/// <summary> /// Validate the given ticket and return the corresponding user, or an error code and message /// </summary> /// <param name="strTicketRequest"> </param> /// <param name="strUserName"> </param> /// <param name="strErrorCode"> </param> /// <param name="strErrorMsg"> </param> /// <param name="strServiceRequest"> </param> /// <returns> Returns true when the ticket is valid. </returns> private bool ValidateTicket(string strServiceRequest, string strTicketRequest, out string strUserName, out string strErrorCode, out string strErrorMsg) { strUserName = strErrorCode = strErrorMsg = ""; // Documentation: http://www.jasig.org/cas/protocol //string strServiceRequest = httpContext.Request.QueryString["service"]; if (String.IsNullOrEmpty(strServiceRequest)) { strErrorCode = "INVALID_REQUEST"; Trace.TraceError("CAS validate request violation - service missing"); return(false); } // string strTicketRequest = httpContext.Request.QueryString["ticket"]; if (String.IsNullOrEmpty(strTicketRequest)) { strErrorCode = "INVALID_REQUEST"; Trace.TraceError("CAS validate request violation - ticket missing"); return(false); } var strService = ""; strUserName = CasTicket.CheckAndPunch(strTicketRequest, ref strService); if (strUserName == "") { strErrorCode = "INVALID_TICKET"; strErrorMsg = "CAS ticket violation - requested service '" + strServiceRequest + "'"; Trace.TraceError(strErrorMsg); return(false); } strServiceRequest = this.TranslateService(strServiceRequest); if (strService != strServiceRequest) { strErrorCode = "INVALID_SERVICE"; strErrorMsg = "CAS service violation - requested service '" + strServiceRequest + "' aviable service '" + strService + "' user '" + strUserName + "'"; Trace.TraceError(strErrorMsg); return(false); } return(true); }
/// <summary> /// Issue a CAS ticket and store it temporarily in the context cache /// </summary> /// <param name="httpContext"> </param> /// <param name="strUserName"> </param> /// <param name="strService"> </param> /// <returns> Returns the corresponding ticket string. </returns> public static string Issue(string strUserName, string strService) { // create the ticket var ticket = new CasTicket(strUserName, strService); // create 120 bit random data var rdata = new byte[15]; var random = new Random(DateTime.Now.Millisecond); random.NextBytes(rdata); // convert random data to an URL save token of 20 characters length var strToken = HttpServerUtility.UrlTokenEncode(rdata); // build the CAS ticket string var strTicket = "ST-" + (++_nCounter).ToString() + "-" + strToken + "-cas"; ticketStorage.Add(strTicket, ticket, DateTime.Now.AddMinutes(1)); return strTicket; }
/// <summary> /// Issue a CAS ticket and store it temporarily in the context cache /// </summary> /// <param name="strUserName"> </param> /// <param name="strService"> </param> /// <returns> Returns the corresponding ticket string. </returns> public static string Issue(string strUserName, string strService) { // create the ticket var ticket = new CasTicket(strUserName, strService); // create 120 bit random data var rdata = new byte[15]; var random = new Random(DateTime.Now.Millisecond); random.NextBytes(rdata); // convert random data to an URL save token of 20 characters length var strToken = HttpServerUtility.UrlTokenEncode(rdata); // build the CAS ticket string var strTicket = "ST-" + (++_nCounter).ToString() + "-" + strToken + "-cas"; TicketStorage.Add(strTicket, ticket, DateTime.Now.AddMinutes(1)); return(strTicket); }
/// <summary> /// Handle CAS login request: create a ticket and redirect to the requested service. /// </summary> /// <param name="strService"> </param> /// <param name="strUserName"> </param> /// <param name="doRemember"> </param> private string HandleLoginRequest(string strService, string strUserName, bool doRemember) { var strRedirectUrl = strService; if (!Dev.Comm.Web.UrlHelper.IsCurrentDomainUrl(strService) && !UrlHelper.IsCurrentDomainUrl(strService)) { //取得Service if (String.IsNullOrEmpty(strService)) { return(""); } // translate the service strService = this.TranslateService(strService); // call the check permission hook if (!this._casAuthenticator.CasCheckPermission(strUserName, strService)) { throw new ClientNoPermissionException("无权限的接入端:" + strService); } //return ""; // create the CAS ticket based on user name and service var strTicket = CasTicket.Issue(strUserName, strService); // build the redirection url strRedirectUrl += strService.IndexOf('?') == -1 ? "?ticket=" : "&ticket="; strRedirectUrl += strTicket; } return(strRedirectUrl); // redirect to the requested service // httpContext.Response.Redirect(strRedirectUrl); }