CN109428893A - A kind of identity identifying method, apparatus and system - Google Patents
A kind of identity identifying method, apparatus and system Download PDFInfo
- Publication number
- CN109428893A CN109428893A CN201811587830.3A CN201811587830A CN109428893A CN 109428893 A CN109428893 A CN 109428893A CN 201811587830 A CN201811587830 A CN 201811587830A CN 109428893 A CN109428893 A CN 109428893A
- Authority
- CN
- China
- Prior art keywords
- terminal
- visitor
- audit
- page
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/14—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
- G06K7/1404—Methods for optical code recognition
- G06K7/1408—Methods for optical code recognition the method being specifically adapted for the type of code
- G06K7/1417—2D bar codes
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Toxicology (AREA)
- Electromagnetism (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
This application discloses a kind of identity identifying methods, apparatus and system.This method preassigns the audit terminal with audit permission, when receiving access request of visitor's terminal to network, access request is kidnapped and is redirected to two dimensional code certification page and returns to visitor's terminal, receive the access request to the audit page that audit terminal is initiated by scanning and parsing the two dimensional code of two dimensional code certification page in visitor's terminal, the audit page is returned into audit terminal later, receive the certification request to visitor's terminal that audit terminal is sent, certification request carries the remark information of visitor's terminal, certification request is verified, if certification request passes through verifying, then create two dimensional code user, to visitor's terminal distribution networking permission, without carrying out being pre-configured with for user information, without buying or rent third-party service, it is efficiently disposed realizing, while reducing the cost of certification, guarantee is recognized The safety of card.
Description
Technical field
This application involves identity identifying technology field more particularly to a kind of identity identifying methods, apparatus and system.
Background technique
The different trusted degree of visitor's terminal is different, therefore visitor's terminal needs during accessing network
It is verified by identity of the gateway to visitor's terminal, after authentication success, visitor's terminal can be allowed to access
Network accesses internal, external network resource.
Identification authentication mode commonly used in the prior art includes following several: local authentication, short message certification, App certification with
And authentication-exempt.Local authentication creates user in gateway or third party authentication server in advance, and visitor's terminal accesses net
When network, user name, password is submitted to complete certification to gateway or third party authentication server.Short message certification, that is, visitor's terminal exists
Short message certification page input designated mobile phone number is simultaneously clicked " sending identifying code ", and gateway generates identifying code and passes through short message service
Quotient is transmitted to visitor's terminal of designated mobile phone number.After visitor's terminal receives identifying code, by certification page by cell-phone number, identifying code
Gateway is submitted to together to be verified.I.e. in certification, the library function for calling third-party App to provide is waken up for App certification
Corresponding App completes to authenticate by third-party App server.Authentication-exempt, that is, visitor's terminal does not need to provide authentication information, directly
It connects and completes certification using IP address as user name.
However, above several authentication modes are in practical applications, there is certain shortcoming.For example, local recognize
The mode of card needs administrator to be pre-configured with the username and password of user, for the case where there are a large amount of visitor's terminals workload
It is larger.The short message that the mode of short message certification needs to rent sms sp offer sends service, increases the cost of certification.App
Certification usually requires to be registered accordingly in App platform, operates relatively complicated and can increase cost.The mode of authentication-exempt is only
Suitable for the certification of the interior employee high to trusting degree, it is not suitable for authenticating casual user, safety is limited.
Summary of the invention
This application provides a kind of identity identifying methods, apparatus and system, can not to solve existing identification authentication mode
Realize efficiently dispose, reduce certification cost while, guarantee certification safety the problem of.
In a first aspect, the application provides a kind of identity identifying method, which comprises
Visitor's terminal is received to the access request of network;
Two dimensional code certification page is kidnapped the access request and is redirected to, by the two dimensional code certification page
Return to visitor's terminal;
Audit terminal is received to the access request of the audit page, the audit terminal is whole by scanning and parsing the visitor
The two dimensional code of two dimensional code certification page on end obtains the address URL of the audit page;
The audit page is returned into the audit terminal;
The certification request to visitor's terminal that audit terminal is sent is received, the certification request carries the visitor
The remark information of terminal;
The certification request is verified;
If the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution networking permission by verifying.
With reference to first aspect, the first in first aspect can kidnap simultaneously the access request in realization mode
It is redirected to two dimensional code certification page, after the two dimensional code certification page is returned to visitor's terminal, the method
Further include:
Store the parameters for authentication of visitor's terminal and the check value of the parameters for authentication.
With reference to first aspect the first can realize mode, described to recognize in second of achievable mode of first aspect
Card parameter includes the IP address of visitor's terminal, carries out verifying to the certification request and includes:
Verify whether the audit terminal has audit permission;
If the audit terminal has audit permission, according to the check value, the IP address of visitor's terminal is verified
Whether it is tampered.
The achievable mode of second with reference to first aspect, the third in first aspect can be described to recognize in realization mode
Card parameter further includes that the two dimensional code of the two dimensional code certification page generates the time, and according to the check value, it is whole to verify the visitor
After whether the IP address at end is tampered, the method also includes:
If the IP address of visitor's terminal is not tampered with, the two dimensional code for verifying the two dimensional code certification page is generated
Whether the time is within term of validity.
With reference to first aspect, in the 4th kind of achievable mode of first aspect, two dimensional code user, Xiang Suoshu visitor are created
Terminal distribution is networked after permission, the method also includes:
To audit terminal return authentication success prompt information.
The 4th kind of achievable mode with reference to first aspect, in the 5th kind of achievable mode of first aspect, the side
Method further include:
Visitor's terminal is received to request the periodic queries of authentication result;
Switch the page of visitor's terminal to authenticating success page.
With reference to first aspect, in the 6th kind of achievable mode of first aspect, the certification request is carried out to verify it
Afterwards, the method also includes:
If the certification request is unverified, Xiang Suoshu audit terminal return authentication failure prompt information.
The 6th kind of achievable mode with reference to first aspect, in the 7th kind of achievable mode of first aspect, the side
Method further include:
Visitor's terminal is received to request the periodic queries of authentication result;
Keep the page of visitor's terminal in two dimensional code certification page.
Second aspect, the application provide a kind of identification authentication system, and described device includes:
Receiving unit, for receiving visitor's terminal to the access request of network;
Unit is redirected, for being kidnapped the access request and being redirected to two dimensional code certification page, by institute
It states two dimensional code certification page and returns to visitor's terminal;
The receiving unit is also used to receive audit terminal to the access request of the audit page, and the audit terminal passes through
The two dimensional code for scanning and parsing two dimensional code certification page in visitor's terminal obtains the address URL of the audit page;
Return unit, for the audit page to be returned to the audit terminal;
The receiving unit is also used to receive the certification request to visitor's terminal of audit terminal transmission, described to recognize
Card request carries the remark information of visitor's terminal;
Authentication unit, for being verified to the certification request;
Allocation unit, for creating two dimensional code user, Xiang Suoshu visitor in the case where the certification request is by verifying
Terminal distribution networking permission.
The third aspect, the application provide a kind of identity authorization system, the system comprises: visitor's terminal, audit terminal with
And gateway;
Visitor's terminal, for initiating the access request to network to the gateway;
The gateway kidnaps the access request for receiving visitor's terminal to the access request of network
And it is redirected to two dimensional code certification page, the two dimensional code certification page is returned into visitor's terminal, receives audit eventually
The access request to the audit page is held, the audit page is returned into the audit terminal, receives pair that audit terminal is sent
The certification request of visitor's terminal, the certification request carry the remark information of visitor's terminal, ask to the certification
It asks and is verified, if the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution networking power by verifying
Limit;
The audit terminal, for passing through the two dimensional code for scanning and parsing two dimensional code certification page in visitor's terminal,
The address URL of the audit page is obtained, Xiang Suoshu gateway initiates the access request to the audit page, receives gateway
The audit page of return, and, Xiang Suoshu gateway initiates the certification request to visitor's terminal.
From the above technical scheme, this application provides a kind of identity identifying method, apparatus and system, this method is preparatory
The specified audit terminal with audit permission carries out access request when receiving access request of visitor's terminal to network
It kidnaps and is redirected to two dimensional code certification page and return to visitor's terminal, receive audit terminal by scanning and parsing visitor's terminal
The audit page is returned to audit later by the access request to the audit page that the two dimensional code of upper two dimensional code certification page is initiated
Terminal receives the certification request to visitor's terminal that audit terminal is sent, and certification request carries the remark information of visitor's terminal,
Certification request is verified, if certification request creates two dimensional code user by verifying, networks and weighs to visitor's terminal distribution
Limit, the present invention are directed to the interim networking behavior of visitor's terminal, and without carrying out being pre-configured with for user information, setting is convenient and efficient,
It is particularly suitable for that there are a large amount of visitor's terminals to need the case where accessing network;And without buying or rent third-party clothes
Business, can significantly reduce cost;While realizing efficiently deployment, reducing the cost of certification, guarantee the safety of certification.
Detailed description of the invention
In order to illustrate more clearly of the technical solution of the application, letter will be made to attached drawing needed in the embodiment below
Singly introduce, it should be apparent that, for those of ordinary skills, without any creative labor,
It is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of the first embodiment of identity identifying method provided by the present application.
Fig. 2 is a kind of flow chart of the second embodiment of identity identifying method provided by the present application.
Fig. 3 is a kind of flow chart of the 3rd embodiment of identity identifying method provided by the present application.
Fig. 4 is a kind of flow chart of the fourth embodiment of identity identifying method provided by the present application.
Fig. 5 is a kind of flow chart of 5th embodiment of identity identifying method provided by the present application.
Fig. 6 is a kind of flow chart of the sixth embodiment of identity identifying method provided by the present application.
Fig. 7 is a kind of structural block diagram of identification authentication system provided by the embodiments of the present application.
Fig. 8 is a kind of schematic diagram of identity authorization system provided by the embodiments of the present application.
Fig. 9 is a kind of certification timing diagram of identity authorization system provided by the embodiments of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the application clearer, below in conjunction with the application specific embodiment and
Technical scheme is clearly and completely described in corresponding attached drawing.Obviously, described embodiment is only the application one
Section Example, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing
Every other embodiment obtained under the premise of creative work out, shall fall in the protection scope of this application.Below in conjunction with attached drawing,
The technical scheme provided by various embodiments of the present application will be described in detail.
Referring to Fig. 1, Fig. 1 is a kind of flow chart of the first embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, and the identity identifying method of the present embodiment includes the following steps:
Step S101 receives visitor's terminal to the access request of network.
Specifically, the network in above-mentioned steps refers to the internal, external network resource for needing the identity to visitor's terminal to be authenticated.It visits
Objective terminal can issue access request when needing to access these internal, external network resources, visitor's terminal can specifically pass through wireless router
Network is accessed in a manner of wireless network, or network is accessed in a manner of cable.Access request specifically can be with HTTP/
The form of HTTPS message is sent.
Step S102 is kidnapped the access request and is redirected to two dimensional code certification page, by the two dimension
The code authentication page returns to visitor's terminal.
Specifically, when the HTTP/HTTPS flow of visitor's terminal passes through gateway, gateway, which is kidnapped, lays equal stress on
It is directed to two dimensional code certification page, so that jumping to two dimensional code certification page in visitor's terminal.
Step S103 receives audit terminal to the access request of the audit page, and the audit terminal is by scanning and parsing
The two dimensional code of two dimensional code certification page in visitor's terminal obtains the address URL of the audit page.
Specifically, audit terminal can be the mobile terminal that can be scanned the two-dimensional code, such as smart phone.Audit terminal can lead to
Cross wireless router access network.Audit terminal has been completed authentication in advance, and the user of audit terminal is by administrator
User configuring, with audit other visitor's terminals access.Visitor's terminal can pass through after receiving two dimensional code certification page
Two-dimensional code scanning tool in audit terminal scans the two dimensional code that visitor's terminal receives, and parses two dimensional code and obtain the audit page
The address URL, and by the address URL to gateway request audit the page.
The audit page is returned to the audit terminal by step S104.
Specifically, after gateway receives audit terminal to the access request of the audit page, the audit page is returned into institute
Audit terminal is stated, the audit page specifically can be the page of the information of visitor's terminal for filling in request audit.
Step S105, receives the certification request to visitor's terminal that audit terminal is sent, and the certification request carries
There is the remark information of visitor's terminal.
It specifically, can be standby in some correlations for auditing page remarks visitor's terminal after audit terminal receives the audit page
Information is infused, then such as user name initiates the certification request for being directed to visitor's terminal to gateway.
Step S106 verifies the certification request.
Specifically, after gateway receives the certification request to visitor's terminal that audit terminal is sent, this is recognized
Card request is verified, to determine the whether accessible internal, external network resource of visitor's terminal.
Step S107, if the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution connection by verifying
Net permission.
Specifically, if gateway determines that certification request by verifying, can create two dimensional code user and to visitor
Terminal distribution networking permission, so that the accessible internal, external network resource of visitor's terminal.
Referring to Fig. 2, Fig. 2 is a kind of flow chart of the second embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, on the basis of first embodiment, carry out to the access request
Kidnap and be redirected to two dimensional code certification page, after the two dimensional code certification page is returned to visitor's terminal, institute
State method further include:
Step S1021 stores the parameters for authentication of visitor's terminal and the check value of the parameters for authentication.
Specifically, in the present embodiment, gateway, which kidnap in the access request for issuing visitor's terminal, lays equal stress on
After being directed to two dimensional code certification page, can also by the check value of the parameters for authentication of visitor's terminal and the parameters for authentication into
Row storage, for being verified to certification request.
Referring to Fig. 3, Fig. 3 is a kind of flow chart of the 3rd embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, and on the basis of second embodiment, the parameters for authentication includes institute
The IP address for stating visitor's terminal, carrying out verifying to the certification request includes:
Step S1061, verifies whether the audit terminal has audit permission.
Specifically, being verified to the certification request specifically can first verify whether the audit terminal has audit power
Limit only under the premise of audit terminal has audit permission, then is verified the identity of visitor's terminal.If audit terminal
Do not have audit permission, then can terminate this authentication procedures.
Step S1062, according to the check value, it is whole to verify the visitor if the audit terminal has audit permission
Whether the IP address at end is tampered.
Specifically, store visitor's terminal parameters for authentication and the parameters for authentication check value when, can be specific
Store the IP address of visitor's terminal and the check value of IP address.It, can be according to visitor's terminal when audit terminal has audit permission
IP address check value, whether the IP address for verifying visitor's terminal be tampered, and IP address is tampered, then cannot be by testing
Card.
Referring to Fig. 4, Fig. 4 is a kind of flow chart of the fourth embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, and on the basis of 3rd embodiment, the parameters for authentication further includes
The two dimensional code of the two dimensional code certification page generates the time, and according to the check value, the IP address for verifying visitor's terminal is
It is no be tampered after, the method also includes:
Step S1063 verifies the two dimensional code certification page if the IP address of visitor's terminal is not tampered with
Two dimensional code generates the time whether within term of validity.
Specifically, store visitor's terminal parameters for authentication and the parameters for authentication check value when, can also have
The two dimensional code that body stores two dimensional code certification page generates the time and two dimensional code generates the check value of time.The IP address of visitor's terminal
It is not tampered with, the two dimensional code for verifying the two dimensional code certification page generates the time whether within term of validity, within the time limit then
By verifying, it cannot then pass through verifying not within the time limit.
Referring to Fig. 5, Fig. 5 is a kind of flow chart of 5th embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, on the basis of first embodiment, create two dimensional code user, to
After visitor's terminal distribution networking permission, the method also includes:
Step S108, Xiang Suoshu audit terminal return authentication success prompt information.
Further, the method also includes:
Step S109 receives visitor's terminal and requests the periodic queries of authentication result.
Specifically, visitor's terminal can periodically inquire the certification of visitor's terminal after obtaining two dimensional code certification page
As a result.
Step S110 switches the page of visitor's terminal to authenticating success page.
Specifically, after authenticating successfully, visitor's terminal is switched to certification success page, accessible internal, external network resource.
Referring to Fig. 6, Fig. 6 is a kind of flow chart of the sixth embodiment of identity identifying method provided by the present application, this reality
The method for applying example can be applied to gateway, and the gateway in the present embodiment can specifically refer to firewall or network log-in management
Equipment.The executing subject of the present embodiment can be gateway, on the basis of first embodiment, carry out to the certification request
After verifying, the method also includes:
Step S1081, if the certification request is unverified, Xiang Suoshu audit terminal return authentication unsuccessfully prompts to believe
Breath.
Further, the method also includes:
Step S109 receives visitor's terminal and requests the periodic queries of authentication result.
Step S1091 keeps the page of visitor's terminal in two dimensional code certification page.
From the above technical scheme, identity identifying method provided by the embodiments of the present application is examined by preassigning to have
The audit terminal of Nuclear Authorization is kidnapped access request and is reset when receiving access request of visitor's terminal to network
Visitor's terminal is returned to to two dimensional code certification page, audit terminal is received and is recognized by scanning and parsing two dimensional code in visitor's terminal
The audit page is returned to audit terminal later, received by the access request to the audit page that the two dimensional code of the card page is initiated
The certification request to visitor's terminal that audit terminal is sent, certification request carry the remark information of visitor's terminal, ask to certification
It asks and is verified, if certification request creates two dimensional code user by verifying, to visitor's terminal distribution networking permission, this hair
The bright interim networking behavior for visitor's terminal, without carrying out being pre-configured with for user information, setting is convenient and efficient, especially suitable
In there are a large amount of visitor's terminals to need the case where accessing network;And it, can be significant without buying or renting third-party service
Reduce cost;While realizing efficiently deployment, reducing the cost of certification, guarantee the safety of certification.
Referring to Fig. 7, Fig. 7 is a kind of structural block diagram of identification authentication system provided by the present application, described device includes:
Receiving unit 701, for receiving visitor's terminal to the access request of network.
Unit 702 is redirected, it, will for being kidnapped the access request and being redirected to two dimensional code certification page
The two dimensional code certification page returns to visitor's terminal.
The receiving unit 701 is also used to receive audit terminal to the access request of the audit page, and the audit terminal is logical
The two dimensional code for over-scanning and parsing two dimensional code certification page in visitor's terminal obtains the address URL of the audit page;
Return unit 703, for the audit page to be returned to the audit terminal.
The receiving unit 701 is also used to receive the certification request to visitor's terminal of audit terminal transmission, described
Certification request carries the remark information of visitor's terminal.
Authentication unit 704, for being verified to the certification request.
Allocation unit 705, for creating two dimensional code user, Xiang Suoshu in the case where the certification request is by verifying
Visitor's terminal distribution networking permission.
Referring to Fig. 8, Fig. 8 is a kind of schematic diagram of identity authorization system provided by the present application, and the system comprises: visitor
Terminal 100, audit terminal 200 and gateway 300.When Fig. 9 is the certification of the authentication procedures of the identity authorization system
Sequence figure.
Visitor's terminal 100, for initiating the access request to network to the gateway.
The gateway 200 robs the access request for receiving visitor's terminal to the access request of network
Two dimensional code certification page is held and be redirected to, the two dimensional code certification page is returned into visitor's terminal, receives audit
The audit page is returned to the audit terminal to the access request of the audit page by terminal, receives what audit terminal was sent
To the certification request of visitor's terminal, the certification request carries the remark information of visitor's terminal, to the certification
Request is verified, if the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution networking power by verifying
Limit.
The audit terminal 300, for the two dimension by scanning and parsing two dimensional code certification page in visitor's terminal
Code, obtains the address URL of the audit page, and Xiang Suoshu gateway initiates the access request to the audit page, receives gateway
The audit page that equipment returns, and, Xiang Suoshu gateway initiates the certification request to visitor's terminal.
In the specific implementation, the application also provides a kind of computer storage medium, wherein the computer storage medium can store
There is program, which may include step some or all of in each embodiment of identity identifying method provided by the invention when executing
Suddenly.The storage medium can be magnetic disk, CD, read-only memory (English: Read-Only Memory, abbreviation: ROM)
Or random access memory (English: Random Access Memory, referred to as: RAM) etc..
It is required that those skilled in the art can be understood that the technology in the embodiment of the present invention can add by software
The mode of general hardware platform realize.Based on this understanding, the technical solution in the embodiment of the present invention substantially or
Say that the part that contributes to existing technology can be embodied in the form of software products, which can deposit
Storage is in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are used so that computer equipment (can be with
It is personal computer, server or the network equipment etc.) execute certain part institutes of each embodiment of the present invention or embodiment
The method stated.
Same and similar part may refer to each other between each embodiment in this specification.Especially for authentication
For device and system embodiment, since it is substantially similar to the method embodiment, so being described relatively simple, related place
Referring to the explanation in embodiment of the method.
Above-described the application embodiment does not constitute the restriction to the application protection scope.
Claims (10)
1. a kind of identity identifying method, which is characterized in that the described method includes:
Visitor's terminal is received to the access request of network;
Two dimensional code certification page is kidnapped the access request and be redirected to, the two dimensional code certification page is returned
To visitor's terminal;
Audit terminal is received to the access request of the audit page, the audit terminal is by scanning and parsing in visitor's terminal
The two dimensional code of two dimensional code certification page obtains the address URL of the audit page;
The audit page is returned into the audit terminal;
The certification request to visitor's terminal that audit terminal is sent is received, the certification request carries visitor's terminal
Remark information;
The certification request is verified;
If the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution networking permission by verifying.
2. the method as described in claim 1, which is characterized in that kidnapped the access request and be redirected to two dimensional code
Certification page, after the two dimensional code certification page is returned to visitor's terminal, the method also includes:
Store the parameters for authentication of visitor's terminal and the check value of the parameters for authentication.
3. method according to claim 2, which is characterized in that the parameters for authentication includes the IP address of visitor's terminal,
Carrying out verifying to the certification request includes:
Verify whether the audit terminal has audit permission;
If the audit terminal has audit permission, according to the check value, verify visitor's terminal IP address whether
It is tampered.
4. method as claimed in claim 3, which is characterized in that the parameters for authentication further includes the two dimensional code certification page
Two dimensional code generates the time, according to the check value, verify visitor's terminal IP address whether be tampered after, the method
Further include:
If the IP address of visitor's terminal is not tampered with, the two dimensional code for verifying the two dimensional code certification page generates the time
Whether within term of validity.
5. the method as described in claim 1, which is characterized in that creation two dimensional code user, the networking of Xiang Suoshu visitor's terminal distribution
After permission, the method also includes:
To audit terminal return authentication success prompt information.
6. method as claimed in claim 5, which is characterized in that the method also includes:
Visitor's terminal is received to request the periodic queries of authentication result;
Switch the page of visitor's terminal to authenticating success page.
7. the method as described in claim 1, which is characterized in that after verifying to the certification request, the method is also
Include:
If the certification request is unverified, Xiang Suoshu audit terminal return authentication failure prompt information.
8. the method for claim 7, which is characterized in that the method also includes:
Visitor's terminal is received to request the periodic queries of authentication result;
Keep the page of visitor's terminal in two dimensional code certification page.
9. a kind of identification authentication system, which is characterized in that described device includes:
Receiving unit, for receiving visitor's terminal to the access request of network;
Unit is redirected, for being kidnapped the access request and being redirected to two dimensional code certification page, by described two
The dimension code authentication page returns to visitor's terminal;
The receiving unit is also used to receive audit terminal to the access request of the audit page, and the audit terminal passes through scanning
And the two dimensional code of two dimensional code certification page in visitor's terminal is parsed, obtain the address URL of the audit page;
Return unit, for the audit page to be returned to the audit terminal;
The receiving unit, is also used to receive the certification request to visitor's terminal of audit terminal transmission, and the certification is asked
Seek the remark information for carrying visitor's terminal;
Authentication unit, for being verified to the certification request;
Allocation unit, for creating two dimensional code user, Xiang Suoshu visitor's terminal in the case where the certification request is by verifying
Distribution networking permission.
10. a kind of identity authorization system, which is characterized in that the system comprises: visitor's terminal, audit terminal and gateway are set
It is standby;
Visitor's terminal, for initiating the access request to network to the gateway;
The gateway kidnap to the access request and lay equal stress on for receiving visitor's terminal to the access request of network
It is directed to two dimensional code certification page, the two dimensional code certification page is returned into visitor's terminal, receives audit terminal pair
The audit page is returned to the audit terminal by the access request for auditing the page, receive audit terminal transmission to described
The certification request of visitor's terminal, the certification request carry the remark information of visitor's terminal, to the certification request into
It goes and verifies, if the certification request creates two dimensional code user, Xiang Suoshu visitor's terminal distribution networking permission by verifying;
The audit terminal is obtained for the two dimensional code by scanning and parsing two dimensional code certification page in visitor's terminal
The address URL of the audit page, Xiang Suoshu gateway initiate the access request to the audit page, receive gateway and return
The audit page, and, Xiang Suoshu gateway is initiated to the certification request of visitor's terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811587830.3A CN109428893A (en) | 2018-12-25 | 2018-12-25 | A kind of identity identifying method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811587830.3A CN109428893A (en) | 2018-12-25 | 2018-12-25 | A kind of identity identifying method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109428893A true CN109428893A (en) | 2019-03-05 |
Family
ID=65514866
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811587830.3A Pending CN109428893A (en) | 2018-12-25 | 2018-12-25 | A kind of identity identifying method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109428893A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351719A (en) * | 2019-07-16 | 2019-10-18 | 深圳市信锐网科技术有限公司 | A kind of wireless network management method, system and electronic equipment and storage medium |
CN111833507A (en) * | 2020-07-10 | 2020-10-27 | 腾讯科技(深圳)有限公司 | Visitor authentication method, device, equipment and computer readable storage medium |
CN113573316A (en) * | 2021-07-15 | 2021-10-29 | 中国人民解放军陆军工程大学 | Method for temporarily changing private authority of special mobile communication network user |
CN114584400A (en) * | 2022-04-29 | 2022-06-03 | 远江盛邦(北京)网络安全科技股份有限公司 | Authentication method, authentication device, electronic equipment and medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008003743A (en) * | 2006-06-21 | 2008-01-10 | Sharp Corp | Authentication system and authentication method |
CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
CN106162641A (en) * | 2016-07-25 | 2016-11-23 | 福建富士通信息软件有限公司 | A kind of safe and efficient public's WiFi authentication method and system |
CN106209912A (en) * | 2016-08-30 | 2016-12-07 | 迈普通信技术股份有限公司 | Access authorization methods, device and system |
CN107277812A (en) * | 2017-07-11 | 2017-10-20 | 上海斐讯数据通信技术有限公司 | A kind of wireless network authentication method and system based on Quick Response Code |
CN107454064A (en) * | 2017-07-11 | 2017-12-08 | 上海斐讯数据通信技术有限公司 | A kind of visitor's authentication method and system based on public number |
CN108282472A (en) * | 2018-01-16 | 2018-07-13 | 上海众人网络安全技术有限公司 | A kind of WIFI authentication methods, device, server and storage medium |
-
2018
- 2018-12-25 CN CN201811587830.3A patent/CN109428893A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008003743A (en) * | 2006-06-21 | 2008-01-10 | Sharp Corp | Authentication system and authentication method |
CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
CN106162641A (en) * | 2016-07-25 | 2016-11-23 | 福建富士通信息软件有限公司 | A kind of safe and efficient public's WiFi authentication method and system |
CN106209912A (en) * | 2016-08-30 | 2016-12-07 | 迈普通信技术股份有限公司 | Access authorization methods, device and system |
CN107277812A (en) * | 2017-07-11 | 2017-10-20 | 上海斐讯数据通信技术有限公司 | A kind of wireless network authentication method and system based on Quick Response Code |
CN107454064A (en) * | 2017-07-11 | 2017-12-08 | 上海斐讯数据通信技术有限公司 | A kind of visitor's authentication method and system based on public number |
CN108282472A (en) * | 2018-01-16 | 2018-07-13 | 上海众人网络安全技术有限公司 | A kind of WIFI authentication methods, device, server and storage medium |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351719A (en) * | 2019-07-16 | 2019-10-18 | 深圳市信锐网科技术有限公司 | A kind of wireless network management method, system and electronic equipment and storage medium |
CN111833507A (en) * | 2020-07-10 | 2020-10-27 | 腾讯科技(深圳)有限公司 | Visitor authentication method, device, equipment and computer readable storage medium |
CN111833507B (en) * | 2020-07-10 | 2023-09-01 | 腾讯科技(深圳)有限公司 | Visitor authentication method, device, equipment and computer readable storage medium |
CN113573316A (en) * | 2021-07-15 | 2021-10-29 | 中国人民解放军陆军工程大学 | Method for temporarily changing private authority of special mobile communication network user |
CN113573316B (en) * | 2021-07-15 | 2024-02-20 | 中国人民解放军陆军工程大学 | Method for temporarily changing private authority of private mobile communication network user |
CN114584400A (en) * | 2022-04-29 | 2022-06-03 | 远江盛邦(北京)网络安全科技股份有限公司 | Authentication method, authentication device, electronic equipment and medium |
CN114584400B (en) * | 2022-04-29 | 2022-07-26 | 远江盛邦(北京)网络安全科技股份有限公司 | Authentication method, authentication device, electronic equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111131242B (en) | Authority control method, device and system | |
CN108901022B (en) | Micro-service unified authentication method and gateway | |
CN103609090B (en) | Identity logs method and apparatus | |
CN109428893A (en) | A kind of identity identifying method, apparatus and system | |
CN109815656A (en) | Login authentication method, device, equipment and computer readable storage medium | |
CN109981561A (en) | Monomer architecture system moves to the user authen method of micro services framework | |
CN109309666A (en) | Interface security control method and terminal device in a kind of network security | |
CN107070880A (en) | A kind of method and system of single-sign-on, a kind of authentication center's server | |
CN111556006A (en) | Third-party application system login method, device, terminal and SSO service platform | |
CN111062023B (en) | Method and device for realizing single sign-on of multi-application system | |
KR102001544B1 (en) | Apparatus and method to enable a user authentication in a communication system | |
EP3308525A1 (en) | Single sign-on for unmanaged mobile devices | |
CN106487774A (en) | A kind of cloud host services authority control method, device and system | |
CN109873805A (en) | Cloud desktop login method, device, equipment and storage medium based on cloud security | |
CN104717648B (en) | A kind of uniform authentication method and equipment based on SIM card | |
CN111698250A (en) | Access request processing method and device, electronic equipment and computer storage medium | |
US9332433B1 (en) | Distributing access and identification tokens in a mobile environment | |
CN110602123A (en) | Single-point certificate authentication system and method based on micro-service | |
CN108965341A (en) | The method, apparatus and system of login authentication | |
CN112580006A (en) | Access right control method and device of multi-cloud system and authentication server | |
CN108234509A (en) | FIDO authenticators, Verification System and method based on TEE and PKI certificates | |
CN106331003A (en) | Method and device for accessing application portal system on cloud desktop | |
CN105827406A (en) | Identity verification method, identity verification device, and identity verification system | |
CN110336870A (en) | Method for building up, device, system and the storage medium in telecommuting O&M channel | |
CN107872445A (en) | Access authentication method, equipment and Verification System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190305 |
|
RJ01 | Rejection of invention patent application after publication |