Single sign on method and system based on Cookie and application server thereof

An application server and login server technology, applied in the system and its application server, in the field of cookie-based single sign-on methods, can solve the problems of inability to prevent replay attacks, cookie tampering, frequent database access, etc., to avoid the risk of replay attacks , prevent replay attacks, realize the effect of sharing cookies and cross-domain single sign-on

Inactive Publication Date: 2013-06-26
CHINA CONSTRUCTION BANK
View PDF3 Cites 153 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although encryption can effectively prevent session hijacking, it cannot prevent replay attacks
[0006] (2) Frequent access to the database
If a hacker makes frequent requests to the server by forging the authentication information of the cookie, when verifying the effectiveness and authenticity of the authentication information of the client cookie, the database access performance consumption will be proportional to the amount of requests
[0007] (3) Cookie tampering
Cookie access is only valid for hosts under the same domain, and distributed application systems often cannot guarantee that all hosts are under the same domain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single sign on method and system based on Cookie and application server thereof
  • Single sign on method and system based on Cookie and application server thereof
  • Single sign on method and system based on Cookie and application server thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to facilitate the understanding of various aspects, features and advantages of the technical solutions of the present invention, the present invention will be specifically described below in conjunction with the accompanying drawings. It should be understood that the various implementations described below are only for illustration, rather than limiting the protection scope of the present invention.

[0043] refer to figure 1 , in one embodiment of the present invention, a Cookie-based single sign-on method is provided. The method comprises the steps of:

[0044] S100. The application server receives a request message for requesting to access and use a protected resource sent by a user through a client browser.

[0045] S200. Check whether the created cookie of the user exists on the client browser. If not, directly return a failure result and proceed to step S300, otherwise proceed to step S600.

[0046] Wherein, the cookie includes: an authentication infor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a single sign on method and system based on Cookie and an application server thereof. The technical problems of replay attack and frequent access of the database are solved through the following operations: receiving request a message transmitted by a client browser by an application server; B, checking whether Cookie of a user exists in the client browser; if so, directly returning a failure result and entering a step C, otherwise entering the step F; C, redirecting the client browser to a login server for performing login operation; D, generating effective Cookie through the login server after the user login is successful; E, transmitting the generated effective Cookie to the client browser, redirecting to the application server, and turning to the step B; and F, verifying the Cookie of the user, comprising judging whether the authentication information value of the Cookie of the user is matched with Session value of the server, whether the ID value of the Cookie is unique, whether the timestamp of the Cookie is repeated and overtime, and providing the requested resources to the user under the verification condition.

Description

technical field [0001] The present invention relates to network communication technology, and more specifically, to a cookie-based single sign-on method, system and application server thereof. Background technique [0002] Single sign-on system SSO (Single Sign-On) is also known as a unified identity authentication system, which means that users only need to perform identity authentication once when using the system, and then they can access all network resources within the scope allowed by the system according to user permissions. There is no need to log in to different subsystems multiple times or to repeat the process of user identity authentication when using all network resources in different computer environments. [0003] The current single sign-on implementation scheme is mainly divided into three types: one is based on the network token mechanism of the Oauth protocol (a secure, open and simple standard for the authorization of user resources); the other is based on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 王进肖群周振黎民罗世容何小锋郭友德蒋祁效陈红淇
Owner CHINA CONSTRUCTION BANK
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap