CN1697377A - System and method for realizing door entry authentication service in network - Google Patents
System and method for realizing door entry authentication service in network Download PDFInfo
- Publication number
- CN1697377A CN1697377A CN 200410044454 CN200410044454A CN1697377A CN 1697377 A CN1697377 A CN 1697377A CN 200410044454 CN200410044454 CN 200410044454 CN 200410044454 A CN200410044454 A CN 200410044454A CN 1697377 A CN1697377 A CN 1697377A
- Authority
- CN
- China
- Prior art keywords
- server
- network access
- access equipment
- user
- portal site
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
Core of the invention is that server of portal network site is built in network access device so as to realize portal authentication service. Administration center of network access device supervises management of the server of portal network site. HTTP (Hypertext Transfer Protocol) message is transferred between server of portal network site and network access device. The invention lowers cost for realizing portal authentication service, It is convenient for operation manager to select network access device so as to raise flexibility to configurate network.
Description
Technical field
The present invention relates to network communications technology field, relate in particular to the system and the method thereof that realize the gate verification service in a kind of network.
Background technology
Portal (door) authentication is a kind of authentication accessing method of broadband user's access network.For the Portal authentication, before user's online, need visit Portal Server (portal site server) earlier.The Portal business is a kind of novel business that NSP/ISP (Internet Service Provider) offers the user, it makes the user when online, can be by WWW (World Wide Web (WWW)) browser (Internet Explorer or Netscape Navigator) the visit Portal Server of standard, the input username and password authenticates on the homepage of this PortalServer, authentication can realize at the certificate server of this locality, also can realize at remote authentication server; Dynamic Selection is fit to user's oneself business on this homepage, and inquires about the information that some users are concerned about; Realize the management of user to oneself.
At present, the system that realizes the gate verification service in the network comprises network access equipment, certificate server and Portal Server, wherein Portal Server is by the network environment of operator according to reality, select different external servers to realize, as shown in Figure 1, existing P ortal Server is external Portal Server, as the SUN server.Like this, in the networking of reality, operator need select server to realize external Portal Server, has improved operating cost of operator.On the other hand, when realizing the Portal authentication, existing message interaction is the proprietary protocol based on manufacturer between existing external Portal Server and broadband IP (the Internet) access device (being network access equipment), has limited the range of choice of operator, has reduced the flexible of networking.
Summary of the invention
The invention provides the system and the method thereof that realize the gate verification service in a kind of network, reduced operator and in network, realized Portal Server, carry out the cost of corresponding door authentication service.
The object of the present invention is achieved like this:
Realize the system of gate verification service in a kind of network, form by network access equipment, portal site server and certificate server; Described portal site server is built in the network access equipment, network access equipment sends to portal site server with the user profile of receiving, and the reception portal site server sends to user's information, the user profile that portal site server is sent network access equipment sends to certificate server, and the information that certificate server returns is sent to network access equipment.
A kind of based on realizing the gate verification service method in the network of said system, for: the user is by transmitting the message based on HTTP (HTML (Hypertext Markup Language)) between network access equipment and portal site server, and communicate by portal site server and certificate server, to realize the gate verification service.
This method further comprises
A, user send page request message based on HTTP (HTML (Hypertext Markup Language)) by network access equipment to portal site server, and respond the corresponding page by portal site server by network access equipment and give this user;
B, user send the request message of reaching the standard grade based on HTTP (HTML (Hypertext Markup Language)) by network access equipment to portal site server, portal site server is passed to certificate server with user's authentication information and is authenticated, and by network access equipment authentication result is sent to the user;
C, user send the request message that rolls off the production line based on HTTP (HTML (Hypertext Markup Language)) by network access equipment to portal site server, portal site server sends the request message of this user offline to certificate server, and responds user's the request of rolling off the production line by network access equipment.
Described certificate server is local authentication/accounting module.
Described certificate server is RADIUS (remote authentication) server of far-end.
The management of described portal site server is managed by the administrative center of network access equipment.
By technique scheme as can be seen, adopt built-in mode to realize PortalServer among the present invention, reduced the cost of the realization Portal Server of operator.Simultaneously, the agreement of moving between built-in Portal Server provided by the present invention and network access equipment is HTTP (HTML (Hypertext Markup Language)), has made things convenient for operator that network access equipment is selected, and has improved the flexibility of networking.
Description of drawings
Fig. 1 is the application structure schematic diagram of existing external Portal Server;
Fig. 2 is the application structure schematic diagram of built-in Portal Server of the present invention;
Fig. 3 is page request process schematic diagram among the present invention;
Fig. 4 is the request process schematic diagram of reaching the standard grade of user among the present invention;
Fig. 5 is user offline request process schematic diagram among the present invention.
Embodiment
Core of the present invention is that portal site server (being Portal Server) is built in the network access equipment, as built-in Portal Server, be embodied as the user gate verification service is provided, as shown in Figure 2, the system that realizes the gate verification service in the network of the present invention comprises: network access equipment, certificate server and built-in Portal Server, and built-in Portal Server is built in the network access equipment, network access equipment sends to portal site server with the user profile of receiving, and the reception portal site server sends to user's information, the user profile that portal site server is sent network access equipment sends to certificate server, and the information that certificate server returns is sent to network access equipment; Certificate server can local authentication/accounting module or Radius (remote authentication) server of far-end; The management of built-in Portal Server manages by the administrative center of network access equipment is unified, and the user can be connected with network access equipment by equipment such as LAN switch, realizes user's Portal authentication service; Simultaneously, for the convenience of Virtual network operator selection use network access equipment, the message that transmits between portal site server and network access equipment is HTTP (HTML (Hypertext Markup Language)) message.
System of the present invention embodiment can for: will be built in based on the portal site server that http protocol is realized in the broadband access equipment, realize user's Portal authentication, built-in Portalserver mainly comprises two parts: a part is for according to the HTTP1.0 agreement, and user's various page request are provided various responses; Another part is for the upper and lower line request of user, by analyzing, extract user profile, as user name, password, IP address etc., pass through the Radius server of local authentication/accounting module or far-end, issue the various prompting pages to the user respectively according to the result who responds, as authentication success/authentification failure, the success etc. of rolling off the production line.
Realize the gate verification service method in the network of the present invention, promptly the concrete course of work of built-in PortalServer such as Fig. 3 comprise to shown in Figure 5:
User's page request process, as shown in Figure 3: the user sends request message based on HTTP to built-in Portal Server to built-in Portal Server by browser and network access equipment, requires to obtain certain page; After built-in Portal Server received user's page request, whether the page of analysis user request existed, if exist, then directly this page is responded to this user, otherwise, the page of an acquiescence of response, the page of acquiescence can be disposed by order line.
User's the request of reaching the standard grade, as shown in Figure 4: with the remote authentication is example, the user sends the request message of reaching the standard grade based on HTTP by browser and network access equipment to built-in Portal Server behind input username and password on the login page; After built-in Portal Server receives that the user asks, from request message, analyze user profile, and the Radius server that this information passes through far-end is authenticated, and authentication success or authentification failure message are responded to the user according to authentication result.
User's the request of rolling off the production line, as shown in Figure 5: still be example with the remote authentication, the user sends the request message that rolls off the production line based on HTTP by browser and network access equipment to built-in Portal Server; Same, after built-in Portal Server receives user's request, sending the request of rolling off the production line to far-end Radius server, notice Radius server stops to charge, and responds to user offline then.
Claims (6)
1, realizes the system of gate verification service in a kind of network, it is characterized in that forming by network access equipment, portal site server and certificate server; Described portal site server is built in the network access equipment, network access equipment sends to portal site server with the user profile of receiving, and the reception portal site server sends to user's information, the user profile that portal site server is sent network access equipment sends to certificate server, and the information that certificate server returns is sent to network access equipment.
2, a kind of based on realizing the gate verification service method in the network of said system, it is characterized in that: the user is by transmitting the message based on HTTP (HTML (Hypertext Markup Language)) between network access equipment and portal site server, and communicate by portal site server and certificate server, to realize the gate verification service.
3, realize the gate verification service method in the network according to claim 2, it is characterized in that this method further comprises:
A, user send page request message based on HTTP by network access equipment to portal site server, and respond the corresponding page by portal site server by network access equipment and give this user;
B, user send the request message of reaching the standard grade based on HTTP by network access equipment to portal site server, and portal site server is passed to certificate server with user's authentication information and authenticated, and by network access equipment authentication result is sent to the user;
C, user send the request message that rolls off the production line based on HTTP by network access equipment to portal site server, and portal site server sends the request message of this user offline to certificate server, and the request of rolling off the production line by network access equipment response user.
4, realize the gate verification service method in the network according to claim 3, it is characterized in that described certificate server is local authentication/accounting module.
5, realize the gate verification service method in the network according to claim 3, it is characterized in that described certificate server is RADIUS (remote authentication) server of far-end.
6, realize the gate verification service method in the network according to claim 2, the management that it is characterized in that described portal site server is managed by the administrative center of network access equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410044454 CN1697377A (en) | 2004-05-10 | 2004-05-10 | System and method for realizing door entry authentication service in network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410044454 CN1697377A (en) | 2004-05-10 | 2004-05-10 | System and method for realizing door entry authentication service in network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1697377A true CN1697377A (en) | 2005-11-16 |
Family
ID=35349918
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410044454 Pending CN1697377A (en) | 2004-05-10 | 2004-05-10 | System and method for realizing door entry authentication service in network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1697377A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101521576B (en) * | 2009-04-07 | 2011-10-05 | 中国电信股份有限公司 | Method and system for identity authentication of internet user |
| CN102244866A (en) * | 2011-08-18 | 2011-11-16 | 杭州华三通信技术有限公司 | Portal verifying method and access controller |
| CN102904339A (en) * | 2012-09-11 | 2013-01-30 | 无锡威泰迅电力科技有限公司 | Data monitoring method of minitype power station |
| CN101043522B (en) * | 2006-03-22 | 2013-11-13 | 腾讯科技(深圳)有限公司 | Web server based communication method and system |
| CN103457740A (en) * | 2013-09-06 | 2013-12-18 | 上海斐讯数据通信技术有限公司 | Portal certification system and method |
| CN103634794A (en) * | 2013-10-30 | 2014-03-12 | 邦讯技术股份有限公司 | WLAN (Wireless Local Area Network) terminal identification recognition method by integrating Portal |
| CN104735078A (en) * | 2015-04-02 | 2015-06-24 | 迈普通信技术股份有限公司 | Portal access authentication system and method |
| WO2018045798A1 (en) * | 2016-09-12 | 2018-03-15 | 华为技术有限公司 | Network authentication method and related device |
| CN111431778A (en) * | 2020-05-11 | 2020-07-17 | 深圳市吉祥腾达科技有限公司 | Internet access authentication method realized based on wide area network server |
-
2004
- 2004-05-10 CN CN 200410044454 patent/CN1697377A/en active Pending
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043522B (en) * | 2006-03-22 | 2013-11-13 | 腾讯科技(深圳)有限公司 | Web server based communication method and system |
| CN101521576B (en) * | 2009-04-07 | 2011-10-05 | 中国电信股份有限公司 | Method and system for identity authentication of internet user |
| US9100391B2 (en) | 2011-08-18 | 2015-08-04 | Hangzhou H3C Technologies Co., Ltd. | Portal authentication method and access controller |
| CN102244866A (en) * | 2011-08-18 | 2011-11-16 | 杭州华三通信技术有限公司 | Portal verifying method and access controller |
| US10050971B2 (en) | 2011-08-18 | 2018-08-14 | Hewlett Packard Enterprise Development Lp | Portal authentication method and access controller |
| CN102244866B (en) * | 2011-08-18 | 2016-01-20 | 杭州华三通信技术有限公司 | Gate verification method and access controller |
| CN102904339A (en) * | 2012-09-11 | 2013-01-30 | 无锡威泰迅电力科技有限公司 | Data monitoring method of minitype power station |
| CN103457740A (en) * | 2013-09-06 | 2013-12-18 | 上海斐讯数据通信技术有限公司 | Portal certification system and method |
| CN103634794A (en) * | 2013-10-30 | 2014-03-12 | 邦讯技术股份有限公司 | WLAN (Wireless Local Area Network) terminal identification recognition method by integrating Portal |
| CN103634794B (en) * | 2013-10-30 | 2019-04-26 | 邦讯技术股份有限公司 | By the WLAN terminal personal identification method for integrating Portal |
| CN104735078A (en) * | 2015-04-02 | 2015-06-24 | 迈普通信技术股份有限公司 | Portal access authentication system and method |
| CN104735078B (en) * | 2015-04-02 | 2018-12-25 | 迈普通信技术股份有限公司 | A kind of Portal access authentication system and method |
| WO2018045798A1 (en) * | 2016-09-12 | 2018-03-15 | 华为技术有限公司 | Network authentication method and related device |
| CN107819728A (en) * | 2016-09-12 | 2018-03-20 | 华为技术有限公司 | Method for network authorization, relevant apparatus |
| CN107819728B (en) * | 2016-09-12 | 2021-02-12 | 华为技术有限公司 | Network authentication method and related device |
| CN111431778A (en) * | 2020-05-11 | 2020-07-17 | 深圳市吉祥腾达科技有限公司 | Internet access authentication method realized based on wide area network server |
| CN111431778B (en) * | 2020-05-11 | 2021-08-31 | 深圳市吉祥腾达科技有限公司 | Internet access authentication method realized based on wide area network server |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1566939B1 (en) | Media streaming home network system and method for operating the same | |
| CN1314253C (en) | Systems and methods for redirecting users attempting to access network site | |
| US20020083172A1 (en) | Systems, methods and computer program products for responding to client requests directed to networked embedded devices via proxy services | |
| CA2416276A1 (en) | Architecture for home network on world wide web with private-public ip address/url mapping | |
| US20050210135A1 (en) | System for ubiquitous network presence and access without cookies | |
| JP2004530384A (en) | Network bandwidth control | |
| CN1697377A (en) | System and method for realizing door entry authentication service in network | |
| CN101582856A (en) | Session setup method of Portal server and BAS (broadband access server) device and system thereof | |
| CN1231024C (en) | Virtual specsel net realizing method based on dynamic IP address and system | |
| US20020099832A1 (en) | Method for accessing the internet | |
| CN1538706A (en) | HTTP relocation method for WEB identification | |
| CN103327008A (en) | HTTP reorienting method and HTTP reorienting device | |
| WO2006019275A1 (en) | Method for providing contents in a mobile communication system and apparatus thereof | |
| KR100685254B1 (en) | Home network gateway that manages authority assignment and access for each user and control method | |
| JPH11306067A (en) | Proxy system | |
| CN102075504B (en) | Method and system for realizing two-layer Portal authentication and Portal server | |
| CN103384246B (en) | Safety supervision system login assistant method | |
| TWI222807B (en) | Apparatus and method for managing cable modem based on web | |
| WO2001041392A2 (en) | Virtual private network selection | |
| KR20120044381A (en) | Method and system for subscriber to log in internet content provider(icp) website in identity/location separation network and login device thereof | |
| CN109379339A (en) | A kind of portal authentication method and device | |
| CN1297104C (en) | Method for realizing port based identification and transmission layer based identification compatibility | |
| CN1287308C (en) | Method for displaying door web page based on Ethernet protocol when the user is logged | |
| JP5191076B2 (en) | Information providing apparatus and method | |
| US20050273846A1 (en) | Controlled firewall penetration for management of discrete devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |