Exemple #1
0
 /// <summary>
 /// 退出登陆
 /// </summary>
 /// <param name="sender"></param>
 /// <param name="e"></param>
 protected void btnLogout_Click(object sender, EventArgs e)
 {
     if (Request.QueryString["token"] != null)
     {
         Session.Abandon();
         string token = Request.QueryString["token"];
         //创建WebService对象
         SSO.SiteA.ServiceReference1.PassportServiceSoapClient passportService = new SSO.SiteA.ServiceReference1.PassportServiceSoapClient();
         passportService.TokenClear(token);
         string url = HttpContext.Current.Request.Url.AbsoluteUri;
         url = Regex.Replace(url, @"(\?|&)Token=.*", "", RegexOptions.IgnoreCase);
         //返回到登陆页面
         string ssoLogin = System.Configuration.ConfigurationManager.AppSettings["SSOLogin"];
         Response.Redirect(ssoLogin + "?backurl=" + System.Web.HttpUtility.UrlEncode(url));
     }
 }
Exemple #2
0
 protected void Page_Load(object sender, EventArgs e)
 {
     //清空主站令牌
     if (Request.QueryString["token"] == null)
     {
         //获取令牌
         Response.Redirect("http://localhost:800/gettoken.aspx?backurl=" + Server.UrlEncode(Request.Url.AbsoluteUri + "?token=$token$"));
     }
     else
     {
         if (Request.QueryString["token"] != "$token$")
         {
             string token = Request.QueryString["token"];
             //创建WebService对象
             SSO.SiteA.ServiceReference1.PassportServiceSoapClient passportService = new SSO.SiteA.ServiceReference1.PassportServiceSoapClient();
             passportService.TokenClear(token);
         }
     }
 }
Exemple #3
0
        protected override void OnLoad(EventArgs e)
        {
            if (Session["A.Cert"] != null)
            {
                //分站凭证存在
                Response.Write("恭喜,分站凭证存在,您被授权访问该页面!");
            }
            else
            {
                //令牌验证结果返回
                if (Request.QueryString["token"] != null)
                {
                    //持有令牌
                    string tokenValue = Request.QueryString["token"];
                    //调用WebService获取主站凭证
                    //防止令牌伪造
                    //此处还可使用公钥私钥的非对称加密策略
                    SSO.SiteA.ServiceReference1.PassportServiceSoapClient passportService = new SSO.SiteA.ServiceReference1.PassportServiceSoapClient();
                    // object cert = passportService.TokenGetCert(tokenValue);
                    object cert = passportService.TokenGetDbTokenActive(tokenValue);
                    if (cert != null && (bool)cert == true)
                    {
                        //令牌正确
                        Session["A.Cert"] = cert;
                        Response.Write("恭喜,令牌存在,您被授权访问该页面!");
                    }
                    else
                    {
                        //令牌错误,去Passport登录
                        Response.Redirect(GetTokenforLogin());
                    }
                }
                //未进行令牌验证,去Passport验证
                else
                {
                    Response.Redirect(GetTokenforLogin());
                }
            }

            base.OnLoad(e);
        }