protected void Page_Load(object sender, EventArgs e) { if (HttpContext.Current.Request.QueryString["ticket"] != null) { string ticket = HttpContext.Current.Request.QueryString["ticket"]; string strCheckAuth = ""; string[] TicketData; char[] splitter = { '|' }; string loginUsername; strCheckAuth = ticketUtil.CheckTicket(ConfigUtil.GetConfigItem("TicketApp"), ticket, ConfigUtil.GetConfigItem("TicketKey"), ConfigUtil.GetConfigItem("TicketPostUrl")); if (strCheckAuth.Length > 8) { TicketData = strCheckAuth.Split(splitter); loginUsername = TicketData[0]; ProfilesMembershipUser user = (ProfilesMembershipUser)Membership.GetUser(loginUsername); Profile.UserId = user.UserID; Profile.UserName = user.UserName; Profile.HasProfile = user.HasProfile; Profile.ProfileId = user.ProfileID; Profile.DisplayName = user.DisplayName; } Response.Redirect("~/"); } else { Response.Redirect(ConfigUtil.GetConfigItem("ConnectsLoginURL")); } }
/// <summary> /// The ValidateUser method is called first during login processing. /// /// Additional Information: Depending on the implementation of your external authentication mechanism /// you may want to consider customizing the login.aspx page to simulate the forms login process, which /// will, in turn, call this method to validate the user. /// /// In an SSO situation, you may have a one-time security token vs. a password, but this token can be /// used in the login process and then verified using the ValidateUser method. /// /// Alternatively, your implementation may choose to call this method directly. /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <returns></returns> public override bool ValidateUser(string username, string password) { bool isValid = false; string strTicket = ""; //Get the ticket if it exists //strTicket = (string)HttpContext.Current.Request.QueryString["ticket"]; //string ticket = ticketUtil.CreateTicket(ticketApp, "ecom", Profile.UserName.ToString(), ticketKey, ticketPostUrl); strTicket = _ticketUtil.CreateTicket(_ticketApp, "ecom", username, _ticketKey, _secretKey); string strTicket2 = strTicket.Substring(7); if (strTicket != null) { string strCheckAuth = ""; string[] TicketData; char[] splitter = { '|' }; strCheckAuth = _ticketUtil.CheckTicket(_ticketApp, strTicket2, _ticketKey, _secretKey); if (strCheckAuth.Length > 0) { ProfileCommon pc = (ProfileCommon)HttpContext.Current.Profile; TicketData = strCheckAuth.Split(splitter); ProfilesMembershipUser user = GetUser(TicketData[0], true) as ProfilesMembershipUser; pc.UserId = user.UserID; pc.UserName = user.UserName; pc.HasProfile = user.HasProfile; pc.ProfileId = user.ProfileID; isValid = true; } } return(isValid); }