CN105187431B - Login method, server, client and the communication system of third-party application - Google Patents

Login method, server, client and the communication system of third-party application Download PDF

Info

Publication number
CN105187431B
CN105187431B CN201510595952.7A CN201510595952A CN105187431B CN 105187431 B CN105187431 B CN 105187431B CN 201510595952 A CN201510595952 A CN 201510595952A CN 105187431 B CN105187431 B CN 105187431B
Authority
CN
China
Prior art keywords
login
client
information
party application
verification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510595952.7A
Other languages
Chinese (zh)
Other versions
CN105187431A (en
Inventor
陈曙威
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netease Hangzhou Network Co Ltd
Original Assignee
Netease Hangzhou Network Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netease Hangzhou Network Co Ltd filed Critical Netease Hangzhou Network Co Ltd
Priority to CN201510595952.7A priority Critical patent/CN105187431B/en
Publication of CN105187431A publication Critical patent/CN105187431A/en
Application granted granted Critical
Publication of CN105187431B publication Critical patent/CN105187431B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of login method of third-party application, server, client and communication systems, log in the verification information that applications client is sent this method comprises: receiving;Verification information is sent to account management server, so that account management server verifies verification information;Receive the verification result returned;If verification result is to be verified, according to the application identities of third-party application client, search key database, obtain first key, and using first key in user account information user account name and login time stamp sign, obtain the first signature;It generates and sends signature authentication information to applications client is logged in, then be transmitted to third-party application server via third-party application client, in third-party application server signature and after comparing successfully, receive the login of the third-party application client.The dependence and coupling of account authentication server and third-party application server in login process can be reduced using inventive technique scheme.

Description

Login method, server, client and the communication system of third-party application
Technical field
The present invention relates to field of communication technology more particularly to a kind of login methods of third-party application, server, client And communication system.
Background technique
The universal and development of internet, brings a large amount of Internet Service Provider, but many Internet Service Providers Partial service just has permission acquisition after needing user to log in.Currently, more and more websites and mobile application all support third party Log in and the operation of authorization, user by the mobile terminal accessings such as mobile phone some support third party login website or in application, Do not registered in the website or application before the user, still can by the entrance of the third party login of the application offer, Third party's account and password are inputted to realize the operation for logging in the website or application.For example, user passes through mobile terminal accessing branch The Yoqoo of Tencent's account login is held, user can log in youku.com by inputting account and the password of Tencent on the specified page Net.
The patent of Patent No. 201310310826.3 disclosed in the prior art is to realize a kind of technical side of said effect Case.Which disclose a kind of third party website login method based on mobile terminal, the browser of mobile terminal detect When the trigger event of tripartite's register, the login page of third party login operation is requested and shown to Internet Server, After the login page completes user account certification and license confirmation, Internet service is distributed to third party website steps on for third party The user identifier and authorization token of record, to complete third party login.
Above-mentioned technical proposal haves the shortcomings that following:
One, interconnected server is directly in communication with each other with third party website, formed rely on and coupling, if third party website because For network transmission situation or Internet Server own services go wrong etc. reasons when, interconnected server hair can not be received in time The information such as the user identifier sent after having input correct account number cipher so as to cause user, still can not log in third party's net in time It stands, seriously affects the experience of user, therefore the login step of third party website also forms the dependence of height to interconnected server.
Two, the browser of mobile terminal is directly communicated with interconnected server, and interconnected server not only carries out account verifying, but also with User carries out data interaction, can not effectively disperse the load of interconnected server.Meanwhile people can use browser and take to interconnection Business device is launched a offensive, and safety problem is caused.
Three, user can only directly cancel the authorization of the third party website to the empowerment management of third party website, but actually User, which only wants to cancel some specific mobile terminal, logs in the authorization of third party website using the account, rather than fully phase out this The authorization of tripartite website, the coarseness of empowerment management cause to be difficult to carry out accurate authorization control, and shortage safely and effectively authorizes Way to manage.
Summary of the invention
The embodiment of the present invention proposes a kind of login method of third-party application, can reduce the account service for checking credentials in login process The dependence and coupling of device and third-party application server.
The embodiment of the invention provides a kind of login methods of third-party application, comprising:
It receives and logs in the verification information that applications client is sent;Wherein, the verification information is by login application visitor Family end is generated according to the logging request that third-party application client is sent;The verification information includes: the third-party application The application identities and user account information of client;
The verification information is sent to account management server, so that the account management server believes the verifying Breath is verified;
Receive the verification result that the account management server returns;
If the verification result is to be verified, according to the application identities of the third-party application client, search close Key database is obtained first key, and to the user account name in the user account information and is stepped on using the first key Record timestamp is signed, and the first signature is obtained;Otherwise, login failure message is returned to the login applications client, and tied Shu Benci is logged in;
Generate signature authentication information;The signature authentication information includes: first signature, the user account name and institute State login time stamp;
The signature authentication information is sent to the login applications client, so that the login applications client is by institute It states signature authentication information and is transmitted to the third-party application client, so that the third-party application client is transmitted to third party Application server, so that the third-party application server be made to use user account name and login described in the second key pair prestored Timestamp is signed, and the second signature is obtained, after comparing and confirming that first signature and second signature are completely the same, Receive the login of the third-party application client.
It is further, described that the verification information is sent to before account management server, further includes:
Format checking is carried out to the verification information, if the verification information passed examination, the verification information is sent out Give the account management server;Otherwise, login failure message is returned to the login applications client, and terminates this and steps on Record.
Further, the verification information further include: the first dynamic code;First dynamic code is by login application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
The application identities of the first dynamic code, third-party application client in the verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in second dynamic code, database, sentences Whether all information of breaking are consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
Further, the verification result further includes unique identifier corresponding to the user account information;
It is described the signature authentication information is sent to the login applications client after, further includes:
The unique identifier is sent to the login applications client, so that the login applications client will be described Unique identifier is stored in identification code data library.
Further, the user account information in the verification information is to be inputted according to user or applied by the login Client is obtained according in the unique identifier stored in the identification code data library.
On the other hand, the embodiment of the invention provides a kind of login application server, comprising:
First receiving unit, for receiving the verification information for logging in applications client and sending;Wherein, the verification information is It is generated by the login applications client according to the logging request that third-party application client is sent;The verification information packet It includes: the application identities and user account information of the third-party application client;
First transmission unit, for the verification information to be sent to account management server, for the account management Server verifies the verification information;
Second receiving unit, the verification result returned for receiving the account management server;
First signature unit, for the verification result be verified when, according to the third-party application client Application identities, search key database, obtain first key, and using the first key in the user account information User account name and login time stamp sign, obtain first signature;
Second transmission unit is returned for being that verifying is obstructed out-of-date in the verification result to the login applications client Login failure message is returned, and terminates this login;
Authentication information generation unit, for generating signature authentication information;The signature authentication information includes: first label Name, the user account name and login time stamp;
With third transmission unit, for the signature authentication information to be sent to the login applications client, so that institute It states login applications client and the signature authentication information is transmitted to the third-party application client, so that the third party answers It is transmitted to third-party application server with client, so that the third-party application server be made to use the second key pair prestored The user account name and login time stamp are signed, and the second signature is obtained, and are being compared and are being confirmed first signature and institute State the second signature it is completely the same after, receive the login of the third-party application client.
Further, the login application server further include:
Format checking unit, for the verification information to be sent to account management server in first transmission unit Before, format checking is carried out to the verification information;If the verification information passed examination, the verification information is sent to The account management server;Otherwise, login failure message is returned to the login applications client, and terminates this login.
Further, the verification information further include: the first dynamic code;First dynamic code is by login application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
The application identities of the first dynamic code, third-party application client in the verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in second dynamic code, database, sentences Whether all information of breaking are consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
Further, the verification result further includes unique identifier corresponding to the user account information;
The login application server further include:
4th transmission unit is answered for the signature authentication information to be sent to the login in the third transmission unit After client, the unique identifier is sent to the login applications client, so that the login applications client will The unique identifier is stored in identification code data library.
Further, the user account information in the verification information is to be inputted according to user or applied by the login Client is obtained according in the unique identifier stored in the identification code data library.
In another aspect, the embodiment of the invention provides a kind of login methods of third-party application, comprising:
Third-party application client sends logging request to applications client is logged in;The logging request includes the third The application identities of square applications client;
The login applications client generates verification information according to the logging request;Wherein, the verification information includes The application identities and user account information;
The verification information is sent to login application server by the login applications client, so that the login is applied The verification information is transmitted to account management server by server, so that the account management server be made to believe the verifying Breath is verified, and verification result is returned to the login application server;
The applications client that logs in receives the signature authentication information that the login application server is sent;Wherein, described Signature authentication information includes: the first signature, the user account name in user account information and login time stamp;First signature By the login application server when the verification result is to be verified, according to the application of the third-party application client Mark searches key database, after obtaining first key, using the first key to the user account name and the login Timestamp is signed and is obtained;
The signature authentication information is sent to the third-party application client by the login applications client;
The signature authentication information is sent to third-party application server by the third-party application client, for described Third-party application server is signed using user account name described in the second key pair for prestoring and login time stamp, obtains the Two signatures receive the third-party application visitor after comparing and confirming that first signature and second signature are completely the same The login at family end.
Further, the verification information is sent to login application server by the login applications client, so that institute It states login application server and the verification information is transmitted to account management server, to make the account management server pair The verification information is verified, and after verification result is returned to the login application server, further includes:
The applications client that logs in receives the login failure message that the login application server is sent, and according to described This login of the login failure end of message;
Wherein, the login failure message be by it is described login application server the verification information format checking not It is generated when qualified;
Alternatively, the login failure message is not passed through in the verification result for verifying by the login application server Shi Shengcheng.
Further, the verification information further includes the first dynamic code, and first dynamic code is by login application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
The application identities of the first dynamic code, third-party application client in the verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in second dynamic code, database, sentences Whether all information of breaking are consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
Further, it is described log in applications client receive it is described login application server send signature authentication information it Afterwards, further includes:
The applications client that logs in receives the unique identifier that the login application server is sent;Wherein, it is described only One identification code is corresponding with the user account information, and is sent to the login application service by the account management server Device;
The unique identifier is stored in identification code data library by the login applications client.
Further, the user account information in the verification information is to be inputted according to user or applied by the login Client is obtained according in the unique identifier stored in the identification code data library.
Another aspect, the embodiment of the invention provides a kind of FTP client FTPs, including log in applications client and third party Applications client;
The third-party application client includes:
5th transmission unit, for sending logging request to login applications client;The logging request includes described The application identities of tripartite's applications client;
The login applications client includes:
Verification information generation unit, for generating verification information according to the logging request;Wherein, the verification information packet Include the application identities and user account information;
6th transmission unit, for the verification information to be sent to login application server, so that the login is applied The verification information is transmitted to account management server by server, so that the account management server be made to believe the verifying Breath is verified, and verification result is returned to the login application server;
6th receiving unit, the signature authentication information sent for receiving the login application server;Wherein, the label Name authentication information includes: the first signature, the user account name in user account information and login time stamp;It is described first signature by The login application server is marked when the verification result is to be verified according to the application of the third-party application client Know, search key database, after obtaining first key, when using the first key to the user account name and the login Between stamp signed and obtained;
With the 7th transmission unit, for the signature authentication information to be sent to the third-party application client;
The third-party application client further include:
8th transmission unit, for the signature authentication information to be sent to third-party application server, for described Tripartite's application server is signed using user account name described in the second key pair prestored and login time stamp, obtains second Signature receives the third-party application client after comparing and confirming that first signature and second signature are completely the same The login at end.
Further, the login applications client further include:
7th receiving unit, for the verification information to be sent to login application service in the 6th transmission unit Device, so that the verification information is transmitted to account management server by the login application server, to make the account pipe Reason server verifies the verification information, and after verification result is returned to the logins application server, reception The login failure message for logging in application server and sending, and according to this login of the login failure end of message;
Wherein, the login failure message be by it is described login application server the verification information format checking not It is generated when qualified;
Alternatively, the login failure message is not passed through in the verification result for verifying by the login application server Shi Shengcheng.
Further, the verification information further includes the first dynamic code;First dynamic code is by login application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
The application identities of the first dynamic code, third-party application client in the verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in second dynamic code, database, sentences Whether all information of breaking are consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
Further, the login applications client further include:
8th receiving unit, for receiving the signature authentication letter that the login application server is sent in the 6th receiving unit After breath, the unique identifier for logging in application server and sending is received;Wherein, the unique identifier and user's account Number information is corresponding, and is sent to the login application server by the account management server;
The unique identifier is stored in identification code data library by the login applications client.
Further, the user account information in the verification information is to be inputted according to user or applied by the login Client is obtained according in the unique identifier stored in the identification code data library.
On the other hand, the embodiment of the invention provides a kind of communication systems, including FTP client FTP, third-party application service Device logs in application server and account management server;
The FTP client FTP is such as the described in any item FTP client FTPs of claim 16 to 20;
The login application server is such as the described in any item login application servers of claim 6 to 10.
The implementation of the embodiments of the present invention has the following beneficial effects:
A kind of login method of third-party application provided in an embodiment of the present invention logs in application server, FTP client FTP And communication system.Application server is logged in after receiving the verification information for logging in applications client transmission, verification information is sent It is verified to account management server, wherein the verification information is by login applications client according to third-party application client The logging request of transmission and generate.Account management server authentication by after the verification information, log in application server according to The application identities of third-party application client search key database, obtain first key, and using first key to user's account Number name and login time stamp are signed, and the first signature is obtained.Application server is finally logged in by the signature authentication information of generation It is sent to login applications client, which includes the first signature, user account name and login time stamp.Login is answered Signature authentication information is transmitted to third-party application client with client, then forwards it to by third-party application client Tripartite's application server, so that third-party application server is signed using the second key pair user account name and login time stamp Name obtains the second signature, after comparing and confirming that the first signature and the second signature are completely the same, receives third-party application client Login.When being logged in compared with the prior art using third-party application client, account authentication server is answered with third party The login of third-party application client could be completed by being interdepended with server needs, the login application clothes of technical solution of the present invention Business device after completing to verify and pass through with the account information of account management server, using with third-party application server commitment Key pair concerned account numbers information is signed, and signing messages successively transmits after logging in client, third-party application client Give third-party application server.Third-party application server to the account information sign after, compare two signing messages whether one It causes to determine whether user account passes through verifying and complete to log in.Third-party application server no longer need to and log in application server or Account management server communication can complete independently login step, unlock account management server and the third party in login process The dependence and coupling of application server.
Detailed description of the invention
Fig. 1 is a kind of information exchange schematic diagram of embodiment of the login method of third-party application provided by the invention;
Fig. 2 is a kind of flow diagram of embodiment of the login method of third-party application provided by the invention;
Fig. 3 is a kind of timing diagram of embodiment of the login method of third-party application provided by the invention;
Fig. 4 is a kind of structural schematic diagram of the embodiment provided by the invention for logging in application server;
Fig. 5 is the structural schematic diagram of another embodiment provided by the invention for logging in application server;
Fig. 6 is the structural schematic diagram of another embodiment provided by the invention for logging in application server;
Fig. 7 is the flow diagram of another embodiment of the login method of third-party application provided by the invention;
Fig. 8 is a kind of structural schematic diagram of embodiment of FTP client FTP provided by the invention;
Fig. 9 is a kind of structural schematic diagram of the embodiment provided by the invention for logging in applications client;
Figure 10 is the structural schematic diagram of another embodiment provided by the invention for logging in applications client;
Figure 11 is a kind of structural schematic diagram of embodiment of communication system provided by the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Show referring to the information exchange that Fig. 1, Fig. 1 are a kind of embodiments of the login method of third-party application provided by the invention It is intended to.As shown in Figure 1, the login method of third-party application of the invention includes: third-party application client, third-party application clothes Business device, logs in application server, logs in applications client account management server.The detailed process of login method of the present invention walks Suddenly it can be found in Fig. 2, Fig. 2 is a kind of flow diagram of embodiment of the login method of third-party application provided by the invention, should Method is applicable in and logs in application server, mainly comprises the steps that
Step 101: receiving and log in the verification information that applications client is sent;Wherein, which applied by logging in Client is generated according to the logging request that third-party application client is sent;Verification information includes: third-party application client Application identities and user account information.
In the present embodiment, after user triggers third-party application login in third-party application client, third-party application Client sends logging request and the application identities of third-party application client give login applications client.User interface by Third-party application client, which jumps to, to be logged in applications client, and user selects the account logged on logging in applications client. If user is logged using account success not in the login applications client, it is close that user's input is still needed to when logging in Code.If user is once logged using account success in the login applications client, applications client inquiry is logged in The corresponding unique identifier being stored in identification code data library of the account, using the unique identifier as the password of the account, User simplifies user's operation without inputting password.
Applications client is logged according to the logging request, generates the application identities comprising third-party application client and user The verification information of account information.The user account information includes: user account name and password (by user's input or unique identification Code).
As a kind of citing of the present embodiment, verification information can also include the first dynamic code.First dynamic code is by logging in Applications client is calculated according to preconfigured dynamic code algorithm and is generated according to the mark for logging in applications client.First dynamic Code is provided with effective time, and the time can regenerate later, and identical applies the dynamic code generated in different clients simultaneously It is not identical.
In the present embodiment, it is Bu Tong objective for two in same terminal that applications client and third-party application client are logged in Family end, the information transmitting logged between applications client and third-party application client is believable.The same terminal can with but It is not limited to intelligent terminal, mobile terminal or computer terminal.
Step 102: verification information being sent to account management server, so that account management server is to the verification information It is verified.
In the present embodiment, verification information is sent to before account management server further include: verification information is carried out Format checking such as checks whether the application identities of third-party application client come from chartered third-party application, user's account Whether the format of number information and the first dynamic code is correct etc..If verification information passed examination, is sent to account for verification information Management server;Otherwise, login failure message is returned to login applications client, and terminates this login.
In the present embodiment, account management server verify to verification information and be specifically included: will be in verification information User account information is compared with the user account information in database, judges whether consistent;If consistent, it is verified; If inconsistent, verify and do not pass through.If the user account information uses clear-text passwords, user's account is searched in the database Number corresponding clear-text passwords is compared.If the user account is second of login, user's account is searched in the database Number corresponding unique identifier is compared.
As a kind of citing of the present embodiment, if the verification information further includes the first dynamic code, account management service Device verifies verification information, specifically includes: according to the client identification and preconfigured dynamic code algorithm prestored, calculating Obtain the second dynamic code;By the application identities and user account of the first dynamic code, third-party application client in verification information Information is respectively correspondingly compared with application identification information, the user account information in the second dynamic code, database, judgement Whether all information are consistent;If consistent, it is verified;If not quite identical, verify and do not pass through.In this citing, account Client identification is stored in database by management server in advance according to the Authorized operation of user.User can be true by Authorized operation Which fixed login achievable login authentication of applications client can not stepping in unauthorized even if user account and password leakage Login authentication is completed in record applications client, ensure that the accuracy of verification information.If the mobile phone terminal of user is lost, user It need to only authorize account management server that the client identification of the loss mobile phone and the user account are associated with cancellation, i.e., it is certifiable The dynamic code that the mobile phone terminal generates can not by verifying, without cancelling being associated with for the user account and third-party application, Also the safety of user account can be protected.
Step 103: receiving the verification result that account management server returns.
In the present embodiment, after account management server completes verifying, verification result can be returned to application server is logged in. If the verification passes, then verification result includes: to be verified exclusive identification code corresponding to message and the user account information.It steps on The exclusive identification code is stored in identification code data library by record applications client, so that user logs in next time.If verified obstructed It crosses, then verification result includes that verifying does not pass through message.Logging in applications client, this is verified message, to login applications client Login failure message is returned, and terminates this login.
Step 104: if verification result is to be verified, according to the application identities of third-party application client, searching close Key database obtains first key, and using first key to the user account name and login time stamp in user account information It signs, obtains the first signature;Otherwise, login failure message is returned to login applications client, and terminates this login.
In the present embodiment, logging in application server, with third-party application server what a mutually to be arranged identical close Key, log in application server by the application identities of third party's client with appoint that key is interrelated, and be stored in cipher key number According in library.After user account is verified, only need to be according to the application identities query key database of third applications client It can get first key.If it is illegal third-party application, then key can not be inquired in key database, log in application Server confirms that the third-party application client is illegitimate client, terminates this login.
Step 105: generating signature authentication information;The signature authentication information includes: the first signature, user account name and login Timestamp.
Step 106: signature authentication information being sent to login applications client, recognizes signature so as to log in applications client Card information is transmitted to third-party application client, so that third-party application client is transmitted to third-party application server, thus So that third-party application server is signed using the second key pair user account name and the login time stamp prestored, obtains second Signature receives the login of third-party application client after comparing and confirming that the first signature and the second signature are completely the same.
In the present embodiment, it after third-party application server receives the login of third-party application client, returns and compares knot Fruit gives third-party application client, and user carries out communication interaction in third-party application client.
Step process in order to better illustrate the present invention is third-party application provided by the invention referring to Fig. 3, Fig. 3 A kind of timing diagram of embodiment of login method.
Therefore a kind of login method of third-party application provided in an embodiment of the present invention, it is suitable for logging in application clothes Business device.Application server is logged in after receiving the verification information for logging in applications client transmission, verification information is sent to account Management server is verified, wherein the verification information is sent by login applications client according to third-party application client Logging request and generate.After account management server authentication is by the verification information, application server is logged according to third party The application identities of applications client search key database, obtain first key, and using first key to user account name and Login time stamp is signed, and the first signature is obtained.Application server is finally logged in be sent to the signature authentication information of generation Applications client is logged in, which includes the first signature, user account name and login time stamp.Log in application client Signature authentication information is transmitted to third-party application client by end, then is forwarded it to third party by third-party application client and answered It is obtained with server so that third-party application server is signed using the second key pair user account name and login time stamp The second signature is obtained, after comparing and confirming that the first signature and the second signature are completely the same, receives stepping on for third-party application client Record.When being logged in compared with the prior art using third-party application client, account authentication server and third-party application are taken Business device needs interdepend and could complete the login of third-party application client, the login application server of technical solution of the present invention After completing to verify and pass through with account management server account information, the key pair with third-party application server commitment is used Concerned account numbers information is signed, and signing messages successively passes to third after logging in client, third-party application client Square application server.After third-party application server signs to the account information, compare whether two signing messages unanimously come really Determine whether user account passes through verifying completion login.Third-party application server no longer needs to and logs in application server or account pipe Manage server communication can complete independently login step, unlock account management server in login process and third-party application clothes The dependence and coupling of business device.
Further, the present invention is interacted using independent login applications client with third-party application client, and It transfers to special account management server to be responsible for verifying account service, has shared the load for logging in application server, reduced The coupling of server.If there is new third-party application client needs to make login mode of the invention, then without adjusting account The verifying logic of number management server only needs third-party application server to register on logging in application server and arranges key i.e. Can, extension is flexible.
Further, third-party application server is not direct is communicated with account management server, guarantees account management The safety and privacy of server, prevent from attacking.
Further, the verification information in the login method of third-party application of the invention is other than user account information, It further include the first dynamic code.First dynamic code by login applications client according to log in applications client mark, according to preparatory The dynamic code algorithm of configuration, which calculates, to be generated.User can in advance authorize client in account management server, to indicate Which client can carry out login authentication.Account management server stores the identification code of authorized client into database. When verification information verifying, account management server is according to the client identification and preconfigured dynamic code algorithm prestored, meter It calculates and obtains the second dynamic code;By the application identities and user's account of the first dynamic code, third-party application client in verification information Number information, is respectively correspondingly compared with application identification information, the user account information in the second dynamic code, database, sentences Whether all information of breaking are consistent.It is verified if consistent, otherwise, verifying does not pass through.Therefore, even if user account and password Leakage, can not complete login authentication in the client of unauthorized, ensure that the accuracy of verification information.And user Ke Tong It crosses Authorized operation and determines which logs in the achievable login authentication of applications client, it, can not even if user account and password leakage Login authentication is completed in the login applications client of unauthorized, ensure that the accuracy of verification information.Mobile phone such as user is whole End is lost, and user need to only authorize account management server being associated with the client identification of the loss mobile phone and the user account Cancel, that is, can guarantee that the dynamic code that the mobile phone terminal generates can not be by verifying, without cancelling the user account and third The association of Fang Yingyong can also protect the safety of user account.
Embodiment 2
Referring to fig. 4, Fig. 4 is a kind of structural schematic diagram of the embodiment provided by the invention for logging in application server, such as Fig. 4 Described, which includes:
First receiving unit 401, for receiving the verification information for logging in applications client and sending;Wherein, the verification information It is to be generated by the login applications client according to the logging request that third-party application client is sent;Verification information includes: The application identities and user account information of third-party application client.
First transmission unit 402, for verification information to be sent to account management server, for account management server The verification information is verified.
Second receiving unit 403, for receiving the verification result of account management server return;
First signature unit 404, for verification result be verified when, according to the application of third-party application client Mark, search key database, obtain first key, and using first key in user account information user account name and Login time stamp is signed, and the first signature is obtained.
Second transmission unit 405 is logged in for being that verifying is obstructed out-of-date in verification result to applications client return is logged in Failed message, and terminate this login.
Authentication information generation unit 406, for generating signature authentication information;The signature authentication information include: the first signature, User account name and login time stamp.
Third transmission unit 407, for signature authentication information to be sent to login applications client, so as to log in application visitor Signature authentication information is transmitted to third-party application client by family end, so that third-party application client is transmitted to third-party application Server, so that third-party application server be made to be signed using the second key pair user account name and the login time stamp prestored Name obtains the second signature, after comparing and confirming that the first signature and the second signature are completely the same, receives third-party application client Login.
It is the another of login application server provided by the invention referring to Fig. 5, Fig. 5 as a kind of citing of the present embodiment The structural schematic diagram of kind embodiment.The difference of Fig. 5 and Fig. 4 is, logs in application server further include: format checking unit 408, For carrying out format inspection to verification information before verification information is sent to account management server by the first transmission unit 402 It looks into;If verification information is sent to account management server by verification information passed examination;Otherwise, to login applications client Login failure message is returned, and terminates this login.
In the present embodiment, verification information can also include: the first dynamic code;First dynamic code is by logging in application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client.Account management server Verification information is verified, is specifically included: being obtained according to the client identification and preconfigured dynamic code algorithm, calculating that prestore Obtain the second dynamic code;The application identities of the first dynamic code, third-party application client in verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in the second dynamic code, database, judges institute There is information whether consistent;If consistent, it is verified;If not quite identical, verify and do not pass through.
It is the another of login application server provided by the invention referring to Fig. 6, Fig. 6 as a kind of citing of the present embodiment The structural schematic diagram of kind embodiment.The difference of Fig. 6 and Fig. 4 is, logs in application server further include: the 4th transmission unit 609, For after signature authentication information is sent to login applications client by third transmission unit 407, unique identifier to be sent to Applications client is logged in, unique identifier is stored in identification code data library for logging in applications client.The unique identification Code is sent to login application server by verification result by account management server, corresponding with the user account information.
In this citing, the user account information in verification information is inputted according to user or by login applications client It is obtained according in the unique identifier stored in identification code data library.
The more detailed working principle of the present invention can be, but not limited to refer to the related record of embodiment 1 to process step.
Therefore a kind of login application server provided in an embodiment of the present invention, it is stepped in the reception of the first receiving unit 401 Record applications client send verification information after, the first transmission unit 402 by verification information be sent to account management server into Row verifying, wherein the verification information is given birth to by login applications client according to the logging request that third-party application client is sent At.After account management server authentication is by the verification information, the second receiving unit 403 receives the verification result returned, then By the first signature unit 404 according to the application identities of third-party application client, key database is searched, obtains first key, And signed using first key to user account name and login time stamp, obtain the first signature.Last third transmission unit The signature authentication information that authentication information generation unit 406 generates is sent to login applications client by 407, the signature authentication information Including the first signature, user account name and login time stamp.It logs in applications client and signature authentication information is transmitted to third party Applications client, then third-party application server is forwarded it to by third-party application client, so that third-party application service Device is signed using the second key pair user account name and login time stamp, is obtained the second signature, is being compared and confirming first After signature and the second signature are completely the same, receive the login of third-party application client.Third party compared with the prior art answers When being logged in client, account authentication server and third-party application server need to interdepend that third party could be completed The application server that logs in of the login of applications client, technical solution of the present invention is completed to believe with the account of account management server After breath is verified and passed through, signed using the key pair concerned account numbers information with third-party application server commitment, A.L.S. Breath successively passes to third-party application server after logging in client, third-party application client.Third-party application service After device signs to the account information, compare whether two signatures unanimously are completed to log in determine whether user account passes through verifying. Third-party application server no longer needs to and logs in application server or the communication of account management server can complete independently login step Suddenly, the dependence and coupling of the account management server and third-party application server in login process are unlocked.
Embodiment 3
It is the process signal of another embodiment of the login method of third-party application provided by the invention referring to Fig. 7, Fig. 7 Figure, this method are suitable for FTP client FTP, and main process flow steps are as follows:
Step 701: third-party application client sends logging request to applications client is logged in;The logging request includes the The application identities of tripartite's applications client.
Step 702: logging in applications client according to the logging request and generate verification information;Wherein, the verification information packet Include application identities and user account information.
Step 703: logging in applications client for verification information and be sent to login application server, so as to log in application service Verification information is transmitted to account management server by device, to make account management server verify verification information, and will Verification result returns to login application server.
Step 704: logging in applications client and receive the signature authentication information for logging in application server transmission;Wherein, it signs Authentication information includes: the first signature, the user account name in user account information and login time stamp;First signature is answered by login With server when verification result is to be verified, according to the application identities of third-party application client, key database is searched, After obtaining first key, is signed and obtained to user account name and login time stamp using first key.
Step 705: logging in applications client for signature authentication information and be sent to third-party application client.
Step 706: signature authentication information is sent to third-party application server by third-party application client, for third Square application server is signed using user account name described in the second key pair prestored and login time stamp, obtains the second label Name receives the login of third-party application client after comparing and confirming that the first signature and the second signature are completely the same.
In the present embodiment, it logs in applications client and verification information is sent to login application server, answered so as to log in The verification information is transmitted to account management server with server, to make account management server to the verification information It is verified, and after verification result is returned to the login application server, further includes: log in applications client reception and steps on The login failure message that application server is sent is recorded, and according to this login of the login failure end of message.Wherein, login failure disappears Breath is the generation when the format checking of verification information is unqualified by login application server;Alternatively, login failure message is by stepping on It is to verify obstructed out-of-date generation that application server, which is recorded, in verification result.
As a kind of citing of this example, verification information further includes the first dynamic code.First dynamic code is by logging in application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client.Account management server Verification information is verified, is specifically included: being obtained according to the client identification and preconfigured dynamic code algorithm, calculating that prestore Obtain the second dynamic code;The application identities of the first dynamic code, third-party application client in verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in the second dynamic code, database, judges institute There is information whether consistent;If consistent, it is verified;If not quite identical, verify and do not pass through.Therefore, even if user account It is revealed with password, login authentication can not be completed in the client of unauthorized, ensure that the accuracy of verification information.
As a kind of citing of the present embodiment, logs in applications client and receive the signature authentication for logging in application server transmission After information, further includes: log in applications client and receive the unique identifier for logging in application server transmission.Wherein, Wei Yishi Other code is corresponding with user account information, and is sent to login application server by account management server.Log in application client Unique identifier is stored in identification code data library by end.In this citing, the user account information in verification information is basis User inputs or is obtained by login applications client according in the unique identifier stored in identification code data library.User makes After completing the first logging into of the user account with login application server, no longer needs to input password next time when logging in, reduce user Memory cost, improve user experience.
Therefore the present invention provides a kind of login methods of third-party application, are suitable for by login applications client With third-party application groups of clients at FTP client FTP.Third-party application client and third-party application compared with the prior art Server is communicated, and relies on the verifying of the account information between third-party application server and account management server to complete It logs in, login method of the invention completes account information verifying by logging in applications client, then is completed by signature authentication Certification between third-party application client and third-party application server, avoid third-party application server directly with account pipe Server connection is managed, interdepending for account management server and third-party application server in login process has been unlocked, and The exposure for avoiding account management server improves the safety of login.
Embodiment 4
It is a kind of structural schematic diagram of embodiment of FTP client FTP provided by the invention referring to Fig. 8, Fig. 8.Such as Fig. 8 institute Show, which includes: to log in applications client 801 and third-party application client 802.
Wherein, third-party application client 801 includes:
5th transmission unit 8011, for sending logging request to login applications client;Logging request includes described The application identities of tripartite's applications client.
Logging in applications client 802 includes:
Verification information generation unit 8021, for generating verification information according to the logging request;Wherein, verification information includes Application identities and user account information.
6th transmission unit 8022, for verification information to be sent to login application server, so as to log in application service The verification information is transmitted to account management server by device, thus verify that account management server to verification information, And verification result is returned into login application server.
6th receiving unit 8023, for receiving the signature authentication information for logging in application server and sending;Wherein, signature is recognized Card information includes: the first signature, the user account name in user account information and login time stamp;First signature is applied by logging in Server, according to the application identities of third-party application client, is searched key database, is obtained when verification result is to be verified After taking first key, is signed and obtained to user account name and login time stamp using first key.
7th transmission unit 8024, for signature authentication information to be sent to third-party application client;
Third-party application client 801 further include:
8th transmission unit 8012, for signature authentication information to be sent to third-party application server, for third party Application server is signed using the second key pair user account name and the login time stamp prestored, obtains the second signature, After comparing and confirming that the first signature and the second signature are completely the same, receive the login of third-party application client.
It is one kind provided by the invention for logging in applications client referring to Fig. 9, Fig. 9 as a kind of citing of the present embodiment The structural schematic diagram of embodiment.As shown in figure 9, logging in applications client further include: the 7th receiving unit 8025, for the 6th Verification information is sent to login application server by transmission unit 8022, is transmitted to verification information so as to log in application server Verification result so that account management server be made to verify verification information, and is returned to login by account management server After application server, receives and log in the login failure message that application server is sent, and according to login failure end of message sheet Secondary login.Wherein, login failure message is the generation when the format checking of verification information is unqualified by login application server.Or Person, login failure message are in verification result by login application server to verify obstructed out-of-date generation.
As a kind of citing of this example, verification information further includes the first dynamic code.First dynamic code is by logging in application visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark for logging in applications client.Account management server Verification information is verified, is specifically included: being obtained according to the client identification and preconfigured dynamic code algorithm, calculating that prestore Obtain the second dynamic code;The application identities of the first dynamic code, third-party application client in verification information and user account are believed Breath, is respectively correspondingly compared with application identification information, the user account information in the second dynamic code, database, judges institute There is information whether consistent;If consistent, it is verified;If not quite identical, verify and do not pass through.Therefore, even if user account It is revealed with password, login authentication can not be completed in the client of unauthorized, ensure that the accuracy of verification information.
It is the another of login applications client provided by the invention referring to Figure 10, Figure 10 as a kind of citing of the present embodiment A kind of structural schematic diagram of embodiment.The difference of Figure 10 and Fig. 9 is, the login applications client further include: the 8th receive it is single Member 8026, for after the 6th receiving unit 8023 receives and logs in the signature authentication information that application server is sent, reception to be stepped on Record the unique identifier that application server is sent.Wherein, unique identifier is corresponding with user account information, and by account management Server is sent to login application server.It logs in applications client unique identifier is stored in identification code data library.? In this citing, the user account information in verification information is inputted according to user or by login applications client according to identification code It is obtained in the unique identifier stored in database.User completes stepping on for the first time for the user account using login application server After record, no longer needs to input password next time when logging in, reduce the memory cost of user, improve user experience.
The more detailed steps flow chart of the present embodiment can be, but not limited to record referring to the correlation of embodiment 3.
Therefore the present invention provides it is a kind of by login applications client and third-party application groups of clients at client End system.Third-party application client is communicated with third-party application server compared with the prior art, and relies on third party Account information between application server and account management server is verified to complete to log in, and FTP client FTP of the invention passes through It logs in applications client and completes account information verifying, then third-party application client is completed by signature authentication and is answered with third party With the certification between server, third-party application server is avoided directly to connect with account management server, unlocked logged Account management server and third-party application server interdepend in journey, and avoid the exposure of account management server, Improve the safety logged in.
Embodiment 5
It is a kind of structural schematic diagram of embodiment of communication system provided by the invention referring to Figure 11, Figure 11.Such as Figure 11 institute Show, which includes: FTP client FTP 1101, third-party application server 1102, logs in application server 1103 and account Number management server 1104.
Wherein, logging in application server 1103 is login application server described in embodiment 2.FTP client FTP 1101 be FTP client FTP described in embodiment 4.
Therefore communication system provided by the invention can unlock account management server and third in login process Square application server interdepends, and avoids the exposure of account management server, improves the safety of login.
The above is a preferred embodiment of the present invention, it is noted that for those skilled in the art For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as Protection scope of the present invention.

Claims (21)

1. a kind of login method of third-party application characterized by comprising
It receives and logs in the verification information that applications client is sent;Wherein, the verification information is by the login applications client It is generated according to the logging request that third-party application client is sent;The verification information includes: the third-party application client The application identities and user account information at end;
Wherein, user is determined to send the login applications client of verification information by Authorized operation;
The verification information is sent to account management server, for the account management server to the verification information into Row verifying;
Receive the verification result that the account management server returns;
If the verification result is to be verified, according to the application identities of the third-party application client, cipher key number is searched According to library, first key is obtained, and using the first key to the user account name in the user account information and when logging in Between stab and sign, obtain the first signature;Otherwise, login failure message is returned to the login applications client, and terminates this Secondary login;
Generate signature authentication information;The signature authentication information includes: first signature, the user account name and described steps on Record timestamp;
The signature authentication information is sent to the login applications client, so that the login applications client is by the label Name authentication information is transmitted to the third-party application client, so that the third-party application client is transmitted to third-party application Server, so that the third-party application server be made to use user account name and login time described in the second key pair prestored Stamp is signed, and the second signature is obtained, and after comparing and confirming that first signature and second signature are completely the same, is received The login of the third-party application client.
2. the login method of third-party application according to claim 1, which is characterized in that described to send out the verification information Before giving account management server, further includes:
Format checking is carried out to the verification information, if the verification information passed examination, the verification information is sent to The account management server;Otherwise, login failure message is returned to the login applications client, and terminates this login.
3. the login method of third-party application according to claim 1, which is characterized in that the verification information further include: First dynamic code;First dynamic code, according to the mark for logging in applications client, is pressed by the login applications client It calculates and generates according to preconfigured dynamic code algorithm;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
By the application identities and user account information of the first dynamic code, third-party application client in the verification information, divide It is not compared with application identification information, the user account information in second dynamic code, database accordingly, judgement is all Whether information is consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
4. the login method of third-party application according to claim 1, which is characterized in that the verification result further includes institute State unique identifier corresponding to user account information;
It is described the signature authentication information is sent to the login applications client after, further includes:
The unique identifier is sent to the login applications client, so that the login applications client will be described unique Identification code is stored in identification code data library.
5. the login method of third-party application according to claim 4, which is characterized in that the user in the verification information Account information is to be inputted according to user or stored only by the login applications client according in the identification code data library It is obtained in one identification code.
6. a kind of login application server characterized by comprising
First receiving unit, for receiving the verification information for logging in applications client and sending;Wherein, the verification information is by institute Login applications client is stated to be generated according to the logging request that third-party application client is sent;The verification information includes: institute State the application identities and user account information of third-party application client;
Wherein, user is determined to send the login applications client of verification information by Authorized operation;
First transmission unit, for the verification information to be sent to account management server, for the account management service Device verifies the verification information;
Second receiving unit, the verification result returned for receiving the account management server;
First signature unit, for the verification result be verified when, according to answering for the third-party application client With mark, key database is searched, obtains first key, and using the first key to the use in the user account information Family account name and login time stamp are signed, and the first signature is obtained;
Second transmission unit is stepped on for being that verifying is obstructed out-of-date in the verification result to login applications client return Failed message is recorded, and terminates this login;
Authentication information generation unit, for generating signature authentication information;The signature authentication information include: it is described first signature, The user account name and login time stamp;
With third transmission unit, for the signature authentication information to be sent to the login applications client, so that described step on It records applications client and the signature authentication information is transmitted to the third-party application client, so that the third-party application is objective Family end is transmitted to third-party application server, so that the third-party application server be made to use described in the second key pair prestored User account name and login time stamp are signed, and the second signature is obtained, and are being compared and are being confirmed first signature and described the After two signatures are completely the same, receive the login of the third-party application client.
7. login application server according to claim 6, which is characterized in that further include:
Format checking unit, for first transmission unit by the verification information be sent to account management server it Before, format checking is carried out to the verification information;If the verification information passed examination, is sent to institute for the verification information State account management server;Otherwise, login failure message is returned to the login applications client, and terminates this login.
8. login application server according to claim 6, which is characterized in that the verification information further include: first is dynamic State code;First dynamic code by it is described login applications client according to it is described log in applications client mark, according to preparatory The dynamic code algorithm of configuration, which calculates, to be generated;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
By the application identities and user account information of the first dynamic code, third-party application client in the verification information, divide It is not compared with application identification information, the user account information in second dynamic code, database accordingly, judgement is all Whether information is consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
9. login application server according to claim 6, which is characterized in that the verification result further includes the user Unique identifier corresponding to account information;
The login application server further include:
4th transmission unit, for the signature authentication information to be sent to the login application visitor in the third transmission unit Behind the end of family, the unique identifier is sent to the login applications client, so that the login applications client will be described Unique identifier is stored in identification code data library.
10. login application server according to claim 9, which is characterized in that the user account in the verification information Information is inputted according to user or by the login applications client according to the unique knowledge stored in the identification code data library It is obtained in other code.
11. a kind of login method of third-party application characterized by comprising
Third-party application client sends logging request to applications client is logged in;The logging request includes that the third party answers With the application identities of client;
The login applications client generates verification information according to the logging request;Wherein, the verification information includes described Application identities and user account information;
The verification information is sent to login application server by the login applications client, so that the login application service The verification information is transmitted to account management server by device, thus make the account management server to the verification information into Row verifying, and verification result is returned into the login application server;
Wherein, user is determined to send the login applications client of verification information by Authorized operation;
The applications client that logs in receives the signature authentication information that the login application server is sent;Wherein, the signature Authentication information includes: the first signature, the user account name in user account information and login time stamp;First signature is by institute It states and logs in application server when the verification result is to be verified, marked according to the application of the third-party application client Know, search key database, after obtaining first key, when using the first key to the user account name and the login Between stamp signed and obtained;
The signature authentication information is sent to the third-party application client by the login applications client;
The signature authentication information is sent to third-party application server by the third-party application client, for the third Square application server is signed using user account name described in the second key pair prestored and login time stamp, obtains the second label Name receives the third-party application client after comparing and confirming that first signature and second signature are completely the same Login.
12. the login method of third-party application according to claim 11, which is characterized in that the login applications client The verification information is sent to login application server, so that the verification information is transmitted to by the login application server Account management server so that the account management server be made to verify the verification information, and verification result is returned After the login application server, further includes:
The applications client that logs in receives the login failure message that the login application server is sent, and according to the login Failed message terminates this login;
Wherein, the login failure message is unqualified in the format checking of the verification information by the login application server Shi Shengcheng;
Alternatively, the login failure message is in the verification result by the login application server to verify obstructed out-of-date life At.
13. the login method of third-party application according to claim 11, which is characterized in that the verification information further includes First dynamic code, first dynamic code, according to the mark for logging in applications client, are pressed by the login applications client It calculates and generates according to preconfigured dynamic code algorithm;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
By the application identities and user account information of the first dynamic code, third-party application client in the verification information, divide It is not compared with application identification information, the user account information in second dynamic code, database accordingly, judgement is all Whether information is consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
14. the login method of third-party application according to claim 11, which is characterized in that the login applications client After the signature authentication information for receiving the login application server transmission, further includes:
The applications client that logs in receives the unique identifier that the login application server is sent;Wherein, unique knowledge Other code is corresponding with the user account information, and is sent to the login application server by the account management server;
The unique identifier is stored in identification code data library by the login applications client.
15. the login method of third-party application according to claim 14, which is characterized in that the use in the verification information Family account information is to be inputted according to user or stored by the login applications client according in the identification code data library It is obtained in unique identifier.
16. a kind of FTP client FTP, which is characterized in that including logging in applications client and third-party application client;
The third-party application client includes:
5th transmission unit, for sending logging request to login applications client;The logging request includes the third party The application identities of applications client;
The login applications client includes:
Verification information generation unit, for generating verification information according to the logging request;Wherein, the verification information includes institute State application identities and user account information;
6th transmission unit, for the verification information to be sent to login application server, so that the login application service The verification information is transmitted to account management server by device, thus make the account management server to the verification information into Row verifying, and verification result is returned into the login application server;
6th receiving unit, the signature authentication information sent for receiving the login application server;Wherein, the signature is recognized Card information includes: the first signature, the user account name in user account information and login time stamp;First signature is by described Application server is logged in when the verification result is to be verified, according to the application identities of the third-party application client, Key database is searched, after obtaining first key, using the first key to the user account name and the login time Stamp is signed and is obtained;
With the 7th transmission unit, for the signature authentication information to be sent to the third-party application client;
Wherein, user is determined to send the login applications client of verification information by Authorized operation;
The third-party application client further include:
8th transmission unit, for the signature authentication information to be sent to third-party application server, for the third party Application server is signed using user account name described in the second key pair prestored and login time stamp, obtains the second label Name receives the third-party application client after comparing and confirming that first signature and second signature are completely the same Login.
17. FTP client FTP according to claim 16, which is characterized in that the login applications client further include:
7th receiving unit, for the verification information to be sent to login application server in the 6th transmission unit, with Make the login application server that the verification information is transmitted to account management server, to make the account management service Device verifies the verification information, and after verification result is returned to the login application server, steps on described in reception The login failure message that application server is sent is recorded, and according to this login of the login failure end of message;
Wherein, the login failure message is unqualified in the format checking of the verification information by the login application server Shi Shengcheng;
Alternatively, the login failure message is in the verification result by the login application server to verify obstructed out-of-date life At.
18. FTP client FTP according to claim 16, which is characterized in that the verification information further includes the first dynamic Code;First dynamic code by the login applications client according to the mark for logging in applications client, according to matching in advance The dynamic code algorithm set, which calculates, to be generated;
The account management server verifies the verification information, specifically includes:
According to the client identification and preconfigured dynamic code algorithm prestored, calculates and obtain the second dynamic code;
By the application identities and user account information of the first dynamic code, third-party application client in the verification information, divide It is not compared with application identification information, the user account information in second dynamic code, database accordingly, judgement is all Whether information is consistent;
If consistent, it is verified;
If not quite identical, verify and do not pass through.
19. FTP client FTP according to claim 16, which is characterized in that the login applications client further include:
8th receiving unit, for the 6th receiving unit receive it is described login application server send signature authentication information it Afterwards, the unique identifier for logging in application server and sending is received;Wherein, the unique identifier and the user account are believed Manner of breathing is corresponding, and is sent to the login application server by the account management server;
The unique identifier is stored in identification code data library by the login applications client.
20. FTP client FTP according to claim 19, which is characterized in that the user account information in the verification information It is to be inputted according to user or by the login applications client according to the unique identifier stored in the identification code data library Middle acquisition.
21. a kind of communication system, which is characterized in that including FTP client FTP, third-party application server, log in application server With account management server;
The FTP client FTP is such as the described in any item FTP client FTPs of claim 16 to 20;
The login application server is such as the described in any item login application servers of claim 6 to 10.
CN201510595952.7A 2015-09-17 2015-09-17 Login method, server, client and the communication system of third-party application Active CN105187431B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510595952.7A CN105187431B (en) 2015-09-17 2015-09-17 Login method, server, client and the communication system of third-party application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510595952.7A CN105187431B (en) 2015-09-17 2015-09-17 Login method, server, client and the communication system of third-party application

Publications (2)

Publication Number Publication Date
CN105187431A CN105187431A (en) 2015-12-23
CN105187431B true CN105187431B (en) 2019-02-12

Family

ID=54909275

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510595952.7A Active CN105187431B (en) 2015-09-17 2015-09-17 Login method, server, client and the communication system of third-party application

Country Status (1)

Country Link
CN (1) CN105187431B (en)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105959276A (en) * 2016-04-27 2016-09-21 青岛海信传媒网络技术有限公司 Application control method, device, and terminal device based on third party account login
CN106339613B (en) * 2016-08-15 2018-09-07 腾讯科技(深圳)有限公司 A kind of processing method, terminal and server using data
CN106790240B (en) * 2017-01-22 2021-04-23 常卫华 Password-free login method, device and system based on third party authentication
CN107920060B (en) * 2017-10-11 2020-06-05 北京京东尚科信息技术有限公司 Data access method and device based on account
CN107911282B (en) * 2017-11-15 2021-11-16 杭州新新世相科技文化有限公司 Network system for realizing implantation of third-party application facing social network
CN113452719B (en) * 2018-03-30 2022-12-30 平安科技(深圳)有限公司 Application login method and device, terminal equipment and storage medium
CN108650246A (en) * 2018-04-25 2018-10-12 广州逗号智能零售有限公司 A kind of third party's account logon method, apparatus and system
CN110719187B (en) * 2018-07-13 2022-05-20 深圳兆日科技股份有限公司 Configuration management method, system and computer readable storage medium
CN111200579B (en) * 2018-11-16 2023-10-31 北京奇虎科技有限公司 User login method, client and system
CN111833063B (en) * 2019-04-16 2024-02-02 北京嘀嘀无限科技发展有限公司 Information processing method, computer device, and computer-readable storage medium
CN110149212B (en) * 2019-05-31 2022-05-27 杭州安恒信息技术股份有限公司 Database security reinforcement method and device and electronic equipment
CN111193695B (en) * 2019-07-26 2021-07-06 腾讯科技(深圳)有限公司 Encryption method and device for third party account login and storage medium
CN110602139B (en) * 2019-09-27 2021-08-13 成都九曲互动科技有限公司 Recharge login access method and system based on Tencent cloud
WO2021168829A1 (en) * 2020-02-28 2021-09-02 华为技术有限公司 User identifier verification method and related device
CN113595968B (en) * 2020-04-30 2023-02-03 华为云计算技术有限公司 Login method and system based on cloud application instance and related equipment
CN112069488B (en) * 2020-07-27 2023-05-16 合肥美的智能科技有限公司 Application login method in communication program and related device thereof
CN112688943B (en) * 2020-12-23 2023-10-10 南方电网数字平台科技(广东)有限公司 Dynamic password generation method, server, terminal device and storage medium
CN115250204B (en) * 2022-09-22 2022-12-09 四川蜀天信息技术有限公司 Method and system for centralized processing login authentication

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571857A (en) * 2010-12-27 2012-07-11 深圳市闪联信息技术有限公司 Method and system for realizing logging in XMPP (Xmlbased Messaging and Presence Protocol) server
CN102763397A (en) * 2010-02-18 2012-10-31 诺基亚公司 Method and apparatus for providing authentication session sharing

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102739708B (en) * 2011-04-07 2015-02-04 腾讯科技(深圳)有限公司 System and method for accessing third party application based on cloud platform
CN102821085B (en) * 2011-11-23 2015-12-02 腾讯科技(深圳)有限公司 Third party authorizes login method, open platform and system
CN104348612A (en) * 2013-07-23 2015-02-11 腾讯科技(深圳)有限公司 Third-party website login method based on mobile terminal and mobile terminal
CN103634329B (en) * 2013-12-20 2017-11-17 百度在线网络技术(北京)有限公司 cross-site login method, system and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102763397A (en) * 2010-02-18 2012-10-31 诺基亚公司 Method and apparatus for providing authentication session sharing
CN102571857A (en) * 2010-12-27 2012-07-11 深圳市闪联信息技术有限公司 Method and system for realizing logging in XMPP (Xmlbased Messaging and Presence Protocol) server

Also Published As

Publication number Publication date
CN105187431A (en) 2015-12-23

Similar Documents

Publication Publication Date Title
CN105187431B (en) Login method, server, client and the communication system of third-party application
CN105897424B (en) A kind of enhancing identity authentication method
CN105933353B (en) The realization method and system of secure log
US8356179B2 (en) Entity bi-directional identificator method and system based on trustable third party
CN101227468B (en) Method, device and system for authenticating user to network
CN101453458B (en) Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables
CN105516163B (en) A kind of login method and terminal device and communication system
EP2639998B1 (en) Identification of an anonymous entity as part of a group
CN104270338A (en) A method and system of electronic identity registration and authentication login
KR20080033541A (en) Extended one-time password method and apparatus
US20110276804A1 (en) Server authentication method and client terminal
CN105554098A (en) Device configuration method, server and system
CN104125230B (en) A kind of short message certification service system and authentication method
KR20210095093A (en) Method for providing authentification service by using decentralized identity and server using the same
CN104683357B (en) A kind of dynamic password authentication method and system based on software token
Ye et al. Formal analysis of a single sign-on protocol implementation for android
WO2011037226A1 (en) Access control system, authentication server system, and access control program
JP2001186122A (en) Authentication system and authentication method
CN103546292A (en) Third-party certification system or method with multiple identification codes
CN104584479A (en) Method and system using a Cyber ID to provide secure transactions
KR102372503B1 (en) Method for providing authentification service by using decentralized identity and server using the same
CN105187417B (en) Authority acquiring method and apparatus
CN112383401B (en) User name generation method and system for providing identity authentication service
CN110166471A (en) A kind of portal authentication method and device
CN109495458A (en) A kind of method, system and the associated component of data transmission

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant