[go: up one dir, main page]

CN104158818A - Single sign-on method and system - Google Patents

Single sign-on method and system Download PDF

Info

Publication number
CN104158818A
CN104158818A CN201410422428.5A CN201410422428A CN104158818A CN 104158818 A CN104158818 A CN 104158818A CN 201410422428 A CN201410422428 A CN 201410422428A CN 104158818 A CN104158818 A CN 104158818A
Authority
CN
China
Prior art keywords
user
business system
browser
login information
login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410422428.5A
Other languages
Chinese (zh)
Other versions
CN104158818B (en
Inventor
刘晓靖
张鹏
胡尼亚
王志军
靳锐敏
许海翔
王春婷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201410422428.5A priority Critical patent/CN104158818B/en
Publication of CN104158818A publication Critical patent/CN104158818A/en
Application granted granted Critical
Publication of CN104158818B publication Critical patent/CN104158818B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Debugging And Monitoring (AREA)

Abstract

本发明公开了一种单点登录方法及系统,其中,单点登录方法包括:业务系统接收到未在所述业务系统登录的用户的业务访问后,所述业务系统通过所述用户的用户浏览器向单点登录认证中心获取该用户的登录信息,如果获取到,则所述业务系统利用所述登录信息自动完成所述用户的登录处理,通知所述用户浏览器显示登录后的页面。本发明提供的方法和系统对于无认证信息携带访问业务系统的场景,使业务系统具有主动查询用户登录信息的功能,实现了在该场景下的单点登录,更加符合用户的互联网业务使用习惯,完善了单点登录机制。

The invention discloses a single sign-on method and system, wherein the single sign-on method comprises: after the business system receives a business visit from a user who has not logged in the business system, the business system browses through the user's user The server obtains the user's login information from the single sign-on authentication center, and if obtained, the business system uses the login information to automatically complete the user's login process, and notifies the user's browser to display the logged-in page. The method and system provided by the present invention enable the business system to have the function of actively querying user login information for the scenario of accessing the business system without authentication information, and realize single sign-on in this scenario, which is more in line with the user's Internet business usage habits. Improved the single sign-on mechanism.

Description

A kind of single-point logging method and system
Technical field
The present invention relates to the communications field, be specifically related to a kind of single-point logging method and system.
Background technology
Single-sign-on (Single Sign On, referred to as SSO), refers to that, in a plurality of application systems, user only need to login the application system that once just can access all mutual trusts.
In existing Single Sign-On Technology Used, application system to browser/server (Browser/Server is called for short B/S) framework, mainly realizes single-sign-on by bill transfer mode, be similar to " through ticket " form of tourist attractions, a booking of visitor can enter a plurality of independently sight spots.The flow process of bill transfer mode single-sign-on is specially:
(1) when user accesses a B/S application system for the first time, be directed in Verification System and login;
(2) log-on message providing according to user, Verification System is carried out proof of identity, and the user by verification obtains one " authentication authority " (as billing information), and this billing information can be used as user by the authority of verification;
(3) when user accesses another B/S application system, this system is received after request, and the billing information that user can be shown sends to Verification System and carries out verification, authenticates the legitimacy of this billing information; If by verification, user need not login again just can access this B/S application system.
At present, prior art is mainly that the scene of access service system when having authentication information to carry is carried out standard, and the billing information carrying by user just can be logined in a plurality of application systems.For example, user is registering service system A (operation system A has obtained user profile), the upper operation system B link embedding of click-to-call service system A, (operation system B can, by single-sign-on mechanism, obtain the user profile that operation system A passes over) conducts interviews.And when carrying without authentication information the scene of access service system, such as:
(1) user is not in other operation system logins, and (operation system A, before user's login, cannot be known user profile) directly in browser incoming traffic system A network address, conducts interviews;
(2) user registering service system A, (under this scene, user is not come by operation system A redirect, and therefore, operation system B cannot be known user profile) directly in browser incoming traffic system B network address, conducts interviews;
(3) user is not in other operation system logins, user's access service system A, not when operation system A logins, the upper operation system B link embedding of click-to-call service system A, (because user does not login, operation system A, B all cannot be known user profile) conducts interviews.
In prior art, for above-mentioned 3 kinds of scenes, operation system at local search when there is no user related information, just according to user's active behavior, to user, show corresponding browsing pages, and can be not on one's own initiative to the acquisition request user's of authentication center log-on message, thereby cannot judge whether to carry out single-sign-on, in fact, for the second situation, can carry out single-sign-on, so, at present, under the scene for above-mentioned " carrying without authentication information ", industry does not also have comparatively ripe single-sign-on solution.
Summary of the invention
The technical issues that need to address of the present invention are to provide a kind of single-point logging method and system, realize the single-sign-on under the scene of carrying access service system without authentication information.
In order to solve the problems of the technologies described above, the invention provides a kind of single-point logging method, comprising:
Operation system receives after the user's who does not login in described operation system Operational Visit, described operation system is obtained this user's log-on message by described user's user browser to single-sign-on authentication center, if got, described operation system utilizes described log-on message automatically to complete described user's login process, notifies described user browser to show the page after login.
Further, the log-on message that the user browser of described operation system by described user obtains described user to single-sign-on authentication center, comprising:
Described operation system sends the instruction of the log-on message of obtaining described user to described user's user browser, carry the Redirect Address of described operation system in described instruction;
The request that described user browser sends to described single-sign-on authentication center the log-on message of obtaining described user, carries described user's global session ID and the Redirect Address of described operation system in described request;
Described single-sign-on authentication center judges whether to exist the global session corresponding with described user's global session ID, if existed, according to the session information of the global session corresponding with described user's global session ID, described user's log-on message is redirected to described operation system by described user browser, Redirect Address is the Redirect Address of described operation system, and described session information comprises described user's log-on message.
Further, described method also comprises:
The log-on message that the user browser of described operation system by described user obtains described user to single-sign-on authentication center, comprising:
Described operation system sends the instruction of the log-on message of obtaining described user to described user's user browser, carry the Redirect Address of described operation system in described instruction;
Described user browser sends the request of the log-on message of obtaining described user to described single-sign-on authentication center, only carry the Redirect Address of described operation system in described request;
When user's global session ID does not carry in judgement described request in described single-sign-on authentication center, described single-sign-on authentication center is redirected by described user browser the result of obtaining user login information failure to described operation system, the Redirect Address that Redirect Address is described operation system;
Described method also comprises: if do not got, described in described operation system basis, obtain the result of user login information failure and to described user browser, send the instruction that turns back to the current browsing pages of user; Described user browser shows current browsing pages.
Further, before obtaining described user's log-on message by described user browser to single-sign-on authentication center in described operation system, described method also comprises:
When described user logins certain operation system in single-node login system first, described certain operation system is the log-on message when this operation system is logined by user described in single-sign-on authentication center stores described in described user browser request.
Further, described certain operation system is the log-on message when this operation system is logined by user described in single-sign-on authentication center stores described in described user browser request, comprising:
Described certain operation system is when the login authentication by described user, to described user browser, send the instruction of the log-on message of the described user of storage when this operation system is logined, in described instruction, carry Redirect Address and the operation system sign of described certain operation system;
The request of described user browser log-on message when this operation system is logined to the described user of described single-sign-on authentication center's transmission storage, the log-on message when Redirect Address of certain operation system, operation system sign and described user are by login authentication described in carrying in described request;
Described single-sign-on authentication center receives after described request, generate the global session of described user when this operation system login, and be that this user is at this login behavior configuration global session ID of single-sign-on authentication center, in the session information of described global session, preserve operation system sign and the log-on message of described user when this operation system login of described certain operation system, and described global session ID is back to described user browser, and be redirected to described certain operation system by described user browser, Redirect Address is the Redirect Address of described certain operation system.
In order to solve the problems of the technologies described above, the present invention also provides a kind of single-node login system, comprising:
Operation system, for after receiving the user's who does not login in described operation system Operational Visit, to user browser, send the instruction of the log-on message of obtaining described user, user browser by described user obtains described user's log-on message to single-sign-on authentication center, if got, utilize described log-on message automatically to complete described user's login process, and notify described user browser to show the page after login;
User browser, for obtaining after user's the instruction of log-on message receiving described operation system, to single-sign-on authentication center, send the request of the log-on message of obtaining described user, and the described user's that described single-sign-on authentication center is returned log-on message is passed to described operation system, after receiving described operation system notice, show the page after login;
Single-sign-on authentication center, after the request receiving described user browser, in the log-on message of user described in local search, if inquire, returns to described operation system by the described user's who inquires log-on message by described user browser.
Further, described operation system is obtained the Redirect Address that carries described operation system in described user's the instruction of log-on message;
Described user browser obtains in described user's the request of log-on message and carries described user's global session ID and the Redirect Address of described operation system;
Described single-sign-on authentication center, for after the request that receives described user browser, in the log-on message of user described in local search, if inquire, the described user's who inquires log-on message is returned to described operation system by described user browser, comprising:
Described single-sign-on authentication center, for judging whether to exist the global session corresponding with described user's global session ID, if existed, according to the session information of the global session corresponding with described user's global session ID, described user's log-on message is redirected to described operation system by described user browser, Redirect Address is the Redirect Address of described operation system, and described session information comprises described user's log-on message.
Further, described operation system is obtained the Redirect Address that carries described operation system in described user's the instruction of log-on message;
Described user browser obtains the Redirect Address that only carries described operation system in described user's the request of log-on message;
Described single-sign-on authentication center, also for when judgement described request is not carried user's global session ID, inquiry is less than described user's log-on message, the result of obtaining user login information failure is redirected to described operation system to the Redirect Address that Redirect Address is described operation system by described user browser;
Described user browser, also for the result of obtaining user login information failure that described single-sign-on authentication center is returned, be redirected to described operation system, and after receiving the instruction that turns back to the current browsing pages of user that described operation system sends, show current browsing pages;
Described operation system, also sends for obtaining the result of user login information failure described in basis the instruction that turns back to corresponding browsing pages to described user browser.
Further, also comprise certain operation system in the single-node login system that user logins first; Wherein:
Certain operation system in the single-node login system that described user logins first, for when the login authentication by described user, to described user browser, send the instruction of the log-on message of the described user of storage when this operation system is logined, the log-on message by user described in single-sign-on authentication center stores described in described user browser request when this operation system is logined;
Described user browser, also after the instruction for the log-on message when receiving described certain operation system request and store described user in this operation system login, to described single-sign-on authentication center, send the request of the log-on message of the described user of storage when this operation system login;
Described single-sign-on authentication center, after the request receiving described user browser, the log-on message by described user when this operation system login is stored.
Further, described certain operation system is stored Redirect Address and the operation system sign that carries certain operation system in described single-node login system in the instruction of the log-on message of described user when the login of this operation system;
Described user browser is stored the log-on message when this operation system login of Redirect Address, operation system sign and described user that carries described certain operation system in the request of the log-on message of described user when the login of this operation system;
Described single-sign-on authentication center, after the request receiving described user browser, the log-on message by described user when this operation system login is stored, and comprising:
Described single-sign-on authentication center receives after described request, generate the global session of described user when this operation system login, and be that this user is at this login behavior configuration global session ID of single-sign-on authentication center, in the session information of described global session, preserve operation system sign and the log-on message of described user when this operation system login of described certain operation system, and described global session ID is back to described user browser, and be redirected to described certain operation system by described user browser, Redirect Address is the Redirect Address of described certain operation system,
Described user browser, also for the global session ID receiving and preserve the described user that described single-sign-on authentication center returns, and passes to described certain operation system.
Compared with prior art, single-point logging method provided by the invention and system, for carry the scene of access service system without authentication information, make operation system there is the function of active inquiry user login information, realized the single-sign-on under this scene, the Internet service use habit that more meets user, perfect single-sign-on mechanism.
Accompanying drawing explanation
Fig. 1 is the flow chart of single-point logging method in embodiment;
Fig. 2 is for the flow chart of the single-point logging method of scene (1) in an application example;
Fig. 3 is for the flow chart of the single-point logging method of scene (2) in an application example;
Fig. 4 is the structure chart of single-node login system in embodiment.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, hereinafter in connection with accompanying drawing, embodiments of the invention are elaborated.It should be noted that, in the situation that not conflicting, the embodiment in the application and the feature in embodiment be combination in any mutually.
Embodiment:
The application scenarios of the present embodiment is that user carries the single-sign-on under browse service system scene without authentication information, and as shown in Figure 1, the present embodiment provides a kind of single-point logging method, comprises the following steps:
S101: operation system receives the user's who does not login in described operation system Operational Visit;
Wherein, the user who does not login in described operation system represents that this user, just in the login of this operation system, likely logins in belonging to other operation systems of single-sign-on system; Operation system judges that whether this user is by judging whether to exist local session ID in the login of this operation system, if there is no, just illustrates that user does not login described operation system;
For scene (1), user, in other operation system logins, directly, in browser incoming traffic system A network address, does not conduct interviews, and under this scene, user is in other operation systems and all not logins of operation system A;
For scene (2), user is registering service system A, directly in browser incoming traffic system B network address, conduct interviews, under this scene, user is not come by operation system A redirect, therefore, operation system B cannot be known user profile, and user does not login at operation system B;
For scene (3), user is not at other operation system logins, user's access service system A, not when operation system A logins, the upper operation system B link embedding of click-to-call service system A, conducts interviews, and user is all not logins on other operation systems and operation system A, B.
S102: operation system receives after described user's Operational Visit, the user browser by described user obtains described user's log-on message to single-sign-on authentication center; Log-on message comprises this user's account name and login password;
S103: if got, utilize described log-on message automatically to complete described user's login process, notify described user browser to show the page after login.
Wherein, in step S102, corresponding to scene (2), user has logined other operation systems, directly at browser, input the network address of described operation system, conduct interviews, for this scene: the log-on message that the user browser of described operation system by described user obtains described user to single-sign-on authentication center, specifically comprises:
1) described operation system sends the instruction of the log-on message of obtaining described user to described user's user browser, carries the Redirect Address of described operation system in described instruction;
2) described user browser sends the request of the log-on message of obtaining described user to described single-sign-on authentication center, carries the described user's of sign global session ID and the Redirect Address of described operation system in described request;
Wherein, global session ID once logined in other operation systems for identifying user, single-sign-on authentication center identifies this user by global session ID, if user's certain operation system in single-node login system is logined first, single-sign-on authentication center generates global session, and by browser, tell the operation system of login first global session ID, at this moment, this global session (containing global session ID) is just kept at the file that browser is arranged on computer this locality and has suffered (this is the fundamental mechanism that browser is preserved session, is the attribute of browser).
User, access after other system, other operation systems are initiated the request of request user profile to single-sign-on authentication center by this browser, browser points to after single-sign-on authentication center in the request of discovery, automatically the global session (containing ID) that preserve inquiry this locality, the global session ID inquiring is carried in request, issue single-sign-on authentication center, at this moment user just can judge in single-sign-on authentication center.
3) described single-sign-on authentication center judges whether to exist the global session corresponding with described user's global session ID, if existed, according to the global session corresponding with described user's global session ID, described user's log-on message is redirected to described operation system by described user browser, Redirect Address is the Redirect Address of described operation system, and described session information comprises described user's log-on message.
In addition, in step 1) described in also carry the sign of operation system in the instruction that sends of operation system, in step 2) in by browser, this operation system sign is carried at and in request, sends to single-sign-on authentication center, single-sign-on authentication center is for carrying out authentication to carrying the request of operation system sign, and judgement is the request which system is sent.
In single-sign-on process, if user logins in other operation systems, between user browser and operation system, acquiescence is all pointed to this user, that is to say, in the standard system of single-sign-on, can not there is two users access websites in a browser simultaneously.Such as, the operation system that user A accessed is all that A is logging status, if now change the account of user B into, logins, and needs to exit the login account of A, and the log-on message of A is expired, and now the global session of A also lost efficacy.So in single-sign-on system, different users be impossible simultaneously in a browser in logging status, that is to say, under this file of a browser, effectively global session can only have one, in single-sign-on process, the operation system in single-sign-on system and browser are only identified a user.
In addition, for scene (1) and (3), user is not in other operation system logins, directly at browser, input the network address of described operation system, conduct interviews, and, user is not in other operation system logins, user's access service system A, not when operation system A logins, the link of the upper described operation system embedding of click-to-call service system A, conducts interviews, for these two kinds of scenes, also there is the situation of not obtaining described user's log-on message from single-sign-on authentication center in described operation system;
Described operation system is obtained the Redirect Address that carries described operation system in described user's the instruction of log-on message;
Described user browser obtains the Redirect Address that only carries described operation system in described user's the request of log-on message;
Described method also comprises:
When described single-sign-on authentication center judges the global session ID that does not carry user in described request, described single-sign-on authentication center is redirected by described user browser the result of obtaining user login information failure to described operation system, the Redirect Address ULR that Redirect Address is described operation system;
The global session ID that does not carry user in described request illustrates this user not other operation system logins in single-sign-on system before the described operation system of login, therefore, in single-sign-on authentication center, there is no to set up for this user the record of global session, so be not this user assignment global session ID, just can not store this user's log-on message yet yet.
Described in described operation system basis, obtain the result of user login information failure and to described user browser, send the instruction that turns back to the current browsing pages of user; Described user browser shows current browsing pages.
In addition, for scene (2), when user logins first in single-node login system, in certain operation system login, single-sign-on authentication center can preserve log-on message, so that user can get this user's log-on message in described operation system login, therefore, before obtaining described user's log-on message by described user browser to single-sign-on authentication center in described operation system, described method also comprises: interior certain operation system of single-node login system is the log-on message when this operation system is logined by user described in described user browser request single-sign-on authentication center stores,
Specifically comprise:
1) described certain operation system is when the login authentication by described user, described certain operation system sends the instruction of the log-on message of the described user of storage when by login authentication to described user browser, carry Redirect Address and the operation system sign of described certain operation system in described instruction;
2) request of log-on message when described user browser sends the described user of storage by login authentication to described single-sign-on authentication center, Redirect Address, the operation system that carries described certain operation system in described request identifies and the log-on message of described user during by login authentication;
3) described single-sign-on authentication center receives after described request, the global session of this login while generating described user by login authentication, and be that this user is at this login behavior configuration global session ID of single-sign-on authentication center, log-on message when the operation system sign of certain operation system and described user are by login authentication described in preserving in the session information of described global session, and the global session ID of this login during by login authentication by described user is back to described user browser, and the result that log-on message has been stored is redirected to described certain operation system by described user browser, Redirect Address is the Redirect Address of described certain operation system.
In single-sign-on system, the operation system of only having user to login first place is responsible for storing log-on message, the inquiry of other operation systems Dou Shiqu single-sign-on authentication center, no longer storage.
In an application example, for application scenarios (1), provide a kind of single-point logging method, as shown in Figure 2, comprise the following steps:
S201: user is by browser access operation system A;
S202: operation system A receives this user's Operational Visit request, and operation system A judges without local session, i.e. registering service system A not;
If, after operation system A login, operation system A can create local session in this locality, and distributes local session ID, returns to the local session ID of this operation system of user browser A before user simultaneously; User, again during access service system A, browser can be according to the local session ID of operation system A, to operation system A inquiry active user's login situation;
If not in operation system A login, there is not local session ID before user.
S203: operation system A sends the instruction of the log-on message of obtaining described user to described user's user browser, carry the Redirect Address of operation system A in described instruction;
This Redirect Address is for inquiring after user's log-on message when described single-sign-on authentication center, this user's log-on message being redirected to operation system A by user browser.
S204: the request that described user browser sends to described single-sign-on authentication center the log-on message of obtaining described user, carries the Redirect Address of described operation system A and the service identification of described operation system A in described request;
For scene (1), because user did not login in other operation systems, therefore, single-sign-on authentication center is not this user assignment global session ID yet, so, in described request, do not carry global session ID;
S205: when single-sign-on authentication center judges the global session ID that does not carry user in described request, illustrate that this user did not login in other operation systems, the result of obtaining user login information failure is redirected to described operation system to the Redirect Address that Redirect Address is described operation system by described user browser;
Described in S206: operation system A basis, obtain result and the own service logic of user login information failure and to described user browser, send the instruction that turns back to the current browsing pages of user, user browser is shown corresponding browsing pages or login page to user.
In an application example, for application scenarios (2), provide a kind of single-point logging method, as shown in Figure 3, comprise the following steps:
S301: user logins at operation system A;
User is in operation system A login, and single-sign-on authentication center can set up global session ID for this user, and this user's log-on message is preserved.
S302: user is directly in the network address of browser incoming traffic system B, access service system B;
S303: operation system B has judged whether local session according to local session ID, i.e. registering service system B whether; If there is local session, perform step S304, otherwise execution step S305;
If, after operation system B login, operation system B can create local session in this locality, and distributes local session ID, returns to the local session ID of this operation system of user browser B before user simultaneously; User, again during access service system B, browser can be according to the local session ID of operation system B, to operation system B inquiry active user's login situation;
If not in operation system B login, there is not local session ID before user.
S304: if there is local session, operation system B sends the instruction that presents the page after login to user to user browser, and user browser presents the page after login to user;
S305: if without local session, operation system B sends the instruction of the log-on message of obtaining described user to described user's user browser, carries the Redirect Address of operation system B in described instruction;
This Redirect Address is for inquiring after user's log-on message when described single-sign-on authentication center, this user's log-on message being redirected to operation system B by user browser.
S306: described user browser sends the request of the log-on message of obtaining described user to described single-sign-on authentication center, carries the described user's of sign the Redirect Address of global session ID, described operation system B and the sign of described operation system B in described request;
S307: the judgement of single-sign-on authentication center exists the global session corresponding with described user's global session ID, described user's log-on message is redirected to operation system B by described user browser, Redirect Address is the Redirect Address of operation system B, and the session information of described global session comprises described user's log-on message;
S308: this operation system B carries out follow-up single-sign-on flow process according to this user's log-on message.
Single-sign-on flow process is existing procedure, specifically comprise: operation system B according to this user's log-on message to single-sign-on authentication center this log-on message of request authentication, single-sign-on authentication center authentication success is to operation system B return authentication successful information, operation system B creates local session, and returns to browser the information of logining successfully.
In an application example, for application scenarios (3), user is not in other operation system logins, user's access service system A, not when operation system A logins, the user browser that can first trigger by described user obtains this user's log-on message (log-on message of registering service system A) to single-sign-on authentication center, similar with the corresponding flow process (as step S202~S206) of application scenarios (1), because user did not login in other operation systems, therefore, single-sign-on authentication center is not this user assignment global session ID yet, so, in described request, do not carry global session ID, when single-sign-on authentication center judges the global session ID that does not carry user in described request, illustrate that this user did not login in other operation systems, the result of obtaining user login information failure is redirected to described operation system A by described user browser, described in operation system A basis, obtain result and the own service logic of user login information failure and to described user browser, send the instruction that turns back to the current browsing pages of user, user browser is shown corresponding browsing pages or login page to user, during user's click-to-call service system B link, the user browser triggering by described user obtains this user's log-on message (log-on message of registering service system B) to single-sign-on authentication center, according to the corresponding flow process of application scenarios (1) (as step S202~S206), described in operation system B basis, obtain result and the own service logic of user login information failure and to described user browser, send the instruction that turns back to the current browsing pages of user, user browser is shown corresponding browsing pages or login page to user.
In the present embodiment, scene (1) and (3) also belong to the scene in single-sign-on system, because also there is mechanism from user login information to single-sign-on authentication center that initiatively obtain.Due to before user, in belonging to any one operation system of single-sign-on authentication system, do not login, thus in the request of initiating to single-sign-on authentication center, do not have global session ID, so there is not this user's log-on message in single-sign-on authentication center yet.Under this scene, need user's initiatively login in the operation system of access, this operation system just becomes the operation system that user logins first, has to the obligation of single-sign-on authentication center stores user login information.
As shown in Figure 4, the present embodiment provides a kind of single-node login system, comprising: user browser, one or more operation system and single-sign-on authentication center, wherein:
Operation system, for after receiving the user's who does not login in described operation system Operational Visit, to user browser, send the instruction of the log-on message of obtaining described user, user browser by described user obtains described user's log-on message to single-sign-on authentication center, if got, utilize described log-on message automatically to complete described user's login process, and notify described user browser to show the page after login;
User browser, for obtaining after user's the instruction of log-on message receiving described operation system, to single-sign-on authentication center, send the request of the log-on message of obtaining described user, and the described user's that described single-sign-on authentication center is returned log-on message is passed to described operation system, after receiving described operation system notice, show the page after login;
Single-sign-on authentication center, after the request receiving described user browser, in the log-on message of user described in local search, if inquire, returns to described operation system by the described user's who inquires log-on message by described user browser.
For scene (2), user has logined other operation systems, directly at browser, inputs the network address of described operation system, conduct interviews, for this scene:
Described operation system is obtained the Redirect Address that carries described operation system in described user's the instruction of log-on message;
Described user browser obtains in described user's the request of log-on message and carries described user's global session ID and the Redirect Address of described operation system;
Described single-sign-on authentication center, for after the request that receives described user browser, in the log-on message of user described in local search, if inquire, the described user's who inquires log-on message is returned to described operation system by described user browser, comprising:
Described single-sign-on authentication center, for judging whether to exist the global session corresponding with described user's global session ID, if existed, according to the session information of the global session corresponding with described user's global session ID, described user's log-on message is redirected to described operation system by described user browser, Redirect Address is the Redirect Address of described operation system, and described session information comprises described user's log-on message.
In addition, in the instruction that described operation system sends, also carry the sign of operation system, by user browser, the sign of this operation system is carried at and in request, sends to single-sign-on authentication center, described single-sign-on authentication center is for carrying out authentication to carrying the request of the sign of operation system, and judgement is the request which system is sent.
In addition, for scene (1) and (3), user is not in other operation system logins, directly at browser, input the network address of described operation system, conduct interviews, and, user is not in other operation system logins, user's access service system A, not when operation system A logins, the link of the upper described operation system embedding of click-to-call service system A, conducts interviews, for these two kinds of scenes, also there is the situation of not obtaining described user's log-on message from single-sign-on authentication center in described operation system:
Described operation system is obtained the Redirect Address that carries described operation system in described user's the instruction of log-on message;
Described user browser obtains the Redirect Address that only carries described operation system in described user's the request of log-on message;
Described single-sign-on authentication center, also for when judgement described request is not carried user's global session ID, inquiry is less than described user's log-on message, the result of obtaining user login information failure is redirected to described operation system to the Redirect Address that Redirect Address is described operation system by described user browser;
The global session ID that does not carry user in described request illustrates that this user did not have other operation systems logins at single-node login system before the described operation system of login, therefore, in single-sign-on authentication center, there is no to set up for this user the record of global session, so be not this user assignment global session ID, just can not store this user's log-on message yet yet.
Described user browser, also for the result of obtaining user login information failure that described single-sign-on authentication center is returned, be redirected to described operation system, and after receiving the instruction that turns back to the current browsing pages of user that described operation system sends, show current browsing pages;
Described operation system, also sends for obtaining the result of user login information failure described in basis the instruction that turns back to corresponding browsing pages to described user browser.
In addition, for scene (2), user is when logining certain operation system in single-node login system first, this operation system can preserve log-on message by user browser request single-sign-on authentication center, so that the operation system login of user in single-node login system can get this user's log-on message, wherein:
Certain operation system in the single-node login system that described user logins first, for when the login authentication by described user, to described user browser, send the instruction of the log-on message of the described user of storage when this operation system is logined, the log-on message by user described in single-sign-on authentication center stores described in described user browser request when this operation system is logined;
Described user browser, also after the instruction for the log-on message when receiving described certain operation system request and store described user in this operation system login, to described single-sign-on authentication center, send the request of the log-on message of the described user of storage when this operation system login;
This user, when browsing before described operation system in certain operation system login, preserves this user's log-on message;
Described single-sign-on authentication center, after the request receiving described user browser, the log-on message by described user when this operation system login is stored.
Particularly, described certain operation system is stored Redirect Address and the operation system sign that carries certain operation system in described single-node login system in the instruction of the log-on message of described user when the login of this operation system;
Described user browser is stored the log-on message when this operation system login of Redirect Address, operation system sign and described user that carries described certain operation system in the request of the log-on message of described user when the login of this operation system;
Described single-sign-on authentication center, after the request receiving described user browser, the log-on message by described user when this operation system login is stored, and comprising:
Described single-sign-on authentication center receives after described request, generate the global session of described user when this operation system login, and be that this user is at this login behavior configuration global session ID of single-sign-on authentication center, in the session information of described global session, preserve operation system sign and the log-on message of described user when this operation system login of described certain operation system, and described global session ID is back to described user browser, and be redirected to described certain operation system by described user browser, Redirect Address is the Redirect Address of described certain operation system,
Described user browser, also for the global session ID receiving and preserve the described user that described single-sign-on authentication center returns, and passes to described certain operation system.
From above-described embodiment, can find out, with respect to prior art, the single-point logging method providing in above-described embodiment and system, for carry the scene of access service system without authentication information, make operation system there is the function of active inquiry user login information, realized the single-sign-on under this scene, more met user's Internet service use habit, perfect single-sign-on mechanism.
One of ordinary skill in the art will appreciate that all or part of step in said method can come instruction related hardware to complete by program, described program can be stored in computer-readable recording medium, as read-only memory, disk or CD etc.Alternatively, all or part of step of above-described embodiment also can realize with one or more integrated circuits.Correspondingly, each the module/unit in above-described embodiment can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.The present invention is not restricted to the combination of the hardware and software of any particular form.
The foregoing is only the preferred embodiments of the present invention, be not intended to limit protection scope of the present invention.According to summary of the invention of the present invention; also can there be other various embodiments; in the situation that not deviating from spirit of the present invention and essence thereof; those of ordinary skill in the art are when making according to the present invention various corresponding changes and distortion; within the spirit and principles in the present invention all; any modification of doing, be equal to replacement, improvement etc., within protection scope of the present invention all should be included in.

Claims (10)

1.一种单点登录方法,包括:1. A single sign-on method comprising: 业务系统接收到未在所述业务系统登录的用户的业务访问后,所述业务系统通过所述用户的用户浏览器向单点登录认证中心获取该用户的登录信息,如果获取到,则所述业务系统利用所述登录信息自动完成所述用户的登录处理,通知所述用户浏览器显示登录后的页面。After the service system receives a service visit from a user who has not logged in the service system, the service system obtains the user's login information from the single sign-on authentication center through the user browser of the user, and if obtained, the The service system uses the login information to automatically complete the login process of the user, and notifies the user's browser to display a page after login. 2.如权利要求1所述的方法,其特征在于:2. The method of claim 1, wherein: 所述业务系统通过所述用户的用户浏览器向单点登录认证中心获取所述用户的登录信息,包括:The business system obtains the user's login information from the single sign-on authentication center through the user's user browser, including: 所述业务系统向所述用户的用户浏览器发送获取所述用户的登录信息的指令,所述指令中携带有所述业务系统的重定向地址;The business system sends an instruction to obtain the user's login information to the user browser of the user, and the instruction carries a redirection address of the business system; 所述用户浏览器向所述单点登录认证中心发送获取所述用户的登录信息的请求,所述请求中携带有所述用户的全局会话ID和所述业务系统的重定向地址;The user browser sends a request to obtain the user's login information to the single sign-on authentication center, and the request carries the user's global session ID and the redirection address of the service system; 所述单点登录认证中心判断是否存在与所述用户的全局会话ID对应的全局会话,如果存在,则根据与所述用户的全局会话ID对应的全局会话的会话信息,将所述用户的登录信息通过所述用户浏览器重定向给所述业务系统,重定向地址为所述业务系统的重定向地址,所述会话信息包括所述用户的登录信息。The single sign-on authentication center judges whether there is a global session corresponding to the global session ID of the user, and if it exists, according to the session information of the global session corresponding to the global session ID of the user, the user's login The information is redirected to the service system through the user browser, the redirection address is the redirection address of the service system, and the session information includes the login information of the user. 3.如权利要求1所述的方法,其特征在于:所述方法还包括:3. The method according to claim 1, characterized in that: the method further comprises: 所述业务系统通过所述用户的用户浏览器向单点登录认证中心获取所述用户的登录信息,包括:The business system obtains the user's login information from the single sign-on authentication center through the user's user browser, including: 所述业务系统向所述用户的用户浏览器发送获取所述用户的登录信息的指令,所述指令中携带有所述业务系统的重定向地址;The business system sends an instruction to obtain the user's login information to the user browser of the user, and the instruction carries a redirection address of the business system; 所述用户浏览器向所述单点登录认证中心发送获取所述用户的登录信息的请求,所述请求中仅携带有所述业务系统的重定向地址;The user browser sends a request to obtain the user's login information to the single sign-on authentication center, and the request only carries the redirection address of the business system; 所述单点登录认证中心当判断所述请求中未携带用户的全局会话ID时,则所述单点登录认证中心将获取用户登录信息失败的结果通过所述用户浏览器重定向给所述业务系统,重定向地址为所述业务系统的重定向地址;When the single sign-on authentication center judges that the request does not carry the user's global session ID, the single sign-on authentication center redirects the result of failing to obtain the user's login information to the service provider via the user browser. system, the redirection address is the redirection address of the business system; 所述方法还包括:如果没有获取到,则所述业务系统根据所述获取用户登录信息失败的结果向所述用户浏览器发出返回到用户当前浏览页面的指令;所述用户浏览器显示当前浏览页面。The method further includes: if not obtained, the business system sends an instruction to the user browser to return to the user's current browsing page according to the result of the failure to obtain the user login information; the user browser displays the currently browsed page page. 4.如权利要求1所述的方法,其特征在于:在所述业务系统通过所述用户浏览器向单点登录认证中心获取所述用户的登录信息之前,所述方法还包括:4. The method according to claim 1, wherein before the business system obtains the user's login information from the single sign-on authentication center through the user browser, the method further comprises: 在所述用户首次登录单点登录系统内的某个业务系统时,所述某个业务系统通过所述用户浏览器请求所述单点登录认证中心存储所述用户在该业务系统登录时的登录信息。When the user logs into a certain business system in the single sign-on system for the first time, the certain business system requests the single sign-on authentication center through the user browser to store the login of the user when the business system logs in information. 5.如权利要求4所述的方法,其特征在于:5. The method of claim 4, wherein: 所述某个业务系统通过所述用户浏览器请求所述单点登录认证中心存储所述用户在该业务系统登录时的登录信息,包括:The certain business system requests the single sign-on authentication center through the user browser to store the login information of the user when logging in to the business system, including: 所述某个业务系统在通过所述用户的登录认证时,向所述用户浏览器发送存储所述用户在该业务系统登录时的登录信息的指令,所述指令中携带有所述某个业务系统的重定向地址和业务系统标识;When the certain service system passes the login authentication of the user, it sends an instruction to the user browser to store the login information of the user when the service system logs in, and the instruction carries the information of the certain service System redirection address and business system identification; 所述用户浏览器向所述单点登录认证中心发送存储所述用户在该业务系统登录时的登录信息的请求,所述请求中携带有所述某个业务系统的重定向地址、业务系统标识以及所述用户通过登录认证时的登录信息;The user browser sends a request to the single sign-on authentication center to store the login information of the user when logging in to the business system, and the request carries the redirection address and the business system identifier of the certain business system And the login information when the user passes the login authentication; 所述单点登录认证中心收到所述请求后,生成所述用户在该业务系统登录时的全局会话,并为该用户在单点登录认证中心的本次登录行为配置全局会话ID,在所述全局会话的会话信息中保存所述某个业务系统的业务系统标识和所述用户在该业务系统登录时的登录信息,并将所述全局会话ID返回至所述用户浏览器,并通过所述用户浏览器重定向给所述某个业务系统,重定向地址为所述某个业务系统的重定向地址。After the single sign-on authentication center receives the request, it generates a global session for the user when logging in to the business system, and configures a global session ID for the user's current login behavior in the single sign-on authentication center, and in the Save the business system identifier of the certain business system and the login information of the user when logging in the business system in the session information of the global session, and return the global session ID to the user browser, and pass the The user browser is redirected to the certain business system, and the redirection address is the redirection address of the certain business system. 6.一种单点登录系统,包括:6. A single sign-on system comprising: 业务系统,用于在接收到未在所述业务系统登录的用户的业务访问后,向用户浏览器发送获取所述用户的登录信息的指令,通过所述用户的用户浏览器向单点登录认证中心获取所述用户的登录信息,如果获取到,则利用所述登录信息自动完成所述用户的登录处理,并通知所述用户浏览器显示登录后的页面;The business system is configured to, after receiving a business visit from a user who has not logged in the business system, send an instruction to obtain the user's login information to the user browser, and authenticate the single sign-on through the user browser of the user The center obtains the login information of the user, and if obtained, uses the login information to automatically complete the login processing of the user, and notifies the user that the browser displays the logged-in page; 用户浏览器,用于在接收到所述业务系统获取用户的登录信息的指令后,向单点登录认证中心发送获取所述用户的登录信息的请求,并将所述单点登录认证中心返回的所述用户的登录信息传递至所述业务系统,在收到所述业务系统通知后显示登录后的页面;The user browser is configured to send a request to obtain the user's login information to the single sign-on authentication center after receiving the instruction from the business system to obtain the user's login information, and send the request returned by the single sign-on authentication center The user's login information is transmitted to the business system, and the logged-in page is displayed after receiving the notification from the business system; 单点登录认证中心,用于在接收到所述用户浏览器的请求后,在本地查询所述用户的登录信息,若查询到,则将查询到的所述用户的登录信息通过所述用户浏览器返回给所述业务系统。The single sign-on authentication center is used to query the login information of the user locally after receiving the request from the user browser, and if found, browse the query login information of the user through the user The server returns to the business system. 7.如权利要求6所述的系统,其特征在于:7. The system of claim 6, wherein: 所述业务系统获取所述用户的登录信息的指令中携带有所述业务系统的重定向地址;The instruction for the business system to obtain the user's login information carries the redirection address of the business system; 所述用户浏览器获取所述用户的登录信息的请求中携带有所述用户的全局会话ID和所述业务系统的重定向地址;The user browser's request to obtain the user's login information carries the user's global session ID and the redirection address of the service system; 所述单点登录认证中心,用于在接收到所述用户浏览器的请求后,在本地查询所述用户的登录信息,若查询到,将查询到的所述用户的登录信息通过所述用户浏览器返回给所述业务系统,包括:The single sign-on authentication center is configured to query the login information of the user locally after receiving the request from the user browser, and if found, pass the query login information of the user through the user The browser returns to the business system, including: 所述单点登录认证中心,用于判断是否存在与所述用户的全局会话ID对应的全局会话,如果存在,则根据与所述用户的全局会话ID对应的全局会话的会话信息,将所述用户的登录信息通过所述用户浏览器重定向给所述业务系统,重定向地址为所述业务系统的重定向地址,所述会话信息包括所述用户的登录信息。The single sign-on authentication center is used to judge whether there is a global session corresponding to the global session ID of the user, and if it exists, according to the session information of the global session corresponding to the global session ID of the user, the The user's login information is redirected to the service system through the user browser, the redirection address is the redirection address of the service system, and the session information includes the user's login information. 8.如权利要求6所述的系统,其特征在于:8. The system of claim 6, wherein: 所述业务系统获取所述用户的登录信息的指令中携带有所述业务系统的重定向地址;The instruction for the business system to obtain the user's login information carries the redirection address of the business system; 所述用户浏览器获取所述用户的登录信息的请求中仅携带有所述业务系统的重定向地址;The user browser's request to obtain the user's login information only carries the redirection address of the business system; 所述单点登录认证中心,还用于当判断所述请求中未携带用户的全局会话ID时,查询不到所述用户的登录信息,则将获取用户登录信息失败的结果通过所述用户浏览器重定向给所述业务系统,重定向地址为所述业务系统的重定向地址;The single sign-on authentication center is further configured to, when it is judged that the request does not carry the user's global session ID, and the user's login information cannot be queried, then the result of failing to obtain the user's login information is browsed by the user. The device is redirected to the business system, and the redirection address is the redirection address of the business system; 所述用户浏览器,还用于将所述单点登录认证中心返回的获取用户登录信息失败的结果重定向给所述业务系统,并在接收到所述业务系统发出的返回到用户当前浏览页面的指令后,显示当前浏览页面;The user browser is also used to redirect the result of failure to obtain user login information returned by the single sign-on authentication center to the business system, and return to the user's current browsing page after receiving the message sent by the business system. After the command, display the current browsing page; 所述业务系统,还用于根据所述获取用户登录信息失败的结果向所述用户浏览器发出返回到相应浏览页面的指令。The service system is further configured to send an instruction to the user browser to return to the corresponding browsing page according to the result of the failure to acquire the user login information. 9.如权利要求7所述的系统,其特征在于:还包括用户首次登录的单点登录系统内的某个业务系统;其中:9. The system according to claim 7, characterized in that: it also includes a certain business system in the single sign-on system where the user logs in for the first time; wherein: 所述用户首次登录的单点登录系统内的某个业务系统,用于在通过所述用户的登录认证时,向所述用户浏览器发送存储所述用户在该业务系统登录时的登录信息的指令,通过所述用户浏览器请求所述单点登录认证中心存储所述用户在该业务系统登录时的登录信息;A business system in the single sign-on system that the user logs in for the first time is configured to send to the user browser a message that stores the login information of the user when logging in to the business system when the user's login authentication is passed. An instruction, requesting the single sign-on authentication center to store the login information of the user when logging in to the business system through the user browser; 所述用户浏览器,还用于在接收到所述某个业务系统请求存储所述用户在该业务系统登录时的登录信息的指令后,向所述单点登录认证中心发送存储所述用户在该业务系统登录时的登录信息的请求;The user browser is further configured to, after receiving an instruction from the certain business system requesting to store the login information of the user when logging in to the business system, send to the single sign-on authentication center the A request for login information when logging into the business system; 所述单点登录认证中心,用于在接收到所述用户浏览器的请求后,将所述用户在该业务系统登录时的登录信息进行存储。The single sign-on authentication center is configured to store the login information of the user when logging in to the business system after receiving the request from the user's browser. 10.如权利要求9所述的系统,其特征在于:10. The system of claim 9, wherein: 所述某个业务系统存储所述用户在该业务系统登录时的登录信息的指令中携带有所述单点登录系统内某个业务系统的重定向地址和业务系统标识;The instruction for the certain business system to store the login information of the user when logging in the business system carries the redirection address and the business system identifier of a certain business system in the single sign-on system; 所述用户浏览器存储所述用户在该业务系统登录时的登录信息的请求中携带有所述某个业务系统的重定向地址、业务系统标识以及所述用户在该业务系统登录时的登录信息;The user browser's request for storing the user's login information when logging in to the business system carries the redirection address of the certain business system, the business system identifier, and the user's login information when logging in to the business system ; 所述单点登录认证中心,用于在接收到所述用户浏览器的请求后,将所述用户在该业务系统登录时的登录信息进行存储,包括:The single sign-on authentication center is used to store the login information of the user when logging in to the business system after receiving the request from the user browser, including: 所述单点登录认证中心收到所述请求后,生成所述用户在该业务系统登录时的全局会话,并为该用户在单点登录认证中心的本次登录行为配置全局会话ID,在所述全局会话的会话信息中保存所述某个业务系统的业务系统标识和所述用户在该业务系统登录时的登录信息,并将所述全局会话ID返回至所述用户浏览器,并通过所述用户浏览器重定向给所述某个业务系统,重定向地址为所述某个业务系统的重定向地址;After the single sign-on authentication center receives the request, it generates a global session for the user when logging in to the business system, and configures a global session ID for the user's current login behavior in the single sign-on authentication center, and in the Save the business system identifier of the certain business system and the login information of the user when logging in the business system in the session information of the global session, and return the global session ID to the user browser, and pass the The user browser is redirected to the certain business system, and the redirection address is the redirection address of the certain business system; 所述用户浏览器,还用于在接收并保存所述单点登录认证中心返回的所述用户的全局会话ID,并传递给所述某个业务系统。The user browser is further configured to receive and save the user's global session ID returned by the single sign-on authentication center, and pass it to the certain service system.
CN201410422428.5A 2014-08-25 2014-08-25 A kind of single-point logging method and system Active CN104158818B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410422428.5A CN104158818B (en) 2014-08-25 2014-08-25 A kind of single-point logging method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410422428.5A CN104158818B (en) 2014-08-25 2014-08-25 A kind of single-point logging method and system

Publications (2)

Publication Number Publication Date
CN104158818A true CN104158818A (en) 2014-11-19
CN104158818B CN104158818B (en) 2018-09-11

Family

ID=51884223

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410422428.5A Active CN104158818B (en) 2014-08-25 2014-08-25 A kind of single-point logging method and system

Country Status (1)

Country Link
CN (1) CN104158818B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105592031A (en) * 2014-11-25 2016-05-18 中国银联股份有限公司 User login method and system based on identity authentication
CN106331042A (en) * 2015-07-01 2017-01-11 阿里巴巴集团控股有限公司 Single sign-on method and device for heterogeneous user system
CN106899615A (en) * 2017-04-18 2017-06-27 北京思特奇信息技术股份有限公司 A kind of single sign-on authentication method and system
CN107040543A (en) * 2017-04-26 2017-08-11 努比亚技术有限公司 Single-point logging method, terminal and storage medium
CN108289101A (en) * 2018-01-25 2018-07-17 中企动力科技股份有限公司 Information processing method and device
CN109145039A (en) * 2017-12-25 2019-01-04 北极星云空间技术股份有限公司 A method of the UI suitable for federalism workflow composing is bridged
CN109729045A (en) * 2017-10-30 2019-05-07 腾讯科技(深圳)有限公司 Single-point logging method, system, server and storage medium
CN110213356A (en) * 2019-05-21 2019-09-06 深圳壹账通智能科技有限公司 A kind of login process method and relevant device based on data processing
CN110336828A (en) * 2019-07-15 2019-10-15 中国联合网络通信集团有限公司 A kind of information synchronization method and first server
CN110765443A (en) * 2019-10-24 2020-02-07 深圳前海环融联易信息科技服务有限公司 Single sign-on method and device, computer equipment and storage medium
CN112632491A (en) * 2020-12-15 2021-04-09 读书郎教育科技有限公司 Method for realizing account system shared by multiple information systems
CN113011695A (en) * 2020-10-20 2021-06-22 上海仪电鑫森科技发展有限公司 Big data ecological environment system based on SOA technology
CN114238927A (en) * 2021-12-07 2022-03-25 中国建设银行股份有限公司 Business system login method, system, device, computer equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101026481A (en) * 2006-02-21 2007-08-29 华为技术有限公司 Integrated user safety management method and device
CN102857484A (en) * 2011-07-01 2013-01-02 阿里巴巴集团控股有限公司 Method, system and device for implementing single sign-on

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101026481A (en) * 2006-02-21 2007-08-29 华为技术有限公司 Integrated user safety management method and device
CN102857484A (en) * 2011-07-01 2013-01-02 阿里巴巴集团控股有限公司 Method, system and device for implementing single sign-on

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105592031A (en) * 2014-11-25 2016-05-18 中国银联股份有限公司 User login method and system based on identity authentication
CN106331042B (en) * 2015-07-01 2020-04-07 阿里巴巴集团控股有限公司 Single sign-on method and device for heterogeneous user system
CN106331042A (en) * 2015-07-01 2017-01-11 阿里巴巴集团控股有限公司 Single sign-on method and device for heterogeneous user system
CN106899615A (en) * 2017-04-18 2017-06-27 北京思特奇信息技术股份有限公司 A kind of single sign-on authentication method and system
CN107040543A (en) * 2017-04-26 2017-08-11 努比亚技术有限公司 Single-point logging method, terminal and storage medium
CN109729045A (en) * 2017-10-30 2019-05-07 腾讯科技(深圳)有限公司 Single-point logging method, system, server and storage medium
CN109729045B (en) * 2017-10-30 2021-01-05 腾讯科技(深圳)有限公司 Single sign-on method, system, server and storage medium
CN109145039B (en) * 2017-12-25 2022-01-28 北极星云空间技术股份有限公司 UI bridging method suitable for federal workflow integration
CN109145039A (en) * 2017-12-25 2019-01-04 北极星云空间技术股份有限公司 A method of the UI suitable for federalism workflow composing is bridged
CN108289101B (en) * 2018-01-25 2021-02-12 中企动力科技股份有限公司 Information processing method and device
CN108289101A (en) * 2018-01-25 2018-07-17 中企动力科技股份有限公司 Information processing method and device
CN110213356A (en) * 2019-05-21 2019-09-06 深圳壹账通智能科技有限公司 A kind of login process method and relevant device based on data processing
CN110213356B (en) * 2019-05-21 2021-11-12 深圳壹账通智能科技有限公司 Login processing method based on data processing and related equipment
CN110336828A (en) * 2019-07-15 2019-10-15 中国联合网络通信集团有限公司 A kind of information synchronization method and first server
CN110765443A (en) * 2019-10-24 2020-02-07 深圳前海环融联易信息科技服务有限公司 Single sign-on method and device, computer equipment and storage medium
CN113011695A (en) * 2020-10-20 2021-06-22 上海仪电鑫森科技发展有限公司 Big data ecological environment system based on SOA technology
CN112632491A (en) * 2020-12-15 2021-04-09 读书郎教育科技有限公司 Method for realizing account system shared by multiple information systems
CN114238927A (en) * 2021-12-07 2022-03-25 中国建设银行股份有限公司 Business system login method, system, device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN104158818B (en) 2018-09-11

Similar Documents

Publication Publication Date Title
CN104158818A (en) Single sign-on method and system
US20240333701A1 (en) Secure authentication for accessing remote resources
US10581827B2 (en) Using application level authentication for network login
CN103023918B (en) The mthods, systems and devices logged in are provided for multiple network services are unified
EP3203709B1 (en) Cloud service server and method for managing cloud service server
CN103051630B (en) Method, the Apparatus and system of third-party application mandate is realized based on open platform
US8843758B2 (en) Migrating authenticated content towards content consumer
US9584615B2 (en) Redirecting access requests to an authorized server system for a cloud service
JP4729651B2 (en) Authentication apparatus, authentication method, and authentication program implementing the method
CN103023893B (en) Access online resources using the resource transfer platform
KR20200135458A (en) Location-based access to controlled access resources
CN109635550B (en) Permission verification method, gateway and system for cluster data
CN110300133A (en) Cross-domain data transmission method, apparatus, equipment and storage medium
CN105592035A (en) Single sign on method used for multiple application systems
CN101764808A (en) Authentication processing method and system for automatic login as well as server
CN106254319B (en) Light application login control method and device
WO2016188224A1 (en) Service authorization method, apparatus, system and router
CN114338078B (en) A CS client login method and device
CN103607410B (en) A kind of contents access method and equipment
CN103634111B (en) Single-point logging method and system and single sign-on client-side
CN103888540A (en) Login information synchronization method, synchronized network servers and synchronizing network servers
CN105991640A (en) Method for processing HTTP (hypertext transfer protocol) request and apparatus for processing HTTP (hypertext transfer protocol) request
KR20200002680A (en) Single-sign-on method and system for multi-domain services
US20190222582A1 (en) Decentralized method of tracking user login status
CN115664761A (en) Single sign-on method and device, electronic equipment and readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant