Before a user accesses a system, the system needs to verify access permission of the user, to determine whether the user has permission to access the system. Specifically, the user sends an access request to the system, and the system determines, based on the received access request, whether the user has access permission. If the user has access permission, the system allows the user to access the system.
In a conventional verification process, an authentication system is usually used to verify access permission of an access request. The authentication system acknowledges access permission of a user based on login information provided by the user, such as a username and a password, and generates permission information after login verification on the user succeeds, so that the system can perform authentication on access permission of the access request based on the permission information in a subsequent access process.