WO2017066994A1 - Method and device for verifying access to server - Google Patents

Method and device for verifying access to server Download PDF

Info

Publication number
WO2017066994A1
WO2017066994A1 PCT/CN2015/092691 CN2015092691W WO2017066994A1 WO 2017066994 A1 WO2017066994 A1 WO 2017066994A1 CN 2015092691 W CN2015092691 W CN 2015092691W WO 2017066994 A1 WO2017066994 A1 WO 2017066994A1
Authority
WO
WIPO (PCT)
Prior art keywords
application software
server
verification information
user
access
Prior art date
Application number
PCT/CN2015/092691
Other languages
French (fr)
Chinese (zh)
Inventor
刘均
杨唐鹤
陈明
Original Assignee
深圳还是威健康科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳还是威健康科技有限公司 filed Critical 深圳还是威健康科技有限公司
Priority to CN201580002092.XA priority Critical patent/CN105993156B/en
Priority to PCT/CN2015/092691 priority patent/WO2017066994A1/en
Publication of WO2017066994A1 publication Critical patent/WO2017066994A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • the present application relates to the field of Internet, and in particular, to a server access verification method and apparatus.
  • the data in the server may involve the user's private data. If the hacker illegally accesses the data in the server, the private data of the user may be leaked, which may affect the user's data security. In order to ensure the security of the user's data, the identity of the user needs to be verified. Therefore, the authentication method of the identity of the user of the prior art is very complicated, so the efficiency of the verification is very high.
  • the present invention provides a server access verification method, including: receiving an access request sent by an intelligent terminal to a server by using an application software, where the access request is used to request service data from the server, where the access request includes First verification information; comparing the first verification information with second verification information pre-stored in the server; if the first verification information is consistent with the second verification information, allowing the smart terminal Accessing the service data, searching for the service data in the server according to the request path; and if the first verification information is inconsistent with the second verification information, returning verification error information to the smart terminal.
  • the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
  • the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier
  • the application software identifier is used to identify the application software
  • the interface key value is used to identify an interface of the application software to access the server
  • the user identifier is used to identify a user after logging in Identity
  • the user session identifier is used to identify the user session after logging in
  • the present application provides a server access verification method, including: receiving an access request sent by an intelligent terminal to a server by using an application software, where the access request is used to request service data from the server, where the access request includes First verification information; comparing the first verification information with a second verification previously stored in the server; if the first verification information is consistent with the second verification information, allowing the smart terminal to access The business data.
  • the access request further includes a request path, and if the first verification information is consistent with the second verification information, allowing the smart terminal to access the service data further includes: The request path finds the service data in the server.
  • the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
  • the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier
  • the application software identifier is used to identify the application software
  • the interface key value is used to identify an interface of the application software to access the server
  • the user identifier is used to identify a user after logging in Identity
  • the user session identifier is used to identify the user session after logging in
  • the method further includes: if the first verification information is inconsistent with the second verification information
  • the present application further provides a server access verification apparatus, where the apparatus includes: a receiving module, a comparison module, and an enabling module, where the receiving module is configured to receive an access request sent by the smart terminal to the server by using the application software, where The access request is used to request service data from the server, where the access request includes first verification information; the comparison module is configured to perform the first verification information with a second verification previously stored in the server The permission module is configured to allow the smart terminal to access the service data after the first verification information is consistent with the second verification information.
  • the device further includes a searching module, where the searching module is configured to be located according to the request path
  • the server looks for the service data.
  • the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
  • the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier
  • the application software identifier is used to identify the application software
  • the interface key value is used to identify an interface of the application software to access the server
  • the user identifier is used to identify a user after logging in Identity
  • the user session identifier is used to identify the user session after logging in
  • the device further includes a sending module, where the sending module is configured to return the verification error information to the smart terminal after the first verification information is inconsistent with the second verification information.
  • the present application receives an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data.
  • the above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
  • FIG. 1 is a flowchart of a server access verification method provided by the present invention
  • FIG. 2 is a schematic structural diagram of a server access verification apparatus provided by the present invention.
  • FIG. 1 is a flowchart of a server access verification method provided by the present invention.
  • the server access verification method provided in this embodiment includes: [0026] Step 110: Receive an access request sent by the smart terminal to the server by using the application software, where the access request is used to request service data from the server, and the access request includes the first verification information.
  • the smart terminal may include user equipment such as a mobile computer, a tablet computer, a personal digital assistant (PDA), a media player, a smart TV, a smart watch, a smart glasses, a smart bracelet, and the like.
  • the application software is a client installed on the smart terminal, and the application software can access the data in the server through the connection between the smart terminal and the server.
  • the connections between the smart terminal box servers include, but are not limited to, Wi-Fi connections, cellular connections, Bluetooth connections, and the like.
  • the smart terminal needs to access the server through the application software, the smart terminal sends an access request to the server.
  • the server receives an access request from the smart terminal to the server through the application software.
  • the first verification information may be one
  • a string of pre-agreed characters does not contain actual meaning characters, but can also be a string of pre-agreed and meaningful characters.
  • the first verification information is a pre-agreed character with a meaningful meaning
  • the first verification information adopts an application software identifier, an interface key value, a numerical signature, a language code, a system version, a software version, a user identifier, and the like according to an actual application scenario.
  • User session identifiers and the like are combined as authentication information.
  • the application identifier is used to identify the application software
  • the interface key value is used to identify the interface of the application software access server
  • the numerical signature is used to identify the digital information
  • the user identifier is used to identify the identity of the user after login
  • the user session identifier is used for Identify the user session after logging in.
  • the first verification information includes the application software identifier, the interface key value, and the numerical signature.
  • the first verification information includes the application software identifier, the interface key value, the numerical signature, the user identifier, and the user session identifier.
  • Step 120 Compare the first verification information with the second verification information pre-stored in the server.
  • the second verification information is stored in the server in advance. After the server receives the first verification information, the first verification information is compared with the second verification information pre-stored in the server.
  • the server first verifies whether the application software identifier is supported by the server. If the server supports the server, the server further verifies whether the interface key value is supported by the server, and if Further support for server support Is the digital signature correct? If the above passes, the process proceeds to step 130. Otherwise, the process proceeds to step 140.
  • step 130 When the user accesses the server using the application software and the user logs in to the application software, it is still necessary to continue to verify whether the user identifier and the user session identifier are supported by the server. If yes, proceed to step 130, otherwise, proceed to step 140.
  • Step 130 Allow the smart terminal to access the service data.
  • the smart terminal is allowed to access the service data.
  • Accessing the business data may be based on accessing the business data in the server according to a specific path, or may not access the business data in the server according to a specific path. It can be understood that if the access path is not included in the access request, when the smart terminal accesses the server, the service data in the server is not accessed according to the specific path. If the access request further includes a request path, when the smart terminal accesses the server, the server searches for the service data in the server according to the request path to improve the access efficiency.
  • Step 140 Returning the verification error information to the smart terminal.
  • the verification error information is returned to the smart terminal.
  • the present application receives an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data.
  • the above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
  • FIG. 2 is a schematic structural diagram of a server access verification apparatus provided by the present invention.
  • the server access verification apparatus provided in this embodiment includes: a receiving module 210, a comparing module 220, and an enabling module 230.
  • the module 240 and the sending module 250 are located.
  • the receiving module 210 is configured to receive an access request sent by the smart terminal to the server by using the application software, where
  • the access request is for requesting service data from the server, and the access request includes the first verification information.
  • the smart terminal may include, not limited to, a mobile computer, a tablet, a personal digital assistant (Personal)
  • the application software is a client installed on the smart terminal, and the application software can access the data in the server through the connection between the smart terminal and the server.
  • the connections between the smart terminal box servers include, but are not limited to, Wi-Fi connections, cellular connections, Bluetooth connections, and the like.
  • the smart terminal When the smart terminal needs to access the server through the application software, the smart terminal sends an access request to the server. , wherein the access request includes the first verification information.
  • the receiving module 210 receives an access request sent by the smart terminal to the server through the application software.
  • the first verification information may be one
  • a string of pre-agreed characters does not contain actual meaning characters, but can also be a string of pre-agreed and meaningful characters.
  • the first verification information is a pre-agreed character with a meaningful meaning
  • the first verification information adopts an application software identifier, an interface key value, a numerical signature, a language code, a system version, a software version, a user identifier, and the like according to an actual application scenario.
  • User session identifiers and the like are combined as authentication information.
  • the application identifier is used to identify the application software
  • the interface key value is used to identify the interface of the application software access server
  • the numerical signature is used to identify the digital information
  • the user identifier is used to identify the identity of the user after login
  • the user session identifier is used for Identify the user session after logging in.
  • the first verification information includes the application software identifier, the interface key value, and the numerical signature.
  • the first verification information includes the application software identifier, the interface key value, the numerical signature, the user identifier, and the user session identifier.
  • the comparison module 220 is configured to compare the first verification information with the second verification information previously stored in the server.
  • the second verification information is stored in the server in advance.
  • the comparison module 22 compares the first verification information with the second verification information previously stored in the server.
  • the server first verifies whether the application software identifier is supported by the server. If the server supports the server, the server further verifies whether the interface key value is supported by the server, and if If you get server support, you need to further verify that the digital signature is correct. If the above passes, the permission module 230 is called, and conversely, the transmission module 250 is called.
  • the permission module 2 30 is invoked, and conversely, the sending module 250 is invoked.
  • the enabling module 230 is configured to allow the smart terminal to access the service data after the first verification information is consistent with the second verification information.
  • the permission module 230 allows the smart terminal to access the industry Data. After accessing the service data, the service data in the server may be accessed according to a specific path, or the service data in the server may not be accessed according to a specific path. It can be understood that if the request path is not included in the access request, when the smart terminal accesses the server, the service data in the server is not accessed according to the specific path. If the access request further includes a request path, when the smart terminal accesses the server, the searching module 240 searches for the service data in the server according to the request path to improve the access efficiency.
  • the sending module 250 is configured to return the verification error information to the smart terminal after the first verification information is inconsistent with the second verification information.
  • the present application compares an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data.
  • the above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
  • the device implementations described above are merely illustrative.
  • the division of the modules or units is only a logical function division, and the actual implementation may have another division manner, for example, multiple units or components may be used. Combined or can be integrated into another system, or some features can be ignored, or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be electrical, mechanical or otherwise.
  • the unit described as a separate component may or may not be physically distributed, and the component displayed as a unit may or may not be a physical unit, that is, may be located in one place, or may be distributed to multiple On the network unit. Some or all of the units may be selected according to actual needs to achieve the objectives of the solution of the present embodiment.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented either in the form of hardware or in the form of a software functional unit.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as a standalone product ⁇ , can be stored in a computer readable storage medium.
  • the instructions include a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to perform all or part of the steps of the methods described in various embodiments of the present application.
  • the foregoing storage medium includes: a USB flash drive, a removable hard disk, a read only memory (ROM, Rea d-Only Memory), a random access memory (RAM), a magnetic disk or an optical disk, and the like, which can store program codes. medium.

Abstract

A method and device for verifying an access to a server. The method comprises: receiving an access request sent to a server by an intelligent terminal using application software (110), wherein the access request is used for requesting the server for service data and comprises first verification information; comparing the first verification information with second verification information prestored in the server (120); and allowing the intelligent terminal to access the service data if the first verification information is consistent with the second verification information (130). The method can greatly reduce the complexity of a verification process and improve the verification efficiency.

Description

服务器访问验证方法以及装置  Server access verification method and device
[0001] 〖技术领域】  [0001] Technical Field]
[0002] 本申请涉及互联网领域, 特别是涉及服务器访问验证方法以及装置。  [0002] The present application relates to the field of Internet, and in particular, to a server access verification method and apparatus.
[0003] 〖背景技术】 [0003] Background]
[0004] 随着智能终端中各种应用的增多, 智能终端和服务器之间的交互也越来越多。  [0004] With the increase of various applications in smart terminals, the interaction between smart terminals and servers is also increasing.
伹是, 服务器中的数据可能涉及到用户的隐私数据, 如果被黑客非法访问了服 务器中的数据, 可能会导致用户的私密数据泄露, 影响到用户的数据安全。 为 了保证用户的数据的安全, 需要对用户的身份进行验证, 伹是, 现有技术的用 户的身份的验证方法十分复杂, 所以验证的效率十分 ί氐下。  The data in the server may involve the user's private data. If the hacker illegally accesses the data in the server, the private data of the user may be leaked, which may affect the user's data security. In order to ensure the security of the user's data, the identity of the user needs to be verified. Therefore, the authentication method of the identity of the user of the prior art is very complicated, so the efficiency of the verification is very high.
[0005] 【发明内容】  SUMMARY OF INVENTION
[0006] 本申请提供了一种服务器访问验证方法, 包括: 接收智能终端通过应用软件向 服务器发出的访问请求, 其中, 所述访问请求用于向所述服务器请求业务数据 , 所述访问请求包含第一验证信息; 将所述第一验证信息与预先存储在所述服 务器中的第二验证信息进行对比; 如果所述第一验证信息与所述第二验证信息 一致, 则允许所述智能终端访问所述业务数据, 根据所述请求路径在所述服务 器中寻找所述业务数据; 如果所述第一验证信息与所述第二验证信息不一致, 则向所述智能终端返回检验错误信息。  The present invention provides a server access verification method, including: receiving an access request sent by an intelligent terminal to a server by using an application software, where the access request is used to request service data from the server, where the access request includes First verification information; comparing the first verification information with second verification information pre-stored in the server; if the first verification information is consistent with the second verification information, allowing the smart terminal Accessing the service data, searching for the service data in the server according to the request path; and if the first verification information is inconsistent with the second verification information, returning verification error information to the smart terminal.
[0007] 可选地, 当用户使用所述应用软件访问所述服务器伹所述用户没有登录所述应 用软件吋, 所述第一验证信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口关键值用于识别所 述应用软件访问所述服务器吋的接口。  [0007] Optionally, when the user accesses the server by using the application software, and the user does not log in to the application software, the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
[0008] 可选地, 当用户使用所述应用软件访问所述服务器并且所述用户登录所述应用 软件吋, 所述第一验证信息包括应用软件标识、 接口关键值、 数值签名、 用户 标识以及用户会话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所 述接口关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标识 用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识别用户会话 [0009] 本申请提供了一种服务器访问验证方法, 包括: 接收智能终端通过应用软件向 服务器发出的访问请求, 其中, 所述访问请求用于向所述服务器请求业务数据 , 所述访问请求包含第一验证信息; 将所述第一验证信息与预先存储在所述服 务器中的第二验证进行对比; 如果所述第一验证信息与所述第二验证信息一致 , 则允许所述智能终端访问所述业务数据。 [0008] Optionally, when the user accesses the server by using the application software, and the user logs in to the application software, the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, the interface key value is used to identify an interface of the application software to access the server, and the user identifier is used to identify a user after logging in Identity, the user session identifier is used to identify the user session after logging in The present application provides a server access verification method, including: receiving an access request sent by an intelligent terminal to a server by using an application software, where the access request is used to request service data from the server, where the access request includes First verification information; comparing the first verification information with a second verification previously stored in the server; if the first verification information is consistent with the second verification information, allowing the smart terminal to access The business data.
[0010] 可选地, 所述访问请求还包括请求路径, 如果所述第一验证信息与所述第二验 证信息一致, 则允许所述智能终端访问所述业务数据之后还包括: 根据所述请 求路径在所述服务器中寻找所述业务数据。  [0010] Optionally, the access request further includes a request path, and if the first verification information is consistent with the second verification information, allowing the smart terminal to access the service data further includes: The request path finds the service data in the server.
[0011] 可选地, 当用户使用所述应用软件访问所述服务器伹所述用户没有登录所述应 用软件吋, 所述第一验证信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口关键值用于识别所 述应用软件访问所述服务器吋的接口。  [0011] Optionally, when the user accesses the server by using the application software, and the user does not log in to the application software, the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
[0012] 可选地, 当用户使用所述应用软件访问所述服务器并且所述用户登录所述应用 软件吋, 所述第一验证信息包括应用软件标识、 接口关键值、 数值签名、 用户 标识以及用户会话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所 述接口关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标识 用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识别用户会话  [0012] Optionally, when the user accesses the server by using the application software, and the user logs in to the application software, the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, the interface key value is used to identify an interface of the application software to access the server, and the user identifier is used to identify a user after logging in Identity, the user session identifier is used to identify the user session after logging in
[0013] 可选地, 所述方法还包括: 如果所述第一验证信息与所述第二验证信息不一致 [0013] Optionally, the method further includes: if the first verification information is inconsistent with the second verification information
, 则向所述智能终端返回检验错误信息。  And returning verification error information to the smart terminal.
[0014] 本申请提供还提供一种服务器访问验证装置, 所述装置包括: 接收模块、 比较 模块以及允许模块, 所述接收模块用于接收智能终端通过应用软件向服务器发 出的访问请求, 其中, 所述访问请求用于向所述服务器请求业务数据, 所述访 问请求包含第一验证信息; 所述比较模块用于将所述第一验证信息与预先存储 在所述服务器中的第二验证进行对比; 所述允许模块用于在所述第一验证信息 与所述第二验证信息一致吋, 允许所述智能终端访问所述业务数据。  [0014] The present application further provides a server access verification apparatus, where the apparatus includes: a receiving module, a comparison module, and an enabling module, where the receiving module is configured to receive an access request sent by the smart terminal to the server by using the application software, where The access request is used to request service data from the server, where the access request includes first verification information; the comparison module is configured to perform the first verification information with a second verification previously stored in the server The permission module is configured to allow the smart terminal to access the service data after the first verification information is consistent with the second verification information.
[0015] 可选地, 所述装置还包括寻找模块, 所述寻找模块用于根据所述请求路径在所 述服务器中寻找所述业务数据。 [0015] Optionally, the device further includes a searching module, where the searching module is configured to be located according to the request path The server looks for the service data.
[0016] 可选地, 当用户使用所述应用软件访问所述服务器伹所述用户没有登录所述应 用软件吋, 所述第一验证信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口关键值用于识别所 述应用软件访问所述服务器吋的接口。  [0016] Optionally, when the user accesses the server by using the application software, and the user does not log in to the application software, the first verification information includes an application software identifier, an interface key value, and a numerical signature, where The application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
[0017] 可选地, 当用户使用所述应用软件访问所述服务器并且所述用户登录所述应用 软件吋, 所述第一验证信息包括应用软件标识、 接口关键值、 数值签名、 用户 标识以及用户会话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所 述接口关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标识 用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识别用户会话  [0017] Optionally, when the user accesses the server by using the application software, and the user logs in to the application software, the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, the interface key value is used to identify an interface of the application software to access the server, and the user identifier is used to identify a user after logging in Identity, the user session identifier is used to identify the user session after logging in
[0018] 可选地, 所述装置还包括发送模块, 所述发送模块用于在所述第一验证信息与 所述第二验证信息不一致吋, 向所述智能终端返回检验错误信息。 [0018] Optionally, the device further includes a sending module, where the sending module is configured to return the verification error information to the smart terminal after the first verification information is inconsistent with the second verification information.
[0019] 本申请通过接收智能终端通过应用软件向服务器发出的访问请求, 并将第一验 证信息与预先存储在服务器中的第二验证进行对比, 第一验证信息与第二验证 信息一致, 则允许智能终端访问业务数据。 上述方法能够大大减少验证过程的 复杂性, 提高验证的效率。  [0019] The present application receives an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data. The above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
[0020] 【附图说明】  [0020] [Description of the Drawings]
[0021] 图 1是本发明提供的一种服务器访问验证方法的流程图;  1 is a flowchart of a server access verification method provided by the present invention;
[0022] 图 2是本发明提供的一种服务器访问验证装置的结构示意图。 2 is a schematic structural diagram of a server access verification apparatus provided by the present invention.
[0023] 〖具体实施方式】 [Detailed Embodiment]
[0024] 以下描述中, 为了说明而不是为了限定, 提出了诸如特定系统结构、 接口、 技术之类的具体细节, 以便透彻理解本申请。 然而, 本领域的技术人员应当清 楚, 在没有这些具体细节的其它实施方式中也可以实现本申请。 在其它情况中 , 省略对众所周知的装置、 电路以及方法的详细说明, 以免不必要的细节妨碍 本申请的描述。  [0024] In the following description, for purposes of illustration and description, reference, However, it should be apparent to those skilled in the art that the present invention may be practiced in other embodiments without these specific details. In other instances, detailed descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description of the application.
[0025] 参阅图 1 , 图 1是本发明提供的一种服务器访问验证方法的流程图。 本实施例提 供的服务器访问验证方法包括: [0026] 步骤 110 : 接收智能终端通过应用软件向服务器发出的访问请求, 其中, 访问 请求用于向服务器请求业务数据, 访问请求包含第一验证信息。 [0025] Referring to FIG. 1, FIG. 1 is a flowchart of a server access verification method provided by the present invention. The server access verification method provided in this embodiment includes: [0026] Step 110: Receive an access request sent by the smart terminal to the server by using the application software, where the access request is used to request service data from the server, and the access request includes the first verification information.
[0027] 智能终端可以包括伹不限于移动电脑、 平板电脑、 个人数字助理 (Personal Digital Assistant, PDA) 、 媒体播放器、 智能电视、 智能手表、 智能眼镜、 智能 手环等用户设备。 应用软件是安装在智能终端上的客户端, 应用软件能够通过 智能终端和服务器之间的连接访问服务器中的数据。 智能终端盒服务器之间的 连接包括伹不限于 Wi-Fi连接、 蜂窝连接、 蓝牙连接等等。  [0027] The smart terminal may include user equipment such as a mobile computer, a tablet computer, a personal digital assistant (PDA), a media player, a smart TV, a smart watch, a smart glasses, a smart bracelet, and the like. The application software is a client installed on the smart terminal, and the application software can access the data in the server through the connection between the smart terminal and the server. The connections between the smart terminal box servers include, but are not limited to, Wi-Fi connections, cellular connections, Bluetooth connections, and the like.
[0028] 当智能终端需要通过应用软件访问服务器吋, 智能终端向服务器发出访问请求 [0028] When the smart terminal needs to access the server through the application software, the smart terminal sends an access request to the server.
, 其中, 访问请求中包含了第一验证信息。 服务器接收智能终端通过应用软件 向服务器发出的访问请求。 第一验证信息可以是一  , wherein the access request includes the first verification information. The server receives an access request from the smart terminal to the server through the application software. The first verification information may be one
串 预先约定的没有包含实际意义字符, 也可 以是一串 预先约定的有实际意义的字符。 当 第一验证信息是预先约定的有实际意义的字符吋, 第一验证信息根据实际的应 用场景而采用应用软件标识、 接口关键值、 数值签名、 语言编码、 系统版本、 软件版本、 用户标识以及用户会话标识等等进行组合以作为验证信息。 其中, 应用软件标识用于识别应用软件, 接口关键值用于识别应用软件访问服务器吋 的接口, 数值签名用于鉴别数字信息, 用户标识用于在登陆吋识别用户的身份 , 用户会话标识用于在登陆吋识别用户会话。 例如, 当用户使用应用软件访问 服务器伹用户没有登录应用软件吋, 第一验证信息包括应用软件标识、 接口关 键值以及数值签名。 当用户使用应用软件访问服务器并且用户登录应用软件吋 , 第一验证信息包括应用软件标识、 接口关键值、 数值签名、 用户标识以及用 户会话标识。  A string of pre-agreed characters does not contain actual meaning characters, but can also be a string of pre-agreed and meaningful characters. When the first verification information is a pre-agreed character with a meaningful meaning, the first verification information adopts an application software identifier, an interface key value, a numerical signature, a language code, a system version, a software version, a user identifier, and the like according to an actual application scenario. User session identifiers and the like are combined as authentication information. The application identifier is used to identify the application software, the interface key value is used to identify the interface of the application software access server, the numerical signature is used to identify the digital information, the user identifier is used to identify the identity of the user after login, and the user session identifier is used for Identify the user session after logging in. For example, when the user accesses the server using the application software and the user does not log in to the application software, the first verification information includes the application software identifier, the interface key value, and the numerical signature. When the user accesses the server using the application software and the user logs in to the application software, the first verification information includes the application software identifier, the interface key value, the numerical signature, the user identifier, and the user session identifier.
[0029] 步骤 120: 将第一验证信息与预先存储在服务器中的第二验证信息进行对比。  [0029] Step 120: Compare the first verification information with the second verification information pre-stored in the server.
[0030] 预先在服务器中存储了第二验证信息。 当服务器接收到第一验证信息后, 将第 一验证信息与预先存储在服务器中的第二验证信息进行对比。 当用户使用应用 软件访问服务器伹用户没有登录应用软件吋, 服务器首先验证应用软件标识是 否是获得服务器支持的, 如果是获得服务器支持的, 则服务器进一步验证接口 关键值是否获得服务器支持的, 如果是获得服务器支持的则还需要进一步验证 数字签名是否正确。 如果上述都通过, 进入步骤 130, 反之, 则进入步骤 140。 当用户使用应用软件访问服务器且用户登录应用软件吋, 还需继续验证用户标 识以及用户会话标识是否获得服务器支持, 如果是, 则进入步骤 130, 反之, 则 进入步骤 140。 [0030] The second verification information is stored in the server in advance. After the server receives the first verification information, the first verification information is compared with the second verification information pre-stored in the server. When the user accesses the server using the application software, and the user does not log in to the application software, the server first verifies whether the application software identifier is supported by the server. If the server supports the server, the server further verifies whether the interface key value is supported by the server, and if Further support for server support Is the digital signature correct? If the above passes, the process proceeds to step 130. Otherwise, the process proceeds to step 140. When the user accesses the server using the application software and the user logs in to the application software, it is still necessary to continue to verify whether the user identifier and the user session identifier are supported by the server. If yes, proceed to step 130, otherwise, proceed to step 140.
[0031] 步骤 130 : 允许智能终端访问业务数据。 [0031] Step 130: Allow the smart terminal to access the service data.
[0032] 如果第一验证信息和第二验证信息一致, 则允许智能终端访问业务数据。 访问 业务数据吋, 可以是根据特定的路径访问服务器中的业务数据, 也可以是不根 据特定的路径访问服务器中的业务数据。 可以理解, 如果访问请求中不包括请 求路径, 则当智能终端访问服务器吋, 不根据特定的路径访问服务器中的业务 数据。 如果访问请求中还包括请求路径, 则当智能终端访问服务器吋, 服务器 根据请求路径在服务器中寻找业务数据, 以提高访问的效率。  [0032] If the first verification information and the second verification information are consistent, the smart terminal is allowed to access the service data. Accessing the business data may be based on accessing the business data in the server according to a specific path, or may not access the business data in the server according to a specific path. It can be understood that if the access path is not included in the access request, when the smart terminal accesses the server, the service data in the server is not accessed according to the specific path. If the access request further includes a request path, when the smart terminal accesses the server, the server searches for the service data in the server according to the request path to improve the access efficiency.
[0033] 步骤 140: 向智能终端返回检验错误信息。  [0033] Step 140: Returning the verification error information to the smart terminal.
[0034] 如果第一验证信息和第二验证信息不一致, 则向智能终端返回检验错误信息。  [0034] If the first verification information and the second verification information do not match, the verification error information is returned to the smart terminal.
[0035] 本申请通过接收智能终端通过应用软件向服务器发出的访问请求, 并将第一验 证信息与预先存储在服务器中的第二验证进行对比, 第一验证信息与第二验证 信息一致, 则允许智能终端访问业务数据。 上述方法能够大大减少验证过程的 复杂性, 提高验证的效率。 [0035] The present application receives an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data. The above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
[0036] 参阅图 2, 图 2是本发明提供的一种服务器访问验证装置的结构示意图。 本实施 例提供的服务器访问验证装置包括: 接收模块 210、 比较模块 220、 允许模块 230[0036] Referring to FIG. 2, FIG. 2 is a schematic structural diagram of a server access verification apparatus provided by the present invention. The server access verification apparatus provided in this embodiment includes: a receiving module 210, a comparing module 220, and an enabling module 230.
、 寻找模块 240以及发送模块 250。 The module 240 and the sending module 250 are located.
[0037] 接收模块 210用于接收智能终端通过应用软件向服务器发出的访问请求, 其中 [0037] The receiving module 210 is configured to receive an access request sent by the smart terminal to the server by using the application software, where
, 访问请求用于向服务器请求业务数据, 访问请求包含第一验证信息。  The access request is for requesting service data from the server, and the access request includes the first verification information.
[0038] 智能终端可以包括伹不限于移动电脑、 平板电脑、 个人数字助理 (Personal[0038] The smart terminal may include, not limited to, a mobile computer, a tablet, a personal digital assistant (Personal)
Digital Assistant, PDA) 、 媒体播放器、 智能电视、 智能手表、 智能眼镜、 智能 手环等用户设备。 应用软件是安装在智能终端上的客户端, 应用软件能够通过 智能终端和服务器之间的连接访问服务器中的数据。 智能终端盒服务器之间的 连接包括伹不限于 Wi-Fi连接、 蜂窝连接、 蓝牙连接等等。 User equipment such as Digital Assistant, PDA), media player, smart TV, smart watch, smart glasses, smart bracelet. The application software is a client installed on the smart terminal, and the application software can access the data in the server through the connection between the smart terminal and the server. The connections between the smart terminal box servers include, but are not limited to, Wi-Fi connections, cellular connections, Bluetooth connections, and the like.
[0039] 当智能终端需要通过应用软件访问服务器吋, 智能终端向服务器发出访问请求 , 其中, 访问请求中包含了第一验证信息。 接收模块 210接收智能终端通过应用 软件向服务器发出的访问请求。 第一验证信息可以是一 [0039] When the smart terminal needs to access the server through the application software, the smart terminal sends an access request to the server. , wherein the access request includes the first verification information. The receiving module 210 receives an access request sent by the smart terminal to the server through the application software. The first verification information may be one
串 预先约定的没有包含实际意义字符, 也可 以是一串 预先约定的有实际意义的字符。 当 第一验证信息是预先约定的有实际意义的字符吋, 第一验证信息根据实际的应 用场景而采用应用软件标识、 接口关键值、 数值签名、 语言编码、 系统版本、 软件版本、 用户标识以及用户会话标识等等进行组合以作为验证信息。 其中, 应用软件标识用于识别应用软件, 接口关键值用于识别应用软件访问服务器吋 的接口, 数值签名用于鉴别数字信息, 用户标识用于在登陆吋识别用户的身份 , 用户会话标识用于在登陆吋识别用户会话。 例如, 当用户使用应用软件访问 服务器伹用户没有登录应用软件吋, 第一验证信息包括应用软件标识、 接口关 键值以及数值签名。 当用户使用应用软件访问服务器并且用户登录应用软件吋 , 第一验证信息包括应用软件标识、 接口关键值、 数值签名、 用户标识以及用 户会话标识。  A string of pre-agreed characters does not contain actual meaning characters, but can also be a string of pre-agreed and meaningful characters. When the first verification information is a pre-agreed character with a meaningful meaning, the first verification information adopts an application software identifier, an interface key value, a numerical signature, a language code, a system version, a software version, a user identifier, and the like according to an actual application scenario. User session identifiers and the like are combined as authentication information. The application identifier is used to identify the application software, the interface key value is used to identify the interface of the application software access server, the numerical signature is used to identify the digital information, the user identifier is used to identify the identity of the user after login, and the user session identifier is used for Identify the user session after logging in. For example, when the user accesses the server using the application software and the user does not log in to the application software, the first verification information includes the application software identifier, the interface key value, and the numerical signature. When the user accesses the server using the application software and the user logs in to the application software, the first verification information includes the application software identifier, the interface key value, the numerical signature, the user identifier, and the user session identifier.
[0040] 比较模块 220用于将第一验证信息与预先存储在服务器中的第二验证信息进行 对比。  [0040] The comparison module 220 is configured to compare the first verification information with the second verification information previously stored in the server.
[0041] 预先在服务器中存储了第二验证信息。 当接收到第一验证信息后, 比较模块 22 0将第一验证信息与预先存储在服务器中的第二验证信息进行对比。 当用户使用 应用软件访问服务器伹用户没有登录应用软件吋, 服务器首先验证应用软件标 识是否是获得服务器支持的, 如果是获得服务器支持的, 则服务器进一步验证 接口关键值是否获得服务器支持的, 如果是获得服务器支持的则还需要进一步 验证数字签名是否正确。 如果上述都通过, 调用允许模块 230, 反之, 调用发送 模块 250。 当用户使用应用软件访问服务器且用户登录应用软件吋, 还需继续验 证用户标识以及用户会话标识是否获得服务器支持, 如果是, 则调用允许模块 2 30, 反之, 则调用发送模块 250。  [0041] The second verification information is stored in the server in advance. After receiving the first verification information, the comparison module 22 compares the first verification information with the second verification information previously stored in the server. When the user accesses the server using the application software, and the user does not log in to the application software, the server first verifies whether the application software identifier is supported by the server. If the server supports the server, the server further verifies whether the interface key value is supported by the server, and if If you get server support, you need to further verify that the digital signature is correct. If the above passes, the permission module 230 is called, and conversely, the transmission module 250 is called. When the user accesses the server using the application software and the user logs in to the application software, it is necessary to continue to verify whether the user identifier and the user session identifier are supported by the server. If so, the permission module 2 30 is invoked, and conversely, the sending module 250 is invoked.
[0042] 允许模块 230用于在第一验证信息与第二验证信息一致吋, 允许智能终端访问 业务数据。  [0042] The enabling module 230 is configured to allow the smart terminal to access the service data after the first verification information is consistent with the second verification information.
[0043] 如果第一验证信息和第二验证信息一致, 则允许模块 230允许智能终端访问业 务数据。 访问业务数据吋, 可以是根据特定的路径访问服务器中的业务数据, 也可以是不根据特定的路径访问服务器中的业务数据。 可以理解, 如果访问请 求中不包括请求路径, 则当智能终端访问服务器吋, 不根据特定的路径访问服 务器中的业务数据。 如果访问请求中还包括请求路径, 则当智能终端访问服务 器吋, 寻找模块 240根据请求路径在服务器中寻找业务数据, 以提高访问的效率 [0043] if the first verification information and the second verification information are consistent, the permission module 230 allows the smart terminal to access the industry Data. After accessing the service data, the service data in the server may be accessed according to a specific path, or the service data in the server may not be accessed according to a specific path. It can be understood that if the request path is not included in the access request, when the smart terminal accesses the server, the service data in the server is not accessed according to the specific path. If the access request further includes a request path, when the smart terminal accesses the server, the searching module 240 searches for the service data in the server according to the request path to improve the access efficiency.
[0044] 发送模块 250用于在第一验证信息与第二验证信息不一致吋, 向智能终端返回 检验错误信息。 [0044] The sending module 250 is configured to return the verification error information to the smart terminal after the first verification information is inconsistent with the second verification information.
[0045] 本申请通过接收智能终端通过应用软件向服务器发出的访问请求, 并将第一验 证信息与预先存储在服务器中的第二验证进行对比, 第一验证信息与第二验证 信息一致, 则允许智能终端访问业务数据。 上述方法能够大大减少验证过程的 复杂性, 提高验证的效率。  [0045] The present application compares an access request sent by an intelligent terminal to a server through an application software, and compares the first verification information with a second verification previously stored in the server, where the first verification information is consistent with the second verification information, Allow smart terminals to access business data. The above method can greatly reduce the complexity of the verification process and improve the efficiency of verification.
[0046] 在本申请所提供的几个实施方式中, 应该理解到, 所揭露的系统, 装置和方法  [0046] In several embodiments provided by the present application, it should be understood that the disclosed system, apparatus and method
, 可以通过其它的方式实现。 例如, 以上所描述的装置实施方式仅仅是示意性 的, 例如, 所述模块或单元的划分, 仅仅为一种逻辑功能划分, 实际实现吋可 以有另外的划分方式, 例如多个单元或组件可以结合或者可以集成到另一个系 统, 或一些特征可以忽略, 或不执行。 另一点, 所显示或讨论的相互之间的耦 合或直接耦合或通信连接可以是通过一些接口, 装置或单元的间接耦合或通信 连接, 可以是电性, 机械或其它的形式。  , can be achieved in other ways. For example, the device implementations described above are merely illustrative. For example, the division of the modules or units is only a logical function division, and the actual implementation may have another division manner, for example, multiple units or components may be used. Combined or can be integrated into another system, or some features can be ignored, or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be electrical, mechanical or otherwise.
[0047] 所述作为分离部件说明的单元可以是或者也可以不是物理上分幵的, 作为单 元显示的部件可以是或者也可以不是物理单元, 即可以位于一个地方, 或者也 可以分布到多个网络单元上。 可以根据实际的需要选择其中的部分或者全部单 元来实现本实施方式方案的目的。  [0047] The unit described as a separate component may or may not be physically distributed, and the component displayed as a unit may or may not be a physical unit, that is, may be located in one place, or may be distributed to multiple On the network unit. Some or all of the units may be selected according to actual needs to achieve the objectives of the solution of the present embodiment.
[0048] 另外, 在本申请各个实施方式中的各功能单元可以集成在一个处理单元中, 也 可以是各个单元单独物理存在, 也可以两个或两个以上单元集成在一个单元中 。 上述集成的单元既可以采用硬件的形式实现, 也可以采用软件功能单元的形 式实现。  [0048] In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented either in the form of hardware or in the form of a software functional unit.
[0049] 所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用 吋, 可以存储在一个计算机可读取存储介质中。 基于这样的理解, 本申请的技 术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分 可以以软件产品的形式体现出来, 该计算机软件产品存储在一个存储介质中, 包括若干指令用以使得一台计算机设备 (可以是个人计算机, 服务器, 或者网 络设备等) 或处理器 (processor) 执行本申请各个实施方式所述方法的全部或 部分步骤。 而前述的存储介质包括: U盘、 移动硬盘、 只读存储器 (ROM, Rea d-Only Memory) 、 随机存取存储器 (RAM, Random Access Memory) 、 磁碟 或者光盘等各种可以存储程序代码的介质。 [0049] The integrated unit is implemented in the form of a software functional unit and sold or used as a standalone product 吋, can be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application, in essence or the contribution to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium. The instructions include a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to perform all or part of the steps of the methods described in various embodiments of the present application. The foregoing storage medium includes: a USB flash drive, a removable hard disk, a read only memory (ROM, Rea d-Only Memory), a random access memory (RAM), a magnetic disk or an optical disk, and the like, which can store program codes. medium.
技术问题 technical problem
问题的解决方案 Problem solution
发明的有益效果 Advantageous effects of the invention

Claims

权利要求书 Claim
[权利要求 1] 一种服务器访问验证方法, 其特征在于, 包括:  [Claim 1] A server access verification method, comprising:
接收智能终端通过应用软件向服务器发出的访问请求, 其中, 所述访 问请求用于向所述服务器请求业务数据, 所述访问请求包含第一验证 f π息;  Receiving an access request sent by the smart terminal to the server by using the application software, where the access request is used to request service data from the server, where the access request includes a first verification message;
将所述第一验证信息与预先存储在所述服务器中的第二验证信息进行 对比;  Comparing the first verification information with second verification information previously stored in the server;
如果所述第一验证信息与所述第二验证信息一致, 则允许所述智能终 端访问所述业务数据, 根据所述请求路径在所述服务器中寻找所述业 务数据; 如果所述第一验证信息与所述第二验证信息不一致, 则向所 述智能终端返回检验错误信息。  If the first verification information is consistent with the second verification information, allowing the smart terminal to access the service data, searching for the service data in the server according to the request path; if the first verification If the information does not match the second verification information, the verification error information is returned to the smart terminal.
[权利要求 2] 根据权利要求 1所述的方法, 其特征在于, 当用户使用所述应用软件 访问所述服务器但所述用户没有登录所述应用软件吋, 所述第一验证 信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用 软件标识用于识别所述应用软件, 所述接口关键值用于识别所述应用 软件访问所述服务器吋的接口。  [Claim 2] The method according to claim 1, wherein when the user accesses the server by using the application software but the user does not log in to the application software, the first verification information includes application software. The identification, the interface key value, and the numerical signature, wherein the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
[权利要求 3] 根据权利要求 1所述的方法, 其特征在于, 当用户使用所述应用软件 访问所述服务器并且所述用户登录所述应用软件吋, 所述第一验证信 息包括应用软件标识、 接口关键值、 数值签名、 用户标识以及用户会 话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口 关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标 识用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识 别用户会话。  [Claim 3] The method according to claim 1, wherein when the user accesses the server by using the application software and the user logs in to the application software, the first verification information includes an application software identifier. An interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server, The user identifier is used to identify the identity of the user after logging in, and the user session identifier is used to identify the user session after logging in.
[权利要求 4] 一种服务器访问验证方法, 其特征在于, 包括:  [Claim 4] A server access verification method, comprising:
接收智能终端通过应用软件向服务器发出的访问请求, 其中, 所述访 问请求用于向所述服务器请求业务数据, 所述访问请求包含第一验证 f π息;  Receiving an access request sent by the smart terminal to the server by using the application software, where the access request is used to request service data from the server, where the access request includes a first verification message;
将所述第一验证信息与预先存储在所述服务器中的第二验证信息进行 对比; Performing the first verification information with second verification information previously stored in the server Compared;
如果所述第一验证信息与所述第二验证信息一致, 则允许所述智能终 端访问所述业务数据。  And if the first verification information is consistent with the second verification information, allowing the smart terminal to access the service data.
[权利要求 5] 根据权利要求 4所述的方法, 其特征在于, 所述访问请求还包括请求 路径,  [Claim 5] The method according to claim 4, wherein the access request further includes a request path,
如果所述第一验证信息与所述第二验证信息一致, 则允许所述智能终 端访问所述业务数据之后还包括:  And if the first verification information is consistent with the second verification information, after the smart terminal is allowed to access the service data, the method further includes:
根据所述请求路径在所述服务器中寻找所述业务数据。  Finding the service data in the server according to the request path.
[权利要求 6] 根据权利要求 4所述的方法, 其特征在于, 当用户使用所述应用软件 访问所述服务器但所述用户没有登录所述应用软件吋, 所述第一验证 信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用 软件标识用于识别所述应用软件, 所述接口关键值用于识别所述应用 软件访问所述服务器吋的接口。  [Claim 6] The method according to claim 4, wherein when the user accesses the server by using the application software but the user does not log in to the application software, the first verification information includes application software The identification, the interface key value, and the numerical signature, wherein the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
[权利要求 7] 根据权利要求 4所述的方法, 其特征在于, 当用户使用所述应用软件 访问所述服务器并且所述用户登录所述应用软件吋, 所述第一验证信 息包括应用软件标识、 接口关键值、 数值签名、 用户标识以及用户会 话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口 关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标 识用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识 别用户会话。  [Claim 7] The method according to claim 4, wherein when the user accesses the server by using the application software and the user logs in to the application software, the first verification information includes an application software identifier An interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server, The user identifier is used to identify the identity of the user after logging in, and the user session identifier is used to identify the user session after logging in.
[权利要求 8] 根据权利要求 4所述的方法, 其特征在于, 所述方法还包括:  [Claim 8] The method according to claim 4, wherein the method further comprises:
如果所述第一验证信息与所述第二验证信息不一致, 则向所述智能终 端返回检验错误信息。  If the first verification information does not coincide with the second verification information, the verification error information is returned to the smart terminal.
[权利要求 9] 一种服务器访问验证装置, 其特征在于, 所述装置包括: 接收模块、 比较模块以及允许模块,  [Claim 9] A server access verification apparatus, comprising: a receiving module, a comparison module, and an enabling module,
所述接收模块用于接收智能终端通过应用软件向服务器发出的访问请 求, 其中, 所述访问请求用于向所述服务器请求业务数据, 所述访问 请求包含第一验证信息; 所述比较模块用于将所述第一验证信息与预先存储在所述服务器中的 第二验证信息进行对比; The receiving module is configured to receive an access request sent by the smart terminal to the server by using the application software, where the access request is used to request service data from the server, where the access request includes first verification information; The comparing module is configured to compare the first verification information with second verification information pre-stored in the server;
所述允许模块用于在所述第一验证信息与所述第二验证信息一致吋, 允许所述智能终端访问所述业务数据。 The permission module is configured to allow the smart terminal to access the service data after the first verification information is consistent with the second verification information.
根据权利要求 9所述的装置, 其特征在于, 所述装置还包括寻找模块 , 所述寻找模块用于根据所述请求路径在所述服务器中寻找所述业务 数据。 The device according to claim 9, wherein the device further comprises a searching module, wherein the searching module is configured to search for the service data in the server according to the request path.
根据权利要求 9所述的装置, 其特征在于, 当用户使用所述应用软件 访问所述服务器但所述用户没有登录所述应用软件吋, 所述第一验证 信息包括应用软件标识、 接口关键值以及数值签名, 其中, 所述应用 软件标识用于识别所述应用软件, 所述接口关键值用于识别所述应用 软件访问所述服务器吋的接口。 The device according to claim 9, wherein when the user accesses the server by using the application software but the user does not log in to the application software, the first verification information includes an application software identifier and an interface key value. And the value signature, where the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server.
根据权利要求 9所述的装置, 其特征在于, 当用户使用所述应用软件 访问所述服务器并且所述用户登录所述应用软件吋, 所述第一验证信 息包括应用软件标识、 接口关键值、 数值签名、 用户标识以及用户会 话标识, 其中, 所述应用软件标识用于识别所述应用软件, 所述接口 关键值用于识别所述应用软件访问所述服务器吋的接口, 所述用户标 识用于在登陆吋识别用户的身份, 所述用户会话标识用于在登陆吋识 别用户会话。 The device according to claim 9, wherein when the user accesses the server by using the application software and the user logs in to the application software, the first verification information includes an application software identifier, an interface key value, a numerical signature, a user identifier, and a user session identifier, where the application software identifier is used to identify the application software, and the interface key value is used to identify an interface of the application software to access the server, where the user identifier is used by The identity of the user is identified upon login, and the user session identifier is used to identify the user session upon login.
根据权利要求 9所述的装置, 其特征在于, 所述装置还包括发送模块 , 所述发送模块用于在所述第一验证信息与所述第二验证信息不一致 吋, 向所述智能终端返回检验错误信息。 The device according to claim 9, wherein the device further comprises a sending module, wherein the sending module is configured to return to the smart terminal after the first verification information is inconsistent with the second verification information Verify the error message.
PCT/CN2015/092691 2015-10-23 2015-10-23 Method and device for verifying access to server WO2017066994A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201580002092.XA CN105993156B (en) 2015-10-23 2015-10-23 Server access verification method and device
PCT/CN2015/092691 WO2017066994A1 (en) 2015-10-23 2015-10-23 Method and device for verifying access to server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/092691 WO2017066994A1 (en) 2015-10-23 2015-10-23 Method and device for verifying access to server

Publications (1)

Publication Number Publication Date
WO2017066994A1 true WO2017066994A1 (en) 2017-04-27

Family

ID=57040926

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/092691 WO2017066994A1 (en) 2015-10-23 2015-10-23 Method and device for verifying access to server

Country Status (2)

Country Link
CN (1) CN105993156B (en)
WO (1) WO2017066994A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107743114B (en) * 2016-12-15 2020-03-17 腾讯科技(深圳)有限公司 Network access method, device and system
JP6941779B2 (en) * 2017-02-28 2021-09-29 パナソニックIpマネジメント株式会社 Controls, home appliances, and programs
CN107679372A (en) * 2017-09-26 2018-02-09 努比亚技术有限公司 Access control method, terminal and the storage medium of application program
CN111082940B (en) * 2019-11-19 2022-11-04 泰康保险集团股份有限公司 Internet of things equipment control method and device, computing equipment and storage medium
CN113722687A (en) * 2021-08-30 2021-11-30 康键信息技术(深圳)有限公司 Application software login method, device, medium and equipment
CN116032889B (en) * 2023-03-30 2023-07-21 新华三技术有限公司 IP address allocation method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7111323B1 (en) * 2001-08-31 2006-09-19 Oracle International Corporation Method and apparatus to facilitate a global timeout in a distributed computing environment
CN103188668A (en) * 2011-12-27 2013-07-03 方正国际软件(北京)有限公司 Security protection method and security protection system for mobile terminal application
CN103607374A (en) * 2013-10-28 2014-02-26 中国航天科工集团第二研究院七〇六所 Network-resource-access control method based on identity authentication and data-packet filtering technology
CN104537284A (en) * 2014-12-19 2015-04-22 葛胜锦 Software protecting system and method based on remote service
CN104753674A (en) * 2013-12-31 2015-07-01 中国移动通信集团公司 Application identity authentication method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7111323B1 (en) * 2001-08-31 2006-09-19 Oracle International Corporation Method and apparatus to facilitate a global timeout in a distributed computing environment
CN103188668A (en) * 2011-12-27 2013-07-03 方正国际软件(北京)有限公司 Security protection method and security protection system for mobile terminal application
CN103607374A (en) * 2013-10-28 2014-02-26 中国航天科工集团第二研究院七〇六所 Network-resource-access control method based on identity authentication and data-packet filtering technology
CN104753674A (en) * 2013-12-31 2015-07-01 中国移动通信集团公司 Application identity authentication method and device
CN104537284A (en) * 2014-12-19 2015-04-22 葛胜锦 Software protecting system and method based on remote service

Also Published As

Publication number Publication date
CN105993156A (en) 2016-10-05
CN105993156B (en) 2020-01-14

Similar Documents

Publication Publication Date Title
WO2017066994A1 (en) Method and device for verifying access to server
US9954842B2 (en) Method, client, server and system of login verification
US20200143028A1 (en) Authentication system
TWI683567B (en) Security verification method, device, server and terminal
US10135824B2 (en) Method and system for determining whether a terminal logging into a website is a mobile terminal
US9544290B2 (en) Device authentication using proxy automatic configuration script requests
US8874919B2 (en) Apparatus and method of a portable terminal authenticating another portable terminal
EP3700164A1 (en) Method and apparatus for facilitating the login of an account
TW202134913A (en) Query system, method and non-transitory machine-readable medium to determine authentication capabilities
CN103139200A (en) Single sign-on method of web service
TW201606498A (en) Method and system for facilitating terminal identifiers
US11068570B1 (en) Authentication using third-party data
CN104935435A (en) Login methods, terminal and application server
WO2015176500A1 (en) Single sign-on authentication method, device and system, and computer storage medium
KR101691412B1 (en) Phone number based 2channel user authentication assistive device and method
US9948727B2 (en) Securely transferring session information
TWI546698B (en) Login system based on servers, login authentication server, and authentication method thereof
KR102016976B1 (en) Unified login method and system based on single sign on service
US11575666B2 (en) Website verification service
CN109302422B (en) Method for logging in mobile application, mobile terminal, electronic equipment, system and storage medium
US10454945B1 (en) Method, apparatus and computer program product for processing an electronic request to access a computerized resource
CN111931159A (en) Method and system for verifying validity of webpage data interface
US20170163642A1 (en) Method, Electronic Device and System for Content Pushing
TW201244441A (en) System and method for generating a password according to an ID code as well as a client, a server and a storage medium of the system
WO2020000789A1 (en) Method and device for implementing access authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15906511

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15906511

Country of ref document: EP

Kind code of ref document: A1