CN106453396A - Double token account login method and login verification device - Google Patents
Double token account login method and login verification device Download PDFInfo
- Publication number
- CN106453396A CN106453396A CN201611014792.3A CN201611014792A CN106453396A CN 106453396 A CN106453396 A CN 106453396A CN 201611014792 A CN201611014792 A CN 201611014792A CN 106453396 A CN106453396 A CN 106453396A
- Authority
- CN
- China
- Prior art keywords
- token
- user
- session token
- session
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000012795 verification Methods 0.000 title claims abstract description 18
- 230000007774 longterm Effects 0.000 claims abstract description 25
- 230000002045 lasting effect Effects 0.000 claims description 46
- 230000005540 biological transmission Effects 0.000 claims description 3
- 235000013399 edible fruits Nutrition 0.000 claims 1
- 230000002085 persistent effect Effects 0.000 abstract 3
- 230000000694 effects Effects 0.000 description 6
- 235000014510 cooky Nutrition 0.000 description 5
- 230000006399 behavior Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000008570 general process Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a double token account login method and a login verification device. The method comprises the following steps: according to whether a user login request includes a long-term login request, generating a session token and a persistent token, or only generating the session token; receiving a content request of a user; and judging whether the content request includes the session token, if yes, carrying out verification on the session token, if no, judging whether the persistent token is included and generating a new session token by employing the persistent token; the method disclosed by the invention further comprises the step of updating a time of the session token. According to the double token account login method and the login verification device disclosed by the invention, as a token verification manner is adopted, the information stored in a client is irrelevant to user sensitive information; even through the client information is got, the authentication information of the user still cannot be obtained; as a double token mechanism is adopted, the user login friendliness is improved; the user authentication information all only can be stored at a server and user sensitive businesses all can be accessed after passing through a uniform verification center, so not only is the security guaranteed, but the friendliness of user use is also improved.
Description
Technical field
The present invention relates to Internet technical field, particularly, is related to a kind of using close friend, double token account logon methods
And device.
Background technology
In prior art, Internet technology has more and more intervened daily life, and user is needed in mobile phone or electricity
Various websites or APP application are frequently logged on brain, and the method for various logins should meet safety, and meeting user again makes
Convenience.
Current conventional account login mode includes several as follows:
First kind of way, login is only effective within a period of time, most one days, more than this period, access same site
Need to log in again.
The second way is that website can allow user select to log in permanently effective, generally one month this effect duration,
During this, which kind of situation accesses current site all without the need for logging in again.
The third mode be logged on permanently effective, but website can be determined according to the liveness of user user whether need weight
New login.
Above-mentioned scheme haves the shortcomings that as follows:
1. safety and two aspect of user friendly are all short of consideration
The first login mode is just all short of consideration at this two aspects.First, using this login mode effect duration ratio
Shorter, severe needs to frequently enter user name password using the user of this website and is logged in, although modern browser all may be used
To remember that account and password conveniently can log in, but still needing to click on login button is logged in, and account and password quilt
Browser is remembered and there is risk;After this kind of mode is logged in again, can be in subscription client kind one and User logs in phase
Cookie, the cookie of pass is exactly a file, once this file is obtained by other users, can do station before the deadline
Point does any business.
2. user friendly has been looked after, but Information Security is poor
Second login mode is exactly the Typical Representative of this kind of situation, once user click permanently effective, then log in
In month afterwards, user need not be input into username and password and be logged in, and the interactive friendly of user is obtained really
Look after;But the safety of this kind of mode is poor, because the cookie file for producing in client after logging in easily is stolen by tripartite,
Once stealing service end to perceive, only customer complaint allows service side's manual intervention or wait login to expire.
3. the problem of secure context is take into account, has lacked user friendly
The general process of the third login mode is as follows, and although user has logged in website, but because has other things one
The section time is without any access or other behaviors on this website, and website is because user no accesses in being provided with a period of time
In the case of access site users again and no matter do any access and be required for the rule that logs in again, although at this moment log in cookie
Effectively but still need to log in again, this mode safety is that have certain guarantee, but user friendly is inadequate.
Content of the invention
It is an object of the invention to a kind of pair of token account logon method and device is proposed, to solve user friendly and peace
The contradiction of full property.
For reaching this purpose, the present invention is employed the following technical solutions:
A kind of pair of token account logon method, comprises the steps:
Step 110:Receive user login authentication is asked, and contains the accounts information of user in login authentication request;
Step 120:Judge whether comprising long-term logging request in User logs in request, if there are the long-term login
Request, then generate session token (session token) and lasting token (long-term token), otherwise only generates session token (session
token);
Step 130:The token for generating in the step 120 is sent to user, and User logs in is allowed, send follow-up letter
Breath.
Preferably, step 140:The content requests of receive user, carry in the content requests that user obtains is all
Token;
Step 150:Judge whether comprising session token in the content requests, if there are session token, then to the session
Token is verified, if the verification passes, then enters step 160, if without session token, is judged whether comprising persistently order
Board, if there are lasting token, then verifies to the lasting token, if the verification passes, then generates new session token, go forward side by side
Enter step 160, otherwise authentication failed, again login authentication;
Step 160:Token after checking is updated is sent to user, and allows User logs in, sends follow-up.
Preferably, in step 150, if it is determined that have session token, and session token checking does not pass through, then proceed to persistently
Token authentication.
Preferably, after step 150, it is allowed to before User logs in, also include step 155, logical in session token checking
Later, or persistently token authentication passes through, and after generating new session token, all the expired time of session token is updated.
Preferably, after step 150, it is allowed to before User logs in, can also be according to the needs of institute's accession page, it is desirable to
User re-enters user and password and carries out secondary checking.
The invention also discloses a kind of pair of token Account Logon verifies device, it is characterised in that include:
First receiver module:Ask for receive user login authentication, in login authentication request, contain the account of user
Information;
First judge module:For judging whether comprising long-term logging request in User logs in request, if
Long-term logging request is stated, then session token (session token) and lasting token (long-term token) is generated, otherwise only generate session
Token (session token);
First sending module:For the token for generating in the step 120 being sent to user, and allowing User logs in, sends out
Send follow-up.
Preferably, the second receiver module:For the content requests of receive user, user is carried in the content requests and obtain
The all of token for arriving;
Second judge module:For judging in the content requests whether comprising session token, if there are session token, then
The session token is verified, if the verification passes, then using the second sending module, it is allowed to User logs in, sends follow-up letter
Breath, if without session token, judges whether comprising lasting token, if there are lasting token, then the lasting token is carried out
Checking, if the verification passes, then generates new session token, and utilizes the second sending module, it is allowed to User logs in, send follow-up
Information, otherwise authentication failed, login authentication again;
Second sending module:Token after checking is updated is sent to user, and allows User logs in, sends follow-up letter
Breath.
Preferably, second judge module, if it is determined that have session token, and session token checking does not pass through, then turn
Enter lasting token authentication.
Preferably, also include update module, after session token is verified, or persistently token authentication passes through, and generates
After new session token, the expired time of session token is updated.
Preferably for second judge module, it is allowed to before User logs in, always according to the needs of institute's accession page,
It is required that user re-enters user and password and carries out secondary checking.
The present invention have selected the mode of token authentication, and the information of client storage is unrelated with user sensitive information, and
In the case of taking client-side information, the authentication information of user cannot be still obtained.When user selects long-term login, using double
The mechanism of token, it is ensured that generate session token all the time within a period of time, and in the higher service of safety, still select defeated
Access customer name and password, all user authentication informations all can only be stored in server end, and all user's sensitive traffic are required for leading to
Cross and can just access after unifying authentication center, system can friendly identifying user be passively to log in or be actively entered authentication information
Login afterwards, both ensure that safety, improve the friendly that user uses again.
Description of the drawings
Fig. 1 is the flow chart of one embodiment of the double token login methods according to the specific embodiment of the invention;
Fig. 2 is the flow chart of another embodiment of the double token login methods according to the specific embodiment of the invention;
Fig. 3 is the module map of the double token login authentication devices according to the specific embodiment of the invention.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment that states is used only for explaining the present invention, rather than limitation of the invention.It also should be noted that, in order to just
Part related to the present invention rather than entire infrastructure is illustrate only in description, accompanying drawing.
The invention provides a kind of using close friend, and the higher double token account logon methods of safety and device,
Referring to Fig. 1, one embodiment of the double token login methods according to the specific embodiment of the invention is shown:
Step 110:Receive user login authentication is asked, and contains the accounts information of user in login authentication request;
In the present embodiment, the step represents according to the accounts information of user name, password etc., user thinks that server is sent out
User log-in authentication request is played, and service end have received the user log-in authentication request.
The step is generally used for user always without logged current site, and website shows the login page of standard, comprising
The page of the input frame of username and password and other identifying codes etc;And user can select direct login, it is also possible to select
The mode of later stage automated log on is selected, that such as " remembers me " etc chooses.
Step 120:Judge whether comprising long-term logging request in User logs in request, if there are the long-term login
Request, then generate session token (session token) and lasting token (long-term token), otherwise only generates session token (session
token);
In the present embodiment, the step represents service end for judging the time length of User logs in request, for example, user
Choice box of such as " remembeing me " can be chosen, is logged in request for a long time, if user does not choose such as and " remembers me " and select
Frame, then the User logs in request does not include long-term logging request, then being merely representative of carries out the login of short-term.Please according to different
Ask, the token difference of generation, session token is only used for determining whether the login of short-term, such as several hours, or whether
Website or APP is exited, when through corresponding event, or after exiting website, then session token then fails;And lasting token is then
The long-term login of permission, such as 1 month.Wherein session token and lasting token all with the information association such as the account of user, and
Caching is in the server.
Step 130:The token for generating in the step 120 is sent to user, and User logs in is allowed, send follow-up letter
Breath.
In the present embodiment, the step represents after user's initial authentication success, and service end sends corresponding token, and allows
User logs in.
Therefore, using the method, session token is only saved in client, and whether carry out the lasting of lasting login
Token, above- mentioned information is unrelated with the sensitive information of user, even if taking the information of client, cannot also obtain the certification letter of user
Breath.
Further, another reality of the double token login methods according to the specific embodiment of the invention, referring to Fig. 2, is shown
Apply example:
Step 140:Receive the content requests of user, in the content requests, carry all of token that user obtains;
In the present embodiment, the step represents after service end enters token in client kind, and user accesses any of website
Content, is required for carrying corresponding token and conversates checking.
Step 150:Judge, whether comprising session token in the content requests, if there are session token, then to conversate
Token authentication, for example, corresponding for this session token value (Value) is compared with value in caching server, if checking
Pass through, then step 160 is entered, if without session token, judge whether comprising lasting token, if there are lasting token, then
Lasting token authentication is carried out, for example, this lasting token corresponding value (Value) is compared with value in caching server,
If the verification passes, then new session token is generated, and step 160 is entered, otherwise authentication failed, again login authentication.
In the present embodiment, the step represents after session token and lasting token all plant client, and user accesses
Any content of website is required for first doing session authentication service, and only session authentication is desired access to by can just go access user afterwards
Content.Represent whether user logs in for a long time by lasting token.After session token fails, conversational services can be according to persistently order
Board is generating new session token, and session token at this time is marked as passive session token, expression be by after logging in
The token for holding request and generating, first logs into session token (the session order of the token alternatively referred to as active of generation with difference
Board).
Step 160:Token after checking is updated is sent to user, and allows User logs in, sends follow-up.
In the present embodiment, the step represents the token after checking renewal, only can include to first log into the master of generation
Dynamic session token, it is also possible to including lasting token and newly-generated passive session token.
Further, in step 150, if it is determined that have session token, and session token checking does not pass through, then proceed to and hold
Long token authentication.
So, in any token authentication, mechanism of remedying ensures to carry out lasting token authentication, to ensure all the time can
Judge whether user has chosen " remembeing me ", select long-term login.
Further, after step 150, it is allowed to before User logs in, also include step 155, verify in session token
By rear, or persistently token authentication passes through, and after generating new session token, all the expired time of session token is carried out more
Newly.
The step can also be verified in session token, only the expired time of the session token after checking is carried out more
Newly, this is passed through due to lasting token authentication, and the expired time for generating new session token is newest, need not be updated.
It will be appreciated by those skilled in the art that above-mentioned deformation effect is the same.
In the present embodiment, the step represents session token before the deadline, and its effect duration can be with the continuous visit of user
Ask and elapse backward, so as to allow user to access all the time.
Additionally, after step 150, it is allowed to before User logs in, can also be according to the needs of institute's accession page, it is desirable to use
Family is re-entered user and password and carries out secondary checking.
In the present embodiment, the step represents can need flexible arrangement re-authentication according to safe class demand.
Now, service end can require after new passive session token is only generated to carry out secondary checking, it is also possible to
The either session token checking of active, or generate new passive session token, be required to user re-enter user and
Password carries out secondary checking.So, though the cookie file equipped with two tokens be stolen also it does not matter whether, equal energy
Enough ensure the safety of system and the access of concerning security matters business.
Therefore, embodiments in accordance with the present invention, all authentication informations of user all can only be stored in server end;All are used
Family sensitive traffic is required for just accessing after unified authentication center, and system can by identification be passive log in or
It is actively entered the login after authentication information.
In order to make it easy to understand, entering to double token account logon methods of the present invention below by specific application scenarios
Row description:
As a example by it have selected " remembeing me ", illustrate.User logs in some websites, " remembeing me ", logging request is sent,
Then now, after service end receives logging request, judge there is long-term logging request, according to user account and password, generate session
Token and lasting token, and User logs in is allowed, after User logs in, after carrying out any other page or service request,
It is required to conversate the service for checking credentials, when session token is also within effect duration, service using the session token that obtains
End can then be continued to access, and update the expired time of the session token to the session token checking if the verification passes, and will
Session token after renewal returns to user, it is ensured that user can carry out follow-up access;If checking does not pass through, finding is
No have lasting token, if also without lasting token, authentication failed, it is impossible to continues to access.If session token is due to exceeding
The scheduled time and after failing, then directly carry out the checking of lasting token, if the persistently authentication failed of token, cannot continue to visit
Ask, need username and password is re-entered, if persistently token authentication passes through, regenerate new session token (quite
In passive session token), it is allowed to continue to access, and the session token after renewal is returned to user, it is ensured that user can enter
The follow-up access of row.
If, the option of user's non-selected " remembeing me ", User logs in some websites, " remembeing me ", logging request is sent,
Then now, after service end receives logging request, judge there is no long-term logging request, according to user account and password, only generate
Session token, and User logs in is allowed, after User logs in, after carrying out any other page or service request, it is required to
Conversated the service for checking credentials using the session token for obtaining, when session token is also within effect duration, service end can
To the session token checking, then continue if the verification passes to access, and the expired time of the session token is updated, and after updating
Session token return to user, it is ensured that user can carry out follow-up access;If checking does not pass through, look for whether to hold
Long token, due to without lasting token, then authentication failed, it is impossible to continue to access.If session token is due to exceeding the scheduled time
And after failing, then the checking of lasting token is directly carried out, and due to without lasting token, then authentication failed.
Wherein it is possible to call SESSIONS that interface is generated, active session token and lasting token is generated, so can be called to add
Close active session token and/or lasting token, and the content after encryption is returned to client by json.
Therefore, the present invention have selected the mode of token authentication, and the information of client storage is unrelated with user sensitive information, and
In the case of client-side information is taken, the authentication information of user cannot be still obtained.When user selects long-term login, adopt
Mechanism with double tokens, it is ensured that generate session token all the time within a period of time, and in the higher service of safety, still select
Input username and password is selected, all user authentication informations all can only be stored in server end, all user's sensitive traffic are all needed
Can just be accessed after unified authentication center, system can friendly identifying user be passively to log in or be actively entered certification
Login after information, both ensure that safety, improve the friendly that user uses again.
Below double token Account Logon checking device of the present invention is described in detail, refers to Fig. 3, in the figure 1 it is shown that root
According to double token account authentication devices of the specific embodiment of the invention, the device is arranged on server end, and what user was sent is various
Logging request, or content requests are verified.
A kind of pair of token Account Logon verifies device, including:
First receiver module 210:Ask for receive user login authentication, in login authentication request, contain the account of user
Family information;
First judge module 220:For judging whether include long-term logging request in User logs in request, if there are
The long-term logging request, then generate session token (session token) and lasting token (long-term token), otherwise only generates meeting
Words token (session token);
First sending module 230:For the token for generating in the step 120 being sent to user, and allow User logs in,
Send follow-up.
Further, also include the second receiver module 240:For the content requests of receive user, in the content requests
Carry all of token that user obtains;
Second judge module 250:For judging, whether comprising session token in the content requests, to make if there are session
Board, then verify to the session token, if the verification passes, then using the second sending module, it is allowed to User logs in, after transmission
Continuous information, if without session token, judges whether comprising lasting token, if there are lasting token, then to the lasting token
Verified, if the verification passes, then new session token is generated, and utilizes the second sending module, it is allowed to User logs in, send
Follow-up, otherwise authentication failed, login authentication again;
Second sending module 260:Token after checking is updated is sent to user, and allows User logs in, after transmission
Continuous information.
Further, second judge module 250, if it is determined that have session token, and session token checking does not pass through,
Lasting token authentication is then proceeded to.
Further, also include update module 255, after session token is verified, or persistently token authentication passes through,
After generating new session token, the expired time of session token is updated.
Further, for second judge module 250, it is allowed to before User logs in, always according to institute's accession page
Need, it is desirable to which user re-enters user and password and carries out secondary checking.
Obviously, it will be understood by those skilled in the art that each unit of the above-mentioned present invention or each step can be with general
Computing device is realizing, and they can concentrate on single computing device, alternatively, and they can be executable with computer installation
Program code realizing, such that it is able to be stored in storage device being executed by computing device, or by they point
Each integrated circuit modules is not fabricated to, or the multiple modules in them or step are fabricated to single integrated circuit module
Realize.So, the present invention is not restricted to the combination of any specific hardware and software.
Above content is further description made for the present invention with reference to specific preferred implementation, it is impossible to assert
The specific embodiment of the present invention is only limitted to this, for general technical staff of the technical field of the invention, is not taking off
On the premise of present inventive concept, some simple deduction or replace can also be made, the present invention should be all considered as belonging to by institute
Claims of submission determine protection domain.
Claims (10)
1. a kind of pair of token account logon method, comprises the steps:
Step 110:Receive user login authentication is asked, and contains the accounts information of user in login authentication request;
Step 120:Judge whether comprising long-term logging request in User logs in request, please if there are the long-term login
Ask, then session token (session token) and lasting token (long-term token) is generated, otherwise only generate session token (session
token);
Step 130:The token for generating in the step 120 is sent to user, and User logs in is allowed, send follow-up.
2. according to claim 1 pair of token account logon method, it is characterised in that:
Step 140:The content requests of receive user, carry all of token that user obtains in the content requests;
Step 150:Judge whether comprising session token in the content requests, if there are session token, then to the session token
Verified, if the verification passes, then step 160 entered, if without session token, judge whether comprising lasting token,
If there are lasting token, then the lasting token is verified, if the verification passes, then new session token is generated, and is entered
Step 160, otherwise authentication failed, login authentication again;
Step 160:Token after checking is updated is sent to user, and allows User logs in, sends follow-up.
3. according to claim 2 pair of token account logon method, it is characterised in that:
In step 150, if it is determined that have session token, and session token checking does not pass through, then proceed to lasting token authentication.
4. according to claim 2 pair of token account logon method, it is characterised in that:
After step 150, it is allowed to before User logs in, also include step 155, after session token is verified, Huo Zhechi
Token authentication passes through long, after generating new session token, all the expired time of session token is updated.
5. according to claim 2 pair of token account logon method, it is characterised in that:
After step 150, it is allowed to before User logs in, can also be according to the needs of institute's accession page, it is desirable to which user is again defeated
Access customer and password carry out secondary checking.
6. a kind of pair of token Account Logon verifies device, it is characterised in that include:
First receiver module:Ask for receive user login authentication, in login authentication request, contain the accounts information of user;
First judge module:For judging whether comprising long-term logging request in User logs in request, if there are the length
Phase logging request, then generate session token (session token) and lasting token (long-term token), otherwise only generates session token
(session token);
First sending module:For the token for generating in the step 120 being sent to user, and allow User logs in, after transmission
Continuous information.
7. according to claim 6 pair of token Account Logon verifies device, it is characterised in that:
Second receiver module:For the content requests of receive user, carry in the content requests that user obtains is all of
Token;
Second judge module:For judging whether comprising session token in the content requests, if there are session token, then to this
Session token is verified, if the verification passes, then using the second sending module, it is allowed to User logs in, sends follow-up, such as
Fruit does not have session token, then judge whether comprising lasting token, if there are lasting token, then the lasting token is verified,
If the verification passes, then new session token is generated, and utilizes the second sending module, it is allowed to User logs in, follow-up is sent,
Otherwise authentication failed, login authentication again;
Second sending module:Token after checking is updated is sent to user, and allows User logs in, sends follow-up.
8. according to claim 7 pair of token Account Logon verifies device, it is characterised in that:
Second judge module, if it is determined that have session token, and session token checking does not pass through, then proceed to lasting token and test
Card.
9. according to claim 7 pair of token Account Logon verifies device, it is characterised in that:
Also include update module, after session token is verified, or persistently token authentication passes through, and generates new session token
Afterwards, the expired time of session token is updated.
10. according to claim 7 pair of token Account Logon verifies device, it is characterised in that:
For second judge module, it is allowed to before User logs in, always according to the needs of institute's accession page, it is desirable to which user is again
Input user and password carry out secondary checking.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611014792.3A CN106453396A (en) | 2016-11-18 | 2016-11-18 | Double token account login method and login verification device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611014792.3A CN106453396A (en) | 2016-11-18 | 2016-11-18 | Double token account login method and login verification device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106453396A true CN106453396A (en) | 2017-02-22 |
Family
ID=58220254
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611014792.3A Pending CN106453396A (en) | 2016-11-18 | 2016-11-18 | Double token account login method and login verification device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106453396A (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109218326A (en) * | 2018-10-10 | 2019-01-15 | 广州虎牙信息科技有限公司 | Login validation method, device, storage medium and server |
| CN109379192A (en) * | 2018-09-21 | 2019-02-22 | 广州小鹏汽车科技有限公司 | A kind of login authentication processing method, system and device |
| CN109413053A (en) * | 2018-10-09 | 2019-03-01 | 四川长虹电器股份有限公司 | A kind of method of User Status verifying in service grid environment |
| CN111092864A (en) * | 2019-11-29 | 2020-05-01 | 苏州浪潮智能科技有限公司 | Session protection method, device, equipment and readable storage medium |
| CN111698264A (en) * | 2020-06-28 | 2020-09-22 | 京东数字科技控股有限公司 | Method and apparatus for maintaining user authentication sessions |
| CN112422528A (en) * | 2020-11-03 | 2021-02-26 | 北京锐安科技有限公司 | Client login method, device, system, electronic equipment and storage medium |
| CN112491778A (en) * | 2019-09-11 | 2021-03-12 | 北京京东尚科信息技术有限公司 | Authentication method, device, system and medium |
| CN112688773A (en) * | 2019-10-17 | 2021-04-20 | 浙江大搜车软件技术有限公司 | Token generation and verification method and device |
| CN113839966A (en) * | 2021-11-26 | 2021-12-24 | 北京慧点科技有限公司 | Security management system based on micro-service |
| CN115664660A (en) * | 2022-10-31 | 2023-01-31 | 上海中通吉网络技术有限公司 | Method, device, equipment and system for keeping communication token of mobile terminal |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102231716A (en) * | 2011-06-30 | 2011-11-02 | 重庆新媒农信科技有限公司 | Instant communication service login method |
| CN102611709A (en) * | 2012-03-31 | 2012-07-25 | 奇智软件(北京)有限公司 | Access control method and system for third party resources |
| CN103457738A (en) * | 2013-08-30 | 2013-12-18 | 优视科技有限公司 | Method and system for login processing based on browser |
| CN103491084A (en) * | 2013-09-17 | 2014-01-01 | 天脉聚源(北京)传媒科技有限公司 | Authentication processing method and device of client side |
| US20140075513A1 (en) * | 2012-09-10 | 2014-03-13 | Adobe Systems Incorporated | Device token protocol for authorization and persistent authentication shared across applications |
| US20150007299A1 (en) * | 2012-09-19 | 2015-01-01 | Secureauth Corporation | Mobile multifactor single-sign-on authentication |
| CN104702562A (en) * | 2013-12-05 | 2015-06-10 | 中国电信股份有限公司 | Terminal fusion service access method, terminal fusion service access system, and terminal |
| CN105516134A (en) * | 2015-12-08 | 2016-04-20 | 浪潮(北京)电子信息产业有限公司 | Authentication method and system for system integration |
| CN105744518A (en) * | 2015-04-24 | 2016-07-06 | 维沃移动通信有限公司 | Wireless connection authentication method and device |
-
2016
- 2016-11-18 CN CN201611014792.3A patent/CN106453396A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102231716A (en) * | 2011-06-30 | 2011-11-02 | 重庆新媒农信科技有限公司 | Instant communication service login method |
| CN102611709A (en) * | 2012-03-31 | 2012-07-25 | 奇智软件(北京)有限公司 | Access control method and system for third party resources |
| US20140075513A1 (en) * | 2012-09-10 | 2014-03-13 | Adobe Systems Incorporated | Device token protocol for authorization and persistent authentication shared across applications |
| US20150007299A1 (en) * | 2012-09-19 | 2015-01-01 | Secureauth Corporation | Mobile multifactor single-sign-on authentication |
| CN103457738A (en) * | 2013-08-30 | 2013-12-18 | 优视科技有限公司 | Method and system for login processing based on browser |
| CN103491084A (en) * | 2013-09-17 | 2014-01-01 | 天脉聚源(北京)传媒科技有限公司 | Authentication processing method and device of client side |
| CN104702562A (en) * | 2013-12-05 | 2015-06-10 | 中国电信股份有限公司 | Terminal fusion service access method, terminal fusion service access system, and terminal |
| CN105744518A (en) * | 2015-04-24 | 2016-07-06 | 维沃移动通信有限公司 | Wireless connection authentication method and device |
| CN105516134A (en) * | 2015-12-08 | 2016-04-20 | 浪潮(北京)电子信息产业有限公司 | Authentication method and system for system integration |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109379192A (en) * | 2018-09-21 | 2019-02-22 | 广州小鹏汽车科技有限公司 | A kind of login authentication processing method, system and device |
| CN109413053A (en) * | 2018-10-09 | 2019-03-01 | 四川长虹电器股份有限公司 | A kind of method of User Status verifying in service grid environment |
| CN109413053B (en) * | 2018-10-09 | 2021-10-29 | 四川长虹电器股份有限公司 | Method for user state verification in service grid |
| CN109218326A (en) * | 2018-10-10 | 2019-01-15 | 广州虎牙信息科技有限公司 | Login validation method, device, storage medium and server |
| CN112491778A (en) * | 2019-09-11 | 2021-03-12 | 北京京东尚科信息技术有限公司 | Authentication method, device, system and medium |
| CN112688773A (en) * | 2019-10-17 | 2021-04-20 | 浙江大搜车软件技术有限公司 | Token generation and verification method and device |
| CN111092864A (en) * | 2019-11-29 | 2020-05-01 | 苏州浪潮智能科技有限公司 | Session protection method, device, equipment and readable storage medium |
| CN111698264A (en) * | 2020-06-28 | 2020-09-22 | 京东数字科技控股有限公司 | Method and apparatus for maintaining user authentication sessions |
| CN112422528A (en) * | 2020-11-03 | 2021-02-26 | 北京锐安科技有限公司 | Client login method, device, system, electronic equipment and storage medium |
| CN112422528B (en) * | 2020-11-03 | 2022-10-14 | 北京锐安科技有限公司 | Client login method, device, system, electronic equipment and storage medium |
| CN113839966A (en) * | 2021-11-26 | 2021-12-24 | 北京慧点科技有限公司 | Security management system based on micro-service |
| CN113839966B (en) * | 2021-11-26 | 2022-02-22 | 北京慧点科技有限公司 | Security management system based on micro-service |
| CN115664660A (en) * | 2022-10-31 | 2023-01-31 | 上海中通吉网络技术有限公司 | Method, device, equipment and system for keeping communication token of mobile terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106453396A (en) | Double token account login method and login verification device | |
| CN109309683B (en) | Token-based client identity authentication method and system | |
| US12063208B2 (en) | Single sign-on for unmanaged mobile devices | |
| US10652282B2 (en) | Brokered authentication with risk sharing | |
| US8898752B2 (en) | Efficiently throttling user authentication | |
| US9300653B1 (en) | Delivery of authentication information to a RESTful service using token validation scheme | |
| US10171448B2 (en) | Single sign-on for unmanaged mobile devices | |
| US8141140B2 (en) | Methods and systems for single sign on with dynamic authentication levels | |
| US9391978B2 (en) | Multiple access authentication | |
| US7716469B2 (en) | Method and system for providing a circle of trust on a network | |
| CN109815656A (en) | Login authentication method, apparatus, device, and computer-readable storage medium | |
| US11356261B2 (en) | Apparatus and methods for secure access to remote content | |
| CN111062023B (en) | Method and device for realizing single sign-on of multi-application system | |
| US9143501B2 (en) | Reauthentication to a web service without disruption | |
| US20100077467A1 (en) | Authentication service for seamless application operation | |
| CN102469075A (en) | Integrated authentication method based on WEB single sign-on | |
| US20170279798A1 (en) | Multi-factor authentication system and method | |
| CN113742676A (en) | Login management method, device, server, system and storage medium | |
| US10601809B2 (en) | System and method for providing a certificate by way of a browser extension | |
| CN106161348A (en) | A single sign-on method, system and terminal | |
| CN110365684A (en) | Access control method, device and the electronic equipment of application cluster | |
| CN111371725A (en) | Method for improving security of session mechanism, terminal equipment and storage medium | |
| CN103634111B (en) | Single-point logging method and system and single sign-on client-side | |
| JP2018037025A (en) | Program, authentication system and authentication linkage system | |
| US12388656B2 (en) | Systems methods and devices for dynamic authentication and identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170222 |