[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN113765869B - Login method, login device, server side and storage medium - Google Patents

Login method, login device, server side and storage medium Download PDF

Info

Publication number
CN113765869B
CN113765869B CN202010832195.1A CN202010832195A CN113765869B CN 113765869 B CN113765869 B CN 113765869B CN 202010832195 A CN202010832195 A CN 202010832195A CN 113765869 B CN113765869 B CN 113765869B
Authority
CN
China
Prior art keywords
login
logged
server
request
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010832195.1A
Other languages
Chinese (zh)
Other versions
CN113765869A (en
Inventor
马喜鹏
白圣培
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Wodong Tianjun Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN202010832195.1A priority Critical patent/CN113765869B/en
Publication of CN113765869A publication Critical patent/CN113765869A/en
Application granted granted Critical
Publication of CN113765869B publication Critical patent/CN113765869B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the invention discloses a login method, a login device, a server side and a storage medium. The method is applied to the unified login server and comprises the following steps: when a system login request is received, signature information of a system to be logged in and a user to be logged in corresponding to the system login request is obtained; determining login information of a user to be logged in relative to a system to be logged in according to the signature information, and determining a login execution command according to the login information; and returning the login execution command to the system server side so that the system server side forwards the login execution command to the system client side to execute login operation. According to the technical scheme provided by the embodiment of the invention, the login logic is only required to be developed on the unified login server, the login logic is not required to be respectively developed on the system server corresponding to each system to be logged in, and the problem that the development pressure of developers is increased due to repeated development of the login logic is solved.

Description

Login method, login device, server side and storage medium
Technical Field
The embodiment of the invention relates to the technical field of computer application, in particular to a login method, a login device, a server side and a storage medium.
Background
With the rapid development of internet technology and the gradual complexity of services, many service systems start to be vertically divided, and at this time, the login service of each service system is particularly important.
Typically, each service system will develop a set of login logic, and a user needs to log into the service system based on the login logic before operating the service system.
In the process of realizing the invention, the inventor finds that the following technical problems exist in the prior art: repeated development of login logic of a plurality of sets of business systems increases development pressure of developers.
Disclosure of Invention
The embodiment of the invention provides a login method, a login device, a server and a storage medium, which solve the problem that development pressure of developers is increased due to repeated development of login logic.
In a first aspect, an embodiment of the present invention provides a login method, which is applied to a unified login server, where the method may include:
when a system login request is received, signature information of a system to be logged in and a user to be logged in corresponding to the system login request is obtained, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in;
Determining login information of a user to be logged in relative to a system to be logged in according to the signature information, and determining a login execution command according to the login information;
and returning the login execution command to the system server side so that the system server side forwards the login execution command to the system client side to execute login operation.
In a second aspect, an embodiment of the present invention further provides a login method, which is applied to a system server, where the method may include:
receiving a system login request, wherein the system login request is a request sent by a system client of a system to be logged in when monitoring that a user to be logged in pre-starts the system to be logged in;
the method comprises the steps of sending a system login request to a unified login server and receiving a login execution command, wherein the login execution command is a command sent by the unified login server according to the system login request;
and forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command.
In a third aspect, an embodiment of the present invention further provides a login device configured on a unified login server, where the device may include:
the first request receiving module is used for acquiring signature information of a system to be logged in and a user to be logged in corresponding to a system login request when the system login request is received, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in;
The command determining module is used for determining login information of a user to be logged in relative to the system to be logged in according to the signature information and determining a login executing command according to the login information;
the first login module is used for returning a login execution command to the system server side so that the system server side can forward the login execution command to the system client side to execute login operation.
In a fourth aspect, an embodiment of the present invention further provides a login device configured at a system server, where the login device may include:
the second request receiving module is used for receiving a system login request, wherein the system login request is a request sent by a system client of a system to be logged in when monitoring that a user to be logged in pre-starts the system to be logged in;
the command receiving module is used for sending the system login request to the unified login server and receiving a login execution command, wherein the login execution command is a command sent by the unified login server according to the system login request;
and the second login module is used for forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command.
In a fifth aspect, an embodiment of the present invention further provides a unified login server, which may include:
One or more processors;
a memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the login method provided by any embodiment of the present invention.
In a sixth aspect, an embodiment of the present invention further provides a system service end, which may include:
one or more processors;
a memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the login method provided by any embodiment of the present invention.
In a seventh aspect, embodiments of the present invention further provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the login method provided by any embodiment of the present invention.
According to the technical scheme, when the unified login server receives the system login request forwarded by the system server, the login information of a user to be logged in relative to the system to be logged in can be determined according to the system login request, and a login execution command is determined according to the login information; therefore, the unified login server side sends the login execution command to the system client side through the system server side, so that the system client side can determine whether a user to be logged in can log in the system to be logged in according to the login execution command. According to the technical scheme, the login logic is only required to be developed on the unified login server, the login logic is not required to be developed on the system server corresponding to each system to be logged in, the problem that development pressure of developers is increased due to repeated development of the login logic is solved, and the effect of controlling the login conditions of a plurality of systems to be logged in based on interaction of the unified login server is achieved.
Drawings
FIG. 1 is a flow chart of a login method according to a first embodiment of the invention;
fig. 2 is an application diagram of a unified login server in a login method according to a first embodiment of the present invention;
FIG. 3 is a flow chart of a login method according to a second embodiment of the present invention;
fig. 4 is a schematic diagram illustrating an application of an SDK mode in a login method according to a second embodiment of the present invention;
FIG. 5 is a schematic diagram of the overall system architecture in a login method according to a second embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating an application of the whole system in a login method according to a second embodiment of the present invention;
FIG. 7 is a block diagram showing a login device according to a third embodiment of the present invention;
FIG. 8 is a block diagram showing a login device according to a fourth embodiment of the present invention;
fig. 9 is a schematic structural diagram of a unified login server in a fifth embodiment of the present invention;
fig. 10 is a schematic structural diagram of a system server in a sixth embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the structures related to the present invention are shown in the drawings.
Before describing the embodiment of the present invention, an application scenario of the embodiment of the present invention is described in an exemplary manner: the login method of the embodiment of the invention is a passive login method, which can be applied to the login of an internal system of a company, taking an enterprise resource planning (Enterprise Resource Planning, ERP) system as an example, when a user wants to open the ERP system, a client operated by the user (i.e. the ERP system client where the ERP system is located) can send a corresponding system login request to an ERP system server where the ERP system is located, so that the ERP system server forwards the system login request to a unified login server, and the unified login server is a server which interacts with a plurality of system servers; at this time, the unified login server judges whether the user can log in the ERP system according to the system login request, and returns the judgment result to the ERP system client by taking the ERP system server as a medium, so that when the ERP system client determines that the user can log in the ERP system according to the judgment result, the user side can enter the ERP system, namely the user side can see the related content in the ERP system.
Example 1
Fig. 1 is a flowchart of a login method applied to a unified login server according to a first embodiment of the present invention. The embodiment can be applied to the situation that the login conditions of the systems to be logged in are controlled based on the unified login server. The method can be executed by the login device provided by the embodiment of the invention, the device can be realized by software and/or hardware, and the device can be integrated on a unified login server.
Referring to fig. 1, the method of the embodiment of the present invention specifically includes the following steps:
s110, when a system login request is received, signature information of a system to be logged in and a user to be logged in corresponding to the system login request is obtained, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in.
For convenience of description, a server where the system to be logged in is located is referred to as a system server, and a client where the system to be logged in is located is referred to as a system client. On the basis, when the system server receives the system login request sent by the system client, the system login request can be forwarded to the unified login server, so that the unified login server receives the system login request. In practical application, the system login request may be a request sent by a user to be logged in through a system client to be logged in on a system to be logged in, the system to be logged in is a system to be logged in by the user to be logged in, the user to be logged in is a user to be logged in on the system to be logged in, and the signature information is information preset by the user to be logged in for the system to be logged in, and the signature information may be a user name and a password.
Firstly, the number of the system servers interacting with the unified login server may be one, two or more, and each system server corresponds to a respective system to be logged in, that is, the unified login server may control the login condition of at least one system to be logged in. Secondly, taking a certain system to be logged in as an example, the number of corresponding system servers is one, and the number of corresponding system clients can be one, two or more, because the system to be logged in can be installed on different system clients, and each system client interacts with the same system server, that is, the system server can receive the system login request sent by different system clients. Again, the system client may send the system login request through different login sources, because the user to be logged in may start the system to be logged in through different login sources, for example, the user to be logged in starts the system to be logged in through WeChat, payment device, dong-dong or Single Sign On (SSO).
S120, determining login information of the user to be logged in relative to the system to be logged in according to the signature information, and determining a login execution command according to the login information.
The login information may be a login state, login authority, and the like, that is, whether the user to be logged in is logged in to the system to be logged in, whether the user to be logged in has authority to log in to the system to be logged in, and the like may be determined according to the signature information. Further, a login execution command may be determined according to the login information, where the login execution command is a command that is pre-sent to the system server to enable the system server to determine whether the user to be logged in can log on to the system to be logged in, and for example, the login execution command may be a login permission command, a login rejection command, a login inquiry command, and the like.
Further, optionally, when the login execution command is a login permission command, attribute information of the user to be logged in, such as gender, age, id card number, etc., may be determined according to the signature information and/or the login information, and the unified login server may also return the attribute information to the system server, so that the system server forwards the attribute information to the system client, so that the system client displays the attribute information. Optionally, the operation information of the user to be logged in relative to the system to be logged in can be determined, and the operation information is returned to the system server, so that the system server determines the executable operation of the user to be logged in according to the operation information. The operation information is information related to whether the user to be logged in can perform certain operations on the system to be logged in, such as whether the user to be logged in can see certain data on the system to be logged in, whether the data can be modified, and the like. Therefore, the system server side can determine the executable operation of the user to be logged in relative to the system to be logged in according to the operation information, wherein the executable operation is the operation which can be executed by the user to be logged in.
S130, returning the login execution command to the system server side so that the system server side can forward the login execution command to the system client side to execute login operation.
The unified login server side can send the login execution command to the system server side, so that the system server side forwards the received login execution command to the system client side, and the system client side can determine whether a user to be logged in is logged on the system to be logged in, whether the user to be logged in can be logged on the system to be logged in, and the like according to the received login execution command.
According to the technical scheme, when the unified login server receives the system login request forwarded by the system server, the login information of a user to be logged in relative to the system to be logged in can be determined according to the system login request, and a login execution command is determined according to the login information; therefore, the unified login server side sends the login execution command to the system client side through the system server side, so that the system client side can determine whether a user to be logged in can log in the system to be logged in according to the login execution command. According to the technical scheme, the login logic is only required to be developed on the unified login server, the login logic is not required to be developed on the system server corresponding to each system to be logged in, the problem that development pressure of developers is increased due to repeated development of the login logic is solved, and the effect of controlling the login conditions of a plurality of systems to be logged in based on interaction of the unified login server is achieved.
An optional technical scheme, determining login information of a user to be logged in relative to a system to be logged in according to signature information, may specifically include: and screening target mapping relations corresponding to the signature information and the system to be logged in from a plurality of mapping relations stored in advance, and determining login information of the user to be logged in relative to the system to be logged in according to the target mapping relations. The mapping relationship may be pre-stored in various modes, and may be the mapping relationship between the signature information of the user under the system to be logged in and the system to be logged in, where the user to be logged in is a user allowed to log in to the system to be logged in; the method can be the mapping relation between the signature information of the login prohibition user under the system to be logged in and the system to be logged in, wherein the login prohibition user is a user prohibited from logging in the system to be logged in; the mapping relation between the signature information and the login information of the user to be logged in under the system to be logged in can be; the mapping relation among the system to be logged in, the signature information and the login information can also be adopted; etc. Therefore, after the signature information and the system to be logged in are obtained, a target mapping relation matched with the signature information and the system to be logged in can be screened out from all the mapping relations stored in advance, and the target mapping relation can be directly screened out from all the mapping relations according to the signature information and the system to be logged in; the mapping relation related to the system to be logged in can be screened out from the mapping relations, and then the target mapping relation related to the signature information can be screened out from the mapping relation related to the system to be logged in; etc.
The advantage of this is that in the prior art, each system server develops a set of login logic, which means that each system server corresponds to a respective system database, and the system database stores data that needs to be maintained by the corresponding system server, where the data may be mapping relation, user information, and the like, and the user information is information related to the user to be logged in, such as signature information, operation information, attribute information, and the like. However, many users to be logged in can log in to multiple systems to be logged in, which means that there is overlapping content in the data stored in multiple system databases, and resources are wasted. In addition, in order to ensure the effectiveness, real-time performance and consistency of the data, the data in the databases of the systems need to be synchronized regularly, which increases the working pressure of operation and maintenance personnel. Still further, if a user to be logged in leaves, and the user information of the user to be logged in is stored in a plurality of system databases, the processing procedure of the user information is complicated.
Accordingly, in the application, the data in the system databases are fused into the unified login database corresponding to the unified login server, so that even if a plurality of systems to be logged in have the same user to be logged in, the user information of the user to be logged in is only one piece of user information in the unified login database, and the effects of saving resources, omitting a data synchronization process and simplifying a data processing process are achieved. Particularly, considering the practical application scenario of the embodiment of the invention, the user to be logged in can log in to the same system to be logged in through different login sources, and the application of the unified login server is beneficial to the unified management and unified distribution of the rights of the multi-source user.
An optional technical solution, the login execution command includes a login query command, and the login method may further include: when an address acquisition request is received, determining identification information in signature information corresponding to the address acquisition request, and determining a login address of a login source in a system client according to the identification information, wherein the address acquisition request is returned by a system server after receiving a login inquiry command and is used for acquiring the login address; determining a login interface to be presented to a user to be logged in according to the login address, and returning the login interface to the system server so that the system server forwards the login interface to the system client to execute display operation.
When the signature information acquired from the system login request by the unified login server is not effective information, the login execution command determined according to the signature information is a login inquiry command, namely the login execution command is a command sent by the unified login server when the unified login server cannot determine whether a user to be logged in can log in to the system to be logged in. Considering the application scenario of the embodiment of the present invention, the reason for the above situation may be that when the user to be logged in logs in to the system to be logged in for the first time via a certain login address, the system client cannot obtain valid signature information according to the login address, so that the unified login server cannot obtain valid signature information from the system login request when indirectly receiving the system login request sent by the system client.
Therefore, when the login execution command is a login inquiry command, the unified login server side can determine the identification information in the corresponding signature information according to the address acquisition request when receiving the address acquisition request returned by the system server side and used for acquiring the login address, wherein the signature information is the signature information corresponding to the system login request, and the label information can be part of the signature information and is related to a specific login source. Thus, the login address of the login source in the corresponding system client can be determined according to the identification information. For example, when a user to be logged in starts a system to be logged in through different login sources, the identification information carried by the signature information is different, and by way of example, the identification information at the time of WeChat start is wx, and the identification information at the time of Beijing Dong SSO start is jd, so that a specific login address can be determined by combining the identification information and a specific system client, and the effects of determining the corresponding login address according to the login sources and automatically classifying the user to be logged in according to each login source are realized. The signature information may be represented by a key and a token, for example.
Further, considering that different login sources correspond to different login interfaces, a login interface to be presented to a user to be logged in can be determined according to the login address, and the login interface is returned to the system server, so that the system server forwards the login interface to the system client, and the system client can display the login interface. At this time, the user to be logged in can input own signature information in the displayed login interface, and then, after receiving the signature information input by the user, the system client can send a system login request corresponding to the signature information to the system server, so that the system server forwards the system login request to the unified login server to execute subsequent login operation. When the user to be logged in starts the system to be logged in through the login address, the system client can directly acquire the effective signature information.
In view of the application scenario that may be involved in the embodiments of the present invention, as shown in fig. 2, for example, the unified login server may be divided into four modules: the system comprises a management module, an OpenAPI, a visual large screen and a customization module. The management module can provide management functions for users to be logged in, such as token management, role management, authority management, timing tasks, off-staff detection and synchronization, and the like; the customization module is mainly used for multi-source maintenance and can be divided into multi-source login management, special token management, newly added source configuration, user authority management and the like; the OpenAPI provides a restful interface service so as to facilitate secondary encapsulation of developers and invocation of http services; the visual large screen is used for analyzing the distribution condition, the use condition and the like of the user to be logged in, wherein the visual large screen is a set of visual solutions aiming at large screen display, and the back of the visual large screen is a whole set of data link, large data solution and server resource support.
On the basis, when the unified login server determines that the user to be logged in can log in to the system to be logged in, the user information of the user to be logged in can be stored in MySQL; on the basis, the analysis data of the user to be logged in can be stored in the ES so as to facilitate the search analysis in the future; likewise, the head portrait, the file, and the like of the user to be logged in can also be stored in the CFS, wherein the CFS is a set of storage services which are specially used for compressing and storing the file pictures, and the CFS is helpful for improving the response speed of the file and the adaptability of the pictures. Meanwhile, the unified login service system also uses UMP and log book to timely discover and check abnormal states of users to be logged in. In addition, the unified login server also provides a software development kit (Software Development Kit, SDK) mode for the system server to apply, and the specific implementation process of the application will be described in the following embodiments.
The unified login server flexibly realizes multi-source pluggable through jimDB, mySQL and other tools, namely when a login mode corresponding to a certain login source is newly added or deleted in advance, only a switch corresponding to the login source is required to be turned on or turned off, and at the moment, code modification and login configuration are not required to be carried out on each system to be logged in, and the login source is easy to replace. For example, after the switch corresponding to the WeChat is turned on, the WeChat login of each system to be logged in can be applied; otherwise, weChat login of each system to be logged in is not applicable. In addition, rich login components are provided for the system server through the call of the SDK and the OpenAPI, at the moment, the system server can realize fussy login service only by configuration, and each system server can realize login without concern about the cache condition of a user to be logged in, so that the production efficiency is improved.
Example two
Fig. 3 is a flowchart of a login method applied to a system server provided in a second embodiment of the present invention. The embodiment can be applied to the situation that the login conditions of the systems to be logged in are controlled based on the unified login server. The method can be executed by the login device provided by the embodiment of the invention, the device can be realized by software and/or hardware, and the device can be integrated on a system server. Wherein, the explanation of the same or corresponding terms as the above embodiments is not repeated herein.
Referring to fig. 3, the method of the embodiment of the present invention specifically includes the following steps:
s210, receiving a system login request, wherein the system login request is a request sent by a system client of a system to be logged in when monitoring that a user to be logged in pre-starts the system to be logged in.
When the system client monitors that a user to be logged in starts the system to be logged in, a system login request is sent to a system server side, so that the system server side receives the system login request.
S220, a system login request is sent to a unified login server, and a login execution command is received, wherein the login execution command is a command sent by the unified login server according to the system login request.
The system server forwards the received system login request to the unified login server, so that the unified login server determines a login execution command according to the system login request, and returns the login execution command to the system server, so that the system server receives the login execution command.
S230, forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command.
The system server forwards the received login execution command to the system client so that the system client executes login operation according to the login execution command.
According to the technical scheme of the embodiment of the invention, the system server forwards the system login request sent by the system client when the system client monitors that the user to be logged in is pre-started to be logged in to the unified login server, so that the unified login server determines a login execution command according to the system login request; and the system server returns the login execution command returned by the unified login server to the system client so that the system client executes login operation according to the login execution command. According to the technical scheme, the determining process of the login execution command of each system to be logged in is executed by the unified login server, which means that the login logic is only required to be developed at the unified login server, the login logic is not required to be developed at each system server, and the problem that the development pressure of developers is increased due to repeated development of the login logic is solved.
On the basis, an optional technical scheme sends a system login request to a unified login server, which specifically comprises the following steps: acquiring a programming language of a system client, and determining a login mode according to the programming language; and sending a system login request to the unified login server by calling a login mode. The system server side can determine a service scene where the system client side is located from a system login request sent by the system client side, and can determine a programming language of the system client side according to the service scene. For example, the system server determines whether the system client is a PC or a mobile terminal according to the identification information in the system login request, and then determines the programming language according to the specific type of the PC or the mobile terminal, for example, the programming language of the apple mobile phone is objected-C and the programming language of the android mobile phone is Java. Furthermore, the login modes can be determined according to the programming language, and the processing process of the system login request by each login mode is different, so that the system login request can be sent to the unified login server by calling the login mode. Alternatively, the login mode may be an SDK mode or an http mode.
In view of the application scenario possibly involved in the embodiments of the present invention, an exemplary specific login mode may be determined by a login mode provided by the unified login server, for example, when the unified login server provides an SDK mode of some programming languages, as shown in fig. 2, the unified login server provides an SDK mode of java, python, go and a Node, and the login mode determined according to these programming languages is the SDK mode, which has the advantage that what operation is not required to be performed by the system server, and only needs to configure the SDK in the system server in advance. In the SDK mode, a system login request can be forwarded to a unified login server by calling a getserver interface in the SDK, the getserver interface comprises an isdis parameter which can be used for marking whether a back-end cache is used or not, and if not, the system server is required to query own cache record service to ensure timeliness and accuracy of login. For another example, for those programming languages or web page formats not provided by the unified login server, the login mode at this time may be an http mode, which requires that the system server itself perform some interception operations, login operations, and the like by calling the openAPI in the unified login server. When the SDK mode and the http mode exist simultaneously, the unified login server and the system server cooperate with each other, so that login service under any scene can be executed.
On the basis, the system login request is sent to the unified login server by calling the login mode, which specifically comprises the following steps: acquiring cookie information of a user to be logged in according to a system login request, decrypting the cookie information, and updating the cookie information according to a decryption result; and checking the cookie information, and if the cookie information is not fake information according to the checking result, sending a system login request to the unified login server. The cookie information is information which is related to a user to be logged in and is subjected to encryption processing, such as signature information which is subjected to encryption processing. The system server side does not need to call a remote authentication interface and can directly decrypt the cookie information, so that requests among services are reduced, and the software service performance is improved; further, the system server checks the decrypted cookie information to determine whether the cookie information is counterfeit information, thereby preventing malicious attacks of the counterfeit information. In particular, in the SDK mode, the decryption verification operations may be directly provided by the SDK, and the system server only needs to configure corresponding SDK components in advance, without executing other operations.
For example, as shown in fig. 4, the system server performs decryption processing and verification processing on each received system login request, intercepts those illegal system login requests, and sends legal system login requests to the unified login server; the unified login server stores the login information determined according to the system login request into a cache, and returns the login execution command determined according to the login information to the system server, so that the system server does not need to pay attention to the cache problem.
On this basis, optionally, the login method may further include: acquiring cookie information of a user to be logged in according to a system login request, and determining a first domain name where the cookie information is located and a second domain name corresponding to a system server; if the first domain name and the second domain name belong to different domains, writing the cookie information into the second domain name. After the user to be logged in logs in to the system to be logged in, if the user to be logged in logs in the same domain, the cookie information does not need to be written in the second domain name; in the case of heterodomain login, cookie information may be written into the second domain name to implement the cross-domain login, where the cookie information may include non-sensitive information about the name, gender, department, status, etc. of the user to be logged in. Illustratively, taking the example that the first domain name is www.jd.com and the second domain name is www.jdcloud.com, the first domain name and the second domain name are different domains, that is, the cookie information is originally in the first domain name, and is rewritten into the second domain name, and the cross-domain login is realized by rewriting the domain name.
In order to better understand the login method described in the above embodiments, an exemplary description thereof is described below with reference to fig. 5 and 6. As shown in fig. 5, an architecture diagram of an overall system formed by a system client, a unified login server and a system server is exemplary, where the system client may be a PC or a mobile terminal, and is multi-terminal; the unified login server provides an SDK mode and an http mode; the system login requests which are logged in through different login sources are all sent to a system server, such as mall SSO, cloud login, weChat, dong and the like, and the system login requests are multi-source. An application schematic diagram of the whole system is shown in fig. 6, and in the PC end, a cache service can be requested from the unified login server end by calling an SDK mode to obtain a login execution command; in the mobile terminal, besides the SDK mode, the http model is called to directly and remotely request the cache service from the unified login server to obtain a login execution command. According to the technical scheme, the multi-source multi-terminal multi-domain unified login effect is achieved, each system server does not need to care about the specific implementation process of login service, and the login effect can be achieved only by calling an SDK mode or an http mode.
Example III
Fig. 7 is a block diagram of a login device according to a third embodiment of the present invention, where the login device is configured on a unified login server, and the login device is configured to execute the login method provided in the first embodiment. The device and the login method provided by the first embodiment belong to the same invention conception, and the details of the login device, which are not described in detail in the embodiment of the login device, can be referred to the embodiment of the login method. Referring to fig. 7, the apparatus may specifically include: a first request receiving module 310, a command determining module 320, and a first login module 330.
The first request receiving module 310 is configured to obtain, when a system login request is received, signature information of a system to be logged in and a user to be logged in corresponding to the system login request, where the system login request is a request forwarded by a system server of the system to be logged in after receiving a system login request sent by a system client of the system to be logged in;
the command determining module 320 is configured to determine login information of the user to be logged in relative to the system to be logged in according to the signature information, and determine a login execution command according to the login information;
the first login module 330 is configured to return a login execution command to the system server, so that the system server forwards the login execution command to the system client to perform a login operation.
Optionally, the command determining module 320 may specifically include:
the login information determining unit is used for screening out target mapping relations corresponding to the signature information and the system to be logged in from a plurality of mapping relations stored in advance, and determining login information of the user to be logged in relative to the system to be logged in according to the target mapping relations.
Optionally, the login execution command includes a login query command, and the apparatus may further include:
the login address determining module is used for determining identification information in signature information corresponding to the address acquisition request when the address acquisition request is received, and determining a login address of a login source in the system client according to the identification information, wherein the address acquisition request is returned by the system server after receiving a login inquiry command and is used for acquiring the login address;
the login interface determining module is used for determining a login interface to be presented to a user to be logged in according to the login address, and returning the login interface to the system server side so that the system server side forwards the login interface to the system client side to execute display operation.
Optionally, the login execution command includes a login permission command, and the apparatus may further include:
the operation information determining module is used for determining operation information of a user to be logged in relative to a system to be logged in;
And the executable operation determining module is used for returning the operation information to the system server side so that the system server side determines the executable operation of the user to be logged in according to the operation information.
According to the login device provided by the third embodiment of the invention, the first request receiving module and the command determining module are matched with each other, when the unified login server receives a system login request forwarded by the system server, the login information of a user to be logged in relative to the system to be logged in can be determined according to the system login request, and a login execution command can be determined according to the login information; the first login module sends the login execution command to the system client through the system server, so that the system client determines whether the user to be logged in can log in to the system to be logged in according to the login execution command. According to the device, the login logic is only required to be developed on the unified login server, the login logic is not required to be developed on the system server corresponding to each system to be logged in, the problem that development pressure of developers is increased due to repeated development of the login logic is solved, and the effect of controlling the login conditions of a plurality of systems to be logged in based on interaction of the unified login server is achieved.
The login device provided by the embodiment of the invention can execute the login method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
It should be noted that, in the embodiment of the login device, each unit and module included are only divided according to the functional logic, but not limited to the above division, so long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present invention.
Example IV
Fig. 8 is a block diagram of a login device according to a fourth embodiment of the present invention, where the login device is configured on a system server, and the login device is configured to execute the login method according to the second embodiment. The device and the login method provided by the second embodiment belong to the same invention conception, and the details of the login device, which are not described in detail in the embodiment of the login device, can be referred to the embodiment of the login method. Referring to fig. 8, the apparatus may specifically include: a second request receiving module 410, a command receiving module 420, and a second login module 430.
The second request receiving module 410 is configured to receive a system login request, where the system login request is a request sent by a system client of a system to be logged in when monitoring that a user to be logged in pre-starts the system to be logged in;
The command receiving module 420 is configured to send a system login request to the unified login server, and receive a login execution command, where the login execution command is a command sent by the unified login server according to the system login request;
the second login module 430 is configured to forward a login execution command to the system client, so that the system client performs a login operation according to the login execution command.
Optionally, the command receiving module 420 may specifically include:
the system login request sending unit is used for obtaining the programming language of the system client, determining a login mode according to the programming language, and sending the system login request to the unified login server by calling the login mode.
Alternatively, the login mode may include an SDK mode or an http mode.
Optionally, the system login request sending unit may specifically include:
the decrypting subunit is used for acquiring the cookie information of the user to be logged in according to the system login request, decrypting the cookie information and updating the cookie information according to the decrypting result;
and the verification subunit is used for verifying the cookie information, and if the cookie information is determined to be not fake information according to the verification result, the system login request is sent to the unified login server.
Optionally, the system login request sending unit may further include:
and the interception subunit is used for intercepting the system login request if the cookie information is determined to be fake information according to the verification result.
Optionally, on the basis of the above device, the device may further include:
the domain name determining module is used for acquiring cookie information of a user to be logged in according to a system login request and determining a first domain name where the cookie information is located and a second domain name corresponding to a system server;
and the domain name rewriting module is used for writing the cookie information into the second domain name if the first domain name and the second domain name belong to different domains.
According to the login device provided by the fourth embodiment of the invention, the second request receiving module and the command receiving module are matched with each other, and the system server forwards the system login request sent by the system client when monitoring that the user to be logged in is pre-started to be logged in to the unified login server, so that the unified login server determines a login execution command according to the system login request; and the second login module returns the login execution command returned by the unified login server to the system client so that the system client executes login operation according to the login execution command. According to the device, the determining process of the login execution command of each system to be logged in is executed by the unified login server, which means that the login logic is only required to be developed at the unified login server, the login logic is not required to be developed at each system server, and the problem that the development pressure of developers is increased due to repeated development of the login logic is solved.
The login device provided by the embodiment of the invention can execute the login method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
It should be noted that, in the embodiment of the login device, each unit and module included are only divided according to the functional logic, but not limited to the above division, so long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present invention.
Example five
Fig. 9 is a schematic structural diagram of a unified login server according to a fifth embodiment of the present invention, and as shown in fig. 9, the unified login server may include a memory 510, a processor 520, an input device 530, and an output device 540. The number of processors 520 in the unified login service may be one or more, and one processor 520 is taken as an example in fig. 9; the memory 510, processor 520, input device 530, and output device 540 in the unified login server may be connected by a bus or other means, for example, via bus 550 in fig. 9.
The memory 510 is a computer readable storage medium, and may be used to store a software program, a computer executable program, and modules, such as program instructions/modules (e.g., the first request receiving module 310, the command determining module 320, and the first login module 330 in the login device) corresponding to the login method in the embodiment of the present invention. The processor 520 executes various functional applications and data processing of the unified login service by running software programs, instructions and modules stored in the memory 510, i.e., implements the login method described above.
The memory 510 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for functions; the storage data area may store data created according to the use of the unified login server, etc. In addition, memory 510 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, memory 510 may further include memory located remotely from processor 520, which may be connected to the device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 530 may be used to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the device. The output 540 may include a display device such as a display screen.
Example six
Fig. 10 is a schematic structural diagram of a system service end according to a sixth embodiment of the present invention, as shown in fig. 10, the system service end includes a memory 610, a processor 620, an input device 630 and an output device 640. The number of processors 620 in the system server may be one or more, and one processor 620 is taken as an example in fig. 10; the memory 610, processor 620, input device 630, and output device 640 in the system's server may be connected by a bus or other means, shown in FIG. 10 as being connected by a bus 650.
The memory 610 is a computer readable storage medium, and may be used to store a software program, a computer executable program, and modules, such as program instructions/modules (e.g., the second request receiving module 410, the command receiving module 420, and the second login module 430 in the login device) corresponding to the login method in the embodiment of the present invention. The processor 620 executes various functional applications and data processing of the system server by executing software programs, instructions and modules stored in the memory 610, i.e., implements the login method described above.
The memory 610 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for functions; the storage data area may store data created according to the use of the system server, etc. In addition, memory 610 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, memory 610 may further include memory remotely located relative to processor 620, which may be connected to the device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 630 may be used to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the device. The output device 640 may include a display device such as a display screen.
Example seven
A seventh embodiment of the present invention provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are for performing a login method, the method comprising:
when a system login request is received, signature information of a system to be logged in and a user to be logged in corresponding to the system login request is obtained, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in;
determining login information of a user to be logged in relative to a system to be logged in according to the signature information, and determining a login execution command according to the login information;
and returning the login execution command to the system server side so that the system server side forwards the login execution command to the system client side to execute login operation.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform the related operations in the login method provided in any embodiment of the present invention.
Example eight
An eighth embodiment of the present invention provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are for performing a login method, the method comprising:
receiving a system login request, wherein the system login request is a request sent by a system client of a system to be logged in when monitoring that a user to be logged in pre-starts the system to be logged in;
the method comprises the steps of sending a system login request to a unified login server and receiving a login execution command, wherein the login execution command is a command sent by the unified login server according to the system login request;
and forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform the related operations in the login method provided in any embodiment of the present invention.
From the above description of embodiments, it will be clear to a person skilled in the art that the present invention may be implemented by means of software and necessary general purpose hardware, but of course also by means of hardware, although in many cases the former is a preferred embodiment. In light of such understanding, the technical solution of the present invention may be embodied essentially or in part in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), FLASH Memory (FLASH), hard disk, optical disk, etc., of a computer, which may be a personal computer, a server, a network device, etc., and which includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in the embodiments of the present invention.
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.

Claims (14)

1. A login method, which is applied to a unified login server, the method comprising:
when a system login request is received, signature information of a system to be logged in and a user to be logged in, which correspond to the system login request, is obtained, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in;
determining login information of the user to be logged in relative to the system to be logged in according to the signature information, and determining a login execution command according to the login information;
Returning the login execution command to the system server so that the system server forwards the login execution command to the system client to execute login operation;
when the signature information is not valid information, the login execution command includes a login query command, the method further comprising:
when an address acquisition request is received, acquiring identification information in the signature information corresponding to the address acquisition request, and determining a login address of a login source in the system client according to the identification information, wherein the address acquisition request is returned by the system server after receiving the login inquiry command and is used for acquiring the login address;
determining a login interface to be presented to the user to be logged in according to the login address, and returning the login interface to the system server so that the system server forwards the login interface to the system client to execute display operation.
2. The method according to claim 1, wherein determining login information of the user to be logged in with respect to the system to be logged in according to the signature information comprises:
And screening target mapping relations corresponding to the signature information and the system to be logged in from a plurality of mapping relations stored in advance, and determining login information of the user to be logged in relative to the system to be logged in according to the target mapping relations.
3. The method of claim 1, wherein the login execution command comprises a login permission command, the method further comprising:
determining operation information of the user to be logged in relative to the system to be logged in;
and returning the operation information to the system server side so that the system server side can determine the executable operation of the user to be logged in according to the operation information.
4. A login method, applied to a system server, comprising:
receiving a system login request, and acquiring signature information of a user to be logged in according to the system login request, wherein the system login request is a request sent by a system client of the system to be logged in when monitoring that the user to be logged in pre-starts the system to be logged in;
the system login request is sent to a unified login server and a login execution command is received, wherein the login execution command is a command sent by the unified login server according to the system login request;
Forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command;
when the signature information is not valid information, the login execution command includes a login query command, the method further comprising:
after receiving the login inquiry command, returning an address acquisition request to the unified login server so that the unified login server determines a login address of a login source in the system client according to the identification information in the signature information corresponding to the address acquisition request, and determines a login interface to be presented to the user to be logged according to the login address;
and receiving a login interface returned by the unified login server, and forwarding the login interface to the system client to execute display operation.
5. The method of claim 4, wherein the sending the system login request to the unified login server comprises:
acquiring a programming language of the system client, and determining a login mode according to the programming language;
and sending the system login request to a unified login server by calling the login mode.
6. The method of claim 5, wherein the login mode comprises an SDK mode or an http mode.
7. The method of claim 5, wherein the sending the system login request to a unified login server by invoking the login mode comprises:
acquiring the cookie information of the user to be logged in according to the system login request, decrypting the cookie information, and updating the cookie information according to a decryption result;
and checking the cookie information, and if the cookie information is not fake information according to the checking result, sending the system login request to a unified login server.
8. The method as recited in claim 7, further comprising:
and if the cookie information is determined to be fake information according to the verification result, intercepting the system login request.
9. The method as recited in claim 4, further comprising:
acquiring cookie information of the user to be logged in according to the system login request, and determining a first domain name where the cookie information is located and a second domain name corresponding to the system server;
And if the first domain name and the second domain name belong to different domains, writing the cookie information into the second domain name.
10. A login device configured at a unified login server, the device comprising:
the first request receiving module is used for acquiring signature information of a system to be logged in and a user to be logged in corresponding to a system login request when the system login request is received, wherein the system login request is a request forwarded by a system server of the system to be logged in after receiving the system login request sent by a system client of the system to be logged in;
the command determining module is used for determining login information of the user to be logged in relative to the system to be logged in according to the signature information and determining a login execution command according to the login information;
the first login module is used for returning the login execution command to the system server so that the system server forwards the login execution command to the system client to execute login operation;
when the signature information is not valid information, the login execution command includes a login query command, and the apparatus further includes:
The login address determining module is used for returning an address acquisition request to the unified login server after receiving the login inquiry command so as to enable the unified login server to determine a login address of a login source in the system client according to the identification information in the signature information corresponding to the address acquisition request, and determining a login interface to be presented to the user to be logged in according to the login address;
and the login interface determining module is used for receiving the login interface returned by the unified login server and forwarding the login interface to the system client to execute display operation.
11. A login device, configured at a system server, the device comprising:
the second request receiving module is used for receiving a system login request, acquiring signature information of a user to be logged in according to the system login request, wherein the system login request is a request sent by a system client of the system to be logged in when monitoring that the user to be logged in pre-starts the system to be logged in;
the command receiving module is used for sending the system login request to a unified login server and receiving a login execution command, wherein the login execution command is a command sent by the unified login server according to the system login request;
The second login module is used for forwarding the login execution command to the system client so that the system client executes login operation according to the login execution command;
when the signature information is not valid information, the login execution command includes a login query command, and the second login module is further configured to:
after receiving the login inquiry command, returning an address acquisition request to the unified login server so that the unified login server determines a login address of a login source in the system client according to the identification information in the signature information corresponding to the address acquisition request, and determines a login interface to be presented to the user to be logged according to the login address;
and receiving a login interface returned by the unified login server, and forwarding the login interface to the system client to execute display operation.
12. A unified login server, comprising:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, causes the one or more processors to implement the login method of any of claims 1-3.
13. A system server, comprising:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, causes the one or more processors to implement the login method of any of claims 4-9.
14. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements a login method according to any one of claims 1-9.
CN202010832195.1A 2020-08-18 2020-08-18 Login method, login device, server side and storage medium Active CN113765869B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010832195.1A CN113765869B (en) 2020-08-18 2020-08-18 Login method, login device, server side and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010832195.1A CN113765869B (en) 2020-08-18 2020-08-18 Login method, login device, server side and storage medium

Publications (2)

Publication Number Publication Date
CN113765869A CN113765869A (en) 2021-12-07
CN113765869B true CN113765869B (en) 2023-06-30

Family

ID=78785590

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010832195.1A Active CN113765869B (en) 2020-08-18 2020-08-18 Login method, login device, server side and storage medium

Country Status (1)

Country Link
CN (1) CN113765869B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116827930A (en) * 2023-03-27 2023-09-29 盘锦千寻信息技术有限公司 portable computer

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106130881A (en) * 2016-07-07 2016-11-16 腾讯科技(深圳)有限公司 A kind of account number login method and device
CN110830463A (en) * 2019-10-30 2020-02-21 腾讯科技(深圳)有限公司 Third party authorized login method and device

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101136915B (en) * 2007-10-16 2011-08-10 中兴通讯股份有限公司 Method and system for implementing multi-service united safety authentication
CN102682009B (en) * 2011-03-11 2017-02-15 腾讯科技(北京)有限公司 Method and system for logging in webpage
CN104518876B (en) * 2013-09-29 2019-01-04 腾讯科技(深圳)有限公司 Service login method and device
US10419514B2 (en) * 2015-08-14 2019-09-17 Oracle International Corporation Discovery of federated logins
CN105959276A (en) * 2016-04-27 2016-09-21 青岛海信传媒网络技术有限公司 Application control method, device, and terminal device based on third party account login
CN107359996B (en) * 2016-05-09 2020-05-05 阿里巴巴集团控股有限公司 Automatic login method and device among multiple network stations
CN107819722A (en) * 2016-09-10 2018-03-20 长沙有干货网络技术有限公司 A kind of design method of the Centralized Authentication System based on Cookie
CN107948210A (en) * 2018-01-08 2018-04-20 武汉斗鱼网络科技有限公司 A kind of login method, device, client, server and medium
CN108712372B (en) * 2018-04-03 2021-06-25 福建天泉教育科技有限公司 Method and system for accessing WEB third party login by client
CN111404921B (en) * 2020-03-12 2022-05-17 广州市百果园信息技术有限公司 Webpage application access method, device, equipment, system and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106130881A (en) * 2016-07-07 2016-11-16 腾讯科技(深圳)有限公司 A kind of account number login method and device
CN110830463A (en) * 2019-10-30 2020-02-21 腾讯科技(深圳)有限公司 Third party authorized login method and device

Also Published As

Publication number Publication date
CN113765869A (en) 2021-12-07

Similar Documents

Publication Publication Date Title
US11750609B2 (en) Dynamic computing resource access authorization
US10623476B2 (en) Endpoint management system providing an application programming interface proxy service
US11582040B2 (en) Permissions from entities to access information
KR101720160B1 (en) Authenticated database connectivity for unattended applications
US11134085B2 (en) Cloud least identity privilege and data access framework
Bates et al. Towards secure provenance-based access control in cloud environments
US12132764B2 (en) Dynamic security policy management
WO2017129016A1 (en) Resource access method, apparatus and system
US20180019985A1 (en) Distributed key/value store system using asynchronous messaging systems
US10951396B2 (en) Tamper-proof management of audit logs
US20230259386A1 (en) Data processing method based on container engine and related device
US10318747B1 (en) Block chain based authentication
US10911299B2 (en) Multiuser device staging
JP7076641B2 (en) Systems and methods for push delivery notification services for SAAS applications
US12113824B2 (en) Distributed system for autonomous discovery and exploitation of an organization's computing
WO2023077999A1 (en) Application access control method and apparatus, and computer device and storage medium
CN113765869B (en) Login method, login device, server side and storage medium
US9948632B2 (en) Sharing data between sandboxed applications with certificates
CN110210191B (en) Data processing method and related device
CN117993017B (en) Data sharing system, method, device, computer equipment and storage medium
CN113194099A (en) Data proxy method and proxy server
CN112818038A (en) Data management method based on combination of block chain and IPFS (Internet protocol file system) and related equipment
CN115600167A (en) Login-free access and embedded configuration method and equipment
CN115242433A (en) Data processing method, system, electronic device and computer readable storage medium
US20200336371A1 (en) Single user device staging

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant