web api 单点登录(SSO) 权限验证
来源:互联网 发布:java 延时队列 编辑:程序博客网 时间:2024/09/21 09:00
本文介绍利用web api实现单点登录,具体原理请看http://www.cnblogs.com/Work-hard/archive/2013/04/10/3011589.html,下面主要介绍相关代码:
分站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Web;
using System.Web.Mvc;
using System.Net.Http;
namespace MvcApplication2.Controllers
{
public class HomeController : Controller
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
}
public ActionResult Index()
{
//令牌验证结果
if (Request.QueryString["Token"] != null)
{
//持有令牌
string tokenValue = Request.QueryString["Token"];
HttpCookie tokenCookie = new HttpCookie("Token");
tokenCookie.Values.Add("Value", tokenValue);
tokenCookie.Expires = DateTime.Now.Add(new TimeSpan(24, 0, 0));
tokenCookie.Path = "/";
Response.AppendCookie(tokenCookie);
if (Session["Info"]==null)
{
getInfo(tokenValue);
}
}
else if (Request.Cookies["Token"]!= null)
{
string tokenValue = Convert.ToString(Request.Cookies["Token"].Value);
if (Session["Info"] == null)
{
getInfo(tokenValue);
}
}
else
{
//未持有令牌
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
}
return View();
}
public void getInfo(string tokenValue)
{ //客户端调用Web api
System.Net.Http.HttpClient client = new System.Net.Http.HttpClient();
client.BaseAddress = new Uri("http://localhost:4213/");
client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
HttpResponseMessage response = client.GetAsync("api/Login/?token=" + tokenValue).Result;
if (response.IsSuccessStatusCode)
{
infoMassege info = response.Content.ReadAsAsync<infoMassege>().Result;
string[] a = info.message;
System.Web.HttpContext.Current.Session["Info"] = a;
System.Web.HttpContext.Current.Session.Timeout = 1;
}
else
{
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
return;
}
}
}
}
主站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http;
using SSO.Passport.Class;
using System.Data;
namespace MvcApplication1.Controllers
{
public class LoginController : ApiController
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
//public string webName = "a";
//public string[] message = { "user", "admin", "tuorist" };
};
HttpResponseMessage response;
LoginController()
{
response = new HttpResponseMessage();
}
[HttpPost]
public HttpResponseMessage Post()
{
//摸拟用户登录验证(帐号、密码于web.config中)
//真实环境此处应通过数据库进行验证
//if (this.txtAccount.Text == System.Configuration.ConfigurationManager.AppSettings["acc"] && this.txtPassport.Text == System.Configuration.ConfigurationManager.AppSettings["pas"])
//{
//产生令牌
string tokenValue = this.getGuidString();
HttpContext.Current.Cache.Insert(tokenValue+"a", tokenValue, null, DateTime.Now.AddMinutes(3), TimeSpan.Zero);
//产生主站凭证
CreateInfo(tokenValue);
response = Request.CreateResponse(HttpStatusCode.OK, @"{""tokenValue"":""" + tokenValue+@"""}");
return response;
}
//产生主站凭证
private void CreateInfo(string tokenValue)
{
infoMassege info = new infoMassege();
info.message = new string[] { "user", "admin", "tuorist" };
info.webName = "a";
if (HttpContext.Current.Cache[tokenValue] == null)
{
HttpContext.Current.Cache.Insert(tokenValue, info, null, DateTime.Now.AddMinutes(1),TimeSpan.Zero);
}
//System.Web.Caching.Cache c = HttpContext.Current.Cache;
//CacheManager.TokenInsert(tokenValue, info, DateTime.Now.AddMinutes(100));
}
[HttpGet]
public HttpResponseMessage getCache(string token)
{
if (HttpContext.Current.Cache[token + "a"] != null)
{
infoMassege proof = new infoMassege();
proof = (infoMassege)HttpContext.Current.Cache[token];
if (proof != null)
{
response = Request.CreateResponse(HttpStatusCode.OK, proof);
}
else
{
CreateInfo(token);
getCache(token);
}
}
else
{
response = Request.CreateResponse(HttpStatusCode.Forbidden);
}
return response;
}
/// <summary>
/// 产生绝对唯一字符串,用于令牌
/// </summary>
/// <returns></returns>
private string getGuidString()
{
return Guid.NewGuid().ToString().ToUpper();
}
}
}
<iframe id="google_esf" style="DISPLAY: none" name="google_esf" marginwidth="0" marginheight="0" src="http://googleads.g.doubleclick.net/pagead/html/r20141023/r20140417/zrt_lookup.html" frameborder="0" width="0" scrolling="no" height="0" allowtransparency="" allowfullscreen="true" _xhe_src="http://googleads.g.doubleclick.net/pagead/html/r20141023/r20140417/zrt_lookup.html"></iframe>
- web api 单点登录(SSO) 权限验证
- web api 单点登录(SSO) 权限验证
- Web 单点登录SSO
- web-sso 系统集成 单点登录
- 单点登录(SSO)
- 单点登录(sso)
- 单点登录(SSO)
- java Web单点登录(SSO)原理及简单实现
- 最简单的web单点登录(SSO)
- [SSO单点登录]CAS 配置验证码
- 单点登录方案(SSO)
- 单点登录(SSO)服务
- 单点登录(SSO)服务
- 单点登录(SSO)简介
- 单点登录(SSO)服务
- SSO单点登录(转)
- 单点登录(SSO)服务
- 单点登录(SSO)原理
- 计算机图形学之DDA画线算法Bresenham算法程序
- 无线龙感知RF2-V210物联网教学实验箱
- sscanf,sscanf_s及其相关用法
- About ruby array
- 【交互设计】手机应用交互设计的顿悟
- web api 单点登录(SSO) 权限验证
- 2.Windows窗口和消息
- jni 自定义对象为参数和返回值
- 立此存照(15)[C++]C++调用swap函数交换2个指针的值
- Mat,cvMat和IplImage
- gridview控件中OnRowDataBound属性作用
- 微软同步框架入门开篇(附SnapShot快照Demo)
- js 操作json
- 转基于.Net的单点登录(SSO)解决方案