跨站点的单点登录
1、Web.config里设置Form登录,name为Cookie名,关键在于domain和loginUrl。把几个要单点登录的站点做同样设置。
<authentication mode='Forms'>
<forms name='rkanr_validuser' domain='.rkr.com' loginUrl='http://user.rkr.com/SignIn.aspx'/>
</authentication>
<forms name='rkanr_validuser' domain='.rkr.com' loginUrl='http://user.rkr.com/SignIn.aspx'/>
</authentication>
2、写默认转跳的方法。
/// <summary>
/// 返回原先登陆页面地址
/// </summary>
/// <returns></returns>
public static string GetLoginUrl
{
return 'http://' + WebHelper.Domain.UserDomain + '/SignIn.aspx?ReturnUrl=' + System.Web.HttpContext.Current.Server.UrlEncodeGetUrl;
}
/// <summary>
/// 直接跳转向页面
/// </summary>
public static void RedirectLoginPage
{
System.Web.HttpContext.Current.Response.RedirectGetLoginUrl;
}
/// 返回原先登陆页面地址
/// </summary>
/// <returns></returns>
public static string GetLoginUrl
{
return 'http://' + WebHelper.Domain.UserDomain + '/SignIn.aspx?ReturnUrl=' + System.Web.HttpContext.Current.Server.UrlEncodeGetUrl;
}
/// <summary>
/// 直接跳转向页面
/// </summary>
public static void RedirectLoginPage
{
System.Web.HttpContext.Current.Response.RedirectGetLoginUrl;
}
3、点击登录或注销时调用上面的方法,页头如果要判断是否登录也一样
protected void btnLogin_Clickobject sender, EventArgs e
{
if Profile.IsAnonymous
{
WebHelper.Pages.RequestInfo.RedirectLoginPage;
}
else
{
FormsAuthentication.SignOut;
Response.RedirectSession['CurrUrl'].ToString;
}
}
{
if Profile.IsAnonymous
{
WebHelper.Pages.RequestInfo.RedirectLoginPage;
}
else
{
FormsAuthentication.SignOut;
Response.RedirectSession['CurrUrl'].ToString;
}
}
注意上面注销的时候要转跳,其实转跳的地方就是本页面,因为注销要刷新才看到效果,不得已而为之
protected void Page_Loadobject sender, EventArgs e
{
if !IsPostBack
{
Session['CurrUrl'] = WebHelper.Pages.RequestInfo.GetUrl;
}
}
{
if !IsPostBack
{
Session['CurrUrl'] = WebHelper.Pages.RequestInfo.GetUrl;
}
}
4、登录页面显示时保存要转跳的地址
private void Page_Loadobject sender, EventArgs e
{
//自动转跳,start
if this.Request.QueryString['ReturnUrl'] != null
{
string ReturnUrl = WebHelper.Pages.RequestInfo.GetQueryString'ReturnUrl';
Session['ReturnUrl'] = ReturnUrl;
}
//自动转跳,end
}
{
//自动转跳,start
if this.Request.QueryString['ReturnUrl'] != null
{
string ReturnUrl = WebHelper.Pages.RequestInfo.GetQueryString'ReturnUrl';
Session['ReturnUrl'] = ReturnUrl;
}
//自动转跳,end
}
5、点击登录时,如成功就转跳回要返回的地址
/// <summary>
/// 登陆
/// </summary>
/// <param name='sender'></param>
/// <param name='e'></param>
protected void btnLogin_Clickobject sender, EventArgs e
{
//收集数据
string strUserName = this.txtUserName.Text.Trim;
string strPsw = this.txtPsw.Text.Trim;
string strValidTime = rbtnValidTime.SelectedItem.Text;
if Membership.ValidateUserstrUserName, strPsw
{
setValidTimestrValidTime, strUserName;
//测试返回地址是否存在,start
if Session['ReturnUrl'] != null
{
Response.RedirectSession['ReturnUrl'].ToString;
}
//测试返回地址是否存在,end
}
else
{
lblTipInfo.Text = '登陆失败,请重新输入!';
}
}
/// <summary>
/// 设置有效时间,注释的部分原本是要的,但要跨站点登录就不需要了
/// 而是在上面的方法中转跳,因为系统的转跳只到本站点
/// </summary>
/// <param name='strValid'></param>
protected void setValidTimestring strValid, string strUserName
{
string encTicket;
FormsAuthenticationTicket ticketObj;
switch strValid
{
case '永远':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 86400;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一个月':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 43200;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一天':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 1440;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一小时':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 60;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
FormsAuthentication.SetAuthCookiestrUserName, true;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
break;
//浏览器进程
default:
//FormsAuthentication.RedirectFromLoginPagestrUserName, false;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
}
}
/// 登陆
/// </summary>
/// <param name='sender'></param>
/// <param name='e'></param>
protected void btnLogin_Clickobject sender, EventArgs e
{
//收集数据
string strUserName = this.txtUserName.Text.Trim;
string strPsw = this.txtPsw.Text.Trim;
string strValidTime = rbtnValidTime.SelectedItem.Text;
if Membership.ValidateUserstrUserName, strPsw
{
setValidTimestrValidTime, strUserName;
//测试返回地址是否存在,start
if Session['ReturnUrl'] != null
{
Response.RedirectSession['ReturnUrl'].ToString;
}
//测试返回地址是否存在,end
}
else
{
lblTipInfo.Text = '登陆失败,请重新输入!';
}
}
/// <summary>
/// 设置有效时间,注释的部分原本是要的,但要跨站点登录就不需要了
/// 而是在上面的方法中转跳,因为系统的转跳只到本站点
/// </summary>
/// <param name='strValid'></param>
protected void setValidTimestring strValid, string strUserName
{
string encTicket;
FormsAuthenticationTicket ticketObj;
switch strValid
{
case '永远':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 86400;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一个月':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 43200;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一天':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 1440;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
case '一小时':
ticketObj = new FormsAuthenticationTicketstrUserName, true, 60;
encTicket = FormsAuthentication.EncryptticketObj;
Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket;
FormsAuthentication.SetAuthCookiestrUserName, true;
//FormsAuthentication.RedirectFromLoginPagestrUserName, true;
break;
//浏览器进程
default:
//FormsAuthentication.RedirectFromLoginPagestrUserName, false;
FormsAuthentication.SetAuthCookiestrUserName, true;
break;
}
}