Esempio n. 1
0
 protected override void OnLoad(EventArgs e)
 {
     base.OnLoad(e);
     IsSignIn = Security.IsAuthenticated();
     if (Html.IsPostBack)
     {
         InitParam();
         if (Action == "login")
         {
             Authenticate();
         }
         else if (Action == "logout")
         {
             Signout();
         }
     }
     if (!String.IsNullOrEmpty(Request["Authenticator"]) && !String.IsNullOrEmpty(Request["accountID"]))
     {
         SSORequest ssoRequest = SSORequest.GetRequest(HttpContext.Current);
         string     actID      = ssoRequest.AccountID;
         if (Authentication.ValidateEACToken(ssoRequest) && !string.IsNullOrEmpty(actID) && We7Helper.IsGUID(actID))
         {
             Security.SetAccountID(actID);
             IsSignIn = true;
         }
     }
     if (Security.IsAuthenticated())
     {
         Response.Redirect(ReturnUrl);
     }
 }
Esempio n. 2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            Response.Clear();
            try
            {
                string action = Request["Action"] ?? "".ToLower();
                switch (action)
                {
                case "signin":
                    Signin();
                    break;

                case "logout":
                    LogOut();
                    break;
                }
            }
            catch { }
            finally
            {
                SSORequest request = SSORequest.GetRequest(HttpContext.Current);
                if (String.IsNullOrEmpty(Request["ToUrls"]))
                {
                    request.ToUrls   = Request["ToUrls"];
                    request.AppUrl   = Request["AppUrl"];
                    request.UserName = Request["UserName"];
                    request.Password = Request["Password"];
                    request.Action   = Request["Action"];
                }
                Authentication.PostChains(request);
            }
        }
Esempio n. 3
0
        /// <summary>
        /// 验证用户
        /// </summary>
        void Authenticate()
        {
            if (String.Compare(LoginName, SiteConfigs.GetConfig().AdministratorName, false) == 0)
            {
                if (CDHelper.AdminPasswordIsValid(Password))
                {
                    Security.SetAccountID(We7Helper.EmptyGUID);
                    UserName = SiteConfigs.GetConfig().AdministratorName;
                    IsSignIn = true;
                }
                else
                {
                    IsSignIn = false;
                    Message  = "密码错误";
                }
            }
            else
            {
                if (Request["Authenticator"] != null && Request["accountID"] != null)
                {
                    SSORequest ssoRequest = SSORequest.GetRequest(HttpContext.Current);
                    string     actID      = ssoRequest.AccountID;
                    if (Authentication.ValidateEACToken(ssoRequest) && !string.IsNullOrEmpty(actID) && We7Helper.IsGUID(actID))
                    {
                        Security.SetAccountID(actID, IsPersist);
                        UserName = ssoRequest.UserName;
                        IsSignIn = true;
                    }
                    else if (Request["message"] != null)
                    {
                        Message  = Request["message"];
                        IsSignIn = false;
                        return;
                    }
                }
                else
                {
                    IAccountHelper AccountHelper = AccountFactory.CreateInstance();

                    string[] result = AccountHelper.Login(LoginName, Password);

                    if (result[0] == "false")
                    {
                        Message  = result[1];
                        IsSignIn = false;
                    }
                    else
                    {
                        IsSignIn = true;
                        UserName = AccountHelper.GetAccount(result[1], new string[] { "LoginName" }).LoginName;
                        Response.Redirect(ReturnUrl);
                    }
                }
            }
        }
Esempio n. 4
0
 private void SSOLogout()
 {
     if (!String.IsNullOrEmpty(GeneralConfigs.GetConfig().SSOSiteUrls))
     {
         SSORequest ssoRequest = new SSORequest();
         ssoRequest.ToUrls = GeneralConfigs.GetConfig().SSOSiteUrls;
         ssoRequest.AppUrl = String.Format("{0}/{1}", Utils.GetRootUrl(), "Admin/Signin.aspx");
         ssoRequest.Action = "logout";
         Authentication.PostChains(ssoRequest);
     }
 }
Esempio n. 5
0
 private void SSOLogin(string loginName, string password)
 {
     if (!String.IsNullOrEmpty(GeneralConfigs.GetConfig().SSOSiteUrl))
     {
         SSORequest ssoRequest = new SSORequest();
         ssoRequest.ToUrls   = GeneralConfigs.GetConfig().SSOSiteUrl;
         ssoRequest.AppUrl   = string.Format("{0}/{1}", We7.Framework.Util.Utils.GetRootUrl(), String.IsNullOrEmpty(ReturnURL) ? "Admin/theme/main.aspx" : ReturnURL.TrimStart('/'));
         ssoRequest.Action   = "signin";
         ssoRequest.UserName = loginName;
         ssoRequest.Password = password;
         Authentication.PostChains(ssoRequest);
     }
 }
Esempio n. 6
0
        private void InitializeSSORequest()
        {
            string encrypedSSORequest = Request.QueryString["SSORequest"];
            string encryptedSSOTicket = Request.QueryString["SSOTicket"];

            if (!string.IsNullOrEmpty(encryptedSSOTicket))
            {
                try
                {
                    SSOTicket ssoTicket = _SSOHelper.DecryptSSOTicket(encryptedSSOTicket);
                    _SSOHelper.SaveSSOTicket(ssoTicket);
                    //_SSOAuth.RedirectToOnSuccessUrl(ssoTicket, _SSOAuth.GetSSOPortalUrl(ssoTicket));
                }
                catch (System.Exception ex)
                {
                    Response.Write(ex.Message);
                }
                Response.End();
            }

            if (!string.IsNullOrEmpty(encrypedSSORequest))
            {
                _SSORequest = _SSOHelper.DecryptSSORequest(encrypedSSORequest);
            }
            else
            {
                _SSORequest = null;
            }

            if (_SSORequest == null &&
                !string.IsNullOrEmpty(Request.QueryString["FromExternalSystemCall"]))
            {
                _SSORequest             = new SSORequest();
                _SSORequest.LoginType   = LoginTypeEnum.AutoLogon;
                _SSORequest.RequestDate = DateTime.UtcNow;
                if (Request.UrlReferrer != null)
                {
                    _SSORequest.ReturnUrl = Request.UrlReferrer.ToString();
                    //_SSORequest.ReturnUrl = "http://aic0-s2.qcs.qcorp.com/PermissionManagement/OrgUser/Department/DepartmentInquiry.aspx";
                }
            }

            if (_SSORequest == null ||
                _SSORequest.LoginType == LoginTypeEnum.Logout)
            {
                _SSORequest             = new SSORequest();
                _SSORequest.LoginType   = LoginTypeEnum.DirectLogin;
                _SSORequest.RequestDate = DateTime.UtcNow;
                _SSORequest.ReturnUrl   = "";
            }
        }
Esempio n. 7
0
        /// <summary>
        /// 验证用户
        /// </summary>
        void Authenticate()
        {
            if (Request["Authenticator"] != null && Request["accountID"] != null)
            {
                SSORequest ssoRequest = SSORequest.GetRequest(HttpContext.Current);
                string     actID      = ssoRequest.AccountID;
                if (Authentication.ValidateEACToken(ssoRequest) && !string.IsNullOrEmpty(actID) && We7Helper.IsGUID(actID))
                {
                    Security.SetAccountID(actID);
                }
                else if (Request["message"] != null)
                {
                    Message = Request["message"];
                    return;
                }
            }
            else
            {
                Session["$ActionFrom"] = Request.UrlReferrer.PathAndQuery;
                Session["$_ActionID"]  = _ActionID;
                IAccountHelper AccountHelper = AccountFactory.CreateInstance();
                string         loginName     = Name;
                //邮箱格式
                if (Name.IndexOf('@') > -1)
                {
                    Account account = AccountHelper.GetAccountByEmail(Name);
                    if (account != null)
                    {
                        loginName = account.LoginName;
                    }
                }

                string[] result = AccountHelper.Login(loginName, Password);
                if (result[0] == "false")
                {
                    Message = result[1];
                    return;
                }
                else
                {
                    Author = result[1];
                }
            }

            if (!string.IsNullOrEmpty(ReturnUrl))
            {
                Response.Redirect(ReturnUrl);
            }
        }
Esempio n. 8
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                GeneralConfigInfo si = GeneralConfigs.GetConfig();
                if (si != null)
                {
                    if (si.IsOEM)
                    {
                        CopyrightLiteral.Text = si.Copyright;
                    }
                    else
                    {
                        CopyrightLiteral.Text = si.CopyrightOfWe7;
                    }
                }

                SiteConfigInfo sci = SiteConfigs.GetConfig();
                if (sci == null)
                {
                    Response.Write("对不起,您的系统已升级,但配置文件尚未升级,您需要对配置数据进行升级。现在升级吗?<a href='../install/upgradeconfig.aspx'><u>现在升级</u></a>");
                    Response.End();
                }
                else
                {
#if DEBUG
                    LoginNameTextBox.Text = sci.AdministratorName;
#endif
                    GenerateRandomCode();
                    if (Request["action"] != null && Request["action"].ToString() == "logout" && Request["Authenticator"] == null)
                    {
                        //记录日志
                        string content = string.Format("退出站点");
                        AddLog("站点登录", content);
                        string result = SignOut();
                        if (!string.IsNullOrEmpty(result))
                        {
                            ShowMessage("登录退出没有成功!原因:" + result);
                        }
                        else
                        {
                            SSOLogout();
                        }
                    }
                }
            }

            if (Request["user"] != null && Request["pass"] != null)
            {
                LoginAction(Request["user"].ToString(), Request["pass"].ToString());
            }

            if (Request["Authenticator"] != null && Request["accountID"] != null)
            {
                SSORequest ssoRequest = SSORequest.GetRequest(HttpContext.Current);
                string     actID      = ssoRequest.AccountID;
                if (Authentication.ValidateEACToken(ssoRequest) && !string.IsNullOrEmpty(actID) && We7Helper.IsGUID(actID))
                {
                    Security.SetAccountID(actID);
                    SSOLogin(ssoRequest.UserName, ssoRequest.Password);
                    GoWhere();
                }
                else if (Request["message"] != null)
                {
                    ShowMessage("登录失败!原因:" + Request["message"]);
                    return;
                }
            }
        }
        //post请求
        private void Post(SSORequest ssoRequest)
        {
            PostService ps = new PostService();

            ps.Url = ConfigurationManager.AppSettings["SSOUrl"];

            ps.Add("IsLogin", "1");
            ps.Add("UserAccount", ssoRequest.UserAccount);
            ps.Add("AppCode", ssoRequest.AppCode);
            ps.Add("TimeStamp", ssoRequest.TimeStamp);
            ps.Add("AppUrl", ssoRequest.AppUrl);
            ps.Add("Authenticator", ssoRequest.Authenticator);

            ps.Post();
        }
Esempio n. 10
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                tbxUserName.Text = "admin";
                tbxPassWord.Text = "admin";

                ifEngineering.Src = ConfigHelper.GetAppSettingString("EngineeringLogoutUrl");
                ifMaintenance.Src = ConfigHelper.GetAppSettingString("MaintenanceLogoutUrl");

                SSORequest ssoRequest = new SSORequest();

                #region 验证 Post 过来的参数

                //--------------------------------
                // 请求注销
                if (!string.IsNullOrEmpty(Request["Logout"]))
                {
                    Authentication.Logout();
                    return;
                }
                //--------------------------------
                // 各独立站点标识
                if (string.IsNullOrEmpty(Request["AppCode"]))
                {
                    return;
                }
                else
                {
                    ssoRequest.AppCode = Request["AppCode"];
                }

                //--------------------------------
                // 时间戳
                if (string.IsNullOrEmpty(Request["TimeStamp"]))
                {
                    return;
                }
                else
                {
                    ssoRequest.TimeStamp = Request["TimeStamp"];
                }

                //--------------------------------
                // 各独立站点的访问地址
                if (string.IsNullOrEmpty(Request["AppUrl"]))
                {
                    return;
                }
                else
                {
                    ssoRequest.AppUrl = Request["AppUrl"];
                }

                //--------------------------------
                // 各独立站点的 Token
                if (string.IsNullOrEmpty(Request["Authenticator"]))
                {
                    return;
                }
                else
                {
                    ssoRequest.Authenticator = Request["Authenticator"];
                }

                ViewState["SSORequest"] = ssoRequest;

                #endregion
            }
        }
Esempio n. 11
0
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            if (string.IsNullOrEmpty(tbxUserName.Text) || string.IsNullOrEmpty(tbxPassWord.Text))
            {
                Page.RegisterClientScriptBlock("Add", "<script lanuage=\"javascript\">alert('用户名密码不能为空!');</script>");
                return;
            }
            else if (ValidateUserInfo(tbxUserName.Text, tbxPassWord.Text) == false)
            {
                Page.RegisterClientScriptBlock("Add", "<script lanuage=\"javascript\">alert('用户名密码错误!');</script>");
                return;
            }
            else
            {
                Session["CurrUserName"] = tbxUserName.Text;
                Session.Timeout = 120;

                SSORequest ssoRequest = ViewState["SSORequest"] as SSORequest;
                SSORequest ssoRequestRet = new SSORequest();

                // 如果不是从各分站 Post 过来的请求,则默认登录主站
                if (ssoRequest == null)
                {
                    //主站标识ID
                    ssoRequestRet.AppCode = ConfigurationManager.AppSettings["AppCode"];
                    ssoRequestRet.AppUrl = ConfigurationManager.AppSettings["MainUrl"];
                }
                else
                {
                    ssoRequestRet.AppCode = ssoRequest.AppCode;
                    ssoRequestRet.AppUrl = ssoRequest.AppUrl;
                }
                ssoRequestRet.TimeStamp = DateTime.Now.ToString("yyyyMMddHHmm");
                ssoRequestRet.Authenticator = string.Empty;
                ssoRequestRet.UserAccount = tbxUserName.Text;

                //创建Token
                if (Authentication.CreateEACToken(ssoRequestRet))
                {
                    Post(ssoRequestRet);
                }

            }
        }