CN105681224A - User access method and device - Google Patents
User access method and device Download PDFInfo
- Publication number
- CN105681224A CN105681224A CN201410667877.6A CN201410667877A CN105681224A CN 105681224 A CN105681224 A CN 105681224A CN 201410667877 A CN201410667877 A CN 201410667877A CN 105681224 A CN105681224 A CN 105681224A
- Authority
- CN
- China
- Prior art keywords
- server
- request message
- time
- unreachable
- judging
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 21
- 230000003111 delayed effect Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Telephonic Communication Services (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a user access method and device. The method comprises following steps of setting a preset duration at a device end; when a request message is sent and the response message of a server is not received in the preset duration, judging that the server is unreachable by the device end; and sending the current request message and follow-up user access request messages to other servers. According to the method and the device provided by the invention, when the request message is sent, whether the server is reachable is judged according to the timing of the preset duration; when judging that the server is unreachable, the device end sends the rest user access request messages to the other servers so as to obtain response messages; the request messages are prevented from being delayed; and the user access working efficiency is improved.
Description
Technical Field
The present application relates to communications technologies, and in particular, to a method and an apparatus for implementing user access.
Background
The remote user dial-in Authentication system (RADIUS) is a network application protocol of Authentication, Authorization and Accounting (AAA) type, and is used for functions such as Authentication, Authorization and Accounting. The protocol enables remote control of user access. Generally, a device end accessed by a user is connected with a plurality of servers, one device end generally comprises a plurality of user accesses, for each user access, after a request message sent to one of the servers is retransmitted for a plurality of times after overtime, if a response message is not received, the request message sent to the server is discarded, and the request message accessed by the user is continuously sent to other RADIUS servers.
When a request message sent to a RADIUS server is accessed by a plurality of users at the same equipment end, when the request message accessed by one user is discarded, other request messages at the equipment end still send the request message to the server until a response message is received or the request message is discarded and then the request message is sent to other servers.
Disclosure of Invention
In order to solve the above problems, the present invention provides a method and an apparatus for implementing user access, which can avoid the delay of a request message for user access and improve the efficiency of user access.
In order to achieve the purpose of the invention, the application provides a method for realizing user access; the method comprises the following steps: set up and preset the duration at the equipment end, still include:
when the sent request message does not receive a response message of the server within a preset time length, the equipment side judges that the server is unreachable;
and the equipment terminal sends the current request message and the subsequent request message accessed by the user to other servers.
Further, the specifically determining that the server is unreachable includes:
when the equipment terminal sends a request message, the system time for sending the request message is used as the starting time, and a timer is started for timing; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the equipment terminal sends a request message, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
Further, the server is a Remote Authentication Dial In User Service (RADIUS) server.
Further, the other servers are: and a server connected to the device side other than the server judged to be unreachable.
On the other hand, the present application further provides an apparatus for implementing user access, including: the device comprises a timing unit, a judging unit and a processing unit; wherein,
the timing unit is used for timing a preset time length when the equipment terminal sends the request message;
the judging unit is used for judging that the server is unreachable when the sent request message does not receive the response message of the server within the preset time length;
and the processing unit is used for sending the current request message and the subsequent request message accessed by the user to other servers according to the judged unreachable server.
Further, the determination unit is specifically configured to,
when the request message is sent, taking the system time for sending the request message as the initial time, and starting a timer to time; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the request message is sent, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
Compared with the prior art, the technical scheme provided by the invention comprises the following steps: set up and preset the duration at the equipment end, still include: when the sent request message does not receive a response message of the server within a preset time length, the equipment side judges that the server is unreachable; and the equipment terminal sends the current request message and the subsequent request message accessed by the user to other servers. According to the invention, the server unreachable judgment is carried out by timing the preset time length when the request message is sent, and for the server which is judged to be unreachable, the equipment end sends the rest request messages accessed by the user to other servers to obtain the response messages, so that the delay of the request messages is avoided, and the working efficiency of user access is improved.
Drawings
The accompanying drawings are included to provide a further understanding of the claimed subject matter and are incorporated in and constitute a part of this specification, illustrate embodiments of the subject matter and together with the description serve to explain the principles of the subject matter and not to limit the subject matter.
FIG. 1 is a flow chart of a method for implementing user access according to the present invention;
FIG. 2 is a block diagram of an apparatus for implementing user access according to the present invention;
fig. 3 is a schematic diagram of the operation of the device side and the RADIUS server in the IP network.
Detailed Description
To make the objects, technical solutions and advantages of the present application more apparent, embodiments of the present application will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 1 is a flowchart of a method for implementing user access according to the present invention, where a preset duration is set at a device side, as shown in fig. 1, the method includes:
step 100, when the sent request message does not receive a response message of a server within a preset time length, the equipment side judges that the server is unreachable;
in this step, the specifically determining that the server is unreachable comprises:
when the equipment terminal sends a request message, the system time for sending the request message is used as the starting time, and a timer is started for timing; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the equipment terminal sends a request message, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
Step 101, the equipment end sends the current request message and the subsequent request message accessed by the user to other servers.
The server in the invention is a remote user dial in authentication system (RADIUS) server.
It should be noted that the other servers refer to other servers connected to the device side, and the selected connection server may perform connection according to a preset number or an address list, or in a random manner.
Fig. 2 is a block diagram of a device for implementing user access according to the present invention, as shown in fig. 2, including: the device comprises a timing unit, a judging unit and a processing unit; wherein,
the timing unit is used for timing a preset time length when the equipment terminal sends the request message;
the judging unit is used for judging that the server is unreachable when the sent request message does not receive the response message of the server within the preset time length;
and the processing unit is used for sending the current request message and the subsequent request message accessed by the user to other servers according to the judged unreachable server.
Wherein the judging unit is specifically configured to,
when the request message is sent, taking the system time for sending the request message as the initial time, and starting a timer to time; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the request message is sent, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
In order to clearly illustrate the invention, the invention is described in detail below by means of specific examples, which are only for the purpose of clearly illustrating the invention and are not intended to limit the content of the invention.
Example 1
FIG. 3 is a schematic diagram of the operation of the device side and the RADIUS server in the IP network; the method for judging the state of the RADIUS server to carry out user access mainly comprises the following procedures:
firstly, setting the maximum non-response time Tmax of a RADIUS server on equipment at an equipment end, and setting a time point (parameter Tsend) at which the equipment end starts to send a request message to be 0;
secondly, when the equipment terminal sends an RADIUS request message, judging whether Tsend is equal to 0, and if the Tsend is equal to 0, setting Tsend as the current time;
thirdly, starting a timer and acquiring the real-time of the system according to the set Tsend as the current time: tnow; judging whether (Tnow-Tsend) is larger than Tmax: if the current state is greater than the preset value, the server state is judged to be unreachable;
and finally, according to the judgment that the server is not reachable, the equipment end sends the rest request messages accessed by the user to other servers to obtain response messages.
In the above embodiment, it is assumed that the maximum non-response time of the RADIUS server is set to 10 seconds on the device side; if the time is more than 10S, the server is judged to be unreachable;
the specific implementation process is as follows:
initializing a sending time parameter of a first request message as Tsend ═ 0, and setting Tsend as the current time when the first message is sent;
after 10 seconds, the equipment end does not receive the response message of the server, and then the current RADIUS server state is judged to be unreachable, and an alarm can be given or other RADIUS servers can be switched to.
Although the embodiments disclosed in the present application are described above, the descriptions are only used for facilitating the understanding of the embodiments of the present application, and are not intended to limit the present application, such as the specific implementation methods in the embodiments of the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims.
Claims (6)
1. A method for realizing user access is characterized in that a preset time length is set at a device end, and the method further comprises the following steps:
when the sent request message does not receive a response message of the server within a preset time length, the equipment side judges that the server is unreachable;
and the equipment terminal sends the current request message and the subsequent request message accessed by the user to other servers.
2. The method of claim 1, wherein the determining that the server is unreachable comprises:
when the equipment terminal sends a request message, the system time for sending the request message is used as the starting time, and a timer is started for timing; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the equipment terminal sends a request message, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
3. Method according to claim 1 or 2, wherein the server is a Remote Authentication Dial In User (RADIUS) server.
4. The method according to claim 1 or 2, wherein the other servers are: and a server connected to the device side other than the server judged to be unreachable.
5. An apparatus for enabling user access, comprising: the device comprises a timing unit, a judging unit and a processing unit; wherein,
the timing unit is used for timing a preset time length when the equipment terminal sends the request message;
the judging unit is used for judging that the server is unreachable when the sent request message does not receive the response message of the server within the preset time length;
and the processing unit is used for sending the current request message and the subsequent request message accessed by the user to other servers according to the judged unreachable server.
6. The apparatus according to claim 5, wherein the determining unit is specifically configured to,
when the request message is sent, taking the system time for sending the request message as the initial time, and starting a timer to time; calculating the difference value of the real-time and the initial time of the system as the timing duration, and judging that the server is unreachable when the timer is full and the equipment end does not receive the response message; or,
when the request message is sent, taking 0 as the starting time and starting a timer to time; and when the timer counts time longer than the preset time length and does not receive the response message, judging that the server is unreachable.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410667877.6A CN105681224A (en) | 2014-11-20 | 2014-11-20 | User access method and device |
| PCT/CN2015/086891 WO2016078447A1 (en) | 2014-11-20 | 2015-08-13 | Method and apparatus for implementing user access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410667877.6A CN105681224A (en) | 2014-11-20 | 2014-11-20 | User access method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105681224A true CN105681224A (en) | 2016-06-15 |
Family
ID=56013247
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410667877.6A Pending CN105681224A (en) | 2014-11-20 | 2014-11-20 | User access method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105681224A (en) |
| WO (1) | WO2016078447A1 (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101150455A (en) * | 2007-10-11 | 2008-03-26 | 华为技术有限公司 | Service state monitoring method, device and system based on initial session protocol |
| CN101667933A (en) * | 2009-10-23 | 2010-03-10 | 杭州华三通信技术有限公司 | Security authentication system and master/standby switching method and device thereof |
| CN103560922A (en) * | 2013-11-18 | 2014-02-05 | 北京特立信电子技术股份有限公司 | Disaster recovery method and system |
| CN104065526A (en) * | 2013-03-22 | 2014-09-24 | 腾讯科技(深圳)有限公司 | Server fault alarming method and device thereof |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7337237B2 (en) * | 2002-10-16 | 2008-02-26 | International Business Machines Corporation | Mechanism to provide callback capabilities for unreachable network clients |
| CN100461706C (en) * | 2006-11-29 | 2009-02-11 | 杭州华三通信技术有限公司 | Method for recovering sponsor media accessing control address and operation businesss edge apparatus |
| CN101442452A (en) * | 2008-12-31 | 2009-05-27 | 中兴通讯股份有限公司 | Alarm method and apparatus for non-access of DNS server |
| CN102307098A (en) * | 2011-09-05 | 2012-01-04 | 华为技术有限公司 | Method and device for authentication and authorization |
-
2014
- 2014-11-20 CN CN201410667877.6A patent/CN105681224A/en active Pending
-
2015
- 2015-08-13 WO PCT/CN2015/086891 patent/WO2016078447A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101150455A (en) * | 2007-10-11 | 2008-03-26 | 华为技术有限公司 | Service state monitoring method, device and system based on initial session protocol |
| CN101667933A (en) * | 2009-10-23 | 2010-03-10 | 杭州华三通信技术有限公司 | Security authentication system and master/standby switching method and device thereof |
| CN104065526A (en) * | 2013-03-22 | 2014-09-24 | 腾讯科技(深圳)有限公司 | Server fault alarming method and device thereof |
| CN103560922A (en) * | 2013-11-18 | 2014-02-05 | 北京特立信电子技术股份有限公司 | Disaster recovery method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016078447A1 (en) | 2016-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104519036B (en) | Method and device for sending service request message | |
| JP2016519799A5 (en) | ||
| CN104184749B (en) | A kind of SDN network access method and system | |
| EP3089544B1 (en) | Service processing method and device | |
| CN107995070B (en) | IPOE-based networking control method and device and BRAS | |
| WO2017215492A1 (en) | Device detection method and apparatus | |
| CN102209039A (en) | Method and equipment for transmitting file | |
| CN103166803B (en) | Method, device and system for offline processing of wireless local area network users | |
| CN104601743A (en) | IP (internet protocol) forwarding IPoE (IP over Ethernet) dual-stack user access control method and equipment based on Ethernet | |
| CN107770035B (en) | Method and device for pushing offline notification | |
| CN106470436A (en) | A kind of method determining inactivity timer duration and network equipment | |
| CN105187387B (en) | A service discovery method and terminal | |
| CN102413504A (en) | Congestion control method and equipment | |
| CN106506669B (en) | Method, device and system for processing session information | |
| CN111064759B (en) | User online methods, devices, broadband remote access servers and storage media | |
| CN104159289A (en) | Authentication registration method and device of home terminal | |
| CN107409427A (en) | The data transmission method and device of a kind of data service | |
| CN108260223B (en) | Random access control method and device | |
| CN103024097B (en) | The method of detection network address translation server ageing time, Apparatus and system | |
| EP3223493B1 (en) | Point-to-point protocol (ppp)-based dial-on-demand method and device, and computer storage medium | |
| CN105681224A (en) | User access method and device | |
| CN105592172A (en) | Dynamic host configuration protocol (DHCP) reconnection method, DHCP server and system | |
| US10739406B2 (en) | Correlation charging method, charging apparatus, and system | |
| CN108055254B (en) | Method and device for non-perception authentication | |
| CN107872795B (en) | Authentication method and system for accessing terminal to WiFi and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160615 |