Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Cross-domain access control method, electronic equipment and storage medium

A control method and cross-domain technology, applied in the field of communication, can solve the problems of inability to obtain authentication session information, inability to access resources, cross-domain, etc.

Pending Publication Date: 2022-04-05
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If there is no parent-child relationship between the login domain name and the resource domain name, there will be a cross-domain problem. For example, the login domain name is vpn.topsec.com, and the resource domain name is app1.topsec.com. At this time, the user logs in through the domain name vpn.topsec.com After the vpn device, the session information of the successful login authentication is saved in the cookie of the vpn.topsec.com domain, but when the user visits app1.topsec.com, the two domain names belong to different domains, and the vpn device starts from app1.topsec.com. The authentication session information of the user cannot be obtained in the cookie of the com domain, so that the validity verification cannot be performed, resulting in the failure of normal access
[0004] It can be seen that in the actual project deployment, in order to reduce costs, there are some application scenarios where the login domain name and the resource domain name are the same level domain name and have no parent-child relationship. The problem that prevented access to the resource

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cross-domain access control method, electronic equipment and storage medium
  • Cross-domain access control method, electronic equipment and storage medium
  • Cross-domain access control method, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.

[0058]Like numbers and letters denote similar items in the following figures, so that once an item is defined in one figure, it does not require further definition and explanation in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second" and the like are only used to distinguish descriptions, and cannot be understood as indicating or implying relative importance.

[0059] figure 1 It is a schematic diagram of an application scenario of the cross-domain access control method provided by the embodiment of this application. Such as figure 1 As shown, the application scenario includes a browser 110 , an intranet access control device 120 (WEBVPN) and a resource server 130 . The intranet access control device 120 is connected to the browser 110 and th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a cross-domain access control method, electronic equipment and a storage medium, and the method comprises the steps: obtaining a cross-domain resource address corresponding to a specified user in response to a resource list obtaining request sent by a browser where the specified user is located; generating a new address according to the resource address and the first time, and issuing the new address to a browser where the specified user is located; in response to a resource access request sent by a browser where the specified user is located, verifying the new address according to the new address carried by the resource access request; after the new address passes the verification, obtaining a resource address according to the new address; and according to the resource address, requesting resource content from a resource server corresponding to the resource address and returning the resource content to a browser where the specified user is located. According to the method, the problem that access cannot be carried out due to the fact that legality verification cannot be carried out during cross-domain access is solved.

Description

technical field [0001] The present application relates to the field of communication technologies, and in particular to a cross-domain access control method, electronic equipment, and a computer-readable storage medium. Background technique [0002] Currently, sslvpn encrypts the data between the user and the service server through the ssl tunnel to protect the service resource server. Before the SSL tunnel is established, the user performs identity authentication. After the authentication is passed, a session is created. The SSLVPN gateway traverses resources and sends the resources associated with the user's role to the client browser. [0003] WEBVPN is an implementation scheme of SSLVPN for the seven-layer proxy. The existing WEBVPN accesses and logs in to vpn resources through domain names. Assume that the login domain name is vpn.topsec.com. After successful login, when accessing resources, the resource domain name must be a subclass of the login domain name. Domain n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/60G06F21/62G06F21/64
Inventor 党帆
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products