CN109718557A - One kind is across taking login method - Google Patents
One kind is across taking login method Download PDFInfo
- Publication number
- CN109718557A CN109718557A CN201910068709.8A CN201910068709A CN109718557A CN 109718557 A CN109718557 A CN 109718557A CN 201910068709 A CN201910068709 A CN 201910068709A CN 109718557 A CN109718557 A CN 109718557A
- Authority
- CN
- China
- Prior art keywords
- server
- random number
- taking
- account
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to one kind across taking login method, this method logs in game server using client by user, after across clothes activities start, across clothes activities are added by client application, by game server based on across taking the certification generating random number of server generation across taking token, client supports should be across taking token login across taking server.This method reduces server stress on the basis of guaranteeing across login security is taken.
Description
[technical field]
The invention belongs to computer and information security field, more particularly to it is a kind of across taking login method.
[background technique]
Existing online game usually all has multiple game servers, and player needs to log in the server of its selection, from
And can be interacted with other players in the game server, but can not be handed over the player in other game servers
Mutually.In order to break through this limitation, some online games are proposed across movable concept is taken, i.e. player can be under certain condition
(such as specified time) participates in across clothes activities, from other participation across take the movable player from different game servers into
Row interaction.
In specific implementation, generally requires introducing one and carry out receiving to come from each game garment across movable server is taken
Be engaged in the player of device, to each player be brought into same across taking server.It, may across server is taken when across clothes activities start
The logging request for facing a large amount of players, to bringing huge pressure across taking server.Therefore, a large amount of logging requests how are handled,
And the safety for guaranteeing players log is a technical issues that need to address.
[summary of the invention]
In order to solve the above problem in the prior art, the present invention provides one kind across taking login method.
The technical solution adopted by the present invention is specific as follows:
One kind is across taking login method, comprising the following steps:
(1) user logs in game server using client;Game server is that the user generates login token Token,
That is Token=E (account, R), wherein account is the account of user, and E is symmetric encipherment algorithm, and R is random number;
(2) after across server unlatching across clothes activities are taken, across server is taken when each time cycle starts, worked as according to it
Preload calculates acceptable in the time cycle and logs in quantity K;
(3) described currently also to possess how many certification random numbers across taking server and inquire it to database server;
(4) database server replys the quantity m of certification random number currently possessed across taking server to described, such as
Fruit m < K, then it is described to be sent to the database service across taking server and generate K-m random number as new certification random number
Device, the database server store this K-m certification random number;It is described across taking server notification database if m > K
Server deletes m-K certification random number therein;
(5) user proposes to participate in across taking movable request by client to game server;
(6) game server sends to database server and requests, and applies for a certification random number;If database
Server then refuses this application currently without certification random number;Otherwise the certification that the database server is possessed from it is random
One is selected in number and returns to the game server, while the certification random number of selection being deleted from the certification random number that it is possessed
It removes;
(7) after the game server receives certification random number R 1, one is generated across taking token Token1, i.e. Token1
=E (account, R2), wherein R2=R R1, and this is sent to the client across token is taken;
(8) client by user account and it is described across take token be sent to it is described across server is taken to apply logging in,
It is described to be sent to the game server across taking token as verify data for described across taking server;
(9) the game server decryption is described across token is taken, and obtains account and R2 therein, while game services
Device obtains the corresponding random number R of the account, and R1=R2R is calculated;
(10) account and R1 that step 9 obtains are sent to described across taking server by the game server, it is described across
It takes server and judges whether the account is identical with the user account received in step 8, refuse client if different and step on
If record judges whether R1 is the certification random number generated in nearest a period of time identical again, if not if refuse the client
End logs in, and otherwise receives client login.
Further, the key of the Encryption Algorithm E is only stored by the game server.
Further, user account account is associated with corresponding random number R and is stored in the game server.
Further, the logon domain has expired time.
Further, the step 5 specifically includes: after across clothes activities start, game server notifies client, client
It holds to user and shows corresponding participation option, user is by selecting such option to participate in across clothes activities to game server
Request.
Further, in the step 6, after database server refuses the application of game server, game server is logical
It is busy to know client current server, or waits for a period of time and applies again.
Further, in the step 10, described nearest a period of time was set as in two nearest time cycles.
The beneficial effects of the present invention are: reducing server stress on the basis of guaranteeing across login security is taken.
[Detailed description of the invention]
Described herein the drawings are intended to provide a further understanding of the invention, constitutes part of this application, but
It does not constitute improper limitations of the present invention, in the accompanying drawings:
Fig. 1 is the present invention across the structure chart for taking game system.
[specific embodiment]
Come that the present invention will be described in detail below in conjunction with attached drawing and specific embodiment, illustrative examples therein and says
It is bright to be only used to explain the present invention but not as a limitation of the invention.
Referring to attached drawing 1, it illustrates entirely across the structure chart for taking game system, whole system includes multiple game clients
End, multiple game servers, across taking server, database server.User in general, is logged in each using its client
Game is carried out from affiliated game server, when needing to carry out across clothes activities (such as fighting across clothes), client logs on to across clothes
Server carries out game.Between client and game server, it can be communicated with each other by network between different server, and
And the communication that login method of the present invention is carried out should all carry out in safe lane, such as pass through https agreement.
Based on above system structure, method of the invention is described in detail below.
(1) user logs in game server using client.
Before carrying out across clothes activities, user is firstly the need of its corresponding game server is logged in, specifically, user is in visitor
Family end inputs its account and password, and client calculates the cryptographic Hash of password, and the cryptographic Hash and the account are sent jointly to game
Server.
Game server generates a random number R at random, generates login a token Token, i.e. Token=for the user
E (account, R), wherein account is the account of user, and E is symmetric encipherment algorithm, and the key which uses only has
Game server is known, and only game server can be decrypted.
The login token is sent to the client by game server, hereafter the client can hold the login
Token directly logs in the game server.Specifically, game server generate log in token when, by user account account
It is corresponding with random number R to be stored in game server, thus when game server receives and logs in token, decrypt the login
Token, judges to log in whether account and R in token correspond to, if it does correspond, then allowing the client with the user account
Identity logs.
Preferably, an expired time can be arranged for the login token in game server, after the expiration-time, it is desirable that
User reuses the login of its account number cipher, and generates new login token.
(2) after across server unlatching across clothes activities are taken, across server is taken when each time cycle starts, worked as according to it
Preload calculates acceptable in the time cycle and logs in quantity K.
The time cycle is predetermined, such as 10 minutes, calculates in next 10 minutes and can connect across server is taken
It is logged in by how many a users, without to causing excessive pressure across taking server.And it all counted every 10 minutes across taking server
It calculates once, obtains next 10 minutes acceptable login quantity.
Due to being dynamic change across the load for taking server, each time cycle can have new user to log in, and also have
User exits across clothes activities, thus the acceptable login quantity being calculated for each time cycle is different.
(3) described currently also to possess how many certification random numbers across taking server and inquire it to database server.
The certification random number be by generating (specific generate and effect see subsequent step) across taking server, and by
Database server storage authenticates the quantity of random number by across taking server control.
(4) database server is to described across the quantity (vacation for taking the certification random number that server reply is currently possessed
It is described to be sent to the number across taking server and generate K-m random number as new certification random number if m < K equipped with m)
According to library server, the database server stores this K-m certification random number;It is described across taking server notice if m > K
Database server deletes m-K certification random number therein.
The certification random number is acceptable across clothes login for authenticating its, by step 4, ensure that number across server is taken
According to having in the server of library and only K certification random number, the quantity that can be logged in corresponding to current time period.
(5) user proposes to participate in across taking movable request by client to game server.
Specifically, game server is notified that client, client also can show phase to user after across clothes activities start
The participation option answered, user is by selecting such option to participate in game server across taking movable request.
(6) game server sends to database server and requests, and applies for a certification random number;If database
Server then refuses this application currently without certification random number;Otherwise the certification that the database server is possessed from it is random
One is selected in number and returns to the game server, while the certification random number of selection being deleted from the certification random number that it is possessed
It removes.
Step 6 it is meant that each application across movable user is taken, all indirectly by game server from database service
Device obtains a certification random number.Application of the database server based on game server distributes its certification random number possessed,
Each application distributes one, and once dispenses, and just deletes from database server.In this way, passing through certification random number
Quantity allotted, just controlling can log in whithin a period of time across the number of users for taking server, avoid extensive login
To across the pressure for taking server.While this work is transferred to database server across server is taken, equally also disperse it
The pressure of itself.
If database server refuses the application of game server, game garment currently without certification random number is possessed
It is busy that business device can notify client current server, or wait for a period of time and apply again, the specific processing mode present invention
With no restriction.
(7) after the game server receives certification random number R 1, one is generated across taking token Token1, i.e. Token1
=E (account, R2), wherein R2=R R1, and this is sent to the client across token is taken.
It as can be seen calculated from the above process, will across taking token actually while including the relevant information for logging in token
It associates across token is taken with the login token of client, is used for subsequent certification.
(8) client by user account and it is described across take token be sent to it is described across server is taken to apply logging in,
It is described to be sent to the game server across taking token as verify data for described across taking server.
It is described that therefore the two needs to correspond to across taking the account information for actually containing user in token, could by across
Take the verifying of server.Due to only having game server that can decrypt across taking token, thus need to pass through game across server is taken
Server is to verifying across taking token.
(9) the game server decryption is described across token is taken, and obtains account and R2 therein, while game services
Device obtains the corresponding random number R of the account, and R1=R2R is calculated.
As previously mentioned, game server by user account it is corresponding with its random number R storage.Due to that may have multiple visitors simultaneously
Family end is logged in request across taking server, therefore game server needs that its corresponding random number could be obtained according to user account
R, and further calculate R1.
(10) account and R1 that step 9 obtains are sent to described across taking server by the game server, it is described across
It takes server and judges whether the account is identical with the user account received in step 8, refuse client if different and step on
If record judges whether R1 is the certification random number generated in nearest a period of time identical again, if not if refuse the client
End logs in, and otherwise receives client login.
Described nearest a period of time can preset, and the login for limiting client postpones, such as is set as nearest
In two time cycles.Simultaneously in order to be compared, it is also required to save the certification generated in a period of time recently across server is taken
Random number.
Based on the above login process, pass through the certification random number being arranged in each time cycle across server is taken, and will test
Card work is transferred to game server and database server, avoids while the login authentication of big flow, reduces server
Pressure.On the other hand, it authenticates random number and across the setting for taking token, also ensures the safety logged in across clothes.
The above description is only a preferred embodiment of the present invention, thus it is all according to the configuration described in the scope of the patent application of the present invention,
The equivalent change or modification that feature and principle are done, is included in the scope of the patent application of the present invention.
Claims (7)
1. a kind of across taking login method, which comprises the following steps:
(1) user logs in game server using client;Game server is that the user generates login token Token, i.e.,
Token=E (account, R), wherein account is the account of user, and E is symmetric encipherment algorithm, and R is random number;
(2) it after across server unlatching across clothes activities are taken, across server is taken when each time cycle starts, is currently born according to it
Lotus calculates acceptable in the time cycle and logs in quantity K;
(3) described currently also to possess how many certification random numbers across taking server and inquire it to database server;
(4) database server replys the quantity m of certification random number currently possessed across taking server to described, if m
< K, then it is described to be sent to the database server across taking server and generate K-m random number as new certification random number,
The database server stores this K-m certification random number;It is described across taking server notification database service if m > K
Device deletes m-K certification random number therein;
(5) user proposes to participate in across taking movable request by client to game server;
(6) game server sends to database server and requests, and applies for a certification random number;If database service
Device then refuses this application currently without certification random number;Otherwise the database server is from the certification random number that it is possessed
Selection one returns to the game server, while the certification random number of selection being deleted from the certification random number that it is possessed;
(7) after the game server receives certification random number R 1, one is generated across taking token Token1, i.e. Token1=E
(account, R2), wherein R2=R R1, and this is sent to the client across token is taken;
(8) client by user account and it is described across take token be sent to it is described across server is taken to apply logging in, it is described
The game server is sent to across taking token as verify data using described across server is taken;
(9) the game server decryption is described across token is taken, and obtains account and R2 therein, while game server obtains
The corresponding random number R of the account is taken, R1=R2 R is calculated;
(10) account and R1 that step 9 obtains are sent to described across taking server by the game server, described to take across clothes
Business device judges whether the account is identical with the user account received in step 8, refuses client if different and logs in,
Judge whether R1 is the certification random number generated in nearest a period of time again if identical, if not if refuse the client and step on
Otherwise record receives client login.
2. the method according to claim 1, wherein the key of the Encryption Algorithm E is only by the game services
Device storage.
3. method described in -2 any one according to claim 1, which is characterized in that user account account and accordingly with
Machine number R association is stored in the game server.
4. method according to claim 1 to 3, which is characterized in that the logon domain has expired time.
5. method according to any of claims 1-4, which is characterized in that the step 5 specifically includes: living when across clothes
After dynamic beginning, game server notifies client, and client is shown to user participates in option accordingly, and user passes through selection in this way
Option participate in game server across taking movable request.
6. method described in -5 any one according to claim 1, which is characterized in that in the step 6, database server is refused
After the application of exhausted game server, game server notifies that client current server is busy, or Shen again of waiting for a period of time
Please.
7. the method according to claim 1, wherein described nearest a period of time is set as in the step 10
In two nearest time cycles.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910068709.8A CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910068709.8A CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109718557A true CN109718557A (en) | 2019-05-07 |
CN109718557B CN109718557B (en) | 2022-02-08 |
Family
ID=66299991
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910068709.8A Active CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109718557B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111282262A (en) * | 2020-01-13 | 2020-06-16 | 网易(杭州)网络有限公司 | Game server communication method and device |
CN111786948A (en) * | 2020-05-21 | 2020-10-16 | 中清龙图计算机科技(上海)有限公司 | Cloud game control method, device, system, equipment and medium |
CN112604270A (en) * | 2020-12-29 | 2021-04-06 | 北京冰封互娱科技有限公司 | Cross-server method, device and equipment for online game |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1283631A2 (en) * | 2001-08-06 | 2003-02-12 | Sun Microsystems, Inc. | Web based applications single sign on system and method |
CN1556491A (en) * | 2003-12-30 | 2004-12-22 | 北京金山数字娱乐科技有限公司 | Servicer system |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
CN105262848A (en) * | 2015-06-30 | 2016-01-20 | 清华大学 | User internet identity and generation method and system thereof |
CN105472052A (en) * | 2014-09-03 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Login method and system of cross-domain server |
-
2019
- 2019-01-24 CN CN201910068709.8A patent/CN109718557B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1283631A2 (en) * | 2001-08-06 | 2003-02-12 | Sun Microsystems, Inc. | Web based applications single sign on system and method |
CN1556491A (en) * | 2003-12-30 | 2004-12-22 | 北京金山数字娱乐科技有限公司 | Servicer system |
CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
CN105472052A (en) * | 2014-09-03 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Login method and system of cross-domain server |
CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
CN105262848A (en) * | 2015-06-30 | 2016-01-20 | 清华大学 | User internet identity and generation method and system thereof |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111282262A (en) * | 2020-01-13 | 2020-06-16 | 网易(杭州)网络有限公司 | Game server communication method and device |
CN111282262B (en) * | 2020-01-13 | 2023-04-18 | 网易(杭州)网络有限公司 | Game server communication method and device |
CN111786948A (en) * | 2020-05-21 | 2020-10-16 | 中清龙图计算机科技(上海)有限公司 | Cloud game control method, device, system, equipment and medium |
CN112604270A (en) * | 2020-12-29 | 2021-04-06 | 北京冰封互娱科技有限公司 | Cross-server method, device and equipment for online game |
Also Published As
Publication number | Publication date |
---|---|
CN109718557B (en) | 2022-02-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108810029B (en) | Authentication system and optimization method between micro-service architecture services | |
CN106850699B (en) | A kind of mobile terminal login authentication method and system | |
CN106357649B (en) | User identity authentication system and method | |
US8223969B2 (en) | Methods and systems for secure distribution of subscription-based game software | |
US8631481B2 (en) | Access to a network for distributing digital content | |
CN106973041B (en) | A kind of method that issuing authentication authority, system and certificate server | |
CN100586066C (en) | System and method for realizing single-point login | |
CN108965338B (en) | Three-factor identity authentication and key agreement method under multi-server environment | |
CN104243458B (en) | A kind of safe online game login method and system | |
CN107332808A (en) | A kind of method, server and the terminal of the certification of cloud desktop | |
CN103906052B (en) | A kind of mobile terminal authentication method, Operational Visit method and apparatus | |
CN105391734B (en) | A kind of Security Login System and method, login service device and certificate server | |
CN107251035A (en) | Account recovers agreement | |
CN106470190A (en) | A kind of Web real-time communication platform authentication cut-in method and device | |
CN109547198B (en) | System for network transmission video file | |
CN106330816A (en) | Method and system for logging in cloud desktop | |
CN109718557A (en) | One kind is across taking login method | |
CN101651666A (en) | Method and device for identity authentication and single sign-on based on virtual private network | |
CN106713276B (en) | A kind of data capture method and its system based on authorization identifying | |
JPH08297638A (en) | User authentication system | |
CN106453361A (en) | A safety protection method and system for network information | |
CN101325483A (en) | Method and apparatus for updating symmetrical cryptographic key, symmetrical ciphering method and symmetrical deciphering method | |
CN110866754A (en) | Pure software DPVA (distributed data authentication and privacy infrastructure) identity authentication method based on dynamic password | |
CN110176989A (en) | Quantum communications service station identity identifying method and system based on unsymmetrical key pond | |
US20240236066A9 (en) | A method for authenticating a user towards a multi-node party |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |