CN102025633B - WEB authentication-based routing method, authentication request receiving device and authentication system - Google Patents
WEB authentication-based routing method, authentication request receiving device and authentication system Download PDFInfo
- Publication number
- CN102025633B CN102025633B CN201010591474XA CN201010591474A CN102025633B CN 102025633 B CN102025633 B CN 102025633B CN 201010591474X A CN201010591474X A CN 201010591474XA CN 201010591474 A CN201010591474 A CN 201010591474A CN 102025633 B CN102025633 B CN 102025633B
- Authority
- CN
- China
- Prior art keywords
- user
- receiving equipment
- request receiving
- authentication request
- web authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a WEB authentication-based routing method, an authentication request receiving device and an authentication system. The method comprises the following steps: a current WEB authentication request receiving device obtains a user request and judges whether the user sending the user request is an authenticated user; if so, the user request is redirected to the previous WEB authentication request receiving device used for authenticating the user; and if not, a target WEB authentication request receiving device is distributed to the user request and the user request is redirected to the target WEB authentication request receiving device. By adopting the WEB authentication-based routing method, the authentication request receiving device and the authentication system, the pressure-balanced, rapid and stable authentication can be realized and the network fault-tolerance is very good.
Description
Technical field
The present invention relates to the network authentication technology, relate in particular to method for routing, authentication request receiving equipment and the Verification System of Base on Web authentication.
Background technology
ISP (ISP) provides the access service of paying for the user, as basis and the foundation of charging, the user authenticates in the network insertion process indispensable.The WEB Verification System of Base on Web authentication is to use at present very widely a kind of Verification System.
In the WEB Verification System, in the outlet of the gateway device unit of being deployed in, this gateway device possesses the ability of the outer outgoing packet of interception user.Receive certain user's outer outgoing packet when gateway device after, if find that this user is not online, then can refuse the outer outgoing packet that this goes out to ask, tackle this user; If gateway device receives the HTTP request from the user, then gateway device is understood simulated target IP main frame, and is redirected on the WEB authentication request receiving equipment.WEB authentication request receiving equipment is received redirect request rear line pushing certification page, is authenticated according to the authentication information that the user submits to by the certificate server in this WEB Verification System.Behind user's authentication success, when again accessing Internet, gateway device judges that this user is online, its outer outgoing packet of then letting pass.
In existing WEB Verification System, if owing to reasons such as network failures, cause success identity but when being tackled by gateway device of user, may cause different WEB authentication request receiving equipments and certificate server that this user is authenticated again, thereby may so that this user is collected two parts of expenses, have very low Its Fault Tolerance.
Summary of the invention
For defects, the invention provides method for routing, WEB authentication request receiving equipment and the WEB Verification System of Base on Web authentication.
The method for routing of WEB provided by the invention authentication comprises: current WEB authentication request receiving equipment obtains user's request, and judges that whether the user who sends described user's request is authenticated user;
Know that described user is authenticated user, then is redirected to the formerly WEB authentication request receiving equipment that authenticates described user with described user's request if judge;
If judge and know that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user, and described user's request is redirected to described target WEB authentication request receiving equipment;
Whether the user that described judgement sends described user request is that the step of authenticated user comprises:
Judge that according to the information of the whole current online user in the WEB Verification System whether the user who sends described user's request is authenticated user.
WEB authentication request receiving equipment provided by the invention comprises:
Receiver module is used for obtaining user's request;
Judge module is connected with described receiver module, and whether the user who be used for to judge sends described user's request is authenticated user;
Distribution module is connected with described judge module, knows that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user if be used for judging;
Redirection module, respectively with described judge module be connected distribution module and be connected, know that described user is authenticated user, then is redirected to the formerly WEB authentication request receiving equipment that authenticates described user with described user's request if be used for judging; If judge and know that described user is unauthenticated user, then described user's request is redirected to described target WEB authentication request receiving equipment;
Described judge module comprises:
Online user's maintenance unit is for the information of whole current online user of obtaining the WEB Verification System;
The first judging unit is used for judging that according to the information of whole current online user of described WEB Verification System whether the user who sends described user's request is authenticated user.
WEB Verification System provided by the invention comprises: WEB authentication request receiving equipment provided by the invention, be used for to described WEB authentication request receiving equipment provide the gateway that the user asks and is connected with described WEB authentication request receiving equipment, for carrying out the certificate server that the user authenticates.
The present invention also provides another kind of WEB Verification System, comprise: WEB authentication request receiving equipment, be used for to described WEB authentication request receiving equipment provide gateway that the user asks, be connected with described WEB authentication request receiving equipment, for carrying out the certificate server that the user authenticates, and the authentication pressure evaluation device that is connected with described WEB authentication request receiving equipment, wherein:
After described WEB authentication request receiving equipment obtains user's request, the information that sends the user of described user's request is sent to described authentication pressure evaluation device;
Described authentication pressure evaluation device comprises:
The authentication determination module after being used for receiving described user's information from described WEB authentication request receiving equipment, judges that whether the user who sends described user's request is authenticated user; Know that described user is authenticated user if judge, the information that then will authenticate described user's formerly WEB authentication request receiving equipment is sent to described WEB authentication request receiving equipment, described user's request is redirected to the described user's of authentication formerly WEB authentication request receiving equipment by described WEB authentication request receiving equipment; If judge and know that described user is unauthenticated user, then the information with described user is sent to evaluation module;
Described evaluation module, be used to described user assignment target WEB authentication request receiving equipment and its information is sent to described WEB authentication request receiving equipment, by described WEB authentication request receiving equipment described user's request is redirected to described target WEB authentication request receiving equipment;
Described authentication pressure evaluation device also comprises:
WEB authentication online user shows maintenance module, for the information of whole current online user of obtaining described WEB Verification System; Correspondingly, described authentication determination module judges that according to the information of the whole current online user in the described WEB Verification System whether the user who sends described user's request is authenticated user.
Method for routing according to Base on Web authentication provided by the invention, WEB authentication request receiving equipment and WEB Verification System, because after obtaining user's request, directly this user is not carried out the WEB authentication, but judge that at first whether the user is authenticated user, and when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is processed, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated again, thereby the problem that repeats to charge that causes, realize the authentication of fast and stable, had good Its Fault Tolerance.
Description of drawings
Fig. 1 is the flow chart that the present invention is based on the method for routing of WEB authentication.
Fig. 2 the present invention is based on the flow chart that WEB authentication request receiving equipment in the method for routing of WEB authentication is safeguarded online subscriber's meter.
Fig. 3 the present invention is based on the flow chart that obtains the formation of authentication pressure index in the method for routing of WEB authentication.
Fig. 4 the present invention is based on the flow chart of asking to distribute target WEB authentication request receiving equipment in the method for routing of WEB authentication for the user.
Fig. 5 is the structural representation of WEB authentication request receiving equipment of the present invention.
Fig. 6 is the system architecture diagram of WEB Verification System of the present invention.
Fig. 7 is the flow chart that WEB Verification System of the present invention is carried out the WEB authentication.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, technical scheme of the present invention is clearly and completely described.
Fig. 1 is the flow chart that the present invention is based on the method for routing of WEB authentication.As shown in Figure 1, the method for routing of this Base on Web authentication may further comprise the steps:
Step S100, current WEB authentication request receiving equipment obtain user request, and judge that whether the user who sends user's request is authenticated user;
Wherein, current WEB authentication request receiving equipment can be the arbitrary WEB authentication request receiving equipment in the WEB Verification System.User's request for example is the HTTP request, and this HTTP request carries User IP.Current WEB authentication request receiving equipment then judges that according to this User IP whether this user is authenticated user.
Step S200 knows that the user is authenticated user, then is redirected to user's request this user's of authentication formerly WEB authentication request receiving equipment if judge;
Wherein, formerly WEB authentication request receiving equipment can be the arbitrary WEB authentication request receiving equipment in the WEB Verification System, and it both can be current WEB authentication request receiving equipment, also can be other WEB authentication request receiving equipment in this WEB Verification System.Particularly, in step S200, know that the user is for after the authenticated user, for example judge this user's of authentication formerly WEB authentication request receiving equipment according to User IP, if through judgement know this formerly WEB authentication request receiving equipment be current WEB authentication request receiving equipment, then can directly send authentication success message; If know other certain the WEB authentication request receiving equipment in the current WEB Verification System that is that this user is authenticated through judgement, then this user's request be redirected to this formerly WEB authentication request receiving equipment.
Step S300 if judge and to know that the user is unauthenticated user, then for the user asks to distribute target WEB authentication request receiving equipment, and asks to be redirected to target WEB authentication request receiving equipment with the user.
Method for routing according to the authentication of the Base on Web of above-described embodiment, because after obtaining user's request, directly this user is not carried out the WEB authentication, but judge that at first whether the user is authenticated user, and when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is processed, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated again, thereby the problem that repeats to charge that causes has improved Its Fault Tolerance.
Further, in the method for routing of the Base on Web of above-described embodiment authentication, judge that whether the user who sends user's request is that the step of authenticated user comprises: judge that according to the information of the whole current online user in the WEB Verification System whether the user who sends user's request is authenticated user.
Above-mentioned steps for example can be by safeguarding that by WEB authentication request receiving equipment an online user who shows all on-line user profile shows to realize.Table 1 is the field information in online user's table.As shown in table 1, the field of this online user's table comprises: User IP, WEB authentication request receiving equipment IP and on-line time.
Table 1
Sequence number | Field name |
1 | User IP |
2 | WEB authentication request receiving equipment IP |
3 | On-line time |
Fig. 2 the present invention is based on the flow chart that WEB authentication request receiving equipment in the method for routing of WEB authentication is safeguarded online subscriber's meter.As shown in Figure 2, after WEB authentication request receiving equipment obtains user's going on line or off line message (step S101), judge whether this message is on-line message (step S102), if, then extract the User IP, WEB authentication request receiving equipment IP and the on-line time that comprise in this message, in online user's table, insert a record corresponding to this user (step S103); If not, then search corresponding record in the online user table according to the User IP that comprises in this message, and from online user's table with its deletion (step S104).Can realize the whole current online user information of record in this online user's table by above-mentioned flow process.Wherein, WEB authentication request receiving equipment can obtain user's going on line or off line message by adopting the backstage authentication and accounting system of multiple technologies from the WEB Verification System, and for example TCP/IP directly receives, or publish/subscribe mechanism etc.
WEB authentication request receiving equipment can be known all on-line user's information by safeguarding this online user's table.Therefore after WEB authentication request receiving equipment obtains user's request, whether be included in current online user's table by inquiring about the corresponding User IP of this user, if, then this user is authenticated user, further can know this user's of authentication formerly WEB authentication request receiving equipment by WEB authentication request receiving equipment IP corresponding to this User IP, and this user's request is redirected to corresponding WEB authentication request receiving equipment; If not, then this user is unauthenticated user, then carries out the step S300 of above-described embodiment so that subsequent treatment is carried out in this user's request.
Further, in the method for routing of the Base on Web of above-described embodiment authentication, for the user asks to distribute target WEB authentication request receiving equipment, and the step that the user is asked to be redirected to target WEB authentication request receiving equipment comprises: whether the load of judging current WEB authentication request receiving equipment surpasses default load maximum; If not, then push user's certification page to the user; If then for the user asks to distribute target WEB authentication request receiving equipment, and user request is redirected to target WEB authentication request receiving equipment.
Wherein, can adopt various ways is that the user asks to distribute target WEB authentication request receiving equipment, for example Random assignment or distribute by certain rule is preferably: ask to distribute target WEB authentication request receiving equipment according to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System for the user.Wherein, the load of WEB authentication request receiving equipment is such as being the information such as authentication pressure or online user's pressure.The load that above-mentioned basis is arranged at each the WEB authentication request receiving equipment in the WEB Verification System is preferably for the user asks to distribute the step of target WEB authentication request receiving equipment: the authentication force value of obtaining each the WEB authentication request receiving equipment in the WEB Verification System; The authentication force value of each WEB authentication request receiving equipment relatively is to be dispensed to user's request the WEB authentication request receiving equipment of authentication force value minimum.
Above-mentioned for the user ask to distribute target WEB authentication request receiving equipment step can the authentication pressure index formation of WEB authentication request receiving equipments realizes by obtaining in the WEB Verification System all.The content of this authentication pressure index formation is every WEB authentication request receiving equipment and corresponding authentication rate value, this authentication rate value can represent the current authentication force value of this equipment, and namely this equipment is at the authentication of current n in the second number of users (n is preferably 10 to 60) of reaching the standard grade.
Fig. 3 the present invention is based on the flow chart that obtains the formation of authentication pressure index in the method for routing of WEB authentication.As shown in Figure 3, may further comprise the steps:
Step S201, the online user number of each WEB authentication request receiving equipment reaches at the reach the standard grade number of users of current n in second in the statistics WEB Verification System; But this statistics Base on Web authentication request receiving equipment safeguards that the online user of online subscriber's meter shows to realize, particularly, add up the online user that to know each WEB authentication request receiving equipment IP by each the WEB authentication request receiving equipment IP in online user's table, and whether the on-line time of further passing through each online user in second, can count the number of users of reaching the standard grade in second at current n at current n.
Step S202 calculates the authentication request processing speed of each equipment according to the number of users of reaching the standard grade of current n in second of each WEB authentication request receiving equipment, this authentication request processing speed=the reach the standard grade number of users/n of current n in second.
Step S203, according to the authentication request processing speed that in step S202, obtains, each WEB authentication request receiving equipment is arranged according to the authentication request processing speed is ascending, obtain authenticating the pressure index formation, what namely come this formation first place is the WEB authentication request receiving equipment of current authentication force value minimum, and what come this formation last position is the WEB authentication request receiving equipment of current authentication force value maximum; Also store the online user's quantity (online user's force value) corresponding to each WEB authentication request receiving equipment in this formation.
Fig. 4 the present invention is based on the flow chart of asking to distribute target WEB authentication request receiving equipment in the method for routing of WEB authentication for the user.As shown in Figure 4, for asking to distribute target WEB authentication request receiving equipment, the user specifically may further comprise the steps:
Step S301, current WEB authentication request receiving equipment obtain online user's force value of the machine from the formation of authentication pressure index;
Step S302 judges according to the value of obtaining whether online user's force value of the machine does not exceed default maximum online user's force value from step S301; If, execution in step S303 then; If not, execution in step S304 then;
Step S303 is to user's pushing certification page;
Step S304 obtains the WEB authentication request receiving equipment IP that authenticates the force value minimum from the formation of authentication pressure index, and execution in step S305;
Step S305 judges whether online user's force value of this equipment does not surpass maximum online user's force value; If, execution in step S306 then; If not, execution in step S307 then;
Step S306, with this equipment as target WEB authentication request receiving equipment, user request is redirected to this target WEB authentication request receiving equipment;
Step S307 abandons this user's request, to guarantee the stability of WEB Verification System.
Method for routing according to the authentication of the Base on Web of above-described embodiment, because when judgement knows that current device does not surpass default maximum pressure value, directly asked by this user of this device processes, and no longer this user's request is routed to miscellaneous equipment, thereby improved the authentication efficiency of WEB Verification System; And, when need route to this user request other WEB authentication request receiving equipment in the WEB Verification System, select suitable equipment to process this user's request according to the load of each WEB authentication request receiving equipment, the load balancing degrees of system be can improve, thereby reliability and the efficiency value of system improved.
Although in the method for routing of the Base on Web of above-described embodiment authentication, illustrated online user's table, the formation of authentication pressure index etc. are safeguarded by WEB authentication request receiving equipment or are obtained, but it will be understood by those of skill in the art that to the maintenance of online user table and the formation of authentication pressure index obtain all can by independent setting and realize with the authentication pressure evaluation device that this WEB authentication request receiving equipment carries out information interaction.
This authentication pressure evaluation device for example comprises: be used for safeguarding that the WEB authentication online user of online subscriber's meter shows maintenance module, the operating process that this WEB authentication online user shows maintenance module is identical with flow process shown in Figure 2; Be used for judging according to the request of WEB authentication request receiving equipment whether the user is that authenticated user reaches the authentication determination module that whether need distribute WEB authentication request receiving equipment; Be used for obtaining the statistical module of authentication pressure index formation, the operating process of this statistical module is identical with flow process shown in Figure 3; And the evaluation module that is used to user assignment target WEB authentication request receiving equipment, the operating process of this evaluation module is identical with flow process shown in Figure 4.
According to a further aspect in the invention, also provide a kind of WEB authentication request receiving equipment.Fig. 5 is the structural representation of WEB authentication request receiving equipment of the present invention.As shown in Figure 5, this WEB authentication request receiving equipment comprises receiver module 10, judge module 20, distribution module 30 and redirection module 40, wherein:
WEB authentication request receiving equipment according to above-described embodiment, because whether be provided with for the user who judge to send user's request is the judge module of authenticated user, reach the redirection module of taking different routing policies according to the user for authenticated user and unverified two kinds of situations, can be when confirming this user for authenticated user, the WEB authentication request receiving equipment that this user's request is sent to this user of authentication is processed, so can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, by different WEB authentication request receiving equipments this user is authenticated again, thereby the problem that repeats to charge that causes has improved Its Fault Tolerance.
Further, in the WEB of above-described embodiment authentication request receiving equipment, judge module comprises:
Online user's maintenance unit is for the information of whole current online user of obtaining the WEB Verification System;
The first judging unit is used for judging that according to the information of whole current online user of WEB Verification System whether the user who sends user's request is authenticated user.
Wherein, online user's maintenance unit is safeguarded the online user's table that has shown in the table 1, WEB authentication request receiving equipment can obtain by this online user's maintenance unit the online user's of this system information, so that the first judging unit can by inquiring about in this online user table whether have the User IP corresponding with this user, can confirm that whether this user is authenticated user.
Further, in the WEB of above-described embodiment authentication request receiving equipment, distribution module comprises:
The first acquiring unit is used for obtaining from judge module user's request of unauthenticated user;
The second judging unit is used for judging whether the load of WEB authentication request receiving equipment surpasses default load maximum;
Allocation units are no more than default load maximum if be used for load, then push user's certification page to the user; If load surpasses default load maximum, then for the user asks to distribute target WEB authentication request receiving equipment, so that redirection module is redirected to target WEB authentication request receiving equipment with user's request.
Further, in the WEB of above-described embodiment authentication request receiving equipment, distribution module also comprises:
Second acquisition unit is for the authentication force value of obtaining each the WEB authentication request receiving equipment that is arranged at the WEB Verification System;
Statistic unit is used for the relatively authentication force value of each WEB authentication request receiving equipment, so that allocation units are dispensed to user's request the WEB authentication request receiving equipment of authentication force value minimum.
In accordance with a further aspect of the present invention, a kind of WEB Verification System also is provided, it comprise above-mentioned arbitrary embodiment WEB authentication request receiving equipment, be used for to WEB authentication request receiving equipment provide the gateway that the user asks and is connected with WEB authentication request receiving equipment, for carrying out the certificate server that the user authenticates.
The present invention also provides another kind of WEB Verification System.Fig. 6 is the system architecture diagram of WEB Verification System of the present invention.As shown in Figure 6, this WEB Verification System comprises WEB authentication request receiving equipment 100, be used for to WEB authentication request receiving equipment provide gateway 200 that the user asks, be connected with WEB authentication request receiving equipment, for carrying out the certificate server 300 that the user authenticates and the authentication pressure evaluation device 400 that is connected with WEB authentication request receiving equipment.The below is elaborated to this WEB Verification System.
Particularly, after WEB authentication request receiving equipment 100 obtains user's request, the information that sends the user of user's request is sent to authentication pressure evaluation device 400;
This authentication pressure evaluation device 400 comprises:
Authentication determination module 402 after being used for receiving user's information from WEB authentication request receiving equipment 100, judges that whether the user who sends user's request is authenticated user; Know that the user is authenticated user if judge, the information that then will authenticate this user's formerly WEB authentication request receiving equipment is sent to WEB authentication request receiving equipment 100, described user's request is redirected to this user's of authentication formerly WEB authentication request receiving equipment by WEB authentication request receiving equipment 100; If judge and know that the user is unauthenticated user, then the information with described user is sent to evaluation module 404;
WEB Verification System according to above-described embodiment, because the information that WEB authentication request receiving equipment 100 obtains after the user request corresponding user is sent to authentication pressure evaluation device 100, judge that by authentication pressure evaluation device 400 whether the user is authenticated user, and when confirming this user for authenticated user, authentication pressure evaluation device 400 is to the information of WEB authentication request receiving equipment 100 these users' of return authentication formerly WEB authentication request receiving equipment, so that WEB authentication request receiving equipment 100 is redirected to formerly WEB authentication request receiving equipment with this user's request.So can avoid when because some are former thereby when causing user that gateway tackles for authenticated user, thereby this user is authenticated again the problem that repeats to charge that causes by different WEB authentication request receiving equipments, realize the authentication of fast and stable, had good Its Fault Tolerance.
Further, in the WEB of above-described embodiment Verification System, authentication pressure evaluation device 400 also comprises:
WEB authentication online user shows maintenance module 401, for the information of whole current online user of obtaining the WEB Verification System; Correspondingly, authentication determination module 402 judges that according to the information of the whole current online user in the WEB Verification System whether the user who sends user's request is authenticated user.
Further, in the WEB of above-described embodiment Verification System, evaluation module 404 is used for judging whether the load of WEB authentication request receiving equipment 100 surpasses default load maximum; If load is no more than default load maximum, then the information with WEB authentication request receiving equipment 100 is sent to WEB authentication request receiving equipment 100, so that WEB authentication request receiving equipment 100 pushes user's certification page to the user; If load surpasses default load maximum, then be sent to WEB authentication request receiving equipment 100 for user assignment target WEB authentication request receiving equipment and with its information, by WEB authentication request receiving equipment user's request is redirected to target WEB authentication request receiving equipment.
Further, in the WEB of above-described embodiment Verification System, authentication pressure evaluation device 400 also comprises:
Further, in the WEB of above-described embodiment Verification System, statistical module 403 is for the authentication force value of the whole WEB authentication request receiving equipments that obtain the WEB Verification System; Correspondingly, evaluation module 404 is used for the relatively authentication force value of each WEB authentication request receiving equipment, user's request is dispensed to the WEB authentication request receiving equipment of authentication force value minimum.
Fig. 7 is the flow chart that WEB Verification System of the present invention is carried out the WEB authentication.As shown in Figure 7, comprising:
Step S10, by the HTTP request of gateway device interception unauthenticated user, the directional user that lays equal stress on is to WEB authentication request receiving equipment; The user fills in submission information behind the authentication information;
After step S20, WEB authentication request receiving equipment received user's request, the request authentication pressure evaluation device was processed;
Step S30, the authentication determination module of authentication pressure evaluation device judges whether the user needs the application authentication server authentication, be specially: show maintenance module according to WEB authentication online user and judge whether the user is authenticated user, if then judged result is returned WEB authentication request receiving equipment; If not, then the information with this user is sent to evaluation module, whether can process this user's request to be judged current WEB authentication request receiving equipment by evaluation module, if can process, then judged result is returned WEB authentication request receiving equipment, if can not process then judged result is sent to statistical module;
Step S40, after statistical module obtains the judged result of evaluation module transmission, the online user shows the authenticated user quantity that maintenance module obtains online user's information, adds up each WEB authentication request receiving equipment from the WEB authentication, to obtain the load of the WEB authentication request receiving equipment in the WEB Verification System, form the formation of authentication pressure index;
Step S50, statistical module request evaluation module assessment is the certificate server IP of suitable authentication;
Step S60, evaluation module returns optimal certificate server IP to WEB authentication request receiving equipment;
Step S70, WEB authentication request receiving equipment is transmitted authentication request to corresponding certificate server;
Step S80, certificate server carries out user's authentication check; And reach the standard grade or roll off the production line message to WEB authentication request receiving equipment issue user;
Step S90, WEB authentication request receiving equipment is shown maintenance module transmission user to WEB authentication online user and is reached the standard grade, rolls off the production line message to carry out online user's information updating.
The server that authentication pressure evaluation device in the WEB Verification System of above-described embodiment can be put for Independent also can be in conjunction with being arranged in the WEB authentication request receiving equipment.When with this pressure evaluation device in conjunction with the WEB authentication request receiving equipment that is arranged at prior art in the time, can obtain WEB authentication request receiving equipment provided by the invention.
WEB Verification System according to above-described embodiment, can guarantee to reach a kind of isostasy between the whole network WEB authentication request receiving equipment and the user is responsible for by unique WEB authentication request receiving equipment all the time, especially this effect is more obvious under burst authentication storm.High, the professional fault-tolerance of the accuracy of this WEB Verification System service propelling is high, and maximized stable operation and authentication processing ability and accurate Boot Server can be provided.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment puts down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (11)
1. the method for routing of a Base on Web authentication is characterized in that, comprising:
Current WEB authentication request receiving equipment obtains user request, and judges that whether the user who sends described user's request is authenticated user;
Know that described user is authenticated user, then is redirected to the formerly WEB authentication request receiving equipment that authenticates described user with described user's request if judge;
If judge and know that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user, and described user's request is redirected to described target WEB authentication request receiving equipment;
Whether the user that described judgement sends described user request is that the step of authenticated user comprises:
Whether be included in online user's table that the WEB authentication request receiving equipment in the WEB Verification System safeguards according to the corresponding User IP of user that sends described user's request, to judge that the user who sends described user's request is whether for authenticated user.
2. the method for routing of Base on Web authentication according to claim 1 is characterized in that, for described user asks to distribute target WEB authentication request receiving equipment, and the step that described user's request is redirected to described target WEB authentication request receiving equipment comprises:
Whether the load of judging described current WEB authentication request receiving equipment surpasses default load maximum; If not, then push user's certification page to described user; If then ask to distribute target WEB authentication request receiving equipment for described user, and described user's request be redirected to described target WEB authentication request receiving equipment.
3. the method for routing of Base on Web authentication according to claim 2 is characterized in that, comprises for described user asks to distribute the step of target WEB authentication request receiving equipment:
Be that described user asks to distribute target WEB authentication request receiving equipment according to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System.
4. the method for routing of Base on Web authentication according to claim 3 is characterized in that, is that described user asks to distribute the step of target WEB authentication request receiving equipment to comprise according to the load that is arranged at each the WEB authentication request receiving equipment in the WEB Verification System:
Obtain the authentication force value of each the described WEB authentication request receiving equipment in the described WEB Verification System; The authentication force value of each described WEB authentication request receiving equipment relatively is to be dispensed to described user's request the WEB authentication request receiving equipment of described authentication force value minimum.
5. a WEB authentication request receiving equipment is characterized in that, comprising:
Receiver module is used for obtaining user's request;
Judge module is connected with described receiver module, and whether the user who be used for to judge sends described user's request is authenticated user;
Distribution module is connected with described judge module, knows that described user for unauthenticated user, then asks to distribute target WEB authentication request receiving equipment for described user if be used for judging;
Redirection module, respectively with described judge module be connected distribution module and be connected, know that described user is authenticated user, then is redirected to the formerly WEB authentication request receiving equipment that authenticates described user with described user's request if be used for judging; If judge and know that described user is unauthenticated user, then described user's request is redirected to described target WEB authentication request receiving equipment;
Described judge module comprises:
Online user's maintenance unit is for the information of whole current online user of obtaining the WEB Verification System;
The first judging unit, be used for whether being included in online user's table that the WEB authentication request receiving equipment of described WEB Verification System safeguards according to the corresponding User IP of user that sends described user's request, to judge that the user who sends described user's request is whether for authenticated user.
6. WEB authentication request receiving equipment according to claim 5 is characterized in that, described distribution module comprises:
The first acquiring unit is used for obtaining from described judge module user's request of unauthenticated user;
The second judging unit is used for judging whether the load of described WEB authentication request receiving equipment surpasses default load maximum;
Allocation units are no more than default load maximum if be used for described load, then push user's certification page to described user; If described load surpasses default load maximum, then ask to distribute target WEB authentication request receiving equipment for described user, so that redirection module is redirected to described target WEB authentication request receiving equipment with described user's request.
7. WEB authentication request receiving equipment according to claim 6 is characterized in that, described distribution module also comprises:
Second acquisition unit is for the authentication force value of obtaining each the WEB authentication request receiving equipment that is arranged at the WEB Verification System;
Statistic unit is for the authentication force value of more described each WEB authentication request receiving equipment, so that described allocation units are dispensed to described user's request the WEB authentication request receiving equipment of described authentication force value minimum.
8. WEB Verification System, it is characterized in that, comprise the arbitrary described WEB authentication request receiving equipment of claim 5~7, be used for to described WEB authentication request receiving equipment provide the gateway that the user asks and is connected with described WEB authentication request receiving equipment, for carrying out the certificate server that the user authenticates.
9. WEB Verification System, it is characterized in that, comprise WEB authentication request receiving equipment, be used for to described WEB authentication request receiving equipment provide gateway that the user asks, be connected with described WEB authentication request receiving equipment, for carrying out the certificate server that the user authenticates, and the authentication pressure evaluation device that is connected with described WEB authentication request receiving equipment, wherein:
After described WEB authentication request receiving equipment obtains user's request, the information that sends the user of described user's request is sent to described authentication pressure evaluation device;
Described authentication pressure evaluation device comprises:
The authentication determination module after being used for receiving described user's information from described WEB authentication request receiving equipment, judges that whether the user who sends described user's request is authenticated user; Know that described user is authenticated user if judge, the information that then will authenticate described user's formerly WEB authentication request receiving equipment is sent to described WEB authentication request receiving equipment, described user's request is redirected to the described user's of authentication formerly WEB authentication request receiving equipment by described WEB authentication request receiving equipment; If judge and know that described user is unauthenticated user, then the information with described user is sent to evaluation module;
Described evaluation module, be used to described user assignment target WEB authentication request receiving equipment and its information is sent to described WEB authentication request receiving equipment, by described WEB authentication request receiving equipment described user's request is redirected to described target WEB authentication request receiving equipment;
Described authentication pressure evaluation device also comprises:
WEB authentication online user shows maintenance module, for the information of whole current online user of obtaining described WEB Verification System; Correspondingly, whether described authentication determination module is included in online user's table that the WEB authentication request receiving equipment in the described WEB Verification System safeguards according to the corresponding User IP of user that sends described user's request, to judge that the user who sends described user's request is whether for authenticated user.
10. WEB Verification System according to claim 9 is characterized in that, described evaluation module is used for judging whether the load of described WEB authentication request receiving equipment surpasses default load maximum; If described load is no more than default load maximum, then the information with described WEB authentication request receiving equipment is sent to described WEB authentication request receiving equipment, so that described WEB authentication request receiving equipment pushes user's certification page to described user; If described load surpasses default load maximum, then be sent to described WEB authentication request receiving equipment for described user assignment target WEB authentication request receiving equipment and with its information, by described WEB authentication request receiving equipment described user's request is redirected to described target WEB authentication request receiving equipment.
11. WEB Verification System according to claim 10 is characterized in that, described authentication pressure evaluation device also comprises:
Statistical module is for the load of the whole WEB authentication request receiving equipments that obtain described WEB Verification System; Correspondingly, described evaluation module is used for asking to distribute target WEB authentication request receiving equipment according to the load of described whole WEB authentication request receiving equipments for the user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010591474XA CN102025633B (en) | 2010-12-16 | 2010-12-16 | WEB authentication-based routing method, authentication request receiving device and authentication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010591474XA CN102025633B (en) | 2010-12-16 | 2010-12-16 | WEB authentication-based routing method, authentication request receiving device and authentication system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102025633A CN102025633A (en) | 2011-04-20 |
CN102025633B true CN102025633B (en) | 2013-09-18 |
Family
ID=43866506
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201010591474XA Active CN102025633B (en) | 2010-12-16 | 2010-12-16 | WEB authentication-based routing method, authentication request receiving device and authentication system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102025633B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102546633A (en) * | 2012-01-10 | 2012-07-04 | 中兴通讯股份有限公司 | Selection method and device for Web authentication server |
CN105450643B (en) * | 2015-11-17 | 2019-07-02 | 深信服科技股份有限公司 | The authentication method of network insertion, apparatus and system |
CN108900500A (en) * | 2018-06-26 | 2018-11-27 | 新华三技术有限公司 | login authentication method and device |
CN109274657A (en) * | 2018-09-04 | 2019-01-25 | 深圳市吉祥腾达科技有限公司 | A kind of method and system carrying out access authentication based on WEB |
CN110167028B (en) * | 2019-05-30 | 2022-03-22 | 太仓市同维电子有限公司 | System and method for realizing decentralized WIFI roaming authentication function |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101355550A (en) * | 2007-07-27 | 2009-01-28 | 中国电信股份有限公司 | Method and system for pushing wideband information combining telecom wideband AAA system |
CN101656642A (en) * | 2009-09-28 | 2010-02-24 | 福建星网锐捷网络有限公司 | Method, device and system for testing authentication performance of network access equipment |
US7769845B2 (en) * | 2001-05-04 | 2010-08-03 | Whale Communications Ltd | Method and system for terminating an authentication session upon user sign-off |
CN101867589A (en) * | 2010-07-21 | 2010-10-20 | 深圳大学 | Network identification authentication server and authentication method and system thereof |
-
2010
- 2010-12-16 CN CN201010591474XA patent/CN102025633B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7769845B2 (en) * | 2001-05-04 | 2010-08-03 | Whale Communications Ltd | Method and system for terminating an authentication session upon user sign-off |
CN101355550A (en) * | 2007-07-27 | 2009-01-28 | 中国电信股份有限公司 | Method and system for pushing wideband information combining telecom wideband AAA system |
CN101656642A (en) * | 2009-09-28 | 2010-02-24 | 福建星网锐捷网络有限公司 | Method, device and system for testing authentication performance of network access equipment |
CN101867589A (en) * | 2010-07-21 | 2010-10-20 | 深圳大学 | Network identification authentication server and authentication method and system thereof |
Also Published As
Publication number | Publication date |
---|---|
CN102025633A (en) | 2011-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104158824B (en) | Genuine cyber identification authentication method and system | |
CN102025633B (en) | WEB authentication-based routing method, authentication request receiving device and authentication system | |
CN101459836B (en) | Service processing method and system for content distributing network of interactive network television | |
US20150317583A1 (en) | Business Scheduling Method and Apparatus and Convergence Device | |
CN108234207B (en) | Fault positioning method and device based on Content Delivery Network (CDN) | |
CN1929482B (en) | Network business identification method and device | |
CN110289999B (en) | Data processing method, system and device | |
JP2021520153A (en) | Communication systems, methods, servers and programs | |
CN101227481A (en) | Apparatus and method of IP access based on DHCP protocol | |
CN102104483A (en) | Single sign-on method, system and load balancing equipment based on load balance | |
CN112615854B (en) | Terminal access control method, device, access server and storage medium | |
CN104837134B (en) | A kind of web authentication user login method, equipment and system | |
CN102177526A (en) | Service providing system and service providing method | |
CN105554099A (en) | Method and device for balancing load of acquisition servers | |
CN102611683B (en) | A kind of method, device, equipment and system for performing Third Party Authentication | |
CN102647395B (en) | Method, device and system for distributing number of people for online game server | |
CN101120537A (en) | Method and equipment for controlling access to multicast IP flows | |
CN108377245A (en) | A kind of optimizing demonstration method and system of network insertion request | |
US7353405B2 (en) | Method and systems for sharing network access capacities across internet service providers | |
CN100370770C (en) | Method for implementing long connection changeover of network | |
CN115277001B (en) | Certificate distribution method, device, system and medium for co-building shared network | |
KR101379803B1 (en) | System for distributing abnormal traffic and method of distributing abnormal traffice using the same | |
CN101272259B (en) | Media stream information access charging method and system | |
GB2520938A (en) | Mobile device location | |
CN114666841A (en) | Flow-free method and flow-free system for directional flow |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20201217 Address after: 200030 full floor, 4 / F, 190 Guyi Road, Xuhui District, Shanghai Patentee after: Shanghai Ruishan Network Co., Ltd Address before: 100036 Beijing Haidian District City 33 Fuxing Road Cuiwei East 1106 Patentee before: Beijing Star-Net Ruijie Networks Co.,Ltd. |