Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Authority authentication method, device and system based on CAS

A permission authentication and permission technology, which is applied in the field of CAS-based permission authentication, devices and systems, and can solve problems such as CAS services not performing user permission authentication

Inactive Publication Date: 2017-09-15
睿智合创(北京)科技有限公司
View PDF3 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In view of the above technical problems, the present invention provides a CAS-based authority control method, device and system, which can solve the technica...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authority authentication method, device and system based on CAS
  • Authority authentication method, device and system based on CAS
  • Authority authentication method, device and system based on CAS

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] image 3 A schematic diagram of the authority authentication system architecture provided by Embodiment 1 of the present invention; image 3 Shown:

[0058] The CAS client is deployed together with multiple web application systems, and the protected resources of multiple web application systems are protected in the form of Filter. The user can access the corresponding web application system through the web browser of the CAS client. When the user logs in for the first time, the CAS server generates a credential ticket, which is stored in the server session and the client cookie respectively. , the client will automatically bring the ticket data to the server for verification, and if the verification is successful, it will log in automatically. As for whether the ticket will be forged and cause security problems, the CAS framework has already dealt with it, because the docking system needs to use the https security protocol for access, so there is no need to worry abou...

Embodiment 2

[0063] Such as Figure 4 As shown, an authority authentication method provided by an embodiment of the present invention includes:

[0064] Step 401, the CAS client receives the access request sent by the user through the web browser;

[0065] The access request may be a request to access a certain web application system, such as directly inputting a certain web application system address in the address of the web browser, or it may be a request to access the application system corresponding to the CAS client.

[0066] Step 402, the CAS client directly goes to the CAS server to perform user login authentication, and the CAS server judges whether the user has logged in; if the user is logging in for the first time, then execute as follows figure 1 Steps 1-5 in the single sign-on process shown in the prior art are then executed in step 403, and if the user is already logged in, step 403 is directly executed;

[0067] Step 403, when the user is in the logged-in state, the CAS s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an authority authentication method, device and system based on a central authentication service (CAS). The authority authentication method comprises the steps that a CAS server conducts user login authentication according to an access request sent by a CAS client, wherein the access request comprises a user name and a password; when a user is in a login state, the CAS server conducts user authority authentication. According to the method, not only is the single sign-on problem solved through the CAS service, but also the user authority authentication problem is solved, and the process is simple; furthermore, the user can login all permitted systems only by remembering one application system domain name, and system management and user operations are convenient.

Description

technical field [0001] The invention relates to Central Authentication Service CAS technology, in particular to a CAS-based authority authentication method, device and system. Background technique [0002] With the development of Internet services, there are more and more web application systems. In addition to supporting the single sign-on function, user authority control is also required. Single sign-on (Single Sign-ON, referred to as SSO) is a unified authentication and authorization mechanism, which means that the same user who accesses the protected resources in different application systems of the same server only needs to log in once to pass the security authentication in one application system After that, when accessing protected resources in other application systems, it is no longer necessary to re-login for verification, that is, users only need to log in once to access all mutually trusted application systems without having to log in repeatedly. At present, the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0815H04L63/083H04L63/10H04L67/02
Inventor 章成曲
Owner 睿智合创(北京)科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products