A kind of gateway portal authentication methodTechnical field
The present invention relates to Portal authentication techniques fields, refer in particular to a kind of gateway portal authentication method.
Background technique
Portal authentication techniques are a kind of identity identifying technologies easy to use, for verifying the client body of access networkPart.When unauthenticated user online, user is forced to log on to specified portal website, user can be with free access service therein;If user needs to access other resources in internet, it is necessary to be authenticated in the Web site, certification can just make after passing throughWith specific Internet resources.
Portal authenticating step is as follows: 1, when unverified client using Web browser access internet, this HTTP requestIn the authentication processing unit by that can be redirected to Portal server when gateway, which returns to clientThe web authentication page;2, user submits after input authentication information in certification page;3, the authentication processing unit of Portal serverIt is communicated and is authenticated with certificate server using the authentication information of user;4, after certification passes through, Portal server opens gatewayThe access of upper client and internet allows client to access internet.
Traditional wireless terminal can issue network detection packet when connecting gateway, and gateway will after receiving network detection packetPage reorientation to Portal server, wireless terminal carries out automatic pop-up.But there are the following problems for traditional mode: 1,Non- buffered in advance dns resolution is not filtered incoherent request data package, causes the automatic pop-up of wireless terminal slower;2,Verification process need to be interacted with Portal server, cause certification page load after pop-up slower.
Therefore, how a kind of gateway portal authentication method to be provided, realize promoted Portal certification page pop-up speed,Loading velocity becomes a urgent problem to be solved.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of gateway portal authentication method, realizes and promote PortalThe pop-up speed of certification page, loading velocity.
The present invention is implemented as follows: a kind of gateway portal authentication method, includes the following steps:
Step S10, after gateways and starting, dns resolution is carried out to the detection domain name of various brands terminal and caches parsing result;
Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;
Step S30, gateway by filtered redirection data packet be redirected to the Portal certification page of gateway local intoRow Portal certification;
Step S40, wireless terminal is based on the parsing result and accesses internet.
Further, any step of the Portal server in step S10, step S20, step S30 and step S40Suddenly, configuration information is issued, gateway information is obtained or obtains the wireless terminal information of gateway authentication to gateway is asynchronous.
Further, the configuration information includes at least wireless terminal white list, wireless terminal blacklist and roamingWireless terminal information.
Further, the step S20 is specifically included:
Step S21, wireless terminal connects gateway, and sends to gateway and redirect data packet;
Step S22, gateway filters non-browser according to the browser field in the user agent's parameter for redirecting data packetRedirection data packet.
Further, the browser field include at least UC, ApacheBench, MicroMessenger, G3WLAN orPerson Mozilla.
Further, the step S30 is specifically included:
Step S31, filtered redirection data packet is redirected to gateway local by JavaScript by gatewayPortal certification page;
Step S32, gateway judges the wireless terminal white list of local cache and whether wireless terminal blacklist includes thisThe wireless terminal of secondary certification enters step S40 if wireless terminal white list contains the wireless terminal of this certification;If wirelessTerminal blacklist contains the wireless terminal of this certification, then terminates process;If wireless terminal white list and the black name of wireless terminalDan Jun does not contain the wireless terminal of this certification, then enters step S33;
Step S33, wireless terminal inputs Portal authentication information, Portal certification of the gateway according to input by browserInformation judges whether certification passes through, if certification passes through, wireless terminal of letting pass in the firewall rule of gateway, and enter stepS40;If certification does not pass through, terminate process.
The present invention has the advantages that
1, by carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result,And the redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, greatlyImprove the pop-up speed of Portal certification page.
2, it being transferred to gateway by authenticating Portal from Portal server, avoids gateway in Portal verification processInteraction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
Detailed description of the invention
The present invention is further illustrated in conjunction with the embodiments with reference to the accompanying drawings.
Fig. 1 is a kind of flow chart of gateway portal authentication method of the present invention.
Fig. 2 is a kind of schematic block circuit diagram of gateway portal authentication method of the present invention.
Specific embodiment
It please refers to shown in Fig. 1 to Fig. 2, a kind of preferred embodiment of gateway portal authentication method of the present invention, including as followsStep:
Step S10, after gateways and starting, dns resolution is carried out to the detection domain name of various brands terminal and caches parsing result;Dns resolution is that domain name is directed toward web space IP, allows people that one kind of website is accessed by the domain name registered with can be convenientService;Such as in advance to the connectivitycheck.platfo of the captive.apple.com of ios system, Huawei's mobile phoneRm.hicloud.com, millet mobile phone the domain names such as connect.room.miui.com do dns resolution;
Step S20, gateway is filtered the redirection data packet that wireless terminal is sent;
Step S30, gateway by filtered redirection data packet be redirected to the Portal certification page of gateway local intoRow Portal certification;
Step S40, wireless terminal is based on the parsing result and accesses internet, without carrying out dns resolution again.
Either step of the Portal server in step S10, step S20, step S30 and step S40, it is different to gatewayStep issues configuration information, obtains gateway information or obtains the wireless terminal information of gateway authentication, i.e. Portal server can be withAsynchronous interactive is carried out with gateway at any time.
The wireless terminal that the configuration information includes at least wireless terminal white list, wireless terminal blacklist and roaming is believedBreath;If wireless terminal is in wireless terminal white list, needing not move through Portal certification may have access to internet;If wireless wholeEnd must not then access internet in wireless terminal blacklist.
The step S20 is specifically included:
Step S21, wireless terminal connects gateway, and sends to gateway and redirect data packet;
Step S22, gateway foundation redirects the browser field in user agent's parameter (UserAgent) of data packet,Filter the redirection data packet of non-browser.
The browser field include at least UC, ApacheBench, MicroMessenger, G3WLAN orMozilla。
By carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result, andThe redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, filters out APPThe data packet of hair reduces the processing load of HTTP, is greatly improved the pop-up speed of Portal certification page.
The step S30 is specifically included:
Step S31, filtered redirection data packet is redirected to gateway local by JavaScript by gatewayPortal certification page;
Step S32, gateway judges the wireless terminal white list of local cache and whether wireless terminal blacklist includes thisThe wireless terminal of secondary certification enters step S40 if wireless terminal white list contains the wireless terminal of this certification;If wirelessTerminal blacklist contains the wireless terminal of this certification, then terminates process;If wireless terminal white list and the black name of wireless terminalDan Jun does not contain the wireless terminal of this certification, then enters step S33;
Step S33, wireless terminal inputs Portal authentication information, Portal certification of the gateway according to input by browserInformation judges whether certification passes through, if certification passes through, wireless terminal of letting pass in the firewall rule of gateway, and enter stepS40;If certification does not pass through, terminate process.
From Portal server be transferred to gateway by authenticating Portal, avoid in Portal verification process gateway andInteraction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
In conclusion the present invention has the advantages that
1, by carrying out dns resolution to the detection domain name of various brands terminal in advance after gateways and starting and caching parsing result,And the redirection data packet of non-browser is filtered, i.e., only the redirection data packet of browser is handled, greatlyImprove the pop-up speed of Portal certification page.
2, it being transferred to gateway by authenticating Portal from Portal server, avoids gateway in Portal verification processInteraction consumption between Portal server, is greatly improved the loading velocity of Portal certification page.
Although specific embodiments of the present invention have been described above, those familiar with the art should be managedSolution, we are merely exemplary described specific embodiment, rather than for the restriction to the scope of the present invention, it is familiar with thisThe technical staff in field should be covered of the invention according to modification and variation equivalent made by spirit of the inventionIn scope of the claimed protection.