login.aspx.cs

基于sqlserver2k,reporting service的扩展(auth,render,deliver==)应用（mssql,RS,AS,BI）

#region Disclaimer by Teo Lachev "Microsoft Reporting Services in Action"
/*============================================================================
  File:      AuthenticationExtension.cs

  Summary:  Demonstrates an implementation of an authentication 
            extension.
--------------------------------------------------------------------
  This code sample was built upon on the Microsoft "Using Forms Authentication in 
  Reporting Services" code sample
  http://msdn.microsoft.com/library/?url=/library/en-us/dnsql2k/html/ufairs.asp?frame=true
 
  The following portions of the code has been changed/added to fit the book needs:
  1. The authentication logic has been replaced to use the Individuals credential store 
	 from the AW2000 database.
    
===========================================================================*/
#endregion

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Net;
using System.Web.Services;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Web.Security;
using System.Xml;
using System.Configuration;
using AWC.Reporter.Web.RS;

namespace AWC.Reporter.Web.CustomSecurity
{
	/// <summary>
	/// Summary description for WebForm1.
	/// </summary>
	public class Login : System.Web.UI.Page
	{
		protected System.Web.UI.WebControls.Label LblUser;
		protected System.Web.UI.WebControls.TextBox TxtUser;
		protected System.Web.UI.WebControls.Button BtnLogon;
		protected System.Web.UI.WebControls.Label lblMessage;
		protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
		protected System.Web.UI.WebControls.Label Label1;

		private void Page_Load(object sender, System.EventArgs e)
		{
			// Put user code to initialize the page here
		}

		#region Web Form Designer generated code
		override protected void OnInit(EventArgs e)
		{
			//
			// CODEGEN: This call is required by the ASP.NET Web Form Designer.
			//
			InitializeComponent();
			base.OnInit(e);
		}
      
		/// <summary>
		/// Required method for Designer support - do not modify
		/// the contents of this method with the code editor.
		/// </summary>
		private void InitializeComponent()
		{    
			this.BtnLogon.Click += new System.EventHandler(this.BtnLogon_Click);
			this.Load += new System.EventHandler(this.Page_Load);

		}
		#endregion

  

		private void BtnLogon_Click(object sender, System.EventArgs e)
		{
			string customerID = TxtUser.Text;
			bool passwordVerified = false;
			try
			{
				ReportServerProxy server = new ReportServerProxy();
				// Get the server URL from the Report Manager configuration file
				server.Url = ConfigurationSettings.AppSettings[Constants.CONFIG_RS_URL_CUSTOM_SECURITY] + "/ReportService.asmx";
				server.LogonUser(customerID, String.Empty, null);
				

				passwordVerified = true;

			}
			catch(Exception ex)
			{
				lblMessage.Text = ex.Message;
				return;
			}
			if (passwordVerified == true )
			{
				lblMessage.Text = "Logon successful: User is authenticated";
				FormsAuthentication.RedirectFromLoginPage(customerID, false);
			}
			else
			{
				lblMessage.Text = "Invalid username or password";
			}
		}
	}

	// Because the UILogon uses the Web service to connect to the report server
	// you need to extend the server proxy to support authentication ticket
	// (cookie) management
	public class ReportServerProxy : ReportingService
	{
		protected override WebRequest GetWebRequest(Uri uri)
		{
			HttpWebRequest request;
			request = (HttpWebRequest)HttpWebRequest.Create(uri);
			// Create a cookie jar to hold the request cookie
			CookieContainer cookieJar = new CookieContainer();
			request.CookieContainer = cookieJar;
			Cookie authCookie = AuthCookie;
			// if the client already has an auth cookie
			// place it in the request's cookie container
			if (authCookie != null)
				request.CookieContainer.Add(authCookie);
			request.Timeout = -1;
			request.Headers.Add("Accept-Language", 
				HttpContext.Current.Request.Headers["Accept-Language"]);
			return request;
		}

		protected override WebResponse GetWebResponse(WebRequest request)
		{
			WebResponse response = base.GetWebResponse(request);
			string cookieName = response.Headers["RSAuthenticationHeader"];
			// If the response contains an auth header, store the cookie
			if (cookieName != null)
			{
				Utilities.CustomAuthCookieName = cookieName;
				HttpWebResponse webResponse = (HttpWebResponse)response;
				Cookie authCookie = webResponse.Cookies[cookieName];
				// If the auth cookie is null, throw an exception
				if (authCookie == null)
				{
					throw new Exception(
						"Authorization ticket not received by LogonUser");
				}
				// otherwise save it for this request
				AuthCookie = authCookie;
				// and send it to the client
				Utilities.RelayCookieToClient(authCookie);
			}
			return response;
		}

		private Cookie AuthCookie 
		{
			get
			{
				if (m_Authcookie == null)
					m_Authcookie = 
						Utilities.TranslateCookie(
						HttpContext.Current.Request.Cookies[Utilities.CustomAuthCookieName]);
				return m_Authcookie;
			}
			set
			{
				m_Authcookie = value;
			}
		}
		private Cookie m_Authcookie = null;
	}

	internal sealed class Utilities
	{
		internal static string CustomAuthCookieName
		{
			get
			{
				lock(m_cookieNamelockRoot)
				{
					return m_cookieName;
				}
			}
			set
			{
				lock(m_cookieNamelockRoot)
				{
					m_cookieName = value;
				}
			}
		}
		private static string m_cookieName;
		private static object m_cookieNamelockRoot = new object();

		private static HttpCookie TranslateCookie(Cookie netCookie)
		{
			if (netCookie == null)
				return null;
			HttpCookie webCookie = new HttpCookie(netCookie.Name, netCookie.Value);
			// Add domain only if it is dotted - IE doesn't send back the cookie 
			// if we set the domain otherwise
			if (netCookie.Domain.IndexOf('.') != -1)
				webCookie.Domain = netCookie.Domain;
			webCookie.Expires = netCookie.Expires;
			webCookie.Path = netCookie.Path;
			webCookie.Secure = netCookie.Secure;
			return webCookie;
		}

		internal static Cookie TranslateCookie(HttpCookie webCookie)
		{
			if (webCookie == null)
				return null;
			Cookie netCookie = new Cookie(webCookie.Name, webCookie.Value);
			if (webCookie.Domain == null)
				netCookie.Domain = 
					HttpContext.Current.Request.ServerVariables["SERVER_NAME"];
			netCookie.Expires = webCookie.Expires;
			netCookie.Path = webCookie.Path;
			netCookie.Secure = webCookie.Secure;
			return netCookie;
		}

		internal static void RelayCookieToClient(Cookie cookie)
		{
			// add the cookie if not already in there
			if (HttpContext.Current.Response.Cookies[cookie.Name] == null)
			{
				HttpContext.Current.Response.Cookies.Remove(cookie.Name);
			}

			HttpContext.Current.Response.SetCookie(TranslateCookie(cookie));
		}
	}
}