[go: up one dir, main page]

CN110765445B - Method and device for processing request - Google Patents

Method and device for processing request Download PDF

Info

Publication number
CN110765445B
CN110765445B CN201910948890.1A CN201910948890A CN110765445B CN 110765445 B CN110765445 B CN 110765445B CN 201910948890 A CN201910948890 A CN 201910948890A CN 110765445 B CN110765445 B CN 110765445B
Authority
CN
China
Prior art keywords
password
user
self
software
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910948890.1A
Other languages
Chinese (zh)
Other versions
CN110765445A (en
Inventor
吕文栋
薛佳梅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN201910948890.1A priority Critical patent/CN110765445B/en
Publication of CN110765445A publication Critical patent/CN110765445A/en
Application granted granted Critical
Publication of CN110765445B publication Critical patent/CN110765445B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for processing a request, and relates to the technical field of computers. One embodiment of the method comprises: receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password; after the first authentication is passed, if a second password matched with the first user name is obtained, a second authentication system is called to carry out second authentication on the first user name and the second password; and after the second authentication is passed, controlling the user terminal to access the software corresponding to the request. The embodiment improves the experience degree of the user.

Description

Method and device for processing request
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and an apparatus for processing a request.
Background
Currently, some non-self-bootstrapped software needs to be integrated in an application system including a plurality of self-bootstrapped software, but the non-self-bootstrapped software is difficult to adapt to the authentication system of the self-bootstrapped software. Therefore, the user needs to input the user name and the password twice to pass the authentication of the authentication system of the self-research software and the authentication system of the non-self-research software, so that the non-self-research software in the application system can be used.
In the process of implementing the invention, the inventor finds that at least the following problems exist in the prior art:
first, the user needs to input the user name and password twice, and the user experience is poor.
Secondly, to realize that the user can use the non-self-study software in the application system by one-time input, the authentication system of the self-study software needs to be changed into the authentication system of the non-self-study software, or the authentication system of the non-self-study software needs to be changed into the authentication system of the self-study software, and the change workload is very huge. Moreover, for security reasons, the authentication system of the self-study software cannot be the authentication system of the non-self-study software.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for processing a request, which improve user experience.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided a method of processing a request.
The method for processing the request of the embodiment of the invention comprises the following steps:
receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password;
after the first authentication is passed, if a second password matched with the first username is obtained, a second authentication system is called to carry out second authentication on the first username and the second password;
and after the second authentication is passed, controlling the user terminal to access the software corresponding to the request.
In one embodiment, before receiving the request sent by the user terminal, the method comprises:
acquiring a second user name and a third password set by the user, and sending the second user name and the third password to the first authentication system;
if the user has the authority, generating the second password according to the second user name;
and matching and storing the second user name and the second password in a database, and sending the second user name and the second password to the second authentication system.
In one embodiment, obtaining the second password matching the first username comprises:
querying the database whether the first username is stored;
if so, controlling the user terminal to display an icon of the software corresponding to the request;
and in the case of receiving an instruction for opening the software corresponding to the request, acquiring the second password stored in match with the first user name from the database.
In one embodiment, the software corresponding to the request includes: open source software or closed source software.
In one embodiment, invoking a first authentication system to perform a first authentication on the first username and the first password comprises:
sending the first username and the first password to the first authentication system;
receiving a result returned by the first authentication system;
and if the first user name is the same as the second user name and the first password is the same as the third password, the result is passed.
To achieve the above object, according to another aspect of an embodiment of the present invention, there is provided an apparatus for processing a request.
The device for processing the request of the embodiment of the invention comprises:
the first processing unit is used for receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password;
the second processing unit is used for calling a second authentication system to carry out second authentication on the first user name and the second password if the second password matched with the first user name is obtained after the first authentication is passed;
and the control unit is used for controlling the user terminal to access the software corresponding to the request after the second authentication is passed.
In one embodiment, the first processing unit is to:
before receiving a request sent by a user terminal, acquiring a second user name and a third password set by a user, and sending the second user name and the third password to the first authentication system;
if the user has the authority, generating the second password according to the second user name;
and matching and storing the second username and the second password in a database, and sending the second username and the second password to the second authentication system.
In one embodiment, the second processing unit is to:
querying the database whether the first username is stored;
if so, controlling the user terminal to display an icon of the software corresponding to the request;
and in the case of receiving an instruction for opening the software corresponding to the request, acquiring the second password stored in match with the first user name from the database.
In one embodiment, the software corresponding to the request includes: open source software or closed source software.
In one embodiment, the first processing unit is to:
sending the first username and the first password to the first authentication system;
receiving a result returned by the first authentication system;
and if the first user name is the same as the second user name and the first password is the same as the third password, the result is passed.
To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided an electronic apparatus.
An electronic device of an embodiment of the present invention includes: one or more processors; the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors are enabled to realize the method for processing the request provided by the embodiment of the invention.
To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided a computer-readable medium.
A computer-readable medium of an embodiment of the present invention stores thereon a computer program, which when executed by a processor implements the method for processing a request provided by an embodiment of the present invention.
One embodiment of the above invention has the following advantages or benefits: receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by a user, and calling a first authentication system to perform first authentication on the first username and the first password; after the first authentication is passed, if a second password matched with the first username is obtained, a second authentication system is called to carry out second authentication on the first username and the second password; and after the second authentication is passed, controlling the user terminal to access the software corresponding to the request. The second password is acquired and the second authentication system is called to automatically perform the second authentication, so that the software can be used by one-time input of a user on the premise of not increasing workload and ensuring safety, and the experience degree of the user is improved.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a schematic diagram of a main flow of a method of processing a request according to an embodiment of the invention;
FIG. 2 is an application scenario of a method of processing a request according to another embodiment of the present invention;
FIG. 3 is a schematic diagram of the main elements of an apparatus for processing requests according to an embodiment of the present invention;
FIG. 4 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 5 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
In the current big data era, various data analysis software comes into endless, each data analysis software has its own authentication system, and after the data analysis software is integrated into an application system, it means that a user needs to input the data analysis software twice, the process of using the software by the user is complex, the data analysis software is not very friendly to the user, and the user experience is poor.
To solve the problems in the prior art, an embodiment of the present invention provides a method for processing a request. As shown in fig. 1, the method includes:
step S101, receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password.
In this step, when the user wants to use the non-self-study software in the application system, the user inputs the first username and the first password to the user terminal.
The user terminal generates a login request according to a first user name and a first password input by the user, and sends the login request to the server side applied in the embodiment of the invention.
The server applied in the embodiment of the invention receives the login request, analyzes the first user name and the first password input by the user from the login request, and calls the first authentication system to authenticate the first user name and the first password.
The process of invoking the first authentication system to authenticate the first username and the first password is described in detail below, and will not be described herein again.
And step S102, after the first authentication is passed, if a second password matched with the first username is obtained, calling a second authentication system to perform second authentication on the first username and the second password.
In this step, invoking a second authentication system to perform a second authentication on the first username and the second password, including: the server side applied in the embodiment of the invention calls the application programming interface of the second authentication system, sends the first user name and the second password to the second authentication system and receives the result returned by the second authentication system.
It should be understood that if the user has the authority, the database stores the second username set by the user and the second password generated according to the second username in a matching manner, and the second authentication system also stores the second username and the second password. If the second password matched with the first user name is obtained and the second password is obtained from the database, the first user name is inevitably the same as the second user name, and the result returned by the second authentication system is inevitably passed. If the result returned by the second authentication system is failure, the source code of the second authentication system has a problem.
In addition, the details of obtaining the second password matching the first username are described in detail below, and are not described herein again.
And step S103, after the second authentication is passed, controlling the user terminal to access the software corresponding to the request.
In this step, in implementation, after the result returned by the second authentication system is passed, the user terminal is controlled to access the non-self-developed software in the application system. The non-self-study software can be data mining software or data analysis software and the like. The non-self-study software for controlling the user terminal to access the application system is described in detail below, and will not be described herein again.
In the embodiment of the present invention, before receiving a request sent by a user terminal, the method includes:
acquiring a second user name and a third password set by the user, and sending the second user name and the third password to the first authentication system;
if the user has the authority, generating the second password according to the second user name;
and matching and storing the second username and the second password in a database, and sending the second username and the second password to the second authentication system.
In this embodiment, in implementation, before the user uses non-bootstrap software (the non-bootstrap software is not software developed by the application system owner) or bootstrap software (the bootstrap software is software developed by the application system owner) for the first time, the user needs to set the second username and the third password, and input the second username and the third password set by the user to the user terminal through the login portal.
It should be understood that the premises that the user can use the self-developed software are: the first authentication system stores the second user name and the third password of the user, and the user can use non-self-study software on the premise that: the first authentication system stores a second username and a third password of the user, and the second authentication system stores the second username and the second password of the user.
It should be noted that the user may be a bank worker. In addition, the user terminal may be a mobile phone, a notebook computer, a desktop computer, or the like. The second password may be an encrypted password.
The user terminal splices the user permission level, the second user name set by the user and the third password into a registration request and sends the registration request to the server side applied in the embodiment of the invention.
The server side applied in the embodiment of the invention receives the registration request and analyzes the user permission level, the second user name and the third password from the registration request.
The server side applied in the embodiment of the invention determines that the user authority level is one level, and then sends the second user name and the third password to the first authentication system.
It should be noted that the first authentication system is an authentication system of self-developed software. In addition, the user authority level is one level, so that the user can only use self-development software in the application system and cannot use non-self-development software in the application system. The application system comprises self-research software and non-self-research software.
And the first authentication system stores the second user name and the third password in a matching way, and when the first authentication system is called, the stored second user name and the stored third password are used for authentication.
The server side applied in the embodiment of the invention determines that the user authority level is two-level, and then sends the second user name and the third password to the first authentication system; and generating a second password according to the second user name, matching and storing the second user name and the second password in an Oracle Database (which is called Oracle Database, oracle RDBMS and is a relational Database management system), and sending the second user name and the second password to a second authentication system.
It should be noted that the second authentication system is an authentication system of non-self-developed software, and the authentication system of non-self-developed software may adopt a Lightweight Directory Access Protocol (LDAP, which is a Directory-type data storage manner, similar to a database, used for storing data, but different from a commonly used relational database, and the storage manner of the relational database is different from that of the LDAP database) server, or may adopt other servers. In addition, the user authority level is two levels, so that the user can use the self-study software in the application system and can also use the non-self-study software in the application system.
It should be noted that the LDAP server is used as an authentication system of non-self-developed software, and from the technical point of view, the LDAP server is only used as a database. However, most of the authentication systems which are not self-developed software currently adopt the LDAP server instead of the common relational database because:
first, LDAP is an open standard protocol, supports cross-platform, provides a standard Application Programming Interface (API) for almost all Programming languages, and facilitates secondary development by developers.
Secondly, the storage of the LDAP is a tree structure, and any branch of the tree can be independently placed in a server for distributed management, so that the load balance of the LDAP server is facilitated, and the cross-domain deployment of the server is facilitated.
Similarly, the second authentication system stores the second username and the second password in a matching manner, and when the second authentication system is called, the stored second username and the second password are used for authentication.
The method for generating the second password according to the second username can comprise the following steps: information summarization Algorithm (MD 5 Message-Digest Algorithm, MD5 for short). Specifically, a password hash function in the message digest algorithm is used for calculating the second username to obtain a hash value, and the hash value is used as the second password. In addition, the second password is generated automatically by the server according to the second user name without human participation, so that the safety of the second password can be ensured.
It should be understood that for any user, the request made by the user can be processed according to the method provided by the embodiment of the invention. If the user has the authority, the user can use any self-research software and/or any non-self-research software in the application system; and the second user names set by the user and stored in the authentication system of each piece of non-self-study software are the same, and the stored second passwords are also the same. In addition, the authentication system of each self-study software in the application system is the same, and the authentication system of each non-self-study software in the application system can be the same or different.
In this embodiment, the second username and the third password set by the user are acquired, and the second username and the third password are sent to the first authentication system, so that the first authentication system can perform the first authentication. If the user has the authority, generating a second password according to the second user name; and matching and storing the second user name and the second password in a database, and sending the second user name and the second password to a second authentication system. Therefore, the second password can be acquired and the second authentication system can be called to automatically perform the second authentication, so that the software can be used by one-time input of a user on the premise of not increasing the workload and ensuring the safety, and the experience degree of the user is further improved.
In this embodiment of the present invention, acquiring the second password matched with the first username includes:
querying the database whether the first username is stored;
if so, controlling the user terminal to display an icon of the software corresponding to the request;
and in the case of receiving an instruction for opening the software corresponding to the request, acquiring the second password matched and stored with the first username from the database.
In this embodiment, in specific implementation, when the server applied in the embodiment of the present invention queries the database to store the first user name, the server controls the user terminal to display icons of all non-bootstrap software in the application system and icons of all bootstrap software in the application system.
Specifically, the server side applied in the embodiment of the present invention sends an instruction to the user terminal, where the instruction is used to enable the user terminal to display icons of all non-self-study software in the application system and icons of all self-study software in the application system. In addition, the software corresponding to the request is non-self-contained software, and the non-self-contained software comprises open source software or closed source software.
And if the user wants to use one of the non-self-study software, clicking the icon of the non-self-study software displayed on the user terminal.
The user terminal generates an instruction for opening the non-self-study software according to the clicking operation of the user, and sends the instruction for opening the non-self-study software to the server applied in the embodiment of the invention.
The server side applied by the embodiment of the invention receives the instruction of opening the non-self-study software and acquires the second password which is matched with the first user name and stored from the Oracle database.
In this embodiment, the database is queried as to whether the first username is stored; if so, controlling the user terminal to display an icon of the software corresponding to the request; and in the case of receiving an instruction for opening the software corresponding to the request, acquiring a second password stored in match with the first username from the database. Therefore, the second authentication is automatically carried out, the software corresponding to the request can be used by the user through one-time input on the premise of not increasing workload and ensuring safety, and the experience degree of the user is further improved.
In this embodiment of the present invention, the software corresponding to the request includes: open source software or closed source software.
In this embodiment, the software corresponding to the request includes open-source software or closed-source software, so that the open-source software or closed-source software can be used by the user through one-time input on the premise of not increasing workload and ensuring safety, and the experience of the user is further improved.
In the embodiment of the present invention, invoking a first authentication system to perform first authentication on the first username and the first password includes:
sending the first username and the first password to the first authentication system;
receiving a result returned by the first authentication system;
if the first user name is the same as the second user name and the first password is the same as the third password, the result is passed.
In this embodiment, in specific implementation, the server side applied in the embodiment of the present invention invokes an application programming interface of the first authentication system, and sends the first username and the first password to the first authentication system.
And the first authentication system determines that the first user name is the same as the second user name and the first password is the same as the third password, and the result returned by the first authentication system is a pass result.
And the first authentication system determines that the first user name is different from the second user name or the first password is different from the third password, and the result returned by the first authentication system is that the first user name is not passed.
After the first authentication fails, the server side applied in the embodiment of the present invention sends the prompt message that the user name or the password is wrong to the user terminal. The user terminal displays the prompt message.
In this embodiment, a first username and a first password are sent to a first authentication system; receiving a result returned by the first authentication system; and if the first user name is the same as the second user name and the first password is the same as the third password, the result is passed. Therefore, the first authentication system performs first authentication on the first username and the first password input by the user, so that the software can be used by the user through one-time input on the premise of not increasing workload and ensuring safety, and the experience degree of the user is further improved.
In order to solve the problems in the prior art, another embodiment of the present invention provides a method for processing a request, which is applied to a first service end. Any one of the servers can be used as the first server.
As shown in fig. 2, the following describes this embodiment with a specific example:
the first service end obtains a second user name (11) and a third password (22) set by the user a from the user a terminal, and sends the second user name (11) and the third password (22) to a first authentication system (a bank authentication system, namely an authentication system of self-research software).
The user a has no authority, and the first server does not generate a second password according to the second user name (11).
The first service end receives a request sent by a user a terminal, the request comprises a first user name (11) and a first password (22) input by the user a, and a bank authentication system is called to conduct first authentication on the first user name (11) and the first password (22).
The first user name (11) is the same as the second user name (11), and the first password (22) is the same as the third password (22), so that the result returned by the bank authentication system received by the first service end is a pass.
The first server queries whether the Oracle database stores the first user name (11), and since the user a has no authority, the first server queries that the Oracle database does not store the first user name (11), that is, the second password matched with the first user name cannot be obtained. The first server controls the user a terminal to display the icon of the self-study software.
And clicking the icon of the self-research software displayed on the user a terminal by the user a, accessing the self-research software by the user a terminal, and using the self-research software by the user a.
As shown in fig. 2, the embodiment is described below as another specific example:
the first service terminal obtains a second user name (33) and a third password (44) set by the user b from the user b terminal, and sends the second user name (33) and the third password (44) to the bank authentication system.
And the first server generates a second password (55) according to the second user name (33), the second user name (33) and the second password (55) are matched and stored in an Oracle database, and the second user name (33) and the second password (55) are sent to a second authentication system (LDAP server, namely an authentication system of open source software).
The first service end receives a request sent by a user b terminal, the request comprises a first username (33) and a first password (44) input by the user b, and a bank authentication system is called to perform first authentication on the first username (33) and the first password (44).
Since the first user name (33) is the same as the second user name (33) and the first password (44) is the same as the third password (44), the result returned by the bank authentication system received by the first service end is a pass.
The first server inquires whether the Oracle database stores the first user name (33), and the first server inquires the Oracle database to store the first user name (33) because the user b has the authority, and controls the user b terminal to display the icon of the open source software and the icon of the self-developed software.
And under the condition that the first server receives an instruction of opening the open source software, acquiring a second password (55) which is matched with the first user name (33) and stored from an Oracle database.
The first server calls the LDAP server to perform second authentication on the first user name (33) and the second password (55), and the LDAP server stores the second user name (33) and the second password (55), so that the user names are the same and the passwords are the same, and the result returned by the LDAP server received by the first server is a passing result.
Specifically, the first server calls an API of the LDAP server, sends a first user name (33) and a second password (55) to the LDAP server, receives a result returned by the LDAP server, and the result is a pass.
And the first server controls the user b terminal to access the open source software.
Specifically, the first server controls the user b terminal to display a main page of the open source software. The control process comprises the following steps: and the first server sends an instruction to the user b terminal, wherein the instruction is used for enabling the user b terminal to display the main page of the open source software.
It should be understood that the application may be a banking application, a housing accumulation application, or a social security application, among others.
The certification system of the self-research software is also a certification system developed by the application system.
For the use of open source software, the embodiment of the invention essentially performs authentication twice (namely, the first authentication and the second authentication), but because the second authentication is invisible to the user and performs authentication automatically, the single sign-on is realized from the user experience.
The embodiment of the invention does not need to modify the authentication system of self-developed software and the authentication system of open source software, has simple and easy implementation scheme, ensures the safety of the application system and simultaneously realizes the single sign-on of the user.
The method of handling the request is described above in connection with fig. 1 and 2. The apparatus for processing the request is described below with reference to fig. 3.
In order to solve the problems in the prior art, an embodiment of the present invention provides an apparatus for processing a request. As shown in fig. 3, the apparatus includes:
the first processing unit 301 is configured to receive a request sent by a user terminal, where the request includes a first username and a first password input by the user, and invoke a first authentication system to perform first authentication on the first username and the first password.
A second processing unit 302, configured to, after the first authentication is passed, if a second password matching the first username is obtained, invoke a second authentication system to perform a second authentication on the first username and the second password.
A control unit 303, configured to control the user terminal to access the software corresponding to the request after the second authentication passes.
In this embodiment of the present invention, the first processing unit 301 is configured to:
before receiving a request sent by a user terminal, acquiring a second user name and a third password set by the user, and sending the second user name and the third password to the first authentication system;
if the user has the authority, generating the second password according to the second user name;
and matching and storing the second user name and the second password in a database, and sending the second user name and the second password to the second authentication system.
In this embodiment of the present invention, the second processing unit 302 is configured to:
querying the database for storing the first username;
if so, controlling the user terminal to display an icon of the software corresponding to the request;
and in the case of receiving an instruction for opening the software corresponding to the request, acquiring the second password matched and stored with the first username from the database.
In this embodiment of the present invention, the software corresponding to the request includes: open source software or closed source software.
In this embodiment of the present invention, the first processing unit 301 is configured to:
sending the first username and the first password to the first authentication system;
receiving a result returned by the first authentication system;
if the first user name is the same as the second user name and the first password is the same as the third password, the result is passed.
It should be understood that the functions performed by the components of the apparatus for processing a request according to the embodiments of the present invention have been described in detail in the method for processing a request according to the above embodiments, and are not described herein again.
Fig. 4 illustrates an exemplary system architecture 400 of a method of processing a request or an apparatus for processing a request to which embodiments of the invention may be applied.
As shown in fig. 4, the system architecture 400 may include terminal devices 401, 402, 403, a network 404, and a server 405. The network 404 serves as a medium for providing communication links between the terminal devices 401, 402, 403 and the server 405. Network 404 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use terminal devices 401, 402, 403 to interact with a server 405 over a network 404 to receive or send messages or the like. The terminal devices 401, 402, 403 may have various messaging client applications installed thereon, such as shopping applications, web browser applications, search applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 401, 402, 403 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 405 may be a server providing various services, such as a background management server (for example only) providing support for shopping websites browsed by users using the terminal devices 401, 402, 403. The backend management server may analyze and perform other processing on the received data such as the product information query request, and feed back a processing result (for example, target push information, product information — just an example) to the terminal device.
It should be noted that the method for processing the request provided by the embodiment of the present invention is generally executed by the server 405, and accordingly, a device for processing the request is generally disposed in the server 405.
It should be understood that the number of terminal devices, networks, and servers in fig. 4 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 5, shown is a block diagram of a computer system 500 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the system 500 are also stored. The CPU 501, ROM 502, and RAM 503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. A drive 510 is also connected to the I/O interface 505 as needed. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted on the storage section 508 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 501.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present invention, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a unit, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software or hardware. The described units may also be provided in a processor, which may be described as: a processor includes a first processing unit, a second processing unit, and a control unit. The names of these units do not in some cases constitute a limitation to the unit itself, and for example, the control unit may be further described as "a unit that controls the user terminal to access the software corresponding to the request after the second authentication is passed".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password; after the first authentication is passed, if a second password matched with the first username is obtained, a second authentication system is called to carry out second authentication on the first username and the second password; and after the second authentication is passed, controlling the user terminal to access the software corresponding to the request.
According to the technical scheme of the embodiment of the invention, a request sent by a user terminal is received, the request comprises a first username and a first password input by a user, and a first authentication system is called to carry out first authentication on the first username and the first password; after the first authentication is passed, if a second password matched with the first username is obtained, a second authentication system is called to carry out second authentication on the first username and the second password; and after the second authentication is passed, controlling the user terminal to access the software corresponding to the request. The second password is acquired and the second authentication system is called to automatically perform the second authentication, so that the software can be used by one-time input of a user on the premise of not increasing workload and ensuring safety, and the experience degree of the user is improved.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (7)

1. A method for processing a request, a first authentication system being a self-contained software authentication system, a second authentication system being a non-self-contained software authentication system, comprising:
acquiring a second user name and a third password set by a user, and sending the second user name and the third password to a first authentication system;
if the user does not have the authority of accessing the non-self-study software, a second password is not generated according to the second user name; if the user has the authority of accessing the self-research software, generating a second password according to the second user name, matching and storing the second user name and the second password in a database, and sending the second user name and the second password to a second authentication system;
receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by a user, and calling a first authentication system to perform first authentication on the first username and the first password; if the first user name is the same as the second user name and the first password is the same as the third password, the first authentication is passed;
after the first authentication is passed, inquiring whether the database stores the first user name;
if the user terminal does not have the authority to access the self-study software, the user terminal is controlled to display icons of the self-study software and the self-study software corresponding to the request, under the condition that an instruction for opening the self-study software is received, a second password matched with the first user name is obtained from the database, and the second authentication system is called to carry out second authentication on the first user name and the second password; after the second authentication is passed, controlling the user terminal to access the non-self-study software corresponding to the request; or
If not, determining that the user does not have the authority of accessing the non-self-study software, controlling the user terminal to display the icon of the self-study software corresponding to the request, and controlling the user terminal to access the self-study software under the condition of receiving an instruction of opening the self-study software.
2. The method of claim 1, wherein said invoking the second authentication system for second authentication of the first username and the second password comprises:
and if the first user name is the same as the second user name and the first password is the same as the second password, the second authentication is passed.
3. The method of claim 1 or 2, wherein the non-self-contained software comprises: open source software or closed source software.
4. An apparatus for processing a request, a first authentication system being a self-contained software authentication system, a second authentication system being a non-self-contained software authentication system, comprising:
the first processing unit is used for acquiring a second user name and a third password set by a user and sending the second user name and the third password to a first authentication system;
if the user does not have the authority of accessing the non-self-study software, a second password is not generated according to the second user name; if the user has the authority of accessing the self-study software, generating a second password according to the second user name, matching and storing the second user name and the second password in a database, and sending the second user name and the second password to a second authentication system;
receiving a request sent by a user terminal, wherein the request comprises a first username and a first password input by the user, and calling a first authentication system to perform first authentication on the first username and the first password; if the first user name is the same as the second user name and the first password is the same as the third password, the first authentication is passed;
the second processing unit is used for inquiring whether the database stores the first user name or not after the first authentication is passed; if the user has the authority to access the non-self-study software, determining that the user has the authority to access the non-self-study software, controlling a user terminal to display icons of the non-self-study software and the self-study software corresponding to the request, acquiring a second password matched with the first user name from the database under the condition of receiving an instruction of opening the non-self-study software, and calling the second authentication system to perform second authentication on the first user name and the second password; if the inquiry is not made, determining that the user does not have the authority of accessing the non-self-study software, controlling the user terminal to display the icon of the self-study software corresponding to the request, and controlling the user terminal to access the self-study software under the condition of receiving an instruction of opening the self-study software;
and the control unit is used for controlling the user terminal to access the non-self-study software corresponding to the request after the second authentication is passed.
5. The apparatus of claim 4, wherein the first processing unit is configured to:
and if the first user name is the same as the second user name and the first password is the same as the second password, the second authentication is passed.
6. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-3.
7. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-3.
CN201910948890.1A 2019-10-08 2019-10-08 Method and device for processing request Active CN110765445B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910948890.1A CN110765445B (en) 2019-10-08 2019-10-08 Method and device for processing request

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910948890.1A CN110765445B (en) 2019-10-08 2019-10-08 Method and device for processing request

Publications (2)

Publication Number Publication Date
CN110765445A CN110765445A (en) 2020-02-07
CN110765445B true CN110765445B (en) 2023-02-10

Family

ID=69330994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910948890.1A Active CN110765445B (en) 2019-10-08 2019-10-08 Method and device for processing request

Country Status (1)

Country Link
CN (1) CN110765445B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113098975B (en) * 2021-04-16 2023-01-10 北京沃东天骏信息技术有限公司 Cross-platform application publishing method and device

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100534094C (en) * 2005-11-28 2009-08-26 王伟珣 System and method for one-click single sign-on of network application
CN101350717B (en) * 2007-07-18 2011-04-27 中国移动通信集团公司 A method and system for logging into a third-party server through instant messaging software
CN103297408B (en) * 2012-03-02 2016-04-06 腾讯科技(深圳)有限公司 Login method and device and terminal, the webserver
GB2513845B (en) * 2013-05-02 2015-06-10 Sony Comp Entertainment Europe Identification apparatus and method
CN103457954A (en) * 2013-09-11 2013-12-18 陈迪 Method and device for user password management
CN104346560B (en) * 2014-06-25 2017-06-16 腾讯科技(深圳)有限公司 A kind of safe verification method and device
CN105022628B (en) * 2015-06-04 2018-09-18 北京宏远贵德科技有限公司 A kind of expansible software application platform
CN106921616A (en) * 2015-12-24 2017-07-04 北京国双科技有限公司 A kind of single-point logging method and device
CN109492374B (en) * 2018-09-26 2022-03-18 平安医疗健康管理股份有限公司 System login method, device, server and storage medium based on identity authentication

Also Published As

Publication number Publication date
CN110765445A (en) 2020-02-07

Similar Documents

Publication Publication Date Title
US11924214B2 (en) Systems and methods for accessing cloud resources from a local development environment
US11627129B2 (en) Method and system for contextual access control
JP6707127B2 (en) Access server authenticity check initiated by end user
CN112039826B (en) Login method and device applied to applet end, electronic equipment and readable medium
EP3610623B1 (en) Protocol-level identity mapping
US11061667B1 (en) Selecting a version of an application
CN106874471B (en) Information push method and device
WO2021247451A1 (en) Application integration using multiple user identities
US11734408B2 (en) Remapping of uniform resource locators for accessing network applications
CN113572763B (en) Data processing method and device, electronic equipment and storage medium
CN113347206A (en) Network access method and device
US20200296085A1 (en) Oauth2 saml token service
CN113761566B (en) A data processing method and device
CN112202744B (en) Multi-system data communication method and device
CN114745164B (en) Service processing method, device, electronic equipment and computer readable medium
CN112966286B (en) Method, system, device and computer readable medium for user login
CN110765445B (en) Method and device for processing request
CN108763881A (en) Method and apparatus for controlling user right
CN112905990A (en) Access method, client, server and access system
US20240236078A9 (en) Logging in to modern workspaces using different cloud identity providers and single sign-on
CN112953719A (en) Token authentication method and device
CN111783044B (en) Method and device for sharing login state
CN112825094B (en) Data authority verification method and device
CN114091044A (en) System authority management method and device
WO2022094289A1 (en) Server-side anonymous identifier web service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20220923

Address after: 25 Financial Street, Xicheng District, Beijing 100033

Applicant after: CHINA CONSTRUCTION BANK Corp.

Address before: 25 Financial Street, Xicheng District, Beijing 100033

Applicant before: CHINA CONSTRUCTION BANK Corp.

Applicant before: Jianxin Financial Science and Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant