JP4716767B2 - Login control system and login control method - Google Patents

Description

  The present invention has processing servers and terminal devices connected to a network and distributed, and controls login when a user using the terminal device accesses one of the processing servers from the terminal device via the network. Login control system and login control method, especially in a group of processing servers distributed on the network, double login is prohibited, and new login can be performed by forcibly logging out to the processing servers that are currently logged in The present invention relates to a login control system and a login control method.

Log in to a processing server in response to a login request from a terminal device connected to that network on multiple processing servers located on a widely distributed network, and provide various services from the logged-in processing server There is technology to receive. Login control systems and login control methods used in these technologies are disclosed in the following patent documents.
Patent Document 1 (Japanese Patent Application Laid-Open No. 2001-101111) discloses a user management method in a hierarchical client-server system, which periodically checks a session with a client and uses a web browser in a login state. A management method is shown in which when the processing is completed, the user is automatically logged out after a predetermined time, thereby enabling re-login after the predetermined time.
JP 2001-101111 A

However, the above-described prior art automatically logs out after a certain period of time so that re-login is possible even when normal logout processing is not performed. There was a problem that it was not possible to log in again after a lapse of time.
In addition, if the fixed time set in the initial setting is too long, you will not be able to log in again indefinitely, or if the fixed time is too short, you will immediately be logged out and log in to the user each time. It has become a login control system and login control method that are very inconvenient.

  An object of the present invention is to provide a login control system and a login control method that easily solve the above problems in a login control system and a login control method for controlling login when a terminal device accesses a processing server through a network. There is to do.

In order to solve the above problems, according to a representative one of the login control system according to the present invention, a login control system for controlling login when accessing a processing server distributed from a terminal device through a network, The login control system receives a login request signal, a terminal device that outputs to the first processing server a login request signal for requesting login to the first processing server of the distributed processing servers, and A login processing unit that detects whether the login request signal is a normal login or a double login request that is already logged in to the second processing server of the distributed processing server; If the signal is detected as a double login request of displaying the double login warning screen to the terminal , A forced log selection unit for selecting whether to perform the forced login to the user, if you select the forced log in a forced log selection unit, a logged-out state by forcibly disconnects the session with the second processing server And a processing server having a forced logout unit that requests the login processing unit to establish a session with the first processing server.

According to one of the representative login control methods according to the present invention, there is provided a login control method for controlling login when a terminal device accesses processing servers distributed over a network. A step of outputting a login request signal for requesting login to the first processing servers of the distributed processing servers; a step of receiving the login request signal by the first processing server; detecting whether for the second processing servers distributed by a processing server which already either logged double login request, if the login request signal is a double login request, two to the terminal display the heavy log warning screen, a step of selecting whether to perform the forced log-in process to the user, question When forced log in allowed is selected, the step of requesting that the logout state to forcibly disconnect the session with the second processing server establishes a session with the first processing server to the login processing unit It is characterized by providing.

  With these configurations, according to the login control system and the login control method of the present invention, it is possible to log in again regardless of the timing and to maintain the login state for a sufficient period. It is possible to provide an easy-to-use system that does not force re-login.

  The best mode for carrying out the present invention will be described below.

  Hereinafter, a first embodiment of the present invention will be described in detail with reference to the drawings of FIGS. In any figure, the same numerals are given to the same composition.

FIG. 1 is an overall configuration diagram showing a login control system according to an embodiment of the present invention.
The login control system mainly includes a network such as the Internet, client devices 1-1 and 1-2 connected to the network, a plurality of processing servers 1-3 and 1-4 connected to the network, and each processing. Connected to the databases 1-6 and 1-7 provided in the servers 1-3 and 1-4 and the processing servers 1-3 and 1-4, the data is stored in the processing servers 1-3 and 1-4. The index server 1-5 includes a database 1-8 that holds updated data when updated.
The client devices 1-1 and 1-2 are terminal devices used by users (users), and user A logs in to each processing server via client device 1-1 and user B via client device 1-2. Make a request.
The processing servers 1-3 and 1-4 execute login processing in response to login requests from the client apparatuses 1-1 and 1-2.

  In the login control system in this embodiment, the index server 1-5 manages the index information of the entire system. The index information here is all information other than the content main body and includes, for example, attribute values such as file name, file size, owner, release date and time, and last update date and time. When the data update processing is performed in the processing servers 1-3 and 1-4, the update contents are notified to the index server 1-5, and the updated data is stored in the database 1-8 in the index server 1-5. Further, the update contents are notified to the processing servers 1-3 and 1-4. The processing servers 1-3 and 1-4 reflect the update contents received from the index server 1-5 in the respective databases 1-6 and 1-7. Thereby, the contents of the databases 1-6, 1-7, and 1-8 are synchronized.

  FIG. 2 shows the configurations of the processing server 1-3 and the processing server 1-4, and details of the configuration relating to processing of a login request sent from the client device 1-1 to the processing server 1-3. Is described.

  In FIG. 2, a processing server 1-3 that receives a login request receives a login request signal output from the client device 1-1 and performs login processing to the login processing unit 2-1, and the login processing unit 2-1. Connected and logged in, for example, confirming that the account name and password match, whether the account is within the expiration date, is not locked, is an access from an available IP address, or is not a double login The log-in processing unit 2-2 that performs the internal processing, and the log-out processing unit 2-3 that is connected to the log-in processing unit 2-2 and performs logout processing at the timing when the session is released.

  Furthermore, the processing server 1-3 of the login control system according to the present embodiment is configured so that the login request signal received from the client device 1-1 by the login processing unit 2-1 of the processing server 1-3 is either a normal or double login request. If it is detected that the login request signal is a request for double login, a double login warning screen is displayed on the client device 1-1 and forced login processing is performed for the user. Forced login selection unit 2-4 for selecting whether or not, and forced login for requesting login processing unit 2-1 to cancel login session when forced login selection is received from the user Part 2-5.

  Here, the double login request is a login request when a session has already been established with a processing server other than the processing server that requests login.

In FIG. 2, a forced login processing request from the forced login unit 2-5 is received by another processing server 1-4 different from the processing server 1-3, and a session with a user who is already logged in is forced. The forced logout unit 2-6 is disposed in the logout state, and when the forced logout unit 2-6 executes the forced logout process normally, the forced logout unit 2-6 displays the processing server 1- 3 is configured to send a re-login request for forced login processing to the login processing unit 2-1.
Thus, according to the login control system of the present invention in which the forced logout unit is provided in another different processing server, it is possible to uniquely determine that the login is in progress while the session exists. By confirming the presence or absence of a session, it is possible to realize a system that suppresses double login in a distributed system. As a result, distributed processing is possible, and a login control system with lighter processing can be realized.

  Next, various processing operations using the login control system in the present embodiment will be described in detail with reference to the drawings.

  FIG. 3 is a flowchart illustrating processing when a normal login request signal is detected in the login processing unit 2-1 of the processing server 1-3.

In FIG. 3, for example, when a login request signal is sent from the client device 1-1 to the processing server 1-3, the login processing unit 2-1 of the processing server 1-3 receives the login request signal of the client device 1-1. And login processing is started (step 3-1). Here, the user ID and password are received from the user of the client device 1-1, and authentication processing and the like are performed.
Thereafter, based on the user ID input by the user, the user information of the user who has made the login request is acquired from the database 1-6 of the processing server 1-3 (step 3-2). Here, the user information acquired from the database 1-6 includes a server identifier (ServerURL) given to the processing server 1-3 that sent the login request, and between the processing server 1-3 and the client device 1-1. A session identifier (SessionID) given to the established session and a last update date / time (Lastupdate) indicating the last date / time when these identifiers were updated are included.

  Based on the user information of the client device 1-1 acquired from the database 1-6, it is determined whether or not the client device 1-1 is logging in to any processing server of the target login control system (step 3). -3). Whether or not the user is logged in is determined based on whether or not information is already registered in “ServerURL” and “SessionID” in the user information acquired from the database 1-6. When information is registered in any user information, it is determined as “login state” and the process proceeds to step 3-4. If no information is registered in any user information (Null value), it is determined as “logout state” and the process proceeds to step 3-5.

In step 3-3, if information has already been registered in the acquired user information, the logged-in user has sent the login request again, so whether or not to perform a double login warning and forced login? Is displayed on the client apparatus 1-1 (step 3-4).
Similarly, in step 3-3, when no information is registered in the acquired user information, since the user is logged out, a session with the client device 1-1 is established (step 3-5).
After establishing a session with the client device 1-1, the value of the database 1-6 is updated to the user information acquired in step 3-2 (step 3-6). The “ServerURL” and “SessionID” in the database 1-6 are changed to the values at the time of session establishment, and the “last update date” is automatically updated.
Finally, the client apparatus 1-1 is notified of successful login (step 3-7).

  FIG. 4 is a diagram for explaining the operation when the client apparatus 1-1 logs in to the processing server 1-3, and data in the database 1-6 when performing the processing from step 3-2 to step 3-6. It is a figure showing a change.

  In step 3-2, the login processing unit 2-1 of the processing server 1-3 uses the user information 4-1 (for example, “ServerURL”, “ SessionID "," Last update date and time ") are acquired from the database 1-6.

Here, a case where the user A makes a login request to the processing server 1-3 via the client device 1-1 will be described as an example. In FIG. 4, the “ServerURL” and “SessionID” of the user A are Since “Null”, that is, “user information is not registered”, it is determined in step 3-3 to be “logout state (not logged in)”. If it is determined in step 3-3 that the user is in the “logout state”, the login processing unit 2-1 performs login processing.
After the login process is performed, the user information is updated in step 3-6.

  When the user A logs in to the processing server (server A) 1-3 via the client device 1-1, the data in the database 1-6 is updated as user information 4-2. When the user A logs into the processing server 1-3, the value at the time of session establishment, that is, “ServerURL” corresponding to the “user ID” user A is “Server A”, and “SessionID” is the current session identifier “54310”. “01/25 19:00”, which is the date and time when the data was updated, is registered in “Lastupdate”, and the user information 4-2 is updated.

Further, normal logout processing will be described with reference to FIGS.
FIG. 5 is a flowchart illustrating processing when a normal logout request signal is input to the logout processing unit 2-3 of the processing server 1-3.

In FIG. 5, when the user A executes logout processing via the client device 1-1 or when a session time-out occurs, the logout processing unit 2-3 starts logout processing (step 5-1). .
In response to Step 5-1, the logout processing unit 2-3 acquires the user information of the user A who has requested logout from the database 1-6 based on the user ID registered in the session (Step 5-2). The user information acquired here also includes a server identifier (ServerURL), a session identifier (SessionID), and a last update date and time (Lastupdate) indicating the last date and time when these identifiers were updated.

Of the user information acquired in step 5-2, the user information “SessionID” and “ServerURL” of user A registered in the database 1-6 are deleted, and the respective values are updated to “Null” (step 5). -3).
In response to step 5-3, the session between the processing server 1-3 and the client apparatus 1-1 established in step 3-5 is disconnected (step 5-4). In step 5-4, when session disconnection is successful, the client apparatus 1-1 is notified of logout success (step 5-5).

  FIG. 6 is a diagram for explaining the operation when the client apparatus 1-1 logs out to the processing server 1-3, and data in the database 1-6 when performing the processing from step 5-2 to step 5-3. It is a figure showing a change.

  Here, a case where the user A makes a logout request to the processing server 1-3 via the client device 1-1 will be described as an example. First, in step 5-2 for obtaining user information, a process illustrated in FIG. As described above, “Server URL” corresponding to “User ID” User A is “Server A”, “Session ID” is “54310” as the current session identifier, and “01 / User information 6-1 of 25 19:00 "is acquired from the database 1-6.

  Next, in order to change the state of the user A to “logout state”, “ServerURL” and “SessionID” of the user information 6-1 corresponding to the “user ID” user A acquired in step 5-3. Each value is deleted and changed to “Null”, and “Lastupdate” is also updated to “01/25 19:30” which is the date and time when the data was updated. With this update, the client apparatus 1-1 enters a logout state and can accept a new login request.

  The above is a description of the operations of the processing server 1-3 and the database 1-6 when the login processing unit of the processing server 1-3 detects a normal login request and a logout request.

  Next, operations of the processing server 1-3 and the database 1-6 when the login processing unit 2-1 of the processing server 1-3 detects a double login request will be described with reference to FIG.

FIG. 7 is a flowchart illustrating processing when a login request signal for double login is detected in the login processing unit 2-1 of the processing server 1-3.
In the login processing unit 2-1, when another session is already established before the login request signal input by the user, that is, when information is already registered in the user information acquired in step 3-2. The login processing unit 2-1 determines that the login request signal input by the user is a double login request signal. Based on the determination of the double login request of the login processing unit 2-1, the login processing unit 2-1 displays a double login warning screen on the client device 1-1 and whether to perform a forced login process on the user. To choose.

Here, when the user selects the forced login process, the forced login process shown in FIG. 7 is started (step 7-1).
Among the user information acquired in step 3-2, since “ServerURL” is the server identifier of the processing server 1-3 that is currently logging in, the “ServerURL” is the remaining user information “SessionID”, And “Lastupdate”. Specifically, user information is set in the FORM parameter, and POST is performed on the reception URL of the forced logout processing unit. Thereby, a forced logout process is requested (step 7-2).

When the forced logout process is requested in step 7-2, a response is received from the processing server 1-3 that issued the forced logout request. It is examined (step 7-3). When the forced logout process is successful, a redirect URL to the re-login process is returned and the login process is performed. An error page is returned when the forced logout process fails.
If the forced logout process fails in step 7-3, an error message is displayed to the user who requested the login (step 7-4).
If the forced logout process is successful in step 7-3, the process proceeds to the login process in step 3-1 (step 7-5).

The forced logout process requested in step 7-2 will be described in detail below.
FIG. 8 is a flowchart showing the process when the forced logout process is requested in step 7-2. In this embodiment, the forced logout processing unit 2-6 includes a login processing unit 2-1, a login processing unit 2-2, a logout processing unit 2-3, a forced login selection unit 2-4, and a forced login unit. The case where the processing server 1-3 provided with 2-5 is provided in another processing server 1-4 will be described as an example.

When a forced logout process request is made in step 7-2, the forced logout process is started in the forced logout unit 2-6 (step 8-1).
When the forced logout process is started in step 8-1, user information for forced logout related to a session that is already logged in is acquired from the database 1-7 (step 8-2).

  The value of “Lastupdate” in the user information subject to forced logout acquired in step 8-2 is compared with the value of “Lastupdate” given as an argument of the forced logout request in step 7-2 (step 8-3). ). When a forced logout process must not be executed, for example, when another processing server updates the user information between the forced logout process request and the forced logout process actually being executed. , Processing can be stopped.

In step 8-3, if the values of “Lastupdate” are not equal or do not match, a response to the forced logout failure is returned to the server (processing server 1-3) that sent the forced logout request (step 8). -4).
In step 8-3, when the values of “Lastupdate” are equal or coincide with each other, the value of “SessionID” in the user information to be forcibly logged out acquired in step 8-2 and step 7-2 The “SessionID” value given as the argument of the forced logout request in FIG. 5 is compared with the “SessionID” value given to the session currently established with the client apparatus 1-1. If the values are not equal or different, the process proceeds to step 8-4.

Among the user information subject to forced logout, the values of “Lastupdate” and “SessionID”, the values of “Lastupdate” and “SessionID” given as arguments of the forced logout request, and the current client apparatus 1-1 If the values of “SessionID” assigned to the established session match, the “ServerURL” and “SessionID” of the user information acquired from the database 1-7 in step 8-2 are deleted, and the database 1 The information of -7 is updated (step 8-6).
In response to the update in step 8-6, the session with the client device 1-1 established in step 3-5 is disconnected (step 8-7).
In response to the disconnection of the session, a response to the forced logout success is sent to the server that requested the forced logout process (step 8-8).

  FIG. 9 is a diagram for explaining the operation when a double login state is entered, a forced login process and a forced logout process are requested, and re-login is executed. From step 3-2 to step 3-4, from step 7-1 Table 7-2, Steps 8-1 to Step 8-8, Step 7-5, Steps 3-2 to Steps 3-6 to Database 1-6, and data changes in the database 1-7 are shown. FIG.

In FIG. 9, the operation when the user A tries to log in to the processing server 1-4 while the user A is logged in to the processing server 1-3 will be described as an example. This is a movement when the user A attempts to log in to the processing server 1-4 by closing the browser without executing the logout processing during the login to the processing server 1-3.
When the user A sends a login request signal to the processing server 1-4 via the client device 1-1, in step 3-2, the processing server 1-4 logs in from the database 1-7 based on the input user ID. The user information 9-1 of the requesting user A is acquired. The values of “ServerURL” and “SessionID” of the user information 9-1 acquired here are referred to. Since neither “ServerURL” nor “SessionID” of the user information 9-1 is “Null”, the login processing unit of the processing server 1-4 determines that the login request from the user A is a double login request signal. In step 3-4, the user A is caused to display a double login warning screen and a forced login selection screen via the client device 1-1.

When the forced login process is requested in step 3-4, the forced login process in step 7-1 is started.
In response to the start of the forced login process, the processing server 1-3 requests the forced logout process in step 7-2.

In step 8-1, the forced logout unit of the processing server 1-3 that has received the forced logout process request starts the forced logout process.
When the forced logout process is started in step 8-1, in step 8-2, the user information 9-2 for forced logout related to the already logged-in session is acquired from the database 1-7.
Among the user information subject to forced logout acquired in step 8-2, the values of “Lastupdate” and “SessionID” and the values of “Lastupdate” and “SessionID” given as arguments of the forced logout request in step 7-2, The value of “SessionID” assigned to the session currently established with the client apparatus 1-1 is compared.
If the values of “Lastupdate” and “SessionID” match, the values of “ServerURL” and “SessionID” corresponding to user A are deleted and deleted from the user information 9-2 acquired from the database 1-7. In addition, “Null” is written in “ServerURL” and “SessionID” and updated to the user information 9-3. Note that “Lastupdate” in the user information 9-3 is automatically updated.

  In response to the update of the user information in step 8-6, the session between the client device 1-1 and the processing server 1-3 is disconnected, and the processing server 1-4 that requested the forced logout processing in step 8-8 On the other hand, the processing server 1-3 replies with a forced logout success.

In response to the response of the forced logout success in step 8-8, the processing server 1-4 makes a re-login processing request in step 7-5.
In response to the re-login processing request in Step 7-5, in Step 3-2, the login processing unit of the processing server 1-4 acquires the user information 9-4 of the user A from the database 1-7. At this time, since the values of “ServerURL” and “SessionID” of the user A in the user information 9-4 are both “Null”, it is determined that the user A is in the “logout state”, and the processing server 1-4 The login processing unit continues the login process.
When the re-login is completed, in step 3-6, in order to indicate that the user A has logged in to the processing server 1-4, the “ServerURL” corresponding to the “user ID” user A is set to “Server B” and “SessionID”. The current session identifier “246801” and “Lastupdate” are newly registered “01/25 19:31”, which is the date and time when the data was updated, and updated to the user information 9-5 in the database 1-7. The

  As described above, according to the login control system and the login control method of the present invention, even when the login request from the client device is a double login request, the forced logout is performed on the already established session. By requesting, it becomes possible to re-login regardless of the timing, and it is possible to set the session timeout time sufficiently long, so it is necessary to force the user to perform inadvertent re-login processing It is possible to provide a user-friendly system that does not exist.

It is a whole lineblock diagram showing the login control system of the present invention. It is a figure explaining the detail of a structure of the processing server in the login control system of this invention. 6 is a flowchart showing processing when a normal login request signal is detected in the login control system of the present invention. It is a figure explaining operation | movement when a client apparatus logs in with respect to a process server in the login control system of this invention. 6 is a flowchart showing processing when a normal logout request signal is input in the login control system of the present invention. It is a figure explaining operation | movement when a client apparatus logs out with respect to a process server in the login control system of this invention. 5 is a flowchart showing processing when a login request signal for double login is detected in the login control system of the present invention. 6 is a flowchart showing processing when forced logout processing is requested in the login control system of the present invention. In the login control system of this invention, it is a figure explaining the operation | movement when it will be in a double login state, a forced login process and a forced logout process are requested | required, and re-login is performed.

Explanation of symbols

1-1 Client devices 1-3 and 1-4 Processing server 2-1 Login processing unit 2-2 Login processing unit 2-3 Logout processing unit 2-4 Forced login selection unit 2-5 Forced login unit 2-6 Logout part

Claims (6)

A login control system for controlling login when accessing a processing server distributed from a terminal device through a network,
The login control system includes:
The terminal device for outputting a login request signal for requesting login to the first processing server of the distributed processing servers to the first processing server;
The login request signal is received, and it is detected whether the login request signal is a normal login or a double login request that is already logged in to the second processing server of the distributed processing servers. A login processor;
In the login processing unit, when it is detected that the login request signal is the double login request, a double login warning screen is displayed on the terminal and the user is allowed to select whether to perform forced login. A forced login selector,
When the forced login is selected by the forced login selection unit, the session with the second processing server is forcibly disconnected to a logout state, and the session with the first processing server is performed with respect to the login processing unit. The log-in control system comprising: the processing server having a forced logout unit that requests to establish a password.   The login control system according to claim 1, wherein the login processing unit, the forced login selection unit, and the forced logout unit are provided in different processing servers. A login control method for controlling login when accessing a processing server distributed from a terminal device through a network,
Outputting a log-in request signal for requesting log-in to the first processing server of the processing server in which the terminal device is distributed;
The first processing server receiving the login request signal;
Detecting whether the login request signal is a normal login or a double login request already logged in to the second processing server of the distributed processing servers;
If the login request signal is the double login request, displaying a double login warning screen on the terminal , and selecting whether to perform forced login processing for the user ;
When the forced login is selected in the inquiry, the session with the second processing server is forcibly disconnected to enter the logout state, and the session with the first processing server is established with respect to the login processing unit. A login control method comprising: a step of requesting to perform. The login control method according to claim 3 further includes:
When the forced login is selected, the first processing server transmits user information for forcibly logging out to the second processing server;
After the second processing server receives user information for forcibly logging out, user information related to a session with the second processing server that is forcibly disconnected is obtained from a database provided in the second processing server. Acquiring and matching the user information received from the first processing server and the user information acquired from the database, and deleting and updating the user information stored in the database;
A login control method comprising: disconnecting a session with the second processing server and setting a logout state based on the user information deleted from the database.   5. The login control method according to claim 4, wherein the user information includes a server identifier assigned to the first or second processing server to log in, between the first or second processing server and the terminal device. A login control method comprising: a session identifier assigned for each session; and a last update date and time indicating a date and time when the server identifier or the session identifier is updated. The login control method according to claim 5,
In the step of deleting and updating the user information, the session identifier of the user information is compared with the last update date and time, and when both the session identifier and the last update date and time match, the session information is stored in the database. The login control method, wherein the session identifier and the server identifier are deleted and updated.

Images