System and method for realizing single-point login

Abstract

The method comprises: user sends a jump request with its identification information and the website B address expected to login to the authentication server from a website A already logged in; the authentication server receives the jump request and generate a random cipher, and then generates the user ID information, random cipher and destination website B address, and then saves them; the user ID information, random cipher, destination website B address are returned to the website A; the website A redirects the user's browser to the destination website B, and transmits the user ID information, random cipher, and destination website B address to the authentication server through user and website B; the authentication server makes search to decide if there is a identical user's ID information, destination website B address and random cipher sent from the website B; if yes, then returning a successfully login sign to the website B, and permitting user login. The system thereof comprises: the website A already logged on and the website expected to log in.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a system and method for realizing single sign-on. Background technique [0002] With the popularization of Internet applications, more and more people begin to use the services provided on the Internet. However, the server and system architecture of each website, such as network domain names, include websites with different root domain names or multiple subdomain websites under the same root domain name. , The respective service logics are independent of each other, when users use the services provided by the website, they need to register separately before logging in. Therefore, as the user's network identities increase, the user needs to remember a large number of user names and passwords, causing a burden on the user's memory. At the same time, frequent input of user names and passwords also increases the possibility of the password being cracked. Therefore, for the conv...

AI Technical Summary

Problems solved by technology

Since one of the times used for comparison is the time of the authentication server and the other is the time of the serving website, it is required that the time between the authentication server and each website must be synchronized. If it is not synchronized, the current time of website B will be subtracted from the time of the timestamp Too long or too short, too long, the possibility of the authentication information being intercepted to deceive the legal identity increases, too short, it will lead to the failure of the legal identity to log in, and the time synchronization is difficult to control, resulting in large coupling

[0005] To sum up, in the prior art, in order to improve security, high-speed encryption and decryption components need to be configured in the authentication server, the initial cost is high, and the high-strength encryption algorithm is complex and time-consuming, which contradicts the real-time performance of website services; and requires The time of each website and authentication server should be as consistent as possible, with strong coupling

Images