:所述 WebRTC服务器向所述 WebRTC网关发送令牌验证成功响应; 其中,所述 WebRTC服务器可以根据所述令牌,获取其保存的与所述令牌 对应的所述 IMPI ,根据所述 IMPI获得所述 WebRTC服务器保存的与所述 IMPI 对应的 IP多媒体公共标识( IP Multimedia Public Identity , IMPU ) ,并通过所述 令牌验证成功响应向所述 WebRTC网关发送所述 IMPI以及与所述 IMPU; 其中,需要说明的是,所述令牌验证成功响应可以是一个 HTTP响应,例 如 HTTP 200 OK;
5317:所述 WebRTC网关通过 I-CSCF设备向 S-CSCF设备发送第二证注 册请求,所述第二注册请求携带用户验证通过标识;
其中,所述用户验证通过标识用于通知所述 S-CSCF设备所述 WebRTC用 户已经通过验证,所述第二注册请求可以是一个 SIP请求;
其中,所述第二注册请求还可以携带所述 IMPU ,所述 WebRTC网关通过 P-CSCF设备向所述 I-CSCF设备发送所述第二注册请求,所述 I-CSCF设备根 据所述 IMPU在所述 HSS中查找与所述 IMPU对应的 S-CSCF的地址,并根据 查找到的所述 S-CSCF的地址,向所述 S-CSCF发送所述第二注册请求;
其中,需要说明的是,所述第二注册请求还可以携带所述 WebRTC网关的 标识以及所述 IMPI;
可选地,可以继续执行步骤 S318-S319 ,也可以跳过步骤 S318-S319直接 执行步骤 S320;
S318所述 S-CSCF设备获取所述 HSS保存的与所述 IMPI对应的 WebRTC 网关的标识,并判断所述 HSS保存的与所述 IMPI对应的 WebRTC网关的标识 与所述第二注册请求中携带的 WebRTC网关的标识是否相同,若相同,则执行
步骤 S320 ,否则,执行步骤 S319;
其中,需要说明的是,由于所述 WebRTC服务器保存有 WebRTC网关的标 识与 IMPI之间的对应关系,因此,所述 HSS可以预先向 WebRTC服务器请求 与所述 IMPI对应的 WebRTC网关的标识,并保存所述 IMPI与所述 WebRTC 网关的标识之间的对应关系,当所述 S-CSCF设备接收到所述第二注册请求时, 所述 S-CSCF设备在所述 HSS中查找与所述 IMPI对应的 WebRTC网关的标识;
5319:所述 S-CSCF设备向所述 WebRTC客户端发送注册失败响应;
5320:所述 S-CSCF设备根据所述用户验证通过标识,向所述 WebRTC客 户端发送注册成功响应;
具体地,如图 3所示,该步骤可以进一步包括:
S320a:所述 S-CSCF设备向所述 WebRTC网关发送基于会话发起协议的 注册成功响应;
S320b:所述 WebRTC网关向所述 WebRTC客户端发送基于超文本传输协 议的注册成功响应;
其中,需要说明的是,所谓基于会话发起协议的注册成功响应是指采用了 会话发起协议格式的注册成功响应,例如 SIP 200 OK ,所谓基于超文本传输协 议的注册成功响应是指采用了超文本传输协议格式的注册成功响应,例如 HTTP 200 OK。
可选地,在接收到所述基于 SIP的注册成功响应后,所述 WebRTC网关可 以记录所述 WebRTC用户的状态信息(例如,激活状态信息
其中,需要说明的是,在注册成功之后,为了确保 WebRTC用户处于激活 状态,所述 WebRTC客户端与所述 WebRTC网关之间的通信连接可以被保持激 活的状态,并使所述 WebRTC网关周期性地向 S-CSCF设备发送基于 SIP的重 注册请求。
本发明实施例提供的一种对用户的合法性进行验证的方法,当 WebRTC客
户端使用 WebRTC 用户的 IMPI 进行登陆时,在用户验证设备接收到所述 WebRTC客户端发送的包含 IMPI和密码的用户验证信息后,所述用户验证设 备能够根据所述用户验证信息中的密码以及 HSS保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证,从而解决了现有技术存在的问题; 其次,在所述用户验证设备是 WebRTC服务器时,当所述 WebRTC服务器接收 到所述用户验证信息时,虽然由于安全性的原因,所述 WebRTC服务器没有保 存有所述 WebRTC用户签约的 IMS业务的密码等用户数据但是所述 WebRTC 服务器可以向所述 HSS请求所述 HSS保存的与所述 IMPI对应的密码,从而使 得所述 WebRTC服务器也能够对所述 WebRTC用户的合法性进行验证;再次, WebRTC网关可以向 S-CSCF设备发送携带用户验证通过标识的第二注册请求, 使得所述 S-CSCF设备在接收到第二注册请求后,可以直接向 WebRTC客户端 发送注册成功响应,不需再对所述 WebRTC用户进行鉴权,从而降低了 S-CSCF 的处理负荷;另外,所述 S-CSCF设备在接收到所述第二注册请求时,先对发 送所述第二注册请求中的 WebRTC网关进行验证,在验证通过后才向 WebRTC 客户端发送注册成功响应,从而能够保证所述 WebRTC客户端只能通过特定的 WebRTC网关发起注册。 如图 4所示,为本发明实施例提供的另一种对用户的合法性进行验证的方 法流程图,本发明实施例应用于用户验证设备是 HSS的场景,即在本发明实施 例中,由 HSS对 WebRTC用户的合法性进行验证,本发明实施例提供的方法 包括:
S401-S403:与图 3中的步骤 S301-S303相同,在此不再赘述;
5404:所述 WebRTC服务器向 HSS发送所述用户验证信息;
5405:所述 HSS根据所述用户验证信息中的 IMPI ,获取所述 HSS保存的 与所述 IMPI对应的密码;
其中,需要说明的是,所述 HSS保存有 IMS用户的用户数据,由于本发
明实施例中的 WebRTC用户同时也是 IMS用户,因此,所述 HSS保存有所述 WebRTC用户的 IMPI与密码之间的对应关系,所述 HSS 可以根据所述所述 WebRTC用户的 IMPI查找到与所述 IMPI对应的密码;
5406:所述 HSS根据所述用户验证信息中的密码以及所述 HSS保存的与 所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证,若验证成功, 则执行步骤 S408 ,否则,执行步骤 S407:
其中,所述 HSS可以采用以下方式对所述 WebRTC用户的合法性进行验 证:
所述 HSS判断所述用户验证信息中的密码与所述 HSS保存的与所述 IMPI 对应的密码是否相同,若相同,则所述 HSS确定验证成功;否则,所述 HSS 确定验证失败;
5407:所述 HSS通过所述 WebRTC服务器向所述 WebRTC客户端发送用 户验证失败响应,本发明实施例结束;
5408:所述 HSS向所述 WebRTC服务器发送验证通过消息;
S409-S421:与图 3中的步骤 S308-S320相同,在此不再赘述。
本发明实施例提供的一种对用户的合法性进行验证的方法,当 WebRTC客 户端使用 WebRTC 用户的 IMPI 进行登陆时,在用户验证设备接收到所述 WebRTC客户端发送的包含 IMPI和密码的用户验证信息后,所述用户验证设 备能够根据所述用户验证信息中的密码以及 HSS保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证,从而解决了现有技术存在的问题; 其次,在所述用户验证设备是 HSS时,通过在 WebRTC服务器与所述 HSS之 间新增通信接口 ,使得 WebRTC服务器在接收到所述用户验证信息后,可以将 所述用户验证信息转发给所述 HSS ,由所述 HSS对所述 WebRTC用户的合法 性进行验证;再次, WebRTC网关可以向 S-CSCF设备发送携带用户验证通过 标识的第二注册请求,使得所述 S-CSCF设备在接收到第二注册请求后,可以
直接向 WebRTC客户端发送注册成功响应,不需再对所述 WebRTC用户进行鉴 权,从而降低了 S-CSCF的处理负荷;另外,所述 S-CSCF设备在接收到所述 第二注册请求时,先对发送所述第二注册请求中的 WebRTC网关进行验证,在 验证通过后才向 WebRTC 客户端发送注册成功响应,从而能够保证所述 WebRTC客户端只能通过特定的 WebRTC网关发起注册。 如图 5所示 ,为本发明实施例提供的一种对用户的合法性进行验证的系统, 应用于由 WebRTC服务器对 WebRTC用户的合法性进行验证的场景,该系统包 括 WebRTC服务器 501以及 HSS 502 ,其中,
所述 WebRTC服务器 501用于接收 WebRTC客户端发送的用户验证信息, 所述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI , 并向所述 HSS 502发送携带所述 IMPI的密码请求;
所述 HSS 502 ,用于接收所述 WebRTC服务器 501发送的携带所述 IMPI 的密码请求,获取所述 HSS保存的与所述 IMPI对应的密码,并向所述 WebRTC 服务器 501发送密码响应,所述密码响应携带所述 HSS保存的与所述 IMPI对 应的密码;
所述 WebRTC服务器 501 ,还可以用于接收所述密码响应,根据所述用户 验证信息中的密码以及所述密码响应消息中的密码,对所述 WebRTC用户的合 法性进行验证。 如图 6所示,为本发明实施例提供的另一种对用户的合法性进行验证的系 统,应用于由 HSS对 WebRTC用户的合法性进行验证的场景,该系统包括包 括 WebRTC服务器 601以及 HSS 602 ,其中,
所述 WebRTC服务器 601用于接收 WebRTC客户端发送的用户验证信息, 所述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI , 并向所述 HSS 602发送所述用户验证信息;
所述 HSS 602 ,用于接收所述 WebRTC服务器 601发送的所述用户验证信 息,根据所述用户验证信息中的 IMPI ,获取所述 HSS 602保存的与所述 IMPI 对应的密码,并根据所述用户验证信息中的密码以及所述 HSS 602保存的与所 述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证。 如图 7所示,为本发明实施例提供的一种用户验证设备,可以应用于如图 5或 6所示的系统中,该用户验证设备包括:
接收单元 701 ,用于接收 WebRTC客户端发送的用户验证信息,所述用户 验证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI;
获取单元 702 ,用于根据所述接收单元 701接收的 IMPI ,获取 HSS保存 的与所述 IMPI对应的密码;
验证单元 703 ,用于根据所述接收单元 701接收的密码以及所述获取单元 702获取的密码,对所述 WebRTC用户的合法性进行验证。
其中,需要说明的是,所述验证单元 703可以具体用于判断所述接收单元 701接收的密码与所述获取单元 702获取的密码是否相同,若相同,则确定验 证成功;否则,确定验证失败。
在本发明实施例的一种可能的实施方式中 ,所述用户验证设备可以为
WebRTC服务器,即由 WebRTC服务器对 WebRTC用户的合法性进行验证,所 述用户验证设备还包括发送单元;所述获取单元 703具体用于通过所述发送单 元向所述 HSS发送密码请求,所述密码请求携带所述 IMPI ,并通过所述接收 单元 701接收所述 HSS发送的密码响应,所述密码响应携带所述 HSS保存的 与所述 IMPI对应的密码。
其中,所述用户验证设备还可以包括令牌生成单元;所述令牌生成单元用 于在所述验证单元 703对所述 WebRTC用户的合法性验证成功之后,生成与所 述 IMPI具有一一对应关系的令牌,并保存所述令牌与所述 IMPI的对应关系; 所述发送单元还用于向所述 WebRTC客户端发送用户验证成功响应,所述
用户验证成功响应携带所述令牌生成单元生成的令牌。
其中,所述接收单元 701还可以用于在所述发送单元向所述 WebRTC客户 端发送所述用户验证成功响应之后,接收 WebRTC网关发送的令牌验证请求, 所述令牌验证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一 注册请求后向所述 WebRTC服务器发送的,其中,所述第一注册请求携带令牌, 所述令牌验证请求携带所述第一注册请求中的令牌;
所述验证单元 703还用于判断所述用户验证设备是否保存有所述令牌验证 请求中的令牌;
所述发送单元还用于在所述验证单元 703确定所述用户验证设备保存有所 述令牌验证请求中的令牌时,向所述 WebRTC网关发送令牌验证成功响应。
其中,需要说明的是,作为对令牌有效性进行验证的另一种可能的实施方 式,所述第一注册请求以及所述令牌验证请求还可以携带所述 IMPI ,所述验证 单元 703还可以用于判断所述用户验证设备保存的与所述 IMPI对应的令牌是 否与所述接收单元 701接收的令牌验证请求中的令牌相同;所述发送单元还可 以用于在所述验证单元 703确定所述用户验证设备保存的与所述 IMPI对应的 令牌与所述令牌验证请求中的令牌相同时,向所述 WebRTC网关发送令牌验证 成功响应。
在本发明实施例的另一种可能的实施方式中,所述用户验证设备可以为所 述 HSS ,即由所述 HSS对 WebRTC用户的合法性进行验证,所述接收单元 701 可以具体用于通过 WebRTC服务器接收所述 WebRTC客户端发送的所述用户验
如图 8所示,为本发明实施例提供的另一种用户验证设备,可以应用于如 图 5或 6所示的系统中,该用户验证设备包括:
接收器 801 ,用于接收 WebRTC客户端发送的用户验证信息,所述用户验 证信息包括 WebRTC用户的用户名和密码,所述用户名为 IMPI;
处理器 802 ,用于根据所述接收器 801接收的 ΙΜΡΙ ,获取 HSS保存的与 所述 ΙΜΡΙ对应的密码,并根据所述接收器 801接收的密码以及所述 HSS保存 的与所述 ΙΜΡΙ对应的密码,对所述 WebRTC用户的合法性进行验证。
其中,需要说明的是,所述处理器 802可以具体用于判断所述接收器 801 接收的密码与所述 HSS保存的与所述 IMPI对应的密码是否相同,若相同,则 确定验证成功;否则,确定验证失败。
在本发明实施例的一种可能的实施方式中 ,所述用户验证设备可以为
WebRTC服务器,即由 WebRTC服务器对 WebRTC用户的合法性进行验证,所 述用户验证设备还包括发送器;所述处理器 802具体用于通过所述发送器向所 述 HSS发送密码请求,所述密码请求携带所述 IMPI ,并通过所述接收器 801 接收所述 HSS发送的密码响应 ,所述密码响应携带所述 HSS保存的与所述 IMPI 对应的密码。
其中,所述处理器 802还用于在对所述 WebRTC用户的合法性验证成功之 后,生成与所述 IMPI具有一一对应关系的令牌,并保存所述令牌与所述 IMPI 的对应关系;
所述发送器还用于向所述 WebRTC客户端发送用户验证成功响应,所述用 户验证成功响应携带所述处理器 802生成的令牌。
其中,所述接收器 801还可以用于在所述发送器向所述 WebRTC客户端发 送所述用户验证成功响应之后,接收 WebRTC网关发送的令牌验证请求,所述 令牌验证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一注册 请求后向所述 WebRTC服务器发送的,其中,所述第一注册请求携带令牌,所 述令牌验证请求携带所述第一注册请求中的令牌;
所述处理器 802还可以用于判断所述用户验证设备是否保存有所述令牌验 证请求中的令牌;
所述发送器还可以用于在所述处理器 802确定所述用户验证设备保存有所
述令牌验证请求中的令牌时,向所述 WebRTC网关发送令牌验证成功响应。 其中,需要说明的是,作为对令牌有效性进行验证的另一种可能的实施方 式,所述第一注册请求以及所述令牌验证请求还可以携带所述 IMPI ,所述处理 器 802还可以用于判断所述用户验证设备保存的与所述 IMPI对应的令牌是否 与所述接收器 801接收的令牌验证请求中的令牌相同;所述发送器还可以用于 在所述处理器 802确定所述用户验证设备保存的与所述 IMPI对应的令牌与所 述令牌验证请求中的令牌相同时,向所述 WebRTC 网关发送令牌验证成功响 应。
在本发明实施例的另一种可能的实施方式中,所述用户验证设备可以为所 述 HSS ,即由所述 HSS对 WebRTC用户的合法性进行验证,所述接收器 801 可以具体用于通过 WebRTC服务器接收所述 WebRTC客户端发送的所述用户验 本发明实施例提供的一种对用户的合法性进行验证的方法、 装置及系统, 当 WebRTC客户端使用 WebRTC用户的 IMPI进行登陆时,在用户验证设备接 收到所述 WebRTC客户端发送的包含 IMPI和密码的用户验证信息后,所述用 户验证设备能够根据所述用户验证信息中的密码以及 HSS保存的与所述 IMPI 对应的密码,对所述 WebRTC用户的合法性进行验证,从而解决了现有技术存 在的问题;其次,在所述用户验证设备是 WebRTC服务器时,当所述 WebRTC 服务器接收到所述用户验证信息时,虽然由于安全性的原因,所述 WebRTC服 务器没有保存有所述 WebRTC用户签约的 IMS业务的密码等用户数据,但是 所述 WebRTC服务器可以向所述 HSS请求所述 HSS保存的与所述 IMPI对应 的密码,从而使得所述 WebRTC服务器也能够对所述 WebRTC用户的合法性进 行验证;再次,在所述用户验证设备是 HSS时,通过在 WebRTC服务器与所 述 HSS之间新增通信接口 ,使得 WebRTC服务器在接收到所述用户验证信息 后,可以将所述用户验证信息转发给所述 HSS ,由所述 HSS对所述 WebRTC
用户的合法性进行验证;此外, WebRTC网关可以向 S-CSCF设备发送携带用 户验证通过标识的第二注册请求,使得所述 S-CSCF设备在接收到第二注册请 求后,可以直接向 WebRTC客户端发送注册成功响应,不需再对所述 WebRTC 用户进行鉴权,从而降低了 S-CSCF的处理负荷;另外,所述 S-CSCF设备在 接收到所述第二注册请求时,先对发送所述第二注册请求中的 WebRTC网关进 行验证,在验证通过后才向 WebRTC客户端发送注册成功响应,从而能够保证 所述 WebRTC客户端只能通过特定的 WebRTC网关发起注册。
通过以上的实施方式的描述可知,所属领域的技术人员可以清楚地了解到 本发明可以用硬件实现,或固件实现,或它们的组合方式来实现。 当使用软件 实现时,可以将上述功能存储在计算机可读介质中或作为计算机可读介质上的 一个或多个指令或代码进行传输。 计算机可读介质包括计算机存储介质和通信 介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何 介质。 存储介质可以是计算机能够存取的任何可用介质。 以此为例但不限于: 计算机可读介质可以包括 RAM、 ROM, EEPROM、 CD-ROM或其他光盘存储、 磁盘存储介质或者其他磁存储设备、 或者能够用于携带或存储具有指令或数据 结构形式的期望的程序代码并能够由计算机存取的任何其他介质。 此外。 任何 连接可以适当的成为计算机可读介质。 例如,如果软件是使用同轴电缆、 光纤 光缆、 双绞线、 数字用户线(DSL )或者诸如红外线、 无线电和微波之类的无 线技术从网站、 服务器或者其他远程源传输的,那么同轴电缆、 光纤光缆、 双 绞线、 DSL或者诸如红外线、 无线和微波之类的无线技术包括在所属介质的定 影中。 如本发明所使用的,盘( Disk )和碟( disc )包括压缩光碟( CD I 激光 碟、 光碟、 数字通用光碟(DVD 软盘和蓝光光碟,其中盘通常磁性的复制 数据,而碟则用激光来光学的复制数据。 上面的组合也应当包括在计算机可读 介质的保护范围之内。
需要说明的是,本说明书中的各个实施例均采用递进的方式描述,各个实
施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实 施例的不同之处。尤其,对于装置实施例而言,由于其基本相似于方法实施例, 所以描述得比较简单,各单元具体功能的执行过程参见方法实施例的部分说明 即可。 以上所描述的装置实施例仅仅是示意性的,其中作为分离部件说明的单 元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可 以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。 可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目 的。 本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。
总之,以上所述仅为本发明技术方案的较佳实施例而已,并非用于限定本 发明的保护范围。 凡在本发明的精神和原则之内,所作的任何修改、 等同替换、 改进等,均应包含在本发明的保护范围之内。
Claims
1、 一种对用户的合法性进行验证的方法,其特征在于,所述方法包括: 用户验证设备接收网页实时通信 WebRTC客户端发送的用户验证信息,所 述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为网际协议多 媒体私有标识 IMPI;
所述用户验证设备根据所述 IMPI ,获取归属用户服务器 HSS保存的与所 述 IMPI对应的密码;
所述用户验证设备根据所述用户验证信息中的密码以及所述 HSS 保存的 与所述 IMPI对应的密码,对所述 WebRTC用户的合法性进行验证。
2、 如权利要求 1所述的方法,其特征在于,所述用户验证设备为 WebRTC 服务器则所述用户验证设备根据所述 IMPI获取所述 HSS保存的与所述 IMPI 对应的密码,包括:
所述 WebRTC服务器向所述 HSS发送密码请求,所述密码请求携带所述 IMPI;
所述 WebRTC服务器接收所述 HSS发送的密码响应,所述密码响应携带 所述 HSS保存的与所述 IMPI对应的密码。
3、 如权利要求 2所述的方法,其特征在于,在对所述 WebRTC用户的合 法性验证成功之后,所述方法还包括:
所述 WebRTC服务器生成与所述 IMPI具有一一对应关系的令牌,并保存 所述令牌与所述 IMPI的对应关系;
所述 WebRTC服务器向所述 WebRTC客户端发送用户验证成功响应,所述 用户验证成功响应携带所述令牌。
4、 如权利要求 3所述的方法,其特征在于,所述 WebRTC服务器向所述 WebRTC客户端发送所述用户验证成功响应之后,所述方法还包括:
所述 WebRTC服务器接收 WebRTC网关发送的令牌验证请求,所述令牌验
证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一注册请求后 向所述 WebRTC服务器发送的,其中,所述第一注册请求携带令牌,所述令牌 验证请求携带所述第一注册请求中的令牌;
所述 WebRTC服务器判断所述 WebRTC服务器是否保存有所述令牌验证请 求中的令牌;
若所述 WebRTC 服务器保存有所述令牌验证请求中的令牌 ,则所述 WebRTC服务器向所述 WebRTC网关发送令牌验证成功响应。
5、 如权利要求 3所述的方法,其特征在于,所述 WebRTC服务器向所述 WebRTC客户端发送所述用户验证成功响应之后,所述方法还包括:
所述 WebRTC服务器接收 WebRTC网关发送的令牌验证请求,所述令牌验 证请求是所述 WebRTC网关接收到所述 WebRTC客户端发送的第一注册请求后 向所述 WebRTC 服务器发送的,其中,所述第一注册请求携带令牌以及所述 IMPI ,所述令牌验证请求携带所述 IMPI以及所述第一注册请求中的令牌; 所述 WebRTC服务器判断所述 WebRTC服务器保存的与所述 IMPI对应的 令牌是否与所述令牌验证请求中的令牌相同,若相同,则所述 WebRTC服务器 向所述 WebRTC网关发送令牌验证成功响应。
6、 如权利要求 4或 5所述的方法,其特征在于,在所述 WebRTC服务器 向所述 WebRTC网关发送所述令牌验证成功响应之后,所述方法还包括: 服务 -呼叫会话控制功能 S-CSCF设备通过查询 -呼叫会话控制功能 I-CSCF 设备接收所述 WebRTC网关发送的发送的第二注册请求,所述第二注册请求携 带用户验证通过标识;
所述 S-CSCF设备根据所述用户验证通过标识,向所述 WebRTC客户端发 送注册成功响应。
7、 如权利要求 6所述的方法,其特征在于,所述第二注册请求还携带所 述 IMPI以及所述 WebRTC网关的标识,在所述 S-CSCF设备根据所述用户验
证通过标识,向所述 WebRTC客户端发送所述注册成功响应之前,所述方法还 包括:
所述 S-CSCF设备获取所述 HSS保存的与所述 IMPI对应的 WebRTC网关 的标识;
所述 S-CSCF设备判断所述 HSS保存的与所述 IMPI对应的 WebRTC网关 的标识与所述第二注册请求中携带的 WebRTC网关的标识是否相同,若相同, 则向所述 WebRTC客户端发送所述注册成功响应。
8、如权利要求 1所述的方法,其特征在于,所述用户验证设备为所述 HSS , 则所述用户验证设备接收所述 WebRTC 客户端发送的所述用户验证信息,包 括:
所述 HSS通过 WebRTC服务器接收所述 WebRTC客户端发送的所述用户 验证信息。
9、 如权利要求 1-8中任一项所述的方法,其特征在于,所述用户验证设备 根据所述用户验证信息中的密码以及所述 HSS 保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证,包括:
所述用户验证设备判断所述用户验证信息中的密码与所述 HSS 保存的与 所述 IMPI对应的密码是否相同,若相同,则所述用户验证设备确定验证成功; 否则,所述用户验证设备确定验证失败。
10、 一种用户验证设备,其特征在于,所述设备包括:
接收单元,用于接收网页实时通信 WebRTC客户端发送的用户验证信息, 所述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为网际协议 多媒体私有标识 IMPI;
获取单元,用于根据所述接收单元接收的 IMPI ,获取归属用户服务器 HSS 保存的与所述 IMPI对应的密码;
验证单元,用于根据所述接收单元接收的密码以及所述获取单元获取的密
码,对所述 WebRTC用户的合法性进行验证。
11、 如权利要求 10所述的用户验证设备,其特征在于,所述用户验证设 备为 WebRTC服务器,所述用户验证设备还包括发送单元,则所述获取单元具 体用于通过所述发送单元向所述 HSS 发送密码请求,所述密码请求携带所述 IMPI ,并通过所述接收单元接收所述 HSS 发送的密码响应,所述密码响应携 带所述 HSS保存的与所述 IMPI对应的密码。
12、 如权利要求 11 所述的用户验证设备,其特征在于,所述用户验证设 备还包括令牌生成单元 , 所述令牌生成单元用于在所述验证单元对所述 WebRTC用户的合法性验证成功之后,生成与所述 IMPI具有一一对应关系的 令牌,并保存所述令牌与所述 IMPI的对应关系;
所述发送单元还用于向所述 WebRTC客户端发送用户验证成功响应,所述 用户验证成功响应携带所述令牌生成单元生成的令牌。
13、 如权利要求 12所述的用户验证设备,其特征在于,所述接收单元还 用于在所述发送单元向所述 WebRTC客户端发送所述用户验证成功响应之后, 接收 WebRTC 网关发送的令牌验证请求,所述令牌验证请求是所述 WebRTC 网关接收到所述 WebRTC客户端发送的第一注册请求后向所述 WebRTC服务器 发送的,其中,所述第一注册请求携带令牌,所述令牌验证请求携带所述第一 注册请求中的令牌;
所述验证单元还用于判断所述用户验证设备是否保存有所述令牌验证请 求中的令牌;
所述发送单元还用于在所述验证单元确定所述用户验证设备保存有所述 令牌验证请求中的令牌时,向所述 WebRTC网关发送令牌验证成功响应。
14、 如权利要求 12所述的用户验证设备,其特征在于,所述接收单元还 用于在所述发送单元向所述 WebRTC客户端发送所述用户验证成功响应之后, 接收 WebRTC 网关发送的令牌验证请求,所述令牌验证请求是所述 WebRTC
网关接收到所述 WebRTC客户端发送的第一注册请求后向所述 WebRTC服务器 发送的,其中,所述第一注册请求携带令牌以及所述 IMPI ,所述令牌验证请求 携带所述所述 IMPI以及所述第一注册请求中的令牌;
所述验证单元还用于判断所述用户验证设备保存的与所述 IMPI对应的令 牌是否与所述接收单元接收的令牌验证请求中的令牌相同;
所述发送单元还用于在所述验证单元确定所述用户验证设备保存的与所 述 IMPI对应的令牌与所述令牌验证请求中的令牌相同时,向所述 WebRTC网 关发送令牌验证成功响应。
15、 如权利要求 10所述的用户验证设备,其特征在于,所述用户验证设 备为所述 HSS ,则所述接收单元具体用于通过 WebRTC 服务器接收所述 WebRTC客户端发送的所述用户验证信息。
16、如权利要求 10-12以及 15中任一项所述的用户验证设备,其特征在于, 所述验证单元具体用于判断所述接收单元接收的密码与所述获取单元获取的 密码是否相同,若相同,则确定验证成功;否则,确定验证失败。
17、 一种对用户的合法性进行验证的系统,其特征在于,包括网页实时通 信 WebRTC服务器以及归属用户服务器 HSS ,其中,
所述 WebRTC服务器,用于接收 WebRTC客户端发送的用户验证信息,所 述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为网际协议多 媒体私有标识 IMPI ,并向所述 HSS发送携带所述 IMPI的密码请求;
所述 HSS ,用于接收所述 WebRTC服务器发送的携带所述 IMPI的密码请 求,获取所述 HSS保存的与所述 IMPI对应的密码,并向所述 WebRTC服务器 发送密码响应,所述密码响应携带所述 HSS保存的与所述 IMPI对应的密码; 所述 WebRTC服务器,还用于接收所述密码响应,根据所述用户验证信息 中的密码以及所述密码响应消息中的密码,对所述 WebRTC用户的合法性进行 验证。
18、 一种对用户的合法性进行验证的系统,其特征在于,包括网页实时通 信 WebRTC服务器以及归属用户服务器 HSS ,其中,
所述 WebRTC服务器,用于接收 WebRTC客户端发送的用户验证信息,所 述用户验证信息包括 WebRTC用户的用户名和密码,所述用户名为网际协议多 媒体私有标识 IMPI ,并向所述 HSS发送所述用户验证信息;
所述 HSS ,用于接收所述 WebRTC服务器发送的所述用户验证信息,根 据所述用户验证信息中的 IMPI ,获取所述 HSS保存的与所述 IMPI对应的密码, 并根据所述用户验证信息中的密码以及所述 HSS保存的与所述 IMPI对应的密 码,对所述 WebRTC用户的合法性进行验证。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310284428.9A CN104283681B (zh) | 2013-07-08 | 2013-07-08 | 一种对用户的合法性进行验证的方法、装置及系统 |
CN201310284428.9 | 2013-07-08 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015003520A1 true WO2015003520A1 (zh) | 2015-01-15 |
Family
ID=52258194
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2014/076308 WO2015003520A1 (zh) | 2013-07-08 | 2014-04-26 | 一种对用户的合法性进行验证的方法、装置及系统 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN104283681B (zh) |
WO (1) | WO2015003520A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3247054A4 (en) * | 2015-01-16 | 2019-03-06 | Samsung Electronics Co., Ltd. | METHOD AND DEVICE FOR CONTROL INFORMATION TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105991568A (zh) * | 2015-02-09 | 2016-10-05 | 苏州精易会信息技术有限公司 | 一种代理实现装置 |
CN106470190A (zh) * | 2015-08-19 | 2017-03-01 | 中兴通讯股份有限公司 | 一种Web实时通信平台鉴权接入方法及装置 |
CN108243148B (zh) * | 2016-12-23 | 2022-11-01 | 上海诺基亚贝尔股份有限公司 | 用于进行认证的方法和装置 |
CN109688364A (zh) * | 2018-08-21 | 2019-04-26 | 平安科技(深圳)有限公司 | 视频会议方法、装置、服务器及存储介质 |
CN109194673B (zh) * | 2018-09-20 | 2021-08-03 | 江苏满运软件科技有限公司 | 基于用户授权信息的认证方法、系统、设备及存储介质 |
CN110139136B (zh) * | 2019-04-30 | 2021-11-26 | 北京数字太和科技有限责任公司 | 一种基于drm技术的网络电视播放的方法及装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101662475A (zh) * | 2009-09-24 | 2010-03-03 | 中兴通讯股份有限公司 | Wapi终端接入ims网络的认证方法、系统和终端 |
WO2010041347A1 (en) * | 2008-10-10 | 2010-04-15 | Telefonaktiebolaget L M Ericsson (Publ) | Gateway apparatus, authentication server, control method thereof and computer program |
EP1798910B1 (en) * | 2005-12-16 | 2011-07-06 | Vodafone Group PLC | Method of requesting and sending authentification vectors |
CN102984118A (zh) * | 2011-09-07 | 2013-03-20 | 中国移动通信集团公司 | 验证ip多媒体子系统用户身份的方法及自动配置服务器 |
CN103067345A (zh) * | 2011-10-24 | 2013-04-24 | 中兴通讯股份有限公司 | 一种变异gba的引导方法及系统 |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7246236B2 (en) * | 2002-04-18 | 2007-07-17 | Nokia Corporation | Method and apparatus for providing peer authentication for a transport layer session |
CN101132279B (zh) * | 2006-08-24 | 2011-05-11 | 华为技术有限公司 | 一种鉴权方法以及鉴权系统 |
US8661257B2 (en) * | 2010-05-18 | 2014-02-25 | Nokia Corporation | Generic bootstrapping architecture usage with Web applications and Web pages |
-
2013
- 2013-07-08 CN CN201310284428.9A patent/CN104283681B/zh active Active
-
2014
- 2014-04-26 WO PCT/CN2014/076308 patent/WO2015003520A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1798910B1 (en) * | 2005-12-16 | 2011-07-06 | Vodafone Group PLC | Method of requesting and sending authentification vectors |
WO2010041347A1 (en) * | 2008-10-10 | 2010-04-15 | Telefonaktiebolaget L M Ericsson (Publ) | Gateway apparatus, authentication server, control method thereof and computer program |
CN101662475A (zh) * | 2009-09-24 | 2010-03-03 | 中兴通讯股份有限公司 | Wapi终端接入ims网络的认证方法、系统和终端 |
CN102984118A (zh) * | 2011-09-07 | 2013-03-20 | 中国移动通信集团公司 | 验证ip多媒体子系统用户身份的方法及自动配置服务器 |
CN103067345A (zh) * | 2011-10-24 | 2013-04-24 | 中兴通讯股份有限公司 | 一种变异gba的引导方法及系统 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3247054A4 (en) * | 2015-01-16 | 2019-03-06 | Samsung Electronics Co., Ltd. | METHOD AND DEVICE FOR CONTROL INFORMATION TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM |
US10455552B2 (en) | 2015-01-16 | 2019-10-22 | Samsung Electronics Co., Ltd. | Method and apparatus of transmitting control information in wireless communication systems |
Also Published As
Publication number | Publication date |
---|---|
CN104283681A (zh) | 2015-01-14 |
CN104283681B (zh) | 2018-02-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2015003520A1 (zh) | 一种对用户的合法性进行验证的方法、装置及系统 | |
JP6330916B2 (ja) | webRTCのためのシステム及び方法 | |
US8713634B2 (en) | Systems, methods and computer program products supporting provision of web services using IMS | |
US20080120705A1 (en) | Systems, Methods and Computer Program Products Supporting Provision of Web Services Using IMS | |
KR101343039B1 (ko) | 인증 시스템, 방법 및 장치 | |
US7940748B2 (en) | Systems, methods and computer program products supporting provision of web services using IMS | |
WO2022033278A1 (zh) | 一种基于ims数据通道的通信方法及设备 | |
US9882897B2 (en) | Method and system for transmitting and receiving data, method and device for processing message | |
US20110173687A1 (en) | Methods and Arrangements for an Internet Multimedia Subsystem (IMS) | |
WO2019114320A1 (zh) | 一种ims用户的注册方法及装置 | |
WO2011144081A2 (zh) | 用户业务鉴权方法、系统及服务器 | |
KR20150058534A (ko) | 인증 정보 전송 | |
CN112087412B (zh) | 一种基于唯一令牌的服务访问处理方法及装置 | |
WO2009024030A1 (fr) | Procédé d'enregistrement d'utilisateur, système, terminal et serveur basés sur un protocole d'initiation de session | |
US10051016B2 (en) | Method, server and user equipment for accessing an HTTP server | |
JP4627506B2 (ja) | Http対応端末をsip対応サーバに接続する代理接続方法、プロキシサーバ及びプログラム | |
US11490255B2 (en) | RCS authentication | |
US9998461B2 (en) | Server, a system, a method, a computer program and a computer program product for accessing a server in a computer network | |
US8683034B2 (en) | Systems, methods and computer program products for coordinated session termination in an IMS network | |
WO2012119537A1 (zh) | 业务处理方法及系统、机顶盒 | |
WO2015035649A1 (zh) | 一种网络注册的方法和系统 | |
KR20210131030A (ko) | 피어 클라이언트 간의 연결을 수행하는 연결 수행 장치, 방법 및 컴퓨터 프로그램 | |
JP2013171386A (ja) | 通信システム、通信制御サーバおよび認証方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14823451 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14823451 Country of ref document: EP Kind code of ref document: A1 |