default.aspx.cs

跨平台跨服务器跨网站SSO（单点登录）的方案

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Data.SqlClient;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;
using System.IO;
using LoginInfo;
using System.Collections;

public partial class _Default : System.Web.UI.Page 
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["uid"] != null)
        {
            if (Request.QueryString["url"] != null)
            {
                FetchKey key = new FetchKey();
                string strKey = key.Fetch(Convert.ToInt64(Session["uid"]));
                Hashtable Loginfo = Session["Info"] as Hashtable;
                if (Loginfo == null)
                    Loginfo = new Hashtable();
                if (Loginfo[Request.QueryString["name"]] == null)
                    Loginfo.Add(Request.QueryString["name"], Request.QueryString["logouturl"]);
                Response.Redirect(Server.UrlDecode(Request.QueryString["url"]) + "?key=" + Server.UrlEncode(strKey));
            }
        }
        else
        {
            if (Request.QueryString["url"] != null)
                Response.Redirect(Server.UrlDecode(Request.QueryString["url"]) + "?key=1");
        }
        if (Request.QueryString["key"] == null)
        {
        }
        else
        {
            string key = Request.QueryString["key"] as string;
            key = Server.UrlDecode(key);
            byte[] bytes = Convert.FromBase64String(key);
            Info info = this.DataDeserialize(bytes);
            bool isChecked = false;
            using (SqlConnection con = new SqlConnection("server=srv-devdbhost;uid=sa;pwd=Abcd1234;database=test;"))
            {
                SqlCommand cmd = new SqlCommand("Proc_CheckNewID", con);
                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.Add("@newID", SqlDbType.VarChar);
                cmd.Parameters["@newID"].Value = info.Key;
                cmd.Parameters.Add("@username", SqlDbType.VarChar);
                cmd.Parameters["@username"].Value = info.UserName;
                cmd.Parameters.Add("@uid", SqlDbType.BigInt);
                cmd.Parameters["@uid"].Direction = ParameterDirection.Output;
                cmd.Parameters.Add("@Ret", SqlDbType.Int);
                cmd.Parameters["@Ret"].Direction = ParameterDirection.Output;
                con.Open();
                cmd.ExecuteNonQuery();
                int ret = Convert.ToInt32(cmd.Parameters["@Ret"].Value);
                long uid = Convert.ToInt64(cmd.Parameters["@uid"].Value);
                if (ret == 1)
                {
                    isChecked = true;
                    if (Request.QueryString["logouturl"] != null)
                    {
                        Session.Add("uid", uid);
                        Hashtable Loginfo = new Hashtable();
                        string name = Request.QueryString["name"].ToString();
                        string logouturl = Request.QueryString["logouturl"].ToString();
                        Loginfo.Add(name, logouturl);
                        Session.Add("Info", Loginfo);
                    }
                }
            }
        }
    }

    private Info DataDeserialize(byte[] bytes)
    {
        BinaryFormatter formatter = new BinaryFormatter();
        MemoryStream ms = new MemoryStream(bytes);
        Info info = formatter.Deserialize(ms) as Info;
        return info;
    }
}