Пример #1
0
        private void Context_AuthorizeRequest(object sender, EventArgs e)
        {
            HttpContext context  = ((HttpApplication)sender).Context;
            string      pagePath = context.Request.Url.AbsolutePath;

            //if (pagePath == "/"||string.IsNullOrEmpty(pagePath))
            //{
            //    pagePath = "/Application/Task/TaskList.aspx";
            //}

            if (NeedAuthorizationCheck(pagePath) == false) //不需要检查
            {
                return;
            }
            string loginId = string.Empty;
            //if (SSOToolkit.Instance.ValidationAuthWithSSO(out loginId))
            //{
            //    context.Items.Add("LoginIdentity", loginId);
            //    return;
            //}
            var result = SSOToolkit.Instance.ValidationAuth(out loginId);

            if (result && !string.IsNullOrEmpty(loginId))
            {
                context.Items.Add("LoginIdentity", loginId);
                SSOClaimsIdentity claimsIdentity = new SSOClaimsIdentity
                {
                    UserName = loginId
                };
                SSOClaimsPrincipal claimsPrincipal = new SSOClaimsPrincipal(claimsIdentity);
                context.User            = claimsPrincipal;
                Thread.CurrentPrincipal = claimsPrincipal;
            }
            else
            {
                //根据路径判断是否需要进行重定向到登陆页面的操作
                if (NeedAuthorizationRedirect(pagePath))
                {
                    //重定向
                    context.Response.Redirect(string.Format("{0}?returnUrl={1}", LoginPage, context.Server.UrlEncode(context.Request.Url.PathAndQuery)));
                }
            }
        }
 public SSOClaimsPrincipal(SSOClaimsIdentity identity)
 {
     this._identity = identity;
 }