CN104935435A - Login methods, terminal and application server - Google Patents
Login methods, terminal and application server Download PDFInfo
- Publication number
- CN104935435A CN104935435A CN201510212323.1A CN201510212323A CN104935435A CN 104935435 A CN104935435 A CN 104935435A CN 201510212323 A CN201510212323 A CN 201510212323A CN 104935435 A CN104935435 A CN 104935435A
- Authority
- CN
- China
- Prior art keywords
- terminal
- information
- application server
- key information
- login request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000012795 verification Methods 0.000 claims abstract description 44
- 230000001960 triggered effect Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 11
- 230000005540 biological transmission Effects 0.000 description 8
- 230000006870 function Effects 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000009434 installation Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a login method. The login method comprises that when a terminal sends login request information to an application server via first application, secret key information is obtained, and the first application belongs to applications through which the terminal can log in the corresponding application server by using the same account information; the login request information is encrypted by utilizing the secret key information, and the encrypted login request information is sent to the application server; and when the terminal receives verification passing information returned by the application server and aimed at the login request information, the terminal logs in the application server via the first application. The invention also discloses another login method, the terminal and the application server.
Description
Technical Field
The invention relates to an identity authentication technology, in particular to a login method, a terminal and an application server.
Background
With diversification and enrichment of applications, the terminal may include self-contained applications such as a file management application, a gallery application, a self-contained browser, and the like. In order to facilitate memorization and confusion, a user usually adopts the same account information when logging in to a corresponding application server through different applications of the terminal. At present, when a user logs in a file management application server through a file management application of a terminal, account information needs to be input into the terminal once; when the terminal logs in to the gallery application server through the gallery application of the terminal, the account information needs to be input again; the account information input twice is the same information, and the same account information is input repeatedly, so that the operation complexity of the user is increased, and the experience degree of the user is greatly reduced.
Disclosure of Invention
In order to solve the existing technical problem, embodiments of the present invention provide a login method, a terminal, and an application server, so as to at least solve the problem that a user needs to repeatedly input the same account information, reduce the complexity of user operation, and improve the user experience.
The technical scheme of the embodiment of the invention is realized as follows:
the embodiment of the invention provides a login method, which comprises the following steps:
when the terminal initiates login request information to an application server through a first application, key information is acquired, wherein the first application is at least one of all applications which can be logged in to a corresponding application server through the same account information in the terminal;
encrypting the login request information by using the key information, and sending the encrypted login request information to the application server;
and when the terminal receives verification passing information which is returned by the application server and aims at the login request information, the terminal logs in the application server through the first application.
In the foregoing solution, the obtaining key information includes:
reading the key information locally at the terminal;
if the key information cannot be read locally at the terminal, sending a key information acquisition request to an authentication server;
and receiving the key information returned by the authentication server aiming at the key information acquisition request.
In the foregoing solution, before sending the encrypted login request information to the application server, the method further includes:
acquiring identification information of the terminal;
and when the encrypted login request information is sent to the application server, sending the identification information to the application server so that the application server acquires the key information according to the identification information of the terminal and verifies the login request information by using the key information.
In the foregoing solution, before sending the key information obtaining request to the authentication server, the method further includes:
acquiring the same account information input by a user at the terminal;
when the terminal sends a key information acquisition request to an authentication server, sending the same account information input by a user at the terminal to the authentication server;
correspondingly, after receiving the key information acquisition request, the authentication server verifies the same account information;
and when the verification is passed, the authentication server generates the key information and returns the key information to the terminal.
The embodiment of the invention also provides a login method, which comprises the following steps:
the application server receives encrypted login request information sent by a terminal, wherein the login request information is request information initiated to the application server by the terminal through a first application;
acquiring key information;
verifying the encrypted login request information by using the key information;
and when the verification is passed, sending verification passing information to the terminal.
In the above scheme, when the application server receives the encrypted login request information sent by the terminal,
the application server receives the identification information of the terminal sent by the terminal;
correspondingly, the obtaining of the key information includes:
and searching the key information corresponding to the identification information locally in the application server.
In the foregoing solution, the verifying the encrypted login request information by using the key information includes:
the application server decrypts the encrypted login request information by using the key information;
when the decryption is successful, the verification is determined to be passed.
An embodiment of the present invention further provides a terminal, where the terminal includes:
the terminal comprises a first obtaining unit, a second obtaining unit and a third obtaining unit, wherein the first obtaining unit is used for obtaining key information when the terminal initiates login request information to an application server through a first application, and the first application is at least one of all applications which can be logged in to a corresponding application server through the same account information in the terminal;
a first encryption unit configured to encrypt the login request information using the key information;
the first sending unit is used for sending the encrypted login request information to the application server;
a first receiving unit, configured to receive verification passing information, where the verification passing information is information, which is returned by the application server and is directed to the login request information;
a first login unit, configured to log in to the application server through the first application.
In the foregoing solution, the first obtaining unit is further configured to:
locally reading the key information;
and if the key information cannot be read locally, sending a key information acquisition request to an authentication server to acquire the key information.
In the foregoing solution, the terminal further includes:
a second obtaining unit, configured to obtain identification information of the terminal;
correspondingly, the first sending unit is further configured to send the identification information to the application server when sending the encrypted login request information to the application server.
In the foregoing solution, the first obtaining unit is further configured to:
acquiring the same account information input by a user at the terminal;
and when a key information acquisition request is sent, sending the same account information input by the user at the terminal to the authentication server.
An embodiment of the present invention further provides an application server, where the application server includes:
the first receiving unit is used for receiving encrypted login request information sent by a terminal, wherein the login request information is request information initiated by the terminal to the application server through a first application;
a first acquisition unit configured to acquire key information;
the first verification unit is used for verifying the encrypted login request information by using the key information, and when the verification is passed, the first sending unit is triggered;
and the first sending unit is used for sending verification passing information to the terminal.
In the above scheme, the first receiving unit is further configured to receive identifier information of the terminal sent by the terminal;
correspondingly, the first obtaining unit is configured to locally search for the key information corresponding to the identification information.
In the foregoing solution, the first authentication unit is further configured to decrypt the encrypted login request information by using the key information, and when decryption is successful, determine that authentication is passed.
According to the login method, the terminal and the application server provided by the embodiment of the invention, all applications using the same account information in the terminal need to share the same key information, when one application in all applications initiates login request information to the application server, the key information is obtained, the login request information is encrypted by using the key information, the encrypted login request information is sent to the application server, when the terminal receives verification passing information which is returned by the application server and aims at the login request information, a user does not need to input a user name and a password in the terminal, and the terminal can directly log in to the corresponding application server through the application. Therefore, the problem that the user needs to input the same account information repeatedly can be solved, the operation complexity of the user can be reduced, and the user experience can be improved.
Drawings
Fig. 1 is a flowchart illustrating an implementation of a login method according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating an implementation of another login method according to an embodiment of the present invention;
fig. 3 is a schematic view of an application scenario provided in the embodiment of the present invention;
fig. 4(a) and (b) are schematic diagrams illustrating an implementation of the login method according to the embodiment of the present invention;
fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an application server according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, and it should be understood that the preferred embodiments described below are only for the purpose of illustrating and explaining the present invention, and are not to be construed as limiting the present invention.
An embodiment of the present invention provides a login method, which is applied to a terminal, and as shown in fig. 1, the method includes:
step 101: when the terminal initiates login request information to an application server through a first application, key information is acquired, wherein the first application is at least one of all applications which can be logged in to a corresponding application server through the same account information in the terminal;
here, for example, when the terminal (which is installed with an Android system) can log in to a file management application server through a file management application and to an icon application server through a gallery application, and account information used when the terminal logs in to the two application servers is the same, the first application may be the file management application APK (Android installation package) and/or the gallery application APK; the account information at least comprises a user name and a password.
In this embodiment, all applications using the same account information need to share the same key information. If the current first application is not the first application which initiates the login request to the corresponding application server in the first of all the applications, because the first application which has logged in the corresponding application server before the current first application logs in will store the key information, the current first application can request the key information from the first application which has logged in the corresponding application server before, that is, the key information is obtained by locally reading the key information at the terminal. If the current first application is the first application which initiates a login request to the corresponding application server in all the applications, the current first application needs to request the key information from the authentication server, that is, the terminal sends a key information acquisition request to the authentication server, the authentication server receives the request, generates a piece of key information and returns the key information to the terminal, and the terminal receives the key information returned by the authentication server aiming at the key information acquisition request.
Step 102: encrypting the login request information by using the key information, and sending the encrypted login request information to the application server;
here, the terminal performs encryption authentication on the login request information using the key information and transmits the encrypted login request information to the application server. For example, when the current first application is a file management application, the key information is used to encrypt login request information, which is initiated by the terminal to the file management application server through the file management application, and the encrypted login request information is sent to the file management application server.
In the embodiment of the present invention, before the terminal sends the encrypted login request information to the application server, it is further required to obtain identification information of the terminal, where the identification information includes, but is not limited to, the following: the Identification information may be an International Mobile Equipment Identity (IMEI) of a subscriber identity module card inserted into the terminal, a Mobile Equipment Identity (MEID), a Media Access Control address (MAC) used by the terminal during data transmission, or the like. And when the terminal sends the encrypted login request information to an application server, sending the identification information to the application server. The user identification card may be a SIM card, a UIM card, or the like.
Step 103: and when the terminal receives verification passing information which is returned by the application server and aims at the login request information, the terminal logs in the application server through the first application.
Here, after the terminal sends the encrypted login request information and the identification information to the application server, the application server searches the key information corresponding to the identification information locally in the application server according to the identification information of the terminal, verifies the login request information by using the searched key information, returns verification passing information to the terminal when the verification passes, and when the terminal receives the verification passing information, the terminal can directly log in to the application server and perform subsequent service access without inputting a user name and a password in the terminal.
Therefore, in the embodiment of the present invention, all applications using the same account information in the terminal need to share the same key information, when a certain application in all applications initiates login request information to an application server corresponding to the application, the key information is obtained, the login request information is encrypted by using the key information, the encrypted login request information is sent to the corresponding application server, when the terminal receives verification passing information for the login request information returned by the corresponding application server, a user does not need to input a user name and a password in the terminal, and the terminal can directly log in to the corresponding application server through the application and perform subsequent service access. Therefore, the problem that the user needs to input the same account information repeatedly is solved, the operation complexity of the user is reduced, and the user experience is improved.
In addition, the key information shared by a plurality of applications can be acquired locally at the terminal and can also be acquired through the authentication server, wherein the key information acquired through the authentication server is transmitted only once between the authentication server and the terminal, so that the transmission times and frequency of the key information in the network are less, and the information security can be effectively improved.
The embodiment of the present invention provides another login method, which is applied to an application server, and as shown in fig. 2, the method includes:
step 201: the application server receives encrypted login request information sent by the terminal, wherein the login request information is request information initiated by the terminal to the application server through a first application;
here, when the application server receives the login request information, the identification information sent by the terminal is also received, and the identification information includes but is not limited to the following: the identification information may be an IMEI or an MEID of a subscriber identity module card inserted into the terminal, or a MAC used by the terminal during data transmission.
Step 202: acquiring key information;
here, the application server locally searches for the key information corresponding to the identification information, and uses the searched key information as the acquired key information.
Step 203: verifying the encrypted login request information by using the key information;
here, the application server decrypts the encrypted login request information using the key information.
Step 204: and when the verification is passed, sending verification passing information to the terminal.
Here, when the decryption is successful, the authentication is determined to be passed, and authentication passing information is returned to the terminal to inform the terminal of the authentication result, so that the terminal can directly log in to the application server through the application and perform subsequent service access without inputting a user name and a password on the terminal side.
Therefore, in the embodiment of the invention, considering that all applications using the same account information in the terminal need to share the same key information, the encrypted login request information is verified by using the key information at the application server side, and when the verification is passed, the application server allows the terminal to directly log in without inputting a user name and a password by a user. Therefore, the problem that the user needs to input the same account information repeatedly is solved, the operation complexity of the user is reduced, and the user experience is improved. The key information acquired by the application server side is acquired locally and is not transmitted in the network, so that the information security is ensured.
The terminal in this embodiment may include a fixed terminal such as a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a personal digital assistant PDA, a tablet PAD, a portable multimedia player PMP, and a digital television TV, a desktop computer, and the like. The application server involved in the foregoing scheme is also a service server.
Fig. 3 is a schematic view of an application scenario provided in the embodiment of the present invention; as shown in fig. 3, the system includes a terminal (mobile phone), two application servers, namely, an application server 1 and an application server 2, and an authentication server. Based on the application scenario illustrated in fig. 3 and fig. 4(a) and 4(b), the technical solution of the embodiment of the present invention is further described by taking an example that the terminal logs in to the corresponding application server through the application 1 and the application 2 and logs in using the same account information.
Step 401: starting an application 1 in a terminal, wherein the terminal initiates login request information to an application server 1 through the application 1;
step 402: searching key information for the application 1 locally on the mobile phone;
if the key information is not found locally in the mobile phone, it indicates that, in application 1 and other applications having the same account information as the application 1, such as application 2, application 1 is the first application to initiate a login request to a corresponding application server, and step 403 is executed;
if the key information is found locally in the mobile phone, it indicates that other applications, such as the application 2, having the same account information as the application 1 have already logged in the application server 2 before the application 1 initiates a login request to the application server 1, because the terminal will store the key information generated by the authentication server for the application 2 after the terminal has logged in the application server 2 through the application 2, the terminal can obtain the key information by locally reading the stored key information, and continue to execute step 406;
step 403: the terminal presents an account information input interface of the application 1, so that a user can input a user name and a password for logging in the application server 1 in the input interface; the terminal receives a user name and a password input by a user, reads identification information of the terminal, such as an IMEI (international mobile equipment identity) of a user identity identification card inserted into the terminal, and continues to execute step 404;
step 404: the terminal sends the account information and the identification information to the authentication server, and continues to execute step 405;
step 405: the authentication server authenticates the account information, generates a key information when the authentication is passed, returns the generated key information to the terminal, and continues to execute step 406;
here, the authentication server generates one piece of key information, records the received identification information of the terminal in association with the key information generated for the terminal, forms a first record table to identify what the key information generated for which terminal is, and transmits the first record table to the application server 1 and the application server 2.
Here, if the authentication of the authentication server fails due to the account information input by the user, it returns to step 403.
Step 406: after the terminal acquires the key information, the terminal encrypts the login request by using the key information, sends the identification information of the terminal and the encrypted login request information to the application server 1, and continues to execute step 407;
step 407: after receiving the two pieces of information, the application server 1 searches key information corresponding to the received identification information in a local first record table, decrypts the encrypted login request information by using the searched key information, and when the decryption is successful, indicates that the user successfully passes login verification, the application server 1 returns verification passing information to the terminal, and continues to execute step 408;
in this embodiment, in consideration that a plurality of applications with the same account information share the same key information, when the authentication server generates a key information for a first application initiating a login request among the plurality of applications with the same account information in the terminal, the authentication server sends the first record table to the application servers corresponding to the plurality of applications, so that the application servers decrypt the encrypted login request information.
Of course, in a preferred embodiment of the present invention, the application server 1 may also forward the received two pieces of information to the authentication server, and the authentication server decrypts the encrypted login request information; and is not particularly limited herein.
Here, if the decryption fails, it indicates that the user has not been authenticated or that the authentication has timed out, and the process returns to step 403.
Step 408: when the terminal receives the verification passing information, the user does not need to input a user name and a password in the terminal, and the terminal can directly log in the application server 1 and perform subsequent service access.
According to the scheme, only when the first application of the plurality of applications with the same account information of the terminal initiates the login request to the application server, the user needs to input the user name and the password in the terminal, and for the application which does not initiate the login request to the application server, the application server only needs to utilize the same key information generated by the authentication server for the applications with the same account information to verify the login request information, and when the verification is passed, the terminal is informed of the verification result, the terminal can directly log in the application server, and the user does not need to input the user name and the password in the terminal. Namely, the scheme describes that the terminal completes single sign-on to the application server based on a shared key mode. Therefore, the problem that the same account information needs to be input for multiple times when the terminal logs in different application servers is solved, the complexity of user operation is reduced, and the user experience is improved.
In addition, the key information shared by a plurality of applications can be acquired locally at the terminal and can also be acquired through the authentication server, wherein the key information acquired through the authentication server is transmitted only once between the authentication server and the terminal, so that the transmission times and frequency of the key information in the network are less, and the information security can be effectively improved.
It should be understood by those skilled in the art that all or part of the steps of the foregoing method can be implemented by controlling corresponding hardware through a program, and the degree can be stored in a computer readable storage medium, such as a read only memory ROM, a random access memory RAM, a magnetic disk, an optical disk, and the like.
Based on the aforementioned login method applied to the terminal, an embodiment of the present invention further provides a terminal, as shown in fig. 5, where the terminal includes: a first acquiring unit 501, a first encrypting unit 502, a first transmitting unit 503, a first receiving unit 504, and a first registering unit 505; wherein,
a first obtaining unit 501, configured to obtain key information when the terminal initiates login request information to an application server through a first application, where the first application is at least one of all applications that can log in to a corresponding application server through the same account information in the terminal;
here, for example, when the terminal (which is installed with an Android system) can log in to a file management application server through a file management application and to an icon application server through a gallery application, and account information used when the terminal logs in to the two application servers is the same, the first application may be the file management application APK (Android installation package) and/or the gallery application APK; the account information at least comprises a user name and a password.
In this embodiment, all applications using the same account information need to share the same key information. If the current first application is not the first application which initiates the login request to the corresponding application server first among all the applications, because the first application which has logged in the corresponding application server before the current first application logs in will store the key information, the current first application may request the key information from the first application which has logged in the corresponding application server before, that is, the terminal, specifically, the first obtaining unit 501 obtains the key information by locally reading the key information. If the current first application is the first application that initiates a login request to the corresponding application server first among all the applications, the terminal, specifically the first obtaining unit 501, needs to request the key information from the authentication server, that is, the first obtaining unit 501 sends a key information obtaining request to the authentication server, the authentication server receives the request, generates a key information, and returns the key information to the terminal, and the terminal, specifically the first obtaining unit 501, receives the key information returned by the authentication server for the key information obtaining request.
A first encryption unit 502 for encrypting the login request information using the key information;
a first sending unit 503, configured to send the encrypted login request information to the application server;
here, the terminal, specifically, the first encryption unit 502 performs encryption authentication on the login request information using the key information, and triggers the first transmission unit 503 to transmit the encrypted login request information to the application server. For example, when the current first application is a file management application, the terminal, specifically the first encryption unit 502, encrypts, using the key information, login request information that the terminal initiates to the file management application server through the file management application, and triggers the first sending unit 503 to send the encrypted login request information to the file management application server.
In this embodiment of the present invention, before the terminal, specifically the first sending unit 503 sends the encrypted login request information to the application server, the terminal, specifically the second obtaining unit 506, further needs to obtain identification information of the terminal, where the identification information includes but is not limited to the following: the identification information may be an international mobile equipment identity IMEI or MEID of a subscriber identity module card inserted into the terminal, or a MAC used by the terminal during data transmission. When the terminal, specifically the first sending unit 503 sends the encrypted login request information to the application server, the identification information is sent to the application server.
A first receiving unit 504, configured to receive verification passing information, where the verification passing information is information that is returned by the application server and is directed to the login request information;
a first login unit 505, configured to log in to the application server through the first application.
Here, after the terminal, specifically the first sending unit 503 sends the encrypted login request information and the identification information to the application server, the application server searches the key information corresponding to the identification information locally at the application server according to the identification information of the terminal, and verifies the login request information by using the searched key information, and when the verification passes, returns verification passing information to the terminal, when the terminal, specifically the first receiving unit 504 receives the verification passing information, the terminal does not need to input a user name and a password in the terminal, and the terminal can directly log in to the application server through the first login unit 505 and perform subsequent service access.
Therefore, in the embodiment of the present invention, all applications using the same account information in the terminal need to share the same key information, when a certain application in all applications initiates login request information to an application server corresponding to the application, the key information is obtained, the login request information is encrypted by using the key information, the encrypted login request information is sent to the corresponding application server, when the terminal receives verification passing information for the login request information returned by the corresponding application server, a user does not need to input a user name and a password in the terminal, and the terminal can directly log in to the corresponding application server through the application and perform subsequent service access. Therefore, the problem that the user needs to input the same account information repeatedly is solved, the operation complexity of the user is reduced, and the user experience is improved.
In addition, the key information shared by a plurality of applications can be acquired locally at the terminal and can also be acquired through the authentication server, wherein the key information acquired through the authentication server is transmitted only once between the authentication server and the terminal, so that the transmission times and frequency of the key information in the network are less, and the information security can be effectively improved.
In practical applications, the first obtaining Unit 501, the first encrypting Unit 502, the first sending Unit 503, the first receiving Unit 504, the first logging Unit 505, and the second obtaining Unit 506 can be implemented by a Central Processing Unit (CPU), a Digital Signal Processor (DSP), a microprocessor Unit (MPU), a Field Programmable Gate Array (FPGA), or the like; the CPU, the DSP, the MPU and the FPGA can be all arranged in the terminal.
It will be appreciated by those skilled in the art that the functions implemented by the processing units in the terminal shown in fig. 5 can be understood with reference to the foregoing description of the login method applied in the terminal. Those skilled in the art will appreciate that the functions of the processing units in the terminal shown in fig. 5 may be implemented by a program running on a processor, or by specific logic circuits.
Based on the aforementioned login method applied to the application server (service server), an embodiment of the present invention further provides an application server, as shown in fig. 6, where the application server includes: a first receiving unit 601, a first obtaining unit 602, a first verifying unit 603, and a first sending unit 604; wherein,
a first receiving unit 601, configured to receive encrypted login request information sent by a terminal, where the login request information is request information that the terminal initiates to the application server through a first application;
here, when the application server, specifically the first receiving unit 601, receives the login request information, the identification information sent by the terminal is also received, and the identification information includes but is not limited to the following: the identification information may be an IMEI (identity ) card inserted into the terminal, an MEID (identity, or MAC used by the terminal during data transmission.
A first obtaining unit 602, configured to obtain key information;
here, locally, the application server, specifically the first obtaining unit 602, searches for the key information corresponding to the identification information, and uses the searched key information as the obtained key information.
A first verifying unit 603, configured to verify the encrypted login request information by using the key information, and trigger a first sending unit 604 when the verification passes;
here, the application server, specifically, the first authentication unit 603 decrypts the encrypted login request information using the key information.
A first sending unit 604, configured to send verification passing information to the terminal.
Here, when the application server, specifically the first authentication unit 603, succeeds in decryption, it is determined that the authentication is passed, and the first sending unit 604 is triggered to return authentication passing information to the terminal to notify the terminal of the authentication result, so that on the terminal side, the terminal can directly log in to the application server through the application without inputting a user name and a password, and perform subsequent service access.
Therefore, in the embodiment of the invention, considering that all applications using the same account information in the terminal need to share the same key information, the encrypted login request information is verified by using the key information at the application server side, and when the verification is passed, the application server allows the terminal to directly log in without inputting a user name and a password by a user. Therefore, the problem that the user needs to input the same account information repeatedly is solved, the operation complexity of the user is reduced, and the user experience is improved. The key information acquired by the application server side is acquired locally and is not transmitted in the network, so that the information security is ensured.
In practical applications, the first receiving unit 601, the first obtaining unit 602, the first verifying unit 603, and the first sending unit 604 may be implemented by a CPU, a DSP, an MPU, an FPGA, or the like; the CPU, the DSP, the MPU and the FPGA can be all arranged in the terminal.
Those skilled in the art will appreciate that the functions implemented by the processing units in the application server shown in fig. 6 can be understood by referring to the foregoing description of the login method applied in the application server. Those skilled in the art will appreciate that the functions of the processing units in the application server shown in fig. 6 may be implemented by a program running on a processor, or may be implemented by specific logic circuits.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (14)
1. A method of logging in, the method comprising:
when the terminal initiates login request information to an application server through a first application, key information is acquired, wherein the first application is at least one of all applications which can be logged in to a corresponding application server through the same account information in the terminal;
encrypting the login request information by using the key information, and sending the encrypted login request information to the application server;
and when the terminal receives verification passing information which is returned by the application server and aims at the login request information, the terminal logs in the application server through the first application.
2. The method of claim 1, wherein the obtaining key information comprises:
reading the key information locally at the terminal;
if the key information cannot be read locally at the terminal, sending a key information acquisition request to an authentication server;
and receiving the key information returned by the authentication server aiming at the key information acquisition request.
3. The method according to claim 1 or 2, wherein before sending the encrypted login request information to the application server, the method further comprises:
acquiring identification information of the terminal;
and when the encrypted login request information is sent to the application server, sending the identification information to the application server so that the application server acquires the key information according to the identification information of the terminal and verifies the login request information by using the key information.
4. The method according to claim 2, wherein before sending the key information acquisition request to the authentication server, the method further comprises:
acquiring the same account information input by a user at the terminal;
when the terminal sends a key information acquisition request to an authentication server, sending the same account information input by a user at the terminal to the authentication server;
correspondingly, after receiving the key information acquisition request, the authentication server verifies the same account information;
and when the verification is passed, the authentication server generates the key information and returns the key information to the terminal.
5. A method of logging in, the method comprising:
the application server receives encrypted login request information sent by a terminal, wherein the login request information is request information initiated to the application server by the terminal through a first application;
acquiring key information;
verifying the encrypted login request information by using the key information;
and when the verification is passed, sending verification passing information to the terminal.
6. The method according to claim 5, wherein when the application server receives the encrypted login request information sent by the terminal,
the application server receives the identification information of the terminal sent by the terminal;
correspondingly, the obtaining of the key information includes:
and searching the key information corresponding to the identification information locally in the application server.
7. The method according to claim 5 or 6, wherein the verifying the encrypted login request information by using the key information comprises:
the application server decrypts the encrypted login request information by using the key information;
when the decryption is successful, the verification is determined to be passed.
8. A terminal, characterized in that the terminal comprises:
the terminal comprises a first obtaining unit, a second obtaining unit and a third obtaining unit, wherein the first obtaining unit is used for obtaining key information when the terminal initiates login request information to an application server through a first application, and the first application is at least one of all applications which can be logged in to a corresponding application server through the same account information in the terminal;
a first encryption unit configured to encrypt the login request information using the key information;
the first sending unit is used for sending the encrypted login request information to the application server;
a first receiving unit, configured to receive verification passing information, where the verification passing information is information, which is returned by the application server and is directed to the login request information;
a first login unit, configured to log in to the application server through the first application.
9. The terminal of claim 8, wherein the first obtaining unit is further configured to:
locally reading the key information;
and if the key information cannot be read locally, sending a key information acquisition request to an authentication server to acquire the key information.
10. The terminal according to claim 8 or 9, characterized in that the terminal further comprises:
a second obtaining unit, configured to obtain identification information of the terminal;
correspondingly, the first sending unit is further configured to send the identification information to the application server when sending the encrypted login request information to the application server.
11. The terminal of claim 9, wherein the first obtaining unit is further configured to:
acquiring the same account information input by a user at the terminal;
and when a key information acquisition request is sent, sending the same account information input by the user at the terminal to the authentication server.
12. An application server, characterized in that the application server comprises:
the first receiving unit is used for receiving encrypted login request information sent by a terminal, wherein the login request information is request information initiated by the terminal to the application server through a first application;
a first acquisition unit configured to acquire key information;
the first verification unit is used for verifying the encrypted login request information by using the key information, and when the verification is passed, the first sending unit is triggered;
and the first sending unit is used for sending verification passing information to the terminal.
13. The application server according to claim 12, wherein the first receiving unit is further configured to receive identification information of the terminal sent by the terminal;
correspondingly, the first obtaining unit is configured to locally search for the key information corresponding to the identification information.
14. The application server according to claim 12 or 13, wherein the first authentication unit is further configured to decrypt the encrypted login request information using the key information, and when decryption is successful, determine that authentication is successful.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510212323.1A CN104935435A (en) | 2015-04-29 | 2015-04-29 | Login methods, terminal and application server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510212323.1A CN104935435A (en) | 2015-04-29 | 2015-04-29 | Login methods, terminal and application server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104935435A true CN104935435A (en) | 2015-09-23 |
Family
ID=54122414
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510212323.1A Pending CN104935435A (en) | 2015-04-29 | 2015-04-29 | Login methods, terminal and application server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104935435A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106888183A (en) * | 2015-12-15 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Data encryption, decryption, the method and apparatus and system of key request treatment |
| CN107995214A (en) * | 2017-12-19 | 2018-05-04 | 深圳市创梦天地科技股份有限公司 | A kind of Website logging method and relevant device |
| CN108111486A (en) * | 2017-12-05 | 2018-06-01 | 北京天融信网络安全技术有限公司 | A kind of method and device for exempting from repeat logon |
| CN109587098A (en) * | 2017-09-29 | 2019-04-05 | 阿里巴巴集团控股有限公司 | A kind of Verification System and method, authorization server |
| CN109587162A (en) * | 2018-12-26 | 2019-04-05 | 闻泰通讯股份有限公司 | Login validation method, device, terminal, cipher server and storage medium |
| CN109801092A (en) * | 2017-11-16 | 2019-05-24 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
| CN110266480A (en) * | 2019-06-13 | 2019-09-20 | 腾讯科技(深圳)有限公司 | Data transmission method, device and storage medium |
| CN113378221A (en) * | 2021-06-11 | 2021-09-10 | 上海妙一生物科技有限公司 | Account information processing method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350717A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | A method and system for logging into a third-party server through instant messaging software |
| CN101510877A (en) * | 2009-02-25 | 2009-08-19 | 中国网络通信集团公司 | Single-point logging-on method and system, communication apparatus |
| CN103685282A (en) * | 2013-12-18 | 2014-03-26 | 飞天诚信科技股份有限公司 | Identity authentication method based on single sign on |
-
2015
- 2015-04-29 CN CN201510212323.1A patent/CN104935435A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350717A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | A method and system for logging into a third-party server through instant messaging software |
| CN101510877A (en) * | 2009-02-25 | 2009-08-19 | 中国网络通信集团公司 | Single-point logging-on method and system, communication apparatus |
| CN103685282A (en) * | 2013-12-18 | 2014-03-26 | 飞天诚信科技股份有限公司 | Identity authentication method based on single sign on |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106888183A (en) * | 2015-12-15 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Data encryption, decryption, the method and apparatus and system of key request treatment |
| CN109587098A (en) * | 2017-09-29 | 2019-04-05 | 阿里巴巴集团控股有限公司 | A kind of Verification System and method, authorization server |
| CN109587098B (en) * | 2017-09-29 | 2022-04-08 | 阿里巴巴集团控股有限公司 | Authentication system and method, and authorization server |
| CN109801092A (en) * | 2017-11-16 | 2019-05-24 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
| CN109801092B (en) * | 2017-11-16 | 2023-09-08 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
| CN108111486A (en) * | 2017-12-05 | 2018-06-01 | 北京天融信网络安全技术有限公司 | A kind of method and device for exempting from repeat logon |
| CN108111486B (en) * | 2017-12-05 | 2021-06-08 | 北京天融信网络安全技术有限公司 | Method and device for avoiding repeated login |
| CN107995214A (en) * | 2017-12-19 | 2018-05-04 | 深圳市创梦天地科技股份有限公司 | A kind of Website logging method and relevant device |
| CN109587162A (en) * | 2018-12-26 | 2019-04-05 | 闻泰通讯股份有限公司 | Login validation method, device, terminal, cipher server and storage medium |
| CN110266480A (en) * | 2019-06-13 | 2019-09-20 | 腾讯科技(深圳)有限公司 | Data transmission method, device and storage medium |
| CN113378221A (en) * | 2021-06-11 | 2021-09-10 | 上海妙一生物科技有限公司 | Account information processing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102307665B1 (en) | identity authentication | |
| CN108768970B (en) | Binding method of intelligent equipment, identity authentication platform and storage medium | |
| CN112291279B (en) | Router intranet access method, system and equipment and readable storage medium | |
| US11539690B2 (en) | Authentication system, authentication method, and application providing method | |
| CN104935435A (en) | Login methods, terminal and application server | |
| CN106657152B (en) | Authentication method, server and access control device | |
| CN103607284B (en) | Identity authentication method and equipment and server | |
| CN105516103B (en) | Method, device and system for binding smart home appliances | |
| US9445269B2 (en) | Terminal identity verification and service authentication method, system and terminal | |
| KR20190088048A (en) | Method and apparatus for recording and verifying an Internet device, and method and apparatus for authenticating an identity | |
| US11271922B2 (en) | Method for authenticating a user and corresponding device, first and second servers and system | |
| US11159329B2 (en) | Collaborative operating system | |
| CN111131300B (en) | Communication method, terminal and server | |
| CN104113534A (en) | System and method for logging in applications (APPs) | |
| CN106817346B (en) | Data transmission method and device and electronic equipment | |
| WO2018010480A1 (en) | Network locking method for esim card, terminal, and network locking authentication server | |
| CN107204985A (en) | Purview certification method based on encryption key, apparatus and system | |
| CN107707562B (en) | Method and device for encrypting and decrypting algorithm of asymmetric dynamic token | |
| CN110225017B (en) | Identity authentication method, equipment and storage medium based on alliance block chain | |
| CN107040501B (en) | Authentication method and device based on platform as a service | |
| CN109451504B (en) | Internet of things module authentication method and system | |
| CN112769783B (en) | Data transmission method, cloud server, receiving end and sending end | |
| CN107204959B (en) | Verification method, device and system of verification code | |
| EP3355546B1 (en) | Device identification encryption | |
| CN103049693A (en) | Method, device and system for using application program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150923 |
|
| RJ01 | Rejection of invention patent application after publication |