Single sign-on method and system

A single sign-on and login-free technology, applied in the field of computer networks, it can solve the problems of inability to control service login rights in a fine-grained manner, and inability to integrate multiple mainstream browsers, and achieve the effect of humanized experience, fast login, and perfect service.

Inactive Publication Date: 2013-11-27
SOUTH CHINA UNIV OF TECH
View PDF2 Cites 40 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] However, after long-term use, it is found that the CAS single sign-on solution still has the following defects: 1) The CAS client only supports the Web environment of the B / S architecture, but is powerless to the desktop application of the C / S architecture; 2) The single point of CAS Login is only valid in the same browser, and cannot be integrated among multiple mainstream browsers; 3) CAS treats the integrated services equally, and cannot fine-grainedly control the login permissions of each service

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single sign-on method and system
  • Single sign-on method and system
  • Single sign-on method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] Such as image 3 It shows that the user performs single sign-on on the application client with C / S architecture for the first time, and the specific steps are as follows:

[0067] S301 An application client with a C / S architecture sends an ST ticket request to the SSO information maintainer through the SSO client API, and the ST ticket request includes the SSO consortium domain and the service identifier that needs to be logged in, The service ID is the service ID of the desktop application server;

[0068] S302 The single sign-on information maintainer searches for the logged-in user information in the corresponding login federation domain, if it exists, performs a quick login, if there is no logged-in user information, then goes to the process S303, and requires the user to perform a normal login;

[0069] S303 The application client provides a login page to the user, requiring the user to perform a normal login;

[0070] S304 The user inputs the user credential, th...

Embodiment 2

[0076] Such as Figure 4 As shown, a single sign-on method. This embodiment describes that the user once logged in to the single sign-on system, and the application client does not need to input user credentials for quick login, including:

[0077] S401 An application program client with a C / S architecture sends an ST ticket request to the single sign-on information maintainer through the single sign-on client API, the ST ticket request includes the single sign-on consortium domain and the service identifier that needs to be logged in, The service ID is the service ID of the desktop application server;

[0078] S402 The single sign-on information maintainer searches for the logged-in user name information in the corresponding login alliance domain, if there is no logged-in information, then go to process S403, and require the user to perform a normal login; if there is logged-in user information, then go to process S404 ;

[0079] S403 The application program client provides...

Embodiment 3

[0086] Such as Figure 5 As shown, a single sign-on system includes a user browser equipped with a web browser plug-in and a single sign-on information maintainer located at the user client, a web service filter deployed on the network, a web application server and a login-free server, This embodiment describes a single sign-on method that requires ordinary login when a user accesses a Web service using a browser.

[0087] Specific steps are as follows:

[0088] S501 The user sends a resource access request to the Web server at the application client of the B / S architecture, and this request will be intercepted by the Web service filter, and the application client of the B / S architecture is specifically the user's browser;

[0089] S502 The web service filter judges whether the resource access request has an ST ticket, and if so, turns to S512 to verify the ST ticket, otherwise turns to the login-free server to verify the user identity in a redirected manner, and turns to the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a single sign-on method and a single sign-on system. The single sign-on method comprising the steps of: requesting ST tickets from a single sign-on information maintainer through a browser plug-in when a B/S application client side needs to log in, then requesting fast login from an application server side, or carrying out normal login if the ST ticket information does not exist, and then synchronizing the login information to the single sign-on information maintainer through the browser plug-in; and requesting ST tickets from the single sign-on information maintainer when a C/S application client side logs in, then requesting fast login from the application server side, or carrying out normal login if the ST ticket information does not exist, and then responding to the single sign-on information maintainer. When the client sides requests ST tickets of target service from the single sign-on information maintainer, if the weight of TGT tickets of current logged-in user is not lower than login weight of the target service, then the ST tickets of target service are generated for the client sides, otherwise the \permission is insufficient, and the fast login fails.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to a single sign-on method and system. Background technique [0002] With the continuous advancement of Internet technology and the continuous improvement of enterprises' emphasis on information construction, the information construction of modern enterprises is becoming more and more perfect. Various efficient information systems, such as personnel management systems, salary systems, email systems, etc. Entered various enterprises one after another. When employees are working normally, due to the large number of systems involved, the login operation of each system becomes a burden. In response to these problems, Single Sign On (SSO, Single Sign On) technology emerged as the times require. It provides enterprise users with a unified access portal for information resource authentication, enabling users to log in only once to use in different applications according to set r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 许勇雷传锐
Owner SOUTH CHINA UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap