A kind of authentication method based on WIFI access
Technical field
The present invention relates to wireless technology field, be specifically related to a kind of authentication method based on WIFI access.
Background technology
Along with development of Mobile Internet technology is fast-developing, overlay area and the network quality of mobile network also constantly promote, and userbase also grows thereupon.While mobile subscriber size is flourish, 3G network pressure also highlights day by day.The contour stream of people area in part business district, campus area and airport, station, 3G network occurs that access is difficult, slow problem of surfing the Net, and has a strong impact on user and uses perception.The Radio Resource that 3G distributes is limited, and the occupancy of data service to channel is high, affects voice user's quantity that it accesses simultaneously.If WIFI common data service channel is transferred in data service in planning specific region (such as commercial center the crowd is dense district), will greatly improve 3G network resource utilization undoubtedly.WIFI supplementing as cellular mobile communication, the demand meeting the transmission of user's high speed in specific region has absolute predominance.Therefore WIFI application scenarios will be widely.
Trade company informs to client owing to lacking effective notification means after disposing WIFI, therefore causes WIFI utilization rate lower, and cannot realize carrying out precision marketing by WIFI to user.Cannot select because SSID is numerous after user enters WIFI hot spot simultaneously, and landfall process is loaded down with trivial details, current WIFI network access authentication is generally first logged in by the PORTAL page, user first obtains the password short message of certification, then at the input of the PORTAL page account, password, initiating authentication request could surf the Net, and all needs repetition aforesaid operations when each user logs in WIFI, user's logon step is loaded down with trivial details, and flow process is complicated.
Summary of the invention
For above defect or the Improvement requirement of prior art, the object of the present invention is to provide a kind of authentication method based on WIFI access, by the identification to terminal MAC, like in conjunction with user's history logon information degree of depth digging user, the access using the mode of note or client to push accurate information for user is reminded, and user is by the note that receives or URL link, and a key logs in exempts from authentication, thus realize the convenient quick access authentication of WIFI, promote user awareness.
A kind of authentication method based on WIFI access that the present invention proposes, comprises the steps:
Step one, user enter WIFI hot spot, and terminal opens WLAN function, but not yet link any SSID.Now terminal carries out active scan to the wireless network of surrounding, and claim frame ProbeRequest (SSID is for empty) is detected in broadcast, and this solicited message comprises the mac address information of terminal.
After step 2, AP receive and detect claim frame, reply ProbeResponse probe response frame.
Step 3, AP pass through RADIUS authentication management platform by the terminal MAC address that ProbeRequest message obtains.
Whether the MAC Address that this terminal is inquired about by step 4, end message administrative center has login record.If there is no this mac address information, then do not make any information feed back, and this user completes network access authentication by normal WIFI identifying procedure; If inquire mac address information, and have corresponding SSID login record, then Radius platform generates with this MAC Address be user name logon account information and random cipher.
Account information and random cipher are sent to WebPortal by step 5, Radius platform.WebPortal platform generates the specific Portal page of this user (comprise mac address information and the random cipher of terminal in page code, and according to the market content matched after user data mining analysis).
Step 6, WEBportal platform send the specific URL link address generated to information distribution center.
The mode reminding user link SSID that step 7, information distribution center are pushed by note or client-side information, and complete network access authentication by the mode clicking URL link.
Step 8, user terminal Associated SSID, and click the URL link received.
Step 9, terminal initiate certification HttpPost authentication request to AP (AC).
The terminal MAC that step 10, AC send containing this user and random cipher initiate Access-Request authentication request to Radius platform.
Step 11, Radius platform judge the information such as MAC Address, account, password of user, reply Access-Accept or Access-Reject authentication response to AC.
Step 12, AC to user's loopback authentication result, and represent welcome page.Complete network access authentication flow process.
Therefore, the present invention can obtain following beneficial effect:
(1) access of WIFI marketing is accurately reminded: for the surf time of user, the hobby of online depth digging user, after user enters WIFI region again, can for different user send specific marketing message WIFI access remind, for client provides good marketing methods.
(2) simplify online flow process, promote Consumer's Experience: the identifying procedure that this invention simplifies user's online, avoid the process that user will repeat to obtain dynamic verification code at every turn, convenient and swift, promote the online perception of user.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is that WIFI marketing access is reminded and authentication-exempt online flow chart;
Fig. 2 is that terminal WIFI surfs the Net general identifying procedure figure;
Fig. 3 is entire system Organization Chart.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.In addition, if below in described each execution mode of the present invention involved technical characteristic do not form conflict each other and just can mutually combine.
The present invention proposes a kind of marketing method based on WIFI access prompting and system, by the identification to terminal MAC, like in conjunction with user's history logon information degree of depth digging user, the access using the mode of note or client to push marketing message accurately for user is reminded, user is by the note that receives or URL link, one key logs in exempts from authentication, thus realizes the convenient quick access authentication of WIFI, also for trade company provides marketing methods while promoting user awareness.
The present invention propose a kind of based on WIFI access prompting marketing method and system, specific implementation flow process as shown in Figure 1:
Step one, user enter WIFI hot spot, and terminal opens WLAN function, but not yet link any SSID.Now terminal carries out active scan to the wireless network of surrounding, and claim frame ProbeRequest (SSID is for empty) is detected in broadcast, and this solicited message comprises the mac address information of terminal.
After step 2, AP receive and detect claim frame, reply ProbeResponse probe response frame.
Step 3, AP pass through RADIUS authentication management platform by the terminal MAC address that ProbeRequest message obtains.
Whether the MAC Address that this terminal is inquired about by step 4, end message administrative center has login record.If there is no this mac address information, then do not make any information feed back, and this user completes network access authentication by normal WIFI identifying procedure; If inquire mac address information, and have corresponding SSID login record, then Radius platform generates with this MAC Address be user name logon account information and random cipher.
Account information and random cipher are sent to WebPortal by step 5, Radius platform.WebPortal platform generates the specific Portal page of this user (comprise mac address information and the random cipher of terminal in page code, and according to the market content matched after user data mining analysis).
Step 6, WEBportal platform send the specific URL link address generated to information distribution center.
The mode reminding user link SSID that step 7, information distribution center are pushed by note or client-side information, and complete network access authentication by the mode clicking URL link.
Step 8, user terminal Associated SSID, and click the URL link received.
Step 9, terminal initiate certification HttpPost authentication request to AP (AC).
The terminal MAC that step 10, AC send containing this user and random cipher initiate Access-Request authentication request to Radius platform.
Step 11, Radius platform judge the information such as MAC Address, account, password of user, reply Access-Accept or Access-Reject authentication response to AC.
Step one two, AC to user's loopback authentication result, and represent welcome page.Complete network access authentication flow process.
Those skilled in the art will readily understand; the foregoing is only preferred embodiment of the present invention; not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.