Cross-domain name single sign on and off method and system as well as corresponding equipment

A single-sign-on and single-point technology, applied in the field of network applications, can solve problems such as low efficiency, redundancy, and unsafe transmission of user information back and forth, and achieve the effect of improving login efficiency and efficiency

Active Publication Date: 2011-06-15
新方正控股发展有限责任公司 +2
View PDF0 Cites 55 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] In the process of realizing the above-mentioned cross-domain name SSO and logout, the inventors found that there are at least the following problems in the prior art: when the user SSO, the authentication center and the alliance application system have too many repeated authentication interactions, the process is cumbersome, and the It is not unsafe to pass user information back and forth as parameters; when the client sends a logout request, in addition to destroying the certification center authentication ticket, it is also necessary to traverse all the federation application systems to destroy the local tickets in the federation application system one by one. Then the process of traversing the application system without local tickets is obviously redundant
This leads to inefficiencies when logging in and out across roster points

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cross-domain name single sign on and off method and system as well as corresponding equipment
  • Cross-domain name single sign on and off method and system as well as corresponding equipment
  • Cross-domain name single sign on and off method and system as well as corresponding equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] This embodiment specifically provides a cross-domain name single sign-on and logout method, such as figure 2 As shown, the method includes:

[0049] In step 201, the client normally logs in through the SSO server. After successful login, the SSO server stores the token distributed to the client in the cookie of the browser. The client sends an access request to the federated application 1 that wants to access. The single-point proxy component running on the alliance application end 1 intercepts the access request sent by the client end to the alliance application end 1 .

[0050] In step 202, the single point proxy component can know whether the client has logged in the federated application 1 according to the token stored in the cookie. When it is known that the user end has logged in the alliance application end 1 for the first time, step 203 is performed; when it is known that the user end is logged in again after the first login, that is, when the user end has lo...

Embodiment 2

[0070] This embodiment provides an alliance application terminal 300, which can be used as the alliance application terminal 1 in Embodiment 1. The alliance application terminal 300, such as image 3 As shown, it includes: a single point agent component 400 and an alliance application system 500, wherein,

[0071] The single point proxy component 400 includes: an interception unit 41 , a verification unit 42 , an acquisition unit 43 , a verification unit 44 , and a local cache unit 45 .

[0072] The interception unit 41 is used to intercept the access request sent by the client to the alliance application system; the verification unit 42 is used to intercept the access request after the interception unit 41, when the client logs in to the alliance application for the first time, Carry out secondary verification to described user terminal; Obtaining unit 43, if the secondary verification result of verification unit 42 represents that described user terminal has logged in descr...

Embodiment 3

[0082] This embodiment specifically provides a cross-domain name single sign-on and logout system, such as Figure 4 As shown, it includes: a client terminal 61 , a single sign-on server 62 , a single point proxy component 63 and a federated application terminal 64 including the single point proxy component 63 .

[0083] Wherein, the single-point agent component 63 is used for intercepting the access request sent by the client terminal 61 to the alliance application terminal 64, when the client terminal 61 logs in to the alliance application terminal 64 for the first time, to the User terminal 61 carries out secondary verification; If the result of secondary verification represents that described user terminal 61 has logged in described alliance application end 64, then described SPO agent component 63 obtains synchronous token from SSO server 62, and checks Whether the synchronization token is correct; if the verification result represents that the synchronization token is co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a cross-domain name single sign on and off method and system as well as corresponding equipment, belongs to the field of network application and solves the problem of low efficiency during cross-domain name single sign on and off in the prior art. The method of the embodiment of the invention mainly comprises the following steps that: when a client logs in a union application end for the first time, a single point agent assembly performs secondary verification on the client; if the client passes the secondary verification, the single point agent assembly acquires a synchronous token from a single sign on server, and verifies whether the synchronous token is accurate; and if the synchronous token is verified to be accurate, the single point agent assembly acquires user information corresponding to the synchronous token from the single sign on server, and stores the user information and the synchronous token in a local cache of the union application end. The embodiment of the invention is mainly applied to a network.

Description

technical field [0001] The invention provides a cross-domain name single sign-on method, a cross-domain name single sign-out method, a cross-domain name single sign-on and logout system and corresponding equipment; it belongs to the field of network applications. Background technique [0002] In the process of website construction, multiple application systems are generally developed and completed in different periods. Each application system has its own independent user database and user authentication system due to its different functional emphasis, design methods, and development techniques. With the development of the website, there will be such user groups: Take one of the users as an example, the user uses multiple application systems under a certain website, but each application system has an independent account, and there is no one overall account. The concept of the user account, before entering each application system, the user needs to log in with the account of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L29/06
Inventor 荣蓉吉磊闵旺华闫洁赵东岩
Owner 新方正控股发展有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap