public ActionResult Out()
{
HttpCookie ticketCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (ticketCookie != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(ticketCookie.Value);
CasAuthenticationTicket casTicket = CasAuthentication.ServiceTicketManager.GetTicket(ticket.UserData);
CasAuthentication.ServiceTicketManager.RevokeTicket(casTicket.ServiceTicket);
CasAuthentication.ClearAuthCookie();
FormsAuthentication.SignOut();
Request.Cookies.Remove(FormsAuthentication.FormsCookieName);
Response.Cookies.Remove(FormsAuthentication.FormsCookieName);
Session.RemoveAll();
//会回调客户端
CasAuthentication.SingleSignOut();
}
return(Content("退出成功,获取当前用户信息:" + User.Identity.IsAuthenticated));
}
/// <summary>
/// 退出
/// </summary>
/// <returns></returns>
public ActionResult LogOut()
{
HttpCookie ticketCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (ticketCookie != null)
{
//获取form auth令牌信息,用以进行令牌清除
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(ticketCookie.Value);
CasAuthenticationTicket casTicket = CasAuthentication.ServiceTicketManager.GetTicket(ticket.UserData);
CasAuthentication.ServiceTicketManager.RevokeTicket(casTicket.ServiceTicket);
CasAuthentication.ClearAuthCookie();
//移除本地cookie及session
FormsAuthentication.SignOut();
Request.Cookies.Remove(FormsAuthentication.FormsCookieName);
Response.Cookies.Remove(FormsAuthentication.FormsCookieName);
//cas登出,调用此方法时,远端cas server会再次回调此url
CasAuthentication.SingleSignOut();
}
Session.RemoveAll();
return(RedirectToAction("Login", "Currency"));
}
protected void OutstandingTickets_RowCommand(object sender, GridViewCommandEventArgs e)
{
int index = int.Parse(e.CommandArgument.ToString());
string ticket = null;
if (OutstandingTickets != null && OutstandingTickets.DataKeys != null && OutstandingTickets.DataKeys[index] != null)
{
ticket = (OutstandingTickets.DataKeys[index].Values["ServiceTicket"].ToString());
}
bool isMyTicket = false;
IEnumerable <string> allMyTickets = CasAuthentication.ServiceTicketManager.GetUserServiceTickets(HttpContext.Current.User.Identity.Name);
foreach (string myTicket in allMyTickets)
{
if (myTicket == ticket)
{
isMyTicket = true;
break;
}
}
if (e.CommandName == "Revoke")
{
CasAuthentication.ServiceTicketManager.RevokeTicket(ticket);
if (isMyTicket)
{
CasAuthentication.ClearAuthCookie();
}
Page.Response.Redirect(Request.RawUrl, false);
}
else if (e.CommandName == "SSO")
{
string samlString =
@"<samlp:LogoutRequest ID=""" + new Random().Next(10000) + @""" Version=""2.0"" IssueInstant=""" + DateTime.Now + @""">" +
@"<saml:NameID>@NOT_USED@</saml:NameID>" +
@"<samlp:SessionIndex>" + ticket + "</samlp:SessionIndex>" +
@"</samlp:LogoutRequest>";
string request = "logoutRequest=" + Server.UrlEncode(samlString);
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(Page.Request.Url.ToString());
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
req.ContentLength = request.Length;
using (Stream requestStream = req.GetRequestStream())
{
using (StreamWriter requestStreamWriter = new StreamWriter(requestStream))
{
requestStreamWriter.Write(request);
}
}
HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
using (Stream responseStream = resp.GetResponseStream())
{
using (StreamReader responseStreamReader = new StreamReader(responseStream))
{
string responseBody = responseStreamReader.ReadToEnd();
ResponseField.Text = responseBody;
}
}
Response.Redirect(Request.RawUrl);
}
}