[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN109768965A - A kind of login method of server, equipment and storage device - Google Patents

A kind of login method of server, equipment and storage device Download PDF

Info

Publication number
CN109768965A
CN109768965A CN201811535586.6A CN201811535586A CN109768965A CN 109768965 A CN109768965 A CN 109768965A CN 201811535586 A CN201811535586 A CN 201811535586A CN 109768965 A CN109768965 A CN 109768965A
Authority
CN
China
Prior art keywords
server
browser
information
subscriber identity
identity information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811535586.6A
Other languages
Chinese (zh)
Other versions
CN109768965B (en
Inventor
喻先兵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Huaduo Network Technology Co Ltd
Original Assignee
Guangzhou Huaduo Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Huaduo Network Technology Co Ltd filed Critical Guangzhou Huaduo Network Technology Co Ltd
Priority to CN201811535586.6A priority Critical patent/CN109768965B/en
Publication of CN109768965A publication Critical patent/CN109768965A/en
Application granted granted Critical
Publication of CN109768965B publication Critical patent/CN109768965B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

This application discloses a kind of login method of server, equipment and storage devices, load terminal script the method includes browser and send the first connection request based on full-duplex communication agreement to first server;First server receives the first connection request, verifies to subscriber identity information;First server verifies the access authority of user using subscriber identity information and second server information;After being verified, first server sends the second connection request based on full-duplex communication agreement to second server;Second server receives connection request, starts shell process, establishes pseudo-terminal, and then establish the connection with first server.By the above-mentioned means, the application is capable of the login service device of more Portable safety.

Description

A kind of login method of server, equipment and storage device
Technical field
This application involves field of computer technology, fill more particularly to a kind of login method of server, equipment and storage It sets.
Background technique
With the development of information technology (Information Technology, IT), on the server of some incorporated businesses All operation has one or more IT systems, these systems are service supporting platform a bit, some are rear end support systems, either Database software system etc. ensures that the normal operation of these IT systems is all vital for any one company. Such as the update of operation system or Database Systems, System Expansion, capacity reducing, failure and positioning problems etc., this is generally required Programmer or operation maintenance personnel log on in these servers, run various instructions to realize.
Present inventor is in long-term R&D process, and finding the mode of current login service device, there is also certain Defect, when each login service device, not only need to verify user identity, it is also necessary to the account and password of authentication server, i.e., every time Login requires to be verified twice, and not only login process is cumbersome, is also easy to the account and encrypted message of leakage server, brings Unnecessary loss.Urgently need to develop a kind of method of new login service device.
Summary of the invention
The application is mainly solving the technical problems that provide a kind of login method of server, equipment and storage device, energy The login service device of enough more Portable safeties.
In order to solve the above technical problems, the technical solution that the application uses is: providing a kind of login side of server Method loads terminal script the method includes browser and sends the first connection based on full-duplex communication agreement to first server Request, first server is to provide the Website server of terminal script;First server receives the first connection request, to user's body Part information is verified, and subscriber identity information is sent to first server by browser;After being verified, establish and browser Connection;First server verifies the access authority of user using subscriber identity information and second server information, and second Server info is sent to first server by browser, and second server is server to be visited;After being verified, the first clothes Business device sends the second connection request based on full-duplex communication agreement to second server;Second server receives connection request, Start shell process, establishes pseudo-terminal, and then establish the connection with first server, browser successfully logs in second server.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of login of server Method, the method includes first servers to receive the first connection request based on full-duplex communication agreement, believes user identity Breath is verified, and subscriber identity information is sent to first server by browser;After being verified, first server and browser Establish connection;First server verifies the access authority of user using subscriber identity information and second server information, Second server information is sent to first server by browser, and second server is server to be visited;After being verified, the One server sends the second connection request based on full-duplex communication agreement to second server.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of login of server Method, the method includes load terminal scripts to send the first connection request based on full-duplex communication agreement to first server And subscriber identity information, first server are to provide the Website server of terminal script;Second service is sent to first server Device information, second server are server to be visited;Receive the output data of the second server of first server forwarding.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of server, the clothes Business device includes processor, and processor is for receiving the first connection request based on full-duplex communication agreement, to subscriber identity information It is verified, subscriber identity information is sent to processor by browser;After being verified, connection is established with browser;Utilize use Family identity information and second server information verify the access authority of user, and second server information is sent by browser To processor, second server is server to be visited;After being verified, processor sends to second server and is based on full duplex Second connection request of communication protocol.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of server, the clothes Business device includes the first receiving module, authentication module and the first sending module.Wherein, the first receiving module is for receiving based on complete double First connection request of work communication protocol, verifies subscriber identity information, and subscriber identity information is sent to by browser One server;After being verified, connection is established with browser.Authentication module is used to utilize subscriber identity information and second server Information verifies the access authority of user, and second server information is sent to first server, second service by browser Device is server to be visited.First sending module is used to send after being verified to second server and be assisted based on full-duplex communication Second connection request of view.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of login of server Equipment, the logging device include processor, and processor is sent to first server based on full duplex for loading terminal script The first connection request and subscriber identity information of communication protocol, first server are to provide the Website server of terminal script;To First server sends second server information, and second server is server to be visited;Receive the of first server forwarding The output data of two servers.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of login of server Equipment, the logging device include loading module, the second sending module and the second receiving module.Wherein, loading module is for adding Mounted terminal script to first server send the first connection request and subscriber identity information based on full-duplex communication agreement, first Server is to provide the Website server of terminal script.Second sending module is used to send second server letter to first server Breath, second server are server to be visited.Second receiving module is used to receive the second server of first server forwarding Output data.
In order to solve the above technical problems, another technical solution that the application uses is: providing a kind of with store function Device, storage device is stored with program, and program is performed the login method for realizing above-mentioned server.
The beneficial effect of the application is: being in contrast to the prior art, the application provides a kind of login side of server Method in this method, only needs to verify a user identity in login service device, does not need stepping on for secondary authentication server Account and password are recorded, login process is simplified, in addition, also permission control is carried out to user access server, so that having carried out must The permission isolation wanted, allows to authorize different users different permissions according to different business, improves server Safety.
Detailed description of the invention
Fig. 1 is the flow diagram of the login method first embodiment of the application server;
Fig. 2 is the configuration diagram of the login method second embodiment of the application server;
Fig. 3 is the flow diagram of the login method second embodiment of the application server;
Fig. 4 is the flow diagram of the application https two-way authentication;
Fig. 5 is the flow diagram that the application provides certificate;
Fig. 6 is the configuration diagram of the application WebShell_agent_d service;
Fig. 7 is the flow diagram of the login method third embodiment of the application server;
Fig. 8 is the flow diagram of the 4th embodiment of login method of the application server;
Fig. 9 is the structural schematic diagram of the application server first embodiment;
Figure 10 is the structural schematic diagram of the application server second embodiment;
Figure 11 is the structural schematic diagram of the logging device first embodiment of the application server;
Figure 12 is the structural schematic diagram of the logging device second embodiment of the application server;
Figure 13 is the structural schematic diagram for the device first embodiment that the application has store function.
Specific embodiment
It is right as follows in conjunction with drawings and embodiments to keep the purpose, technical solution and effect of the application clearer, clear The application is further described.
The application provides a kind of login method of server, is at least applied to log in the server of (SuSE) Linux OS, (SuSE) Linux OS has the characteristics that safe and reliable, powerful, update upgrades rapid, currently used server software.When It so can be used for logging in the server of other operating systems.This method is the safety of having based on Web (webpage) and authorization function The Linux Shell of energy logs in platform, using browser login service device and then can operate on it.
Referring to Fig. 1, Fig. 1 is the flow diagram of the login method first embodiment of the application server.In the reality It applies in mode, the login method of server includes the following steps:
S101: browser loads first connection of the terminal script to first server transmission based on full-duplex communication agreement and asks It asks, first server is to provide the Website server of terminal script.
Wherein, full duplex (Full Duplex) communication is also known as two-way simultaneous communication, that is, the both sides communicated can send out simultaneously Send and receive the information interaction approach of information.
S102: first server receive the first connection request, subscriber identity information is verified, subscriber identity information by Browser is sent to first server;After being verified, the connection with browser is established.
Wherein, when browser connect interaction with first server, browser sends logical based on full duplex to first server Believe the connection request of agreement, while sending subscriber identity information, subscriber identity information can be sent together in company with connection request, i.e., First connection request carries subscriber identity information, can also individually send subscriber identity information.First server is receiving first After connection request, first subscriber identity information is verified, can be just successfully connected after being verified;It cannot be just if authentication failed Often connection.
S103: first server tests the access authority of user using subscriber identity information and second server information Card, second server information are sent to first server by browser, and second server is server to be visited.
Wherein, second server information is the IP address information etc. of second server.For different users, server is set It is equipped with different access authority, the permission of such as access is read-only or ROOT permission.Therefore, in connected reference second server When, it should first verify the access authority of user.
S104: after being verified, first server sends the second company based on full-duplex communication agreement to second server Connect request.
Wherein, first server connects browser and second server as intermediate server, by establish browser with The connection of the connection of first server and first server and second server can be realized the friendship of browser and second server Mutually.
S105: second server receives the second connection request, starts shell process, establishes pseudo-terminal, and then establish and first The connection of server, browser successfully log in second server.
Wherein, shell process is also known as Shell process, and Shell is commonly called as shell (for being different from core), refers to and " provide for user The software (command analysis device) of operation interface ", it receives user command, then calls corresponding application program.Second server After receiving connection request, shell process can be started using corresponding account according to the permission of request, establish pseudo-terminal, and by shell The output data of process is sent to first server, then is transmitted to the terminal script on browser, browser by first server Load terminal script updates interface again, successfully logs in second server.
In this embodiment, it only needs to verify a user identity in login service device, does not need secondary test The logon account and password for demonstrate,proving server, simplify login process, in addition, permission control also is carried out to user access server, To carry out necessary permission isolation, allows to authorize different users different permissions according to different business, mention The high safety of server.
Wherein, in one embodiment, first server is to provide the Website server of terminal script, referred to as WebShell Service;Operation has the broker program of first server, referred to as WebShell Agent on second server.Agent process is run Server, WebShell service can be communicated with broker program, to provide Web service externally for this host. I.e. only operation has the server of agent process could be with WebShell communication for service.
Fig. 2 and Fig. 3 are please referred to, Fig. 2 is the configuration diagram of the login method second embodiment of the application server;Figure 3 be the flow diagram of the login method second embodiment of the application server.In this embodiment, application scheme is adopted It is browser, WebShell service and WebShell Agent respectively with the service of three-tier architecture.The login side of server Method includes the following steps:
Step 1: inputting the domain name addresses of WebShell service, requested webpage on a web browser.
Step 2:WebShell service returns to webpage, can return to terminal script in webpage.
Step 3: browser loads terminal script.
Wherein, terminal leg is originally capable of providing Command Line Interface, in a browser the i.e. openable life of Run Script (Script) Enable row interface.Command Line Interface (Command-line Interface, CLI) is a kind of character user interface (CUI), is different from Graphic user interface (GUI), it does not support mouse usually, and user is inputted by keyboard and instructed, after computer receives instruction, given To execute.Such as terminal script can be xterm.js etc..In other embodiments, it is also possible to other and is capable of providing interaction The script at interface.
Step 4: browser sends the first connection request based on full-duplex communication agreement to first server.
Wherein, http agreement (Hyper Text Transfer is used between browser and WebShell service Protocol, HTTP, hypertext transfer protocol) it is communicated.Specifically, terminal script can initiate the base of WebShell service In the first connection request of full-duplex communication agreement.Wherein the first connection request based on full-duplex communication agreement can be WebSocket request, in other embodiments, is also possible to other full-duplex communication agreements.
Wherein, WebSocket agreement is that (Transmission Control Protocol passes transport control protocol based on TCP View) the new network protocol of one kind.It realizes full duplex between browser and server (Full-Duplex) and communicates, and allows to take Device active transmission information of being engaged in is to client.WebSocket is one of the mode that browser is communicated with Web server, most with http Big is not both that it is a long connection, so not needing newly-built connection, the first-class extra symbol of the http that retransfers, reaction More in time.WebSocket is effectively divided into two parts, and one is script (Javascript) program on browser, in addition One be Web server transport protocol standard.It has been a mature technology, such as from every side WebSocket transport protocol 2012 become IETF official standard: RFC 6455, IE, Safari, Chrome, The browsers such as Firefox, Opera have also all supported formal standard.
The use of WebSocket on a web browser is very simple because he only there are two movements: receive and hair.As long as Data can be sent out with send ();The onmessage that reception data then can use WebSocket works as specified from clothes Call back function when business device receives information) event, data can obtain by the mode in following example programs;It calls Close () can terminate to connect.In addition to onmessage event, WebSocket API (Application Programming Interface, application programming interface) also support the events such as onopen/onclose/onerror.Separately It is outer to can be used there are also several attributes, the similar XMLHttpRequest's of readyState (current linking status) ReadyState has tetra- states of CONNECTING/OPEN/CLOSING/CLOSED that can inquire the current shape of WebSocket State.BufferedAmount (the not sent byte number to server) attribute can obtain current how many byte (byte) Data are not yet sent out.If the data volume of transmission is big or network speed is slow, so that it may primary before being confirmed using it The data of submitting has been sent on earth not to be had.But simple application is not usually required to worry, because transmission speed is generally enough fast. There are one omissible parameters in fact for the constructed fuction of WebSocket, and: protocol (network data exchange rule) can refer to Determine which type of sub-protocol Web service will use.Such as:
Var ws=new WebSocket (' ws: // 127.0.0.1:8443/wamp ', ' wamp ').
It is additionally based on protocol attribute, it will also be appreciated that protocol used at present.It can be spy using sub-protocol The fixed application method that standard is packaged into using data, passes through corresponding Support Library, so that it may regardless of the running mould of WebSocket Formula and be absorbed in application it is upper.Currently used sub-protocol application has WAMP (The WebSocket Application Messaging Protocol).It but establishes using standard if not having, usually without the need for using it.
Before using WebSocket, need to establish a WebSocket object, the WebSocket network to be accessed Location is transmitted to him, such as:
Var ws=new WebSocket (' ws: // 127.0.0.1:8443/chat ');
Ws. (message) { alert (message.data);ws.close()};
ws.send(‘Hello WebSocket.');
WebSocket can choose ws or wss communication protocol, and ws is equivalent to general http, and wss is then equivalent to Which kind of agreement https can support determine as which kind of agreement selected according to Web server.Other parts use, Just as general URL (Uniform Resource Locator, uniform resource locator).In addition, since WebSocket is Long connection, so URL will not be changed in connection progress, so can only also select a URL every time, it is desirable to access different URL, it is necessary to establish new WebSocket connection.
WebSocket server layer use with regard to relatively complicated, since it is desired that completing entire WebSocket Protocol..., it does not need however in general to do so, the various libraries for supporting WebSocket can be used to complete.Below Introduce the content of WebSocket protocol definition:
It is Handshake Protocol (handshake) first, this is the head compatible with http format (header) in fact, and the inside contains The header field for having WebSocket to define, Web server must handle these information, then return in corresponding standard header Answer processed result.Behind the head that browser examined server to return, both sides can establish connection, transmit data, until Until calling close.
Secondly the unit of data transmission is called Frame in WebSocket, defines in RFC 6455 concentrate frame at present: Text data, binary data, ping/pong, close etc., it is possible to transmit text and binary data, pass through Ping/pong realizes heartbeat mechanism etc., and close is then the notice for closing connection.In addition, in order to support transmission unknown lengths Data, frame, which can also be done, to be divided to transmit in batches.
WebSocket is the basis for realizing WebShell, its long interconnection technique can make the process of browser and rear end Permanent connection is kept, data transmission capabilities guarantee that the inputoutput pair of browser and pseudo-terminal picks up, to realize The effect of Linux command is executed in browser.
Step 5: first server receives the first connection request, verifies to subscriber identity information.
Wherein, subscriber identity information is sent to first server by browser;Subscriber identity information can be with connection request one It rises and sends, i.e., connection request carries subscriber identity information;Subscriber identity information can also individually be sent.Subscriber identity information includes User account name, login password etc..
Specifically, subscriber identity information is sent to third server by first server, so that third server is to identity Information is verified.Third server can be a unified log-in service platform, such as the OA (Office of company Automation) system platform, third server have stringent user identity authentication system, pass through through third server authentication Identity information, can be directly verified in other systems, not need secondary verifying and login.It, can when such as accessing server No longer to need the account and password of authentication server system.By establishing unified login service platform, company can be made each System shares login system, and the system of login service device and other operation systems of company are got through, it is unnecessary to save user Login, keep login service device equally simple and quick to one webpage of access, and can support directly to jump from operation system Server is logged on to, so that the O&M of server can be bound together with operation system.Allow programmer and operation maintenance personnel can With quick login service device, deployment system, processing problem, and no longer need to record multiple accounts and password.
After being verified, it is connected to WebShell service, the connection of browser and first server, which is established, to be completed.
Step 6: first server carries out the access authority of user using subscriber identity information and second server information Verifying.
Wherein, second server information is sent to first server by browser, and second server is server to be visited. Second server information includes the IP address information etc. of second server, can be in the domain name of input WebShell service at the beginning The IP address information that second server is taken when address just sends that information to first server in requested webpage, can also After establishing connection, second server information is individually sent.
Specifically, subscriber identity information and second server information are sent to the 4th server by first server, so that 4th server verifies identity information.4th server is server management platform, is stored with clothes to be visited Device information of being engaged in and its access authority, e.g., the permission of access is read-only or ROOT permission, if it is ROOT, for different power The user of limit, the shell process started when server is finally accessed can be different.By establishing unified server permission control system System carries out user access server to log in verification and permission control, to carry out necessary permission isolation, allows to root Different permissions is authorized to different users according to different business, it is more safely controllable in this way.
Step 7: first server sends the second connection request based on full-duplex communication agreement to second server.
Wherein, after WebShell service verification passes through, wss request can be initiated to second server (based on https's WebSocket).WebShell service is communicated with the service of the https between second server based on two-way authentication, so that The safety of system is more guaranteed.Https two-way authentication requires client-side program to possess CA certificate, client certificate, client Hold Key;Server program is required to possess CA certificate, server side certificate and server Key simultaneously.
Wherein, two-way authentication and unilateral authentication principle are substantially similar, only in addition to client need certificate server with Outside, certification of the server-side to client is increased, detailed process is referring to Fig. 4, Fig. 4 is the stream of the application https two-way authentication Journey schematic diagram.Mutual authentication process includes the following steps:
S401: client sends the information such as ssl protocol version number, Encryption Algorithm type, random number to server-side.
S402: server-side returns to the information such as ssl protocol version number, Encryption Algorithm type, random number to client, while Return to the certificate of server end, i.e. public key certificate.
S403: the legitimacy for the information authentication service device that client is returned using server-side, comprising:
Whether expired verify certificate;CA (Certificate Authority, the certificate authority machine of issuance server certificate Structure) it is whether reliable;Whether the public key of return can correctly unlock the digital signature returned in certificate;Domain name in server certificate is No and server actual domain name matches.It after being verified, will continue to communicate, otherwise, terminate communication.
S404: server-side requires the certificate of client transmission client, and the certificate of oneself can be sent to service by client End.
S405: verifying the certificate of client, after verifying, can obtain the public key of client.
S406: client sends the symmetric encryption scheme that oneself can be supported to server-side, is selected for server end.
S407: server end selects the highest cipher mode of level of encryption in the encipherment scheme that client provides.
S408: encipherment scheme is encrypted by using the public key got before, returns to client.
S409: after client receives the encipherment scheme ciphertext of server-side return, being decrypted using the private key of oneself, is obtained Specific cipher mode then generates the random code of the cipher mode, as the key in ciphering process, from service before use After the public key got in the certificate of end is encrypted, it is sent to server-side.
S410: after server-side receives the message of client transmission, being decrypted using the private key of oneself, obtains symmetric cryptography Key, in next session, server and client side will will use the password carry out symmetric cryptography, guarantee communication process The safety of middle information.So far, certification passes through.
In this embodiment, due to common ca authentication center, domain name can only be authenticated, so this for big The https service that server provides is measured, the certificate of privately owned oneself signature system can only be used.
Because the certificate that we provide all is self-signed certificate, which issues licence center, it is not responsible go certification certificate and Website, server legitimacy, its main function is to provide certificate, and certificate has: server side certificate and client certificate two Kind, so CA issues licence, center can all be responsible for granting to both certificates.
The WebShell_agent_d that server side certificate is run on server due to being provides authentication service, so The transmission of server side certificate is more relaxed, as long as the principle provided at present is to belong to in-company server (IP address school Test and pass through), then issue server certificate.
Client certificate is that have it to be just able to access that every service for being communicated with WebShell_agent_d Device, so the certificate issued of client is very strict at present, only specific IP could apply for client certificate, and safe school It tests by can just provide;In this embodiment, client is WebShell server-side.
CA issues licence center without other additional functions, only provides the service of certificate, due in an enterprises, The increase and decrease of server and the change of server are often had, as long as so thering is the IP of newly-increased server or server to occur Variation can all arrive CA automatically and issue licence center and apply for server side certificate here.
Server end/client request certificate process flow is referring to Fig. 5, Fig. 5 is the stream that the application provides certificate Journey schematic diagram.In this embodiment, the distribution process of certificate includes the following steps:
S501: client end/server end to CA issue licence center send application certificate http request.
S502:CA issue licence center verification access IP legitimacy.
Specifically, the center of issuing licence CA can be to configuration management database (Configuration Management Database, CMDB) legitimacy for accessing IP is verified, the various of equipment match confidence in CMDB storage and management enterprise IT architecture Breath.
S503: after being verified, CA, which is signed and issued at the center of issuing licence, generates corresponding certificate.
S504: corresponding certificate and Key are returned into client end/server end.
Step 8: second server receives the second connection request, starts shell process, establishes pseudo-terminal, and then establish and first The connection of server.
Wherein, WebShell_agent_d service is all deployed on every server, it is responsible for realizing based on order The function of pseudo-terminal, and the https service that the pseudo-terminal is provided with oneself is bound.WebShell_agent_d service Framework is referring to Fig. 6, Fig. 6 is the configuration diagram of the application WebShell_agent_d service.
Specifically, after WebShell service verification passes through, can WebShell_agent_d on second server initiate Wss requests (WebSocket based on https).Two-way authentication is based between WebShell service and WebShell_agent_d The service of https communicated.
WebShell_agent_d, due to not having server side certificate, can automatically be gone when starting first time CA issues licence center application server side certificate and Key, has legal server side certificate and Key, it could start https and take Business services WebShell and provides the WebSocket service (wss) of safety.
The IP variation of WebShell_agent_d meeting periodic detection server, as long as IP is changed, it is necessary to again Apply for new server side certificate.Because system uses the certificate of oneself signature, it is signed for IP address, When WebShell_agent_d receives client connection request, the specified IP address of client connection must be with the server certificate In the IP correspondence of signature, otherwise, WebShell_agent_d be will be considered that illegally, as long as so IP changes, WebShell_ Agent_d requires to apply for new server side certificate, restarting https service.
WebShell_agent_d receive wss request after, can according to request permission using corresponding account start shell into Journey establishes pseudo-terminal.
Pseudo terminal device (Pseudo Terminal, PTY) is a kind of special final drive equipment, it does not drive certain A physical equipment, but be used to handle the output directional of terminal into application program.Why pseudo terminal device exists The method for being to provide for a kind of simulation serial terminal behavior under program.It shows as pseudo-terminal master in systems and sets Standby (master) and pseudo-terminal this pair of of character device from equipment (slave, terminal device file)./ dev/ptmx is for creating Build the file of a pair of of master, slave.When a process opens it, the filec descriptor (file of a master is obtained Descriptor), while at/dev/pts a slave device file is created.Wherein, pts (pseudo-terminal Slave) be pty implementation method, with ptmx (pseudo-terminal master) with the use of realize pty.
Pseudo-terminal can be used for constructing various servers, such as can be used for constructing the server that offer network logs in, Or for constructing the server based on order.
The login service device of network is all based on when wherein, using log in means login service device, typical example is Telnetd and SSHD service (most common be SSHD service), Telnetd and SSHD service operation on remote host, For being based on TCP/IP (Transmission Control Protocol/ by tools such as SecureCRT or Putty Internet Protocol, transmission control protocol/Internet Protocol) operate in shell process on remote host, wherein SSH is the abbreviation of Secure Shell, the security protocol being built upon on the basis of application layer;Telnet is that Internet is remotely stepped on The standard agreement of land service.
Specifically, SSHD service can receive external TCP/IP connection, and be verified by logging in (login) Afterwards, start (fork/exec) shell process, at the same time, SSHD process can open a pseudo terminal device, and SSHD process is negative Duty from PTY main equipment read and write standard input and output, and the standard input-output mappings of shell process to PTY from equipment.Due to PTY master-slave equipment is similar to a kind of function of two-way pipeline, long-range director data can be become shell by TCP/IP network The standard input of process, and the standard output and mistake output after the execution of shell process become being output to remotely for TCP, realization pair The operation of linux system.
In the embodiment, WebShell_agent_d uses the pseudo-terminal mode based on order, as reception WebShell When the request of service, it will create a PTY equipment, and mono- shell process of Fork;PTY from apparatus bound to the mark of shell process Quasi- input, standard output, standard error export;Simultaneously WebShell_agent_d process can adapter tube PTY main equipment input And output, the final protocol conversion for realizing WebSocket agreement and the input and output of PTY main equipment, to realize based on https WebSocket safety pseudo-terminal service ability.Opposite SSH network pseudo-terminal mode, using the pseudo-terminal based on process Mode enables to system to have very high scalability, and login ability, the various orders of starting of Docker container may be implemented Etc..If shell process commands can be replaced on demand, the order for being for example substituted for login Docker container can step in Web Record the Shell of container;Or it is substituted for top order, the highest business process of the load that can be directly viewable in system.Based on process Mode creation pseudo-terminal the system framework is well worth doing, to be extended in different fields.
After starting shell process, the output data of shell process can be sent to first server by WebShell_agent_d, then Terminal script on browser is transmitted to by first server, browser loads terminal script again and updates interface, successfully logs in Second server.
So far, the Path Setup of entire WebShell is completed, we can be executed by the interface Shell on a web browser Instruction, the transmission flow graph of corresponding instruction are as follows: instruction → WebShell service → WebShell_agent_d → shell process.
Specifically, browser receives operational order, and operational order is sent to WebShell service;WebShell service will Operational order is sent to WebShell_agent_d, and operational order is sent to shell process, executes behaviour by WebShell_agent_d It instructs, and output data.
After shell process has executed instruction, its output can be sent to standard output, and then be forwarded to browser, and flow graph is such as Under:
Shell process → instruction output → WebShell_agent_d → WebShell service → browser.
Specifically, output data is sent to WebShell_agent_d by shell process, and WebShell_agent_d will be exported Data are sent to WebShell service, and the output data received is transmitted to browser by WebShell service.
When instruction flows through WebShell service, WebShell service system can automatically audit to operational order, be divided Class etc. knows the user of login and the instruction of execution due to system, and the people for being just easy to the instruction to execution carries out processing of calling to account, Safety accident caused by artificial intentional act can effectively be avoided.
Based on above scheme, the application also provides a kind of login method of server, referring to Fig. 7, Fig. 7 is the application clothes The flow diagram of the login method third embodiment of business device.In this embodiment, the login method of server includes such as Lower step:
S701: first server receive the first connection request based on full-duplex communication agreement, to subscriber identity information into Row verifying, subscriber identity information are sent to first server by browser;After being verified, first server and browser are established Connection.
Wherein, when browser connect interaction with first server, browser sends logical based on full duplex to first server Believe the connection request of agreement, while sending subscriber identity information, subscriber identity information can be sent together in company with connection request, i.e., First connection request carries subscriber identity information, can also individually send.
S702: first server tests the access authority of user using subscriber identity information and second server information Card, second server information are sent to first server by browser, and second server is server to be visited.
Wherein, second server information is the IP address information etc. of second server.For different users, server is set It is equipped with different access authority, the permission of such as access is read-only or ROOT permission.
S703: after being verified, first server sends the second company based on full-duplex communication agreement to second server Connect request.
Wherein, first server connects browser and second server as intermediate server, by establish browser with The connection of the connection of first server and first server and second server can be realized the friendship of browser and second server Mutually.
The embodiment is the step of first server end executes above-mentioned server log method, and specific implementation process is asked Refering to the description of above embodiment, details are not described herein.
Based on above scheme, the application also provides a kind of login method of server, referring to Fig. 8, Fig. 8 is the application clothes The flow diagram of the 4th embodiment of login method of business device.In this embodiment, the login method of server includes such as Lower step:
S801: load terminal script sends the first connection request and use based on full-duplex communication agreement to first server Family identity information, first server are to provide the Website server of terminal script.
Wherein, between browser and first server using http agreement (Hyper Text Transfer Protocol, HTTP, hypertext transfer protocol) it is communicated.
S802: second server information is sent to first server, second server is server to be visited.
Wherein, second server information includes the IP address information etc. of second server, can input at the beginning domain name The IP address information that second server is taken when address just sends that information to first server in requested webpage, can also After establishing connection, second server information is individually sent.
S803: the output data of the second server of first server forwarding is received.
The output data of shell process is sent to first server by second server, then is transmitted to browsing by first server Terminal script on device, browser load terminal script again and update interface, successfully log in second server.
The embodiment is the step of browser end executes above-mentioned server log method, and specific implementation process please refers to The description of embodiment is stated, details are not described herein.
Above scheme, the login method of server provided by the present application can no longer be needed by browser login service device Log in means is wanted, login mode is simplified.Meanwhile only needing to verify a user identity when logging in, it does not need secondary The logon account and password of authentication server, simplify login process, in addition, also carrying out permission control to user access server System allows to authorize different users different permissions according to different business to carry out necessary permission isolation, Improve the safety of server.
Based on the login method of above-mentioned server, the application also provides a kind of server, which can provide website Service, for realizing the login method of above-mentioned server.Referring to Fig. 9, Fig. 9 is the knot of the application server first embodiment Structure schematic diagram.In this embodiment, server 90 includes: processor 901, and processor 901 is logical based on full duplex for receiving The first connection request for believing agreement, verifies subscriber identity information, subscriber identity information is sent to processor by browser 901;After being verified, connection is established with browser;Access using subscriber identity information and second server information to user Permission is verified, and second server information is sent to processor 901 by browser, and second server is server to be visited; After being verified, processor 901 sends the second connection request based on full-duplex communication agreement to second server.The server It can be used for executing the login method of above-mentioned server, and there is corresponding beneficial effect, referring specifically to above embodiment Description, details are not described herein.
Referring to Fig. 10, Figure 10 is the structural schematic diagram of the application server second embodiment.In this embodiment, Server can be a certain module in processor when executing the above method, specifically including server 100 includes the first reception mould Block 1001, authentication module 1002 and the first sending module 1003.
Wherein, the first receiving module 1001 is for receiving the first connection request based on full-duplex communication agreement, to user Identity information is verified, and subscriber identity information is sent to first server by browser;After being verified, established with browser Connection.
Authentication module 1002 is used to carry out the access authority of user using subscriber identity information and second server information Verifying, second server information are sent to first server by browser, and second server is server to be visited.
First sending module 1003 is used to send to second server based on full-duplex communication agreement after being verified Second connection request.
The server can be used for executing the login method of above-mentioned server, and have corresponding beneficial effect, please specifically join The description of above embodiment is read, details are not described herein.
Based on the login method of above-mentioned server, the application also provides a kind of logging device of server, which can be with For realizing the login method of above-mentioned server.Figure 11 is please referred to, Figure 11 is that the logging device first of the application server is implemented The structural schematic diagram of mode.In this embodiment, logging device 110 includes processor 1101, and processor 1101 is for loading Terminal script sends the first connection request and subscriber identity information based on full-duplex communication agreement, the first clothes to first server Business device is to provide the Website server of terminal script;To first server send second server information, second server be to Access server;Receive the output data of the second server of first server forwarding.The logging device can be used for executing above-mentioned The login method of server, and there is corresponding beneficial effect, it is no longer superfluous herein referring specifically to the description of above embodiment It states.The logging device of server can be laptop computer, desktop computer, and the electronics that tablet computer etc. is capable of loading browser is set It is standby.
Figure 12 is please referred to, Figure 12 is the structural schematic diagram of the logging device second embodiment of the application server.At this In embodiment, logging device can be a certain module in processor when executing the above method, and specific logging device 120 includes Loading module 1201, the second sending module 1202 and the second receiving module 1203.
Wherein, loading module 1201 is sent to first server based on full-duplex communication agreement for loading terminal script First connection request and subscriber identity information, first server are to provide the Website server of terminal script.
Second sending module 1202 is used to send second server information to first server, and second server is to be visited Server.
Second receiving module 1203 is used to receive the output data of the second server of first server forwarding.The login is set The standby login method that can be used for executing above-mentioned server, and there is corresponding beneficial effect, referring specifically to above embodiment Description, details are not described herein.
Based on the login method of above-mentioned server, the application also provides a kind of device with store function, please refers to figure 13, Figure 13 be the structural schematic diagram for the device first embodiment that the application has store function.In this embodiment, it stores Device 130 is stored with program 1301, and program 1301 is performed the login method for realizing above-mentioned server.Specific work process with It is consistent in above method embodiment, therefore details are not described herein, please refers to the explanation of the above corresponding method step in detail.Wherein have The device of store function can be portable storage media such as USB flash disk, CD, mobile hard disk, read-only memory (ROM, Read- Only Memory), random access memory (RAM, Random Access Memory), magnetic disk etc. is various can store program The medium of code is also possible to terminal, server etc..
In several embodiments provided herein, it should be understood that disclosed system, device and method can To realize by another way.For example, device embodiments described above are only schematical, for example, the mould The division of block or unit, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple Unit or assembly can be combined or can be integrated into another system, or some features can be ignored or not executed.It is another Point, shown or discussed mutual coupling, direct-coupling or communication connection can be through some interfaces, device or The indirect coupling or communication connection of unit can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.Some or all of unit therein can be selected to realize present embodiment scheme according to the actual needs Purpose.
In addition, each functional unit in each embodiment of the application can integrate in one processing unit, it can also To be that each unit physically exists alone, can also be integrated in one unit with two or more units.It is above-mentioned integrated Unit both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words It embodies, which is stored in a storage medium, including some instructions are used so that a computer It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the application The all or part of the steps of embodiment the method.
The foregoing is merely presently filed embodiments, are not intended to limit the scope of the patents of the application, all to utilize this Equivalent structure or equivalent flow shift made by application specification and accompanying drawing content, it is relevant to be applied directly or indirectly in other Technical field similarly includes in the scope of patent protection of the application.

Claims (11)

1. a kind of login method of server, which is characterized in that the described method includes:
Browser loads terminal script and sends the first connection request based on full-duplex communication agreement to first server, and described the One server is to provide the Website server of the terminal script;
The first server receives first connection request, verifies to subscriber identity information, the user identity letter Breath is sent to the first server by the browser;After being verified, the connection with the browser is established;
The first server using the subscriber identity information and second server information to the access authority of the user into Row verifying, the second server information are sent to the first server by the browser, the second server be to Access server;
After being verified, the first server sends the second connection based on full-duplex communication agreement to the second server Request;
The second server receives second connection request, starts shell process, establishes pseudo-terminal, and then establishes and described the The connection of one server, the browser successfully log in the second server.
2. the login method of server according to claim 1, which is characterized in that run on the second server The broker program of first server is stated, the second server receives second connection request, starts shell process, establishes pseudo- whole End, and then the connection established with the first server includes:
The broker program establishes pseudo-terminal based on the order of second connection request, by the pseudo-terminal from apparatus bound to The standard input of the shell process, standard output, standard error export;The broker program takes over the pseudo-terminal master simultaneously Equipment is output and input, to realize the protocol conversion of full-duplex communication agreement Yu the input and output of pseudo-terminal main equipment.
3. a kind of login method of server, which is characterized in that the described method includes:
First server receives the first connection request based on full-duplex communication agreement, verifies to subscriber identity information, institute It states subscriber identity information and the first server is sent to by browser;After being verified, the first server with it is described clear Device of looking at establishes connection;
The first server using the subscriber identity information and second server information to the access authority of the user into Row verifying, the second server information are sent to the first server by the browser, the second server be to Access server;
After being verified, the first server sends the second connection based on full-duplex communication agreement to the second server Request.
4. the login method of server according to claim 3, which is characterized in that described to test subscriber identity information Card includes:
The subscriber identity information is sent to third server by the first server, so that the third server is to described Subscriber identity information is verified.
5. the login method of server according to claim 3, which is characterized in that the first server is used for will be described The operational order that browser issues is transmitted to the second server, while the output data that the second server is issued turns The browser is issued, the method also includes:
The first server audits to the operational order for flowing through the first server, to grasp described in tracing record It instructs.
6. a kind of login method of server, which is characterized in that the described method includes:
It loads terminal script and sends the first connection request and the user identity letter based on full-duplex communication agreement to first server Breath, the first server is to provide the Website server of the terminal script;
Second server information is sent to the first server, the second server is server to be visited;
Receive the output data of the second server of the first server forwarding.
7. a kind of server, which is characterized in that the server includes processor, and the processor is used for:
The first connection request based on full-duplex communication agreement is received, subscriber identity information is verified, the user identity Information is sent to the processor by browser;After being verified, connection is established with the browser;
The access authority of the user is verified using the subscriber identity information and second server information, described second Server info is sent to the processor by the browser, and the second server is server to be visited;
After being verified, the processor sends the second connection based on full-duplex communication agreement to the second server and asks It asks.
8. a kind of server, which is characterized in that the server includes:
First receiving module carries out subscriber identity information for receiving the first connection request based on full-duplex communication agreement Verifying, the subscriber identity information are sent to first server by browser;After being verified, establishes and connect with the browser It connects;
Authentication module, for being carried out using the subscriber identity information and second server information to the access authority of the user Verifying, the second server information are sent to the first server by the browser, and the second server is wait visit Ask server;
First sending module, for sending second based on full-duplex communication agreement to the second server after being verified Connection request.
9. a kind of logging device of server, which is characterized in that the logging device includes processor, and the processor is used for:
It loads terminal script and sends the first connection request and the user identity letter based on full-duplex communication agreement to first server Breath, the first server is to provide the Website server of the terminal script;
Second server information is sent to the first server, the second server is server to be visited;
Receive the output data of the second server of the first server forwarding.
10. a kind of logging device of server, which is characterized in that the logging device includes:
Loading module sends the first connection request based on full-duplex communication agreement to first server for loading terminal script And subscriber identity information, the first server are to provide the Website server of the terminal script;
Second sending module, for sending second server information to the first server, the second server is wait visit Ask server;
Second receiving module, the output data of the second server for receiving the first server forwarding.
11. a kind of device with store function, which is characterized in that described device is stored with program, and described program is performed Realize the login method of server described in any one of claims 1-6.
CN201811535586.6A 2018-12-14 2018-12-14 Login method, equipment and storage medium of server Active CN109768965B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811535586.6A CN109768965B (en) 2018-12-14 2018-12-14 Login method, equipment and storage medium of server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811535586.6A CN109768965B (en) 2018-12-14 2018-12-14 Login method, equipment and storage medium of server

Publications (2)

Publication Number Publication Date
CN109768965A true CN109768965A (en) 2019-05-17
CN109768965B CN109768965B (en) 2022-04-19

Family

ID=66451910

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811535586.6A Active CN109768965B (en) 2018-12-14 2018-12-14 Login method, equipment and storage medium of server

Country Status (1)

Country Link
CN (1) CN109768965B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110460618A (en) * 2019-08-26 2019-11-15 南京国电南自轨道交通工程有限公司 Safe communication means in a kind of comprehensive monitoring system based on EN50159 standard
CN110569473A (en) * 2019-09-12 2019-12-13 浪潮软件股份有限公司 Method for remotely operating linux server based on SSH protocol
CN111092904A (en) * 2019-12-27 2020-05-01 杭州迪普科技股份有限公司 Network connection method and device
CN111294386A (en) * 2020-01-13 2020-06-16 北京淳中科技股份有限公司 Server communication method and device and electronic equipment
CN111880953A (en) * 2020-07-31 2020-11-03 北京致远互联软件股份有限公司 Application program communication method and device, electronic equipment and storage medium
CN111935276A (en) * 2020-08-07 2020-11-13 中国联合网络通信集团有限公司 Remote host access method, device and equipment
CN112104668A (en) * 2020-11-10 2020-12-18 成都掌控者网络科技有限公司 Distributed authority process separation control method and device
CN112511484A (en) * 2020-08-20 2021-03-16 成都悍力鼎科技有限公司 U shield safety control management system
CN112532568A (en) * 2019-09-19 2021-03-19 马上消费金融股份有限公司 Interaction method, device, equipment and computer readable storage medium
CN113381855A (en) * 2021-06-11 2021-09-10 上海哔哩哔哩科技有限公司 Communication method and system
CN114050911A (en) * 2021-09-27 2022-02-15 度小满科技(北京)有限公司 Container remote login method and system

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060218629A1 (en) * 2005-03-22 2006-09-28 Sbc Knowledge Ventures, Lp System and method of tracking single sign-on sessions
US20090126007A1 (en) * 2007-11-08 2009-05-14 Avantia, Inc. Identity management suite
CN103023861A (en) * 2011-09-26 2013-04-03 腾讯科技(深圳)有限公司 Network login method and login system, as well as authentication server
CN104426890A (en) * 2013-09-06 2015-03-18 北京神州泰岳软件股份有限公司 Network element accessing method and system based on B/S framework
CN104579682A (en) * 2014-12-30 2015-04-29 华夏银行股份有限公司 Access method and system for multi-service server
US9288208B1 (en) * 2013-09-06 2016-03-15 Amazon Technologies, Inc. Cryptographic key escrow
US9641534B2 (en) * 2015-09-03 2017-05-02 Dell Software, Inc. Providing controlled access to admin credentials during a migration
CN106775950A (en) * 2016-12-29 2017-05-31 郑州云海信息技术有限公司 A kind of virtual machine remote access method and device
US9813449B1 (en) * 2012-08-10 2017-11-07 Lookwise S.L. Systems and methods for providing a security information and event management system in a distributed architecture

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060218629A1 (en) * 2005-03-22 2006-09-28 Sbc Knowledge Ventures, Lp System and method of tracking single sign-on sessions
US20090126007A1 (en) * 2007-11-08 2009-05-14 Avantia, Inc. Identity management suite
CN103023861A (en) * 2011-09-26 2013-04-03 腾讯科技(深圳)有限公司 Network login method and login system, as well as authentication server
US9813449B1 (en) * 2012-08-10 2017-11-07 Lookwise S.L. Systems and methods for providing a security information and event management system in a distributed architecture
CN104426890A (en) * 2013-09-06 2015-03-18 北京神州泰岳软件股份有限公司 Network element accessing method and system based on B/S framework
US9288208B1 (en) * 2013-09-06 2016-03-15 Amazon Technologies, Inc. Cryptographic key escrow
CN104579682A (en) * 2014-12-30 2015-04-29 华夏银行股份有限公司 Access method and system for multi-service server
US9641534B2 (en) * 2015-09-03 2017-05-02 Dell Software, Inc. Providing controlled access to admin credentials during a migration
CN106775950A (en) * 2016-12-29 2017-05-31 郑州云海信息技术有限公司 A kind of virtual machine remote access method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MSDNPORTAL: "不同的用户使用不同的外壳程序", 《CSDN》 *
上下求索: "XP Embedded:不同的用户使用不同的外壳程序", 《CSDN》 *
何约什: "实现Webconsole功能", 《简书》 *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110460618B (en) * 2019-08-26 2022-06-07 南京国电南自轨道交通工程有限公司 Safe communication method in integrated monitoring system based on EN50159 standard
CN110460618A (en) * 2019-08-26 2019-11-15 南京国电南自轨道交通工程有限公司 Safe communication means in a kind of comprehensive monitoring system based on EN50159 standard
CN110569473A (en) * 2019-09-12 2019-12-13 浪潮软件股份有限公司 Method for remotely operating linux server based on SSH protocol
CN112532568A (en) * 2019-09-19 2021-03-19 马上消费金融股份有限公司 Interaction method, device, equipment and computer readable storage medium
CN111092904B (en) * 2019-12-27 2022-04-26 杭州迪普科技股份有限公司 Network connection method and device
CN111092904A (en) * 2019-12-27 2020-05-01 杭州迪普科技股份有限公司 Network connection method and device
CN111294386A (en) * 2020-01-13 2020-06-16 北京淳中科技股份有限公司 Server communication method and device and electronic equipment
CN111880953A (en) * 2020-07-31 2020-11-03 北京致远互联软件股份有限公司 Application program communication method and device, electronic equipment and storage medium
CN111935276A (en) * 2020-08-07 2020-11-13 中国联合网络通信集团有限公司 Remote host access method, device and equipment
CN111935276B (en) * 2020-08-07 2022-04-26 中国联合网络通信集团有限公司 Remote host access method, device and equipment
CN112511484A (en) * 2020-08-20 2021-03-16 成都悍力鼎科技有限公司 U shield safety control management system
CN112511484B (en) * 2020-08-20 2023-06-30 成都悍力鼎科技有限公司 U shield safety control management system
CN112104668A (en) * 2020-11-10 2020-12-18 成都掌控者网络科技有限公司 Distributed authority process separation control method and device
CN113381855A (en) * 2021-06-11 2021-09-10 上海哔哩哔哩科技有限公司 Communication method and system
CN113381855B (en) * 2021-06-11 2022-12-27 上海哔哩哔哩科技有限公司 Communication method and system
CN114050911A (en) * 2021-09-27 2022-02-15 度小满科技(北京)有限公司 Container remote login method and system
CN114050911B (en) * 2021-09-27 2023-05-16 度小满科技(北京)有限公司 Remote login method and system for container

Also Published As

Publication number Publication date
CN109768965B (en) 2022-04-19

Similar Documents

Publication Publication Date Title
CN109768965A (en) A kind of login method of server, equipment and storage device
JP6987931B2 (en) Secure single sign-on and conditional access for client applications
US10764273B2 (en) Session synchronization across multiple devices in an identity cloud service
CN108901022B (en) Micro-service unified authentication method and gateway
US10013668B2 (en) Secure storage of enterprise certificates for cloud services
JP6539357B2 (en) Password Encryption for Hybrid Cloud Services
US9959100B2 (en) Efficient storage and transfer of iOS binary files
US10582001B2 (en) Asynchronous pre-caching of synchronously loaded resources
US20190116182A1 (en) System and method for proxying federated authentication protocols
CN105359486B (en) Resource is accessed using agent security
CN105027107B (en) Migrate the computer implemented method and computing system of computing resource
US8434129B2 (en) Method and apparatus for multi-domain identity interoperability and compliance verification
CN104838630B (en) Application program management based on strategy
CN109155781A (en) Dynamic access to managed application
JP2020523806A (en) Internet of Things (IOT) device management
CN113630377B (en) Single sign-on for hosted mobile devices
CN109074274A (en) Virtual browser is integrated
AU2020233653A1 (en) Secure information exchange in federated authentication
CN110278179A (en) Single-point logging method, device and system and electronic equipment
CN111221665A (en) Container remote login method and device based on browser
Banda et al. An IoT protocol and framework for OEMs to make IoT-enabled devices forward compatible
Sergiienko WebRTC Cookbook
JP2009508213A (en) Providing consistent application-compatible firewall traversal
Martiradonna Zero trust architectures in a multi-cloud environment
US20240380748A1 (en) Multiworkflow authorization system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20190517

Assignee: GUANGZHOU CUBESILI INFORMATION TECHNOLOGY Co.,Ltd.

Assignor: GUANGZHOU HUADUO NETWORK TECHNOLOGY Co.,Ltd.

Contract record no.: X2021440000031

Denomination of invention: The invention relates to a server login method, a device and a storage device

License type: Common License

Record date: 20210125

GR01 Patent grant
GR01 Patent grant