rtx登录内网系统
公司内部使用rtx进行沟通和交流,经常遇到订餐的问题,用php写了一个订餐系统,实现rtx上点击链接打开系统就自动登录了,无需再次输入用户名和密码。
实现的思路,就是在点击链接的时候获取当前rtx的user和sign,拼接成一个url追加至系统访问地址后,系统首页在获取网页参数后,通过ajax请求后台服务,后台服务调用rtx的一个服务,验证签名。如果通过则系统直接让该用户自动登录,前台ajax直接页面进入系统。
rtx客户端 –> 带上user & sign访问系统 –> 系统根据参数检验身份并返回结果 –> 处理结果…
安装完rtx后,可以在rtx面板上添加一个自定义的按钮,内嵌一个页面。
假设该页面有如下的一个链接:
1: <a href="http://192.168.0.xx/" title="xx系统" onclick="xxClickHandler();return false;">◆xx系统</a>
那么xxClickHandler()函数会在点击链接时,获取最新的sign,然后打开网页
1: function xxClickHandler() {
2: var _href = getEl('xxxLink').getAttribute('href', 2);
3:
4: var _str = getXXUrl();
5:
6: if (_str) {
7: _href += _str;
8: }
9:
10: window.open(_href);
11: }
12:
13: function getXXUrl() {
14: var objKerRoot;
15: var objHelper;
16: var objApp;
17:
18: try {
19: objKerRoot = rtxObj.GetObject("KernalRoot");
20: objApp = rtxObj.GetObject("AppRoot")
21: objHelper = objApp.GetAppObject("RTXHelper");
22: } catch(e) {
23: //alert(e.message);
24: return ;
25: }
26:
27: if (objKerRoot != null) {
28: var objBuddyManager = objKerRoot.RTXBuddyManager;
29: var objGroupManager = objKerRoot.RTXGroupManager;
30: var accout = objKerRoot.Account;
31:
32: if(accout != "") {
33: var rtxName = objBuddyManager.Buddy(accout).Name;
34: var groupName = objHelper.GetBuddyDept(accout);
35: var sign = objKerRoot.Sign.GetString("Sign");
36:
37: var url = "?id=" + accout + '&name=' + escape(rtxName) + "&sign=" + escape(sign);
38:
39: return url;
40: }
41: }
42: }
点击链接时,得到如下的url地址
1: http://192.168.0.xx/?id=123456&name=%xxx%u4E49&sign=xxxxxxxxxxxxxxxxxxxxx/9Hhb4cVmRoe4TNbyiCXPxxxxx%3D
系统获取参数,然后请求rtx的SignAuth.cgi接口---实际就是一个php程序
1: <?PHP
2:
3: $user = $_GET["user"];
4: $sign = $_GET["sign"];
5:
6: try
7: {
8:
9: $RootObj= new COM("RTXSAPIRootObj.RTXSAPIRootObj");
10: $UserAuth = $RootObj->UserAuthObj;
11:
12: $bisSuccess = $UserAuth->SignatureAuth($user, $sign); //验证签名
13:
14: if($bisSuccess)
15: {
16: echo "success!";
17: }
18: else
19: {
20: echo "failed!";
21: }
22:
23: }
24: catch (Exception $e) {
25:
26: //有任何其他异常,那么返回reg_err.php
27: $errstr = $e->getMessage();
28: $splitstr = explode(':', $errstr, -1);
29: $errstrlast = $splitstr[count($splitstr)-1];
30:
31: echo $errstrlast;
32:
33: return;
34: }
35:
36:
37: ?>
前台页面通过ajax,请求系统的一个接口,该接口去验证当前rtx的身份,通过则自动登录系统并返回身份通过的信息,前台判断如果通过则跳转页面。
后台验证身份的php程序代码:
1: <?php
2: session_start();
3:
4: date_default_timezone_set("Asia/Shanghai");
5:
6: require_once 'inc/conn.php';
7: DBHelper::buildLink();
8:
9: include 'snoopy/Snoopy.class.php';
10: $snoopy = new Snoopy();
11:
12: $sourceURL = $_REQUEST['url'];
13:
14: $snoopy->fetch($sourceURL);
15:
16: $rs = mb_convert_encoding($snoopy->results, "utf-8", "GBK");
17:
18: if ($rs == "success!") {
19: $uin = $_REQUEST['user'];
20:
21: $sql = "select * from user_info where userid='$uin'";
22:
23: DBHelper::query($sql, function($result, $len) {
24:
25: if ($len == 1) {
26: $row = mysqli_fetch_array($result);
27: //设置session和cookie
28: setcookie("xxx_uname", $upt, time()+10000*10000, "/", $_SERVER["HTTP_HOST"]);
29: }
30: });
31:
32: echo "{code:'0', msg:''}";
33: } else {
34: echo "{code:'1', msg:'登录失败~'}";
35: }
36:
37: ?>
不过实际应用起来,感觉并不稳定,也就是验证sign的接口,有时候返回失败的信息,正常的情况下是直接返回”success!”