CN112751805A - Login method and device - Google Patents
Login method and device Download PDFInfo
- Publication number
- CN112751805A CN112751805A CN201911047231.7A CN201911047231A CN112751805A CN 112751805 A CN112751805 A CN 112751805A CN 201911047231 A CN201911047231 A CN 201911047231A CN 112751805 A CN112751805 A CN 112751805A
- Authority
- CN
- China
- Prior art keywords
- page
- single sign
- login
- login information
- browser
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 230000006854 communication Effects 0.000 claims description 20
- 238000004891 communication Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 description 14
- 230000004044 response Effects 0.000 description 10
- 238000012545 processing Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application provides a login method and a login device, and belongs to the technical field of computers. The method comprises the following steps: displaying a system page of a target application system through a browser, wherein the target application system is an application system which has been successfully single-point logged in; when the login credentials are detected to be invalid, judging whether login information is stored in the browser or not; if the login information is stored in the browser, carrying out background calling on a single sign-on page to generate a single sign-on request containing the login information; and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page. By adopting the method and the device, the loss of the operation on the application system can be prevented.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a login method and apparatus.
Background
With the development of internet technology, users may use various business services through terminals, and accordingly, the users need to install an application system (such as an enterprise management system, a client system, etc.) in the terminals. In order to avoid the problem that a user needs to log in to each application system when using a plurality of application systems, and the use experience is poor, people usually log in by using a Single Sign On (SSO) method.
Logging in an SSO mode, a user can access all mutually trusted application systems only by logging in once, and the specific logging in process is as follows: when a user accesses an application system through a browser, the browser displays a single sign-on page, the user inputs login information (such as an account number and a password) in the login interface, the single sign-on page sends the login information to a server for verification, if the verification is successful, the browser jumps to a system page of the application system, and the SSO server allocates a TGT (token-logging token) for the login and feeds the TGT back to the terminal. The TGT has an effective duration, and if the user uses other application systems within the effective duration of the TGT, the other application systems can directly use the TGT to log in without the need of logging in again by the user.
However, if the TGT fails during the use of the application by the user, the application is redirected to a single sign-on page to allow the user to log back on. This can result in the loss of operations that are currently on the application system (e.g., information entered, or query conditions selected on a query page, etc.).
Disclosure of Invention
An object of the embodiments of the present application is to provide a login method and apparatus, so as to solve the problem that an operation on an application system is lost due to page jump. The specific technical scheme is as follows:
in a first aspect, a login method is provided, where the method includes:
displaying a system page of a target application system through a browser, wherein the target application system is an application system which has been successfully single-point logged in;
when the login credentials are detected to be invalid, judging whether login information is stored in the browser or not;
if the login information is stored in the browser, carrying out background calling on a single sign-on page to generate a single sign-on request containing the login information;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
Optionally, the performing background call on the single sign-on page to generate the single sign-on request including the login information includes:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
Optionally, the method further includes:
if the login information is not stored in the browser, displaying a login popup window in the system page;
obtaining login information input by a user through the login popup window, calling the single sign-on page in a background mode, and generating a single sign-on request containing the login information input by the user;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
Optionally, the performing background call on the single sign-on page to generate a single sign-on request including the login information input by the user includes:
transmitting the login information input by the user to an Iframe framework in a PostMessage mode;
and carrying out background calling on a single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
Optionally, after logging back in the state of displaying the system page, the method further includes:
receiving a login credential sent by the server;
transmitting the login credentials to the target application system through an Iframe framework.
In a second aspect, there is provided a login device, the device comprising:
the system comprises a first display module, a second display module and a third display module, wherein the first display module is used for displaying a system page of a target application system through a browser, and the target application system is an application system which is successfully single-point logged in;
the judging module is used for judging whether login information is stored in the browser or not when the login credentials are detected to be invalid;
the first generation module is used for carrying out background calling on a single sign-on page if the browser stores the sign-on information, and generating a single sign-on request containing the sign-on information;
and the first sending module is used for sending the single sign-on request to a server so as to carry out re-sign-on in the state of displaying the system page.
Optionally, the first generating module is specifically configured to:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
Optionally, the apparatus further comprises:
the second display module is used for displaying a login popup window in the system page if the login information is not stored in the browser;
the second generation module is used for acquiring login information input by a user through the login popup window, and performing background calling on the single sign-on page to generate a single sign-on request containing the login information input by the user;
and the second sending module is used for sending the single sign-on request to a server so as to carry out re-sign-on in the state of displaying the system page.
Optionally, the second generating module is specifically configured to:
transmitting the login information input by the user to an Iframe framework in a PostMessage mode;
and carrying out background calling on a single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
Optionally, the apparatus further comprises:
the receiving module is used for receiving the login credentials sent by the server;
a transmission module for transmitting the login credentials to the target application system through an Iframe framework.
In a third aspect, a terminal device is provided, which includes a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any of the first aspect when executing a program stored in the memory.
In a fourth aspect, a computer-readable storage medium is provided, having stored thereon a computer program which, when being executed by a processor, carries out the method steps of any of the first aspects.
In a fifth aspect, there is provided a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of logging in of any of the first aspects above.
The embodiment of the application has the following beneficial effects:
the embodiment of the application provides a login method and a login device, and a system page of a target application system can be displayed through a browser, wherein the target application system is an application system which has been successfully single-point logged in. When the login credentials are detected to be invalid, whether login information is stored in the browser can be judged, if the login information is stored in the browser, background calling is carried out on a single sign-on page, a single sign-on request containing the login information is generated, and then the login request is sent to the server so as to carry out re-login in a state that a system page is displayed. In the processing process, the terminal equipment only calls the single sign-on page at the background and automatically fills the login information through the browser, so that the browser does not display the single sign-on page in the whole process and does not need to input the login information by the user, therefore, the user can realize the unaware re-login, and the operation loss on the application system caused by the page jump is effectively avoided.
Of course, not all advantages described above need to be achieved at the same time in the practice of any one product or method of the present application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a flowchart of a login method according to an embodiment of the present application;
fig. 2 is a schematic diagram illustrating an application system communicating with a single sign-on page according to an embodiment of the present application;
fig. 3 is a flowchart of an example of a login method provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of a login apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another login device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another login device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the application provides a login method which can be applied to terminal equipment. The terminal device may have a browser and at least one application system installed therein, wherein each application system supports an SSO function. A user may access an application system through a browser, the browser may display a single sign-on page first, the user may input login information (such as an account number and a password) in the single sign-on page, and the single sign-on page may send the login information to a server for authentication. If the verification is successful, the server distributes a login certificate with preset effective duration for the login, and sends a response message to the terminal equipment, wherein the response message carries the login certificate. After receiving the response message, the terminal device can jump to a system page of the application system through the browser, so that the user can access the application system. Subsequently, when the user uses other application systems within the valid duration of the login credential, the other application systems can directly use the login credential to log in without the need of logging in again.
In the embodiment of the application, in the state that a browser displays a system page of an application system, if a terminal device detects that a login credential is invalid, the terminal device can judge whether login information is stored in the browser, if the login information is stored in the browser, background calling is performed on a single sign-on page to generate a single sign-on request containing the login information, and then the login request is sent to a server to log in again in the state that the system page is displayed without being redirected to the single sign-on page, so that operation loss on the application system due to page skipping is avoided.
The following will explain the login method provided in the embodiments of the present application in detail with reference to the specific embodiments, as shown in fig. 1, the specific steps are as follows:
In the embodiment of the present application, for any application system (which may be referred to as a target application system) in the terminal device, after the target application system successfully performs single sign-on, the terminal device may display a system page of the target application system through a browser, so that a user uses the application system to perform a business operation. Optionally, the target application system may be an application system that the user successfully logs in through a single sign-on page, or an application system that successfully logs in through a login credential.
Optionally, the application system in the embodiment of the present application may communicate with the single sign-on page, and in an implementation manner, a hidden Iframe frame may be added in a program of the application system, and the single sign-on page is nested in the Iframe frame, and then the application system performs information intercommunication with the single sign-on page in the Iframe frame by using a postMessage technology in JavaScript. Fig. 2 is a schematic diagram of an application system communicating with a single sign-on page according to an embodiment of the present application, and a detailed description of a specific communication process will be described later.
And 102, judging whether login information is stored in the browser or not when the login credentials are detected to be invalid.
In the embodiment of the present application, in order to improve the security of login, the effective duration of the login credential is usually preset. After receiving the login certificate sent by the server, the terminal device can store the login certificate and perform timing. When the valid duration is reached, the terminal device may determine that the login credential is invalid, and determine whether login information is stored in the browser.
In an implementation manner, after receiving the login credential, the terminal device may transmit the login credential to the target application system for storage, and the target application system performs timing, and when determining that the timing duration reaches the valid duration, the target application system may determine whether the current browser stores login information by using a js (javascript) technology.
In the embodiment of the application, if the login information is stored in the browser, the terminal device can perform background calling on the single sign-on page through the target application system, so that the single sign-on request containing the login information is generated through the single sign-on page.
Optionally, the specific processing procedure of performing background call on the single sign-on page and generating the single sign-on request including the login information may be as follows: background calling is carried out on the single sign-on page through an Iframe frame, and the login information stored in the browser is filled in the single sign-on page through the browser; and generating a single sign-on request containing login information through the single sign-on page.
In the embodiment of the application, the target application system can send the access instruction to the single sign-on page through the Iframe framework, so that the purpose that a user is simulated to access the single sign-on page in a background program of the terminal device is achieved. After the single sign-on page receives the access instruction, the page code can be executed to render the single sign-on page in the background. If the login information is stored in the browser, when the browser detects that the single sign-on page is accessed, the login information stored in the browser is filled in the single sign-on page through an automatic filling mechanism. The target application system may then send login instructions to the single sign-on page through the Iframe framework to simulate the user clicking the "login" button. After receiving the login instruction, the single sign-on page may generate a single sign-on request including the login information according to the populated login information.
And 104, sending a login request to the server to log in again in a state of displaying the system page.
In the embodiment of the application, after the single sign-on request is generated, the terminal device may send the sign-on request to the server to perform the sign-on operation again. In the processing process, the terminal equipment only calls the single sign-on page at the background and automatically fills the login information through the browser, so that the browser does not display the single sign-on page in the whole process and does not need to input the login information by the user, therefore, the user can realize the unaware re-login, and the operation loss on the application system caused by the page jump is effectively avoided.
Optionally, if the login information is not stored in the browser, a login popup window may be displayed in the system page, then the login information input by the user is acquired through the login popup window, the single sign-on page is called in a background manner, a single sign-on request including the login information input by the user is generated, and the login request is sent to the server, so that the user logs in again in the state where the system page is displayed.
In the embodiment of the application, if the login information is not stored in the browser, the terminal device may display a login popup window in a system page of the target application system, the user may input the login information, such as an account number, a password, an authentication code, and the like, in the login popup window, the terminal device may acquire the login information input by the user, then perform background calling on the single sign-on page, generate a single sign-on request including the login information input by the user, and send the login request to the server, so as to implement re-login.
Optionally, the specific processing procedure of obtaining the login information input by the user through the login popup window and generating the single sign-on request including the login information input by the user may be: transmitting login information input by a user to an Iframe frame in a PostMessage mode; and carrying out background calling on the single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
In this embodiment of the application, if the login information is not saved in the browser, the target application system may display a login popup (i.e., a temporary login box) in the system page, so that the user may input the login information in the login popup. After the target application system obtains the login information input by the user, the target application system may transmit the login information to the Iframe frame in a PostMessage manner. The target application system can call the single sign-on page in a background mode through the Iframe framework, and the single sign-on page can generate a single sign-on request containing the sign-on information according to the transmitted sign-on information. Then, a login request may be transmitted to the server by the transmitting means of the terminal device to enable re-login.
In addition, after the login is successful, the single sign-on page can also transmit the login credentials to the target application system, and the specific processing process can be as follows: receiving a login certificate sent by a server; and transmitting the login credentials to the target application system through the Iframe framework.
In the embodiment of the application, after receiving the single sign-on request, the server can analyze the single sign-on request to obtain the login information. The server may then verify the login information. If the verification is successful, the server can distribute a login credential with preset effective duration for the login, and send a response message to the terminal device, wherein the response message carries the login credential. After receiving the response message, the terminal device may obtain the login credential from the response message, and then transmit the login credential to the target application system through the Iframe framework. Specifically, after the login credential is obtained, the single sign-on page embedded in the Iframe may return the login credential to the target application system in the form of a postMessage in Javascript. In addition, after the target application system acquires the new login credentials, the original operation failed due to login failure can be recovered. For example, if the failed original operation is to request a certain page, the target application system may request the page again after acquiring a new login credential to display the page, thereby avoiding a situation that the user operation fails due to the failure of the login credential.
The embodiment of the present application further provides a specific example of a login method, which is specifically as follows.
In one example, when detecting that the login credentials are invalid, the target application system may send an access instruction to the single sign-on page through the Iframe framework, so as to simulate a user to access the single sign-on page in a background program of the terminal device. And after the single sign-on page receives the access instruction, running a page code to render the single sign-on page in the background. Since the browser is usually provided with an automatic filling mechanism, when the browser stores login information, the browser automatically fills the login information in an input box of a single sign-on page. Based on this, the target application system may detect whether the input box of the single sign-on page is filled with the login information, and if the input box is filled with the login information, it indicates that the browser stores the login information, and then the target application system may send a login instruction to the single sign-on page through the Iframe frame to simulate the user clicking a "login" button. And after receiving the login instruction, the single sign-on page generates a single sign-on request containing the login information according to the filled login information and sends the login request to the server.
If the login information is not filled, the fact that the login information is not stored in the browser is indicated, the target application system can display a login popup window, then the login information input by the user in the login popup window is transmitted to the Iframe frame in a PostMessage mode, and then the login information is transmitted to the single-point login page by the Iframe frame. Then, the target application system can send a login instruction to the single sign-on page through the Iframe framework, so that the single sign-on page generates a single sign-on request containing the login information and sends the single sign-on request to the server.
In another example, when detecting that the login credentials are invalid, the target application system may determine whether the browser holds login information in other manners, such as communicating with the browser, querying cache data of the browser, or the like. And if the target application system determines that the login information is stored in the browser, sending an access instruction to the single sign-on page through the Iframe frame, so that the purpose that a user is simulated to access the single sign-on page in a background program of the terminal equipment is realized. And after the single sign-on page receives the access instruction, running a page code to render the single sign-on page in the background. The browser will then populate the login information in the input box of the single sign-on page via an auto-fill mechanism. After detecting that the filling is completed, the target application system sends a login instruction to the single sign-on page through the Iframe frame so as to simulate the user clicking a 'login' button. After receiving the login instruction, the single sign-on page may generate a single sign-on request including the login information according to the populated login information, and send the login request to the server.
If the login information is not stored in the browser, the target application system can display a login popup window, then the login information input by the user in the login popup window is transmitted to the Iframe frame in a PostMessage mode, and then an access instruction is sent to the single sign-on page through the Iframe frame. And after the single sign-on page receives the access instruction, running a page code to render the single sign-on page in the background. The target application system can transmit the login information to the single sign-on page in a PostMessage mode through the Iframe frame for filling, and then send login instructions to the single sign-on page through the Iframe frame. And after receiving the login instruction, the single sign-on page generates a single sign-on request containing the login information according to the filled login information and sends the login request to the server.
In the embodiment of the application, a system page of a target application system can be displayed through a browser, and the target application system is an application system which has been successfully single-point logged in. When the login credentials are detected to be invalid, whether login information is stored in the browser can be judged, if the login information is stored in the browser, background calling is carried out on a single sign-on page, a single sign-on request containing the login information is generated, and then the login request is sent to the server so as to carry out re-login in a state that a system page is displayed. In the processing process, the terminal device only calls the single sign-on page in the background and automatically fills the login information through the browser, so that the browser does not display the single sign-on page in the whole process and does not need the user to input the login information, therefore, the user can realize the unaware re-login, and the operation loss on the application system caused by the page jump is effectively avoided. In addition, when the login credentials are invalid, if the login information is not stored in the browser, the login popup window can be popped up in the system interface of the target application program, so that the user can directly input the login information in the current page, the current page is prevented from being left, and the operation loss on the application system caused by page jump is avoided.
An example of a login method is also provided in the embodiments of the present application, as shown in fig. 3, including the following steps.
Step 301, receiving an access instruction for a first application system, and acquiring login information input by a user in a single sign-on page.
Step 302, send a single sign-on request to a server.
Wherein, the single sign-on request carries the sign-on information.
Step 303, receiving a response message of successful login sent by the server, and displaying a system page of the first application system.
The response message carries login credentials distributed by the server for the current login.
And step 304, judging whether login information is stored in the browser or not when the login certificate is detected to be invalid.
If login information is stored in the browser, step 305 is performed.
If the login information is not saved in the browser, step 306 is performed.
And 305, carrying out background calling on the single sign-on page through the Iframe framework, and filling the stored sign-on information in the single sign-on page through the browser.
And step 306, displaying a login popup window in the currently displayed system page of the second application system.
The second application system may be the same as or different from the first application system.
Step 307, obtaining login information input by the user in the login popup window, transmitting the login information to a single sign-on page in a PostMessage manner through the Iframe frame, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
Step 308, sending a single sign-on request containing login information to the server.
And step 310, transmitting the login credentials to the second application system through the Iframe framework in a postMessage mode.
Based on the same technical concept, an embodiment of the present application further provides a login device, as shown in fig. 4, the login device includes:
a first display module 410, configured to display, through a browser, a system page of a target application system, where the target application system is an application system that has been successfully single-logged on;
the determining module 420 is configured to determine whether login information is stored in the browser when it is detected that the login credential is invalid;
a first generation module 430, configured to, if login information is stored in the browser, perform background calling on a single sign-on page to generate a single sign-on request including the login information;
a first sending module 440, configured to send the single sign-on request to a server for re-login in a state where the system page is displayed.
Optionally, the first generating module 430 is specifically configured to:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
Optionally, as shown in fig. 5, the apparatus further includes:
a second display module 450, configured to display a login popup window in the system page if the login information is not stored in the browser;
the second generating module 460 is configured to obtain login information input by a user through the login popup window, and perform background calling on the single sign-on page to generate a single sign-on request including the login information input by the user;
a second sending module 470, configured to send the single sign-on request to a server, so as to perform re-sign-on in a state where the system page is displayed.
Optionally, the second generating module 460 is specifically configured to:
transmitting the login information input by the user to an Iframe framework in a PostMessage mode;
and carrying out background calling on a single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
Optionally, as shown in fig. 6, the apparatus further includes:
a receiving module 480, configured to receive a login credential sent by the server;
a transmitting module 490, configured to transmit the login credentials to the target application system through an Iframe framework.
In the embodiment of the application, a system page of a target application system can be displayed through a browser, and the target application system is an application system which has been successfully single-point logged in. When the login credentials are detected to be invalid, whether login information is stored in the browser can be judged, if the login information is stored in the browser, background calling is carried out on a single sign-on page, a single sign-on request containing the login information is generated, and then the login request is sent to the server so as to carry out re-login in a state that a system page is displayed. In the processing process, the terminal device only calls the single sign-on page in the background and automatically fills the login information through the browser, so that the browser does not display the single sign-on page in the whole process and does not need the user to input the login information, therefore, the user can realize the unaware re-login, and the operation loss on the application system caused by the page jump is effectively avoided. In addition, when the login credentials are invalid, if the login information is not stored in the browser, the login popup window can be popped up in the system interface of the target application program, so that the user can directly input the login information in the current page, the current page is prevented from being left, and the operation loss on the application system caused by page jump is avoided.
Based on the same technical concept, the embodiment of the present invention further provides a terminal device, as shown in fig. 7, including a processor 701, a communication interface 702, a memory 703 and a communication bus 704, where the processor 701, the communication interface 702, and the memory 703 complete mutual communication through the communication bus 704,
a memory 703 for storing a computer program;
the processor 701 is configured to implement the following steps when executing the program stored in the memory 703:
displaying a system page of a target application system through a browser, wherein the target application system is an application system which has been successfully single-point logged in;
when the login credentials are detected to be invalid, judging whether login information is stored in the browser or not;
if the login information is stored in the browser, carrying out background calling on a single sign-on page to generate a single sign-on request containing the login information;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
Optionally, the performing background call on the single sign-on page to generate the single sign-on request including the login information includes:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
Optionally, the method further includes:
if the login information is not stored in the browser, displaying a login popup window in the system page;
obtaining login information input by a user through the login popup window, calling the single sign-on page in a background mode, and generating a single sign-on request containing the login information input by the user;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
Optionally, the performing background call on the single sign-on page to generate a single sign-on request including the login information input by the user includes:
transmitting the login information input by the user to an Iframe framework in a PostMessage mode;
and carrying out background calling on a single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
Optionally, after logging back in the state of displaying the system page, the method further includes:
receiving a login credential sent by the server;
transmitting the login credentials to the target application system through an Iframe framework.
The communication bus mentioned in the above terminal device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the terminal equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In a further embodiment of the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program realizes the steps of any of the above login methods when executed by a processor.
In a further embodiment provided by the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the above-described logging methods.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is merely exemplary of the present application and is presented to enable those skilled in the art to understand and practice the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method of logging in, the method comprising:
displaying a system page of a target application system through a browser, wherein the target application system is an application system which has been successfully single-point logged in;
when the login credentials are detected to be invalid, judging whether login information is stored in the browser or not;
if the login information is stored in the browser, carrying out background calling on a single sign-on page to generate a single sign-on request containing the login information;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
2. The method of claim 1, wherein making a background call to the single sign-on page to generate a single sign-on request containing the login information comprises:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
3. The method of claim 1, further comprising:
if the login information is not stored in the browser, displaying a login popup window in the system page;
obtaining login information input by a user through the login popup window, calling the single sign-on page in a background mode, and generating a single sign-on request containing the login information input by the user;
and sending the single sign-on request to a server to carry out re-sign-on in a state of displaying the system page.
4. The method of claim 3, wherein the making a background call to the single sign-on page to generate a single sign-on request containing the login information entered by the user comprises:
transmitting the login information input by the user to an Iframe framework in a PostMessage mode;
and carrying out background calling on a single sign-on page through the Iframe framework, and generating a single sign-on request containing the login information input by the user through the single sign-on page.
5. The method according to any one of claims 1 to 4, further comprising, after re-logging while the system page is displayed:
receiving a login credential sent by the server;
transmitting the login credentials to the target application system through an Iframe framework.
6. A login apparatus, the apparatus comprising:
the system comprises a first display module, a second display module and a third display module, wherein the first display module is used for displaying a system page of a target application system through a browser, and the target application system is an application system which is successfully single-point logged in;
the judging module is used for judging whether login information is stored in the browser or not when the login credentials are detected to be invalid;
the first generation module is used for carrying out background calling on a single sign-on page if the browser stores the sign-on information, and generating a single sign-on request containing the sign-on information;
and the first sending module is used for sending the single sign-on request to a server so as to carry out re-sign-on in the state of displaying the system page.
7. The apparatus of claim 6, wherein the first generating module is specifically configured to:
carrying out background calling on a single sign-on page through an Iframe frame, and filling login information stored in the browser in the single sign-on page through the browser;
and generating a single sign-on request containing the login information through the single sign-on page.
8. The apparatus of claim 6, further comprising:
the second display module is used for displaying a login popup window in the system page if the login information is not stored in the browser;
the second generation module is used for acquiring login information input by a user through the login popup window, and performing background calling on the single sign-on page to generate a single sign-on request containing the login information input by the user;
and the second sending module is used for sending the single sign-on request to a server so as to carry out re-sign-on in the state of displaying the system page.
9. The terminal equipment is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing the communication between the processor and the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of claims 1 to 5 when executing a program stored in the memory.
10. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of the claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911047231.7A CN112751805A (en) | 2019-10-30 | 2019-10-30 | Login method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911047231.7A CN112751805A (en) | 2019-10-30 | 2019-10-30 | Login method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112751805A true CN112751805A (en) | 2021-05-04 |
Family
ID=75641838
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911047231.7A Pending CN112751805A (en) | 2019-10-30 | 2019-10-30 | Login method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112751805A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113965380A (en) * | 2021-10-21 | 2022-01-21 | 上海高顿教育科技有限公司 | Single sign-on control method and device based on multiple background applications |
| CN114528542A (en) * | 2022-01-05 | 2022-05-24 | 北京声智科技有限公司 | Login management method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106685998A (en) * | 2017-02-24 | 2017-05-17 | 浙江仟和网络科技有限公司 | A SSO authentication method based on CAS unified authentication service middleware |
| CN107786552A (en) * | 2017-10-19 | 2018-03-09 | 用友网络科技股份有限公司 | Single-point logging method, system and computer equipment |
| US10069812B1 (en) * | 2014-03-14 | 2018-09-04 | Intuit Inc. | Technique for facilitating auto login to a website |
| CN109067785A (en) * | 2018-09-19 | 2018-12-21 | 新华三大数据技术有限公司 | Cluster authentication method, device |
-
2019
- 2019-10-30 CN CN201911047231.7A patent/CN112751805A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10069812B1 (en) * | 2014-03-14 | 2018-09-04 | Intuit Inc. | Technique for facilitating auto login to a website |
| CN106685998A (en) * | 2017-02-24 | 2017-05-17 | 浙江仟和网络科技有限公司 | A SSO authentication method based on CAS unified authentication service middleware |
| CN107786552A (en) * | 2017-10-19 | 2018-03-09 | 用友网络科技股份有限公司 | Single-point logging method, system and computer equipment |
| CN109067785A (en) * | 2018-09-19 | 2018-12-21 | 新华三大数据技术有限公司 | Cluster authentication method, device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113965380A (en) * | 2021-10-21 | 2022-01-21 | 上海高顿教育科技有限公司 | Single sign-on control method and device based on multiple background applications |
| CN114528542A (en) * | 2022-01-05 | 2022-05-24 | 北京声智科技有限公司 | Login management method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111628965B (en) | Cross-domain name login method and device | |
| CN110489966B (en) | Parallel unauthorized access vulnerability detection method, device, storage medium and electronic device | |
| US10050899B2 (en) | Data processing method, apparatus, client, server and system | |
| JP6533871B2 (en) | System and method for controlling sign-on to web applications | |
| US10887311B2 (en) | Method and apparatus for requesting usage permission, and method and apparatus for acquiring usage permission | |
| CN107528858B (en) | Login method, device and equipment based on webpage and storage medium | |
| US20180196875A1 (en) | Determining repeat website users via browser uniqueness tracking | |
| CN113079164B (en) | Remote control method and device for bastion machine resources, storage medium and terminal equipment | |
| EP3149888B1 (en) | Processing and verifying digital certificate | |
| WO2019037417A1 (en) | Webpage data crawling method and apparatus, webpage data crawling platform, and storage medium | |
| US9137094B1 (en) | Method for setting DNS records | |
| CN112491778A (en) | Authentication method, device, system and medium | |
| CN108200040A (en) | Mobile client exempts from method, system, browser and the mobile terminal of close login | |
| US10614417B2 (en) | System and method for electronic lead verification | |
| CN110704820A (en) | Login processing method and device, electronic equipment and computer readable storage medium | |
| CN111259368A (en) | Method and equipment for logging in system | |
| CN112751805A (en) | Login method and device | |
| CN114528542A (en) | Login management method and device, electronic equipment and storage medium | |
| CN108763881A (en) | Method and apparatus for controlling user right | |
| CN110855655B (en) | Information verification method, device, equipment and storage medium | |
| CN113055186A (en) | Cross-system service processing method, device and system | |
| CN112905990A (en) | Access method, client, server and access system | |
| CN112272211A (en) | Service request processing method, device and system | |
| CN111786936A (en) | Method and device for authentication | |
| CN112383542B (en) | User login method and system, authentication end and user end |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210504 |
|
| RJ01 | Rejection of invention patent application after publication |