跨站点的单点登录
1、Web.config里设置Form登录,name为Cookie名,关键在于domain和loginUrl。把几个要单点登录的站点做同样设置。
<authentication mode="Forms"> <forms name="rkanr_validuser" domain=".rkr.com" loginUrl="http://user.rkr.com/SignIn.aspx"/> </authentication>2、写默认转跳的方法。
/// <summary>
/// 返回原先登陆页面地址 /// </summary>
/// <returns></returns> public static string GetLoginUrl() {
return "http://" + WebHelper.Domain.UserDomain + "/SignIn.aspx?ReturnUrl=" + System.Web.HttpContext.Current.Server.UrlEncode(GetUrl()); } /// <summary> /// 直接跳转向页面 /// </summary> public static void RedirectLoginPage() { System.Web.HttpContext.Current.Response.Redirect(GetLoginUrl()); }3、点击登录或注销时调用上面的方法,页头如果要判断是否登录也一样
protected void btnLogin_Click(object sender, EventArgs e) { if (Profile.IsAnonymous)
{
WebHelper.Pages.RequestInfo.RedirectLoginPage();
} else { FormsAuthentication.SignOut(); Response.Redirect(Session["CurrUrl"].ToString()); } }注意上面注销的时候要转跳,其实转跳的地方就是本页面,因为注销要刷新才看到效果,不得已而为之
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { Session["CurrUrl"] = WebHelper.Pages.RequestInfo.GetUrl(); } }4、登录页面显示时保存要转跳的地址
private void Page_Load(object sender, EventArgs e) { //自动转跳,start if (this.Request.QueryString["ReturnUrl"] != null) { string ReturnUrl = WebHelper.Pages.RequestInfo.GetQueryString("ReturnUrl"); Session["ReturnUrl"] = ReturnUrl; } //自动转跳,end }5、点击登录时,如成功就转跳回要返回的地址
/// <summary> /// 登陆 /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnLogin_Click(object sender, EventArgs e) { //收集数据 string strUserName = this.txtUserName.Text.Trim(); string strPsw = this.txtPsw.Text.Trim(); string strValidTime = rbtnValidTime.SelectedItem.Text; if (Membership.ValidateUser(strUserName, strPsw)) { setValidTime(strValidTime, strUserName); //测试返回地址是否存在,start if (Session["ReturnUrl"] != null) { Response.Redirect(Session["ReturnUrl"].ToString()); } //测试返回地址是否存在,end } else { lblTipInfo.Text = "登陆失败,请重新输入!"; } } /// <summary> /// 设置有效时间,注释的部分原本是要的,但要跨站点登录就不需要了 /// 而是在上面的方法中转跳,因为系统的转跳只到本站点 /// </summary> /// <param name="strValid"></param> protected void setValidTime(string strValid, string strUserName) { string encTicket; FormsAuthenticationTicket ticketObj; switch (strValid) { case "永远": ticketObj = new FormsAuthenticationTicket(strUserName, true, 86400); encTicket = FormsAuthentication.Encrypt(ticketObj); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); //FormsAuthentication.RedirectFromLoginPage(strUserName, true); FormsAuthentication.SetAuthCookie(strUserName, true); break; case "一个月": ticketObj = new FormsAuthenticationTicket(strUserName, true, 43200); encTicket = FormsAuthentication.Encrypt(ticketObj); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); //FormsAuthentication.RedirectFromLoginPage(strUserName, true); FormsAuthentication.SetAuthCookie(strUserName, true); break; case "一天": ticketObj = new FormsAuthenticationTicket(strUserName, true, 1440); encTicket = FormsAuthentication.Encrypt(ticketObj); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); //FormsAuthentication.RedirectFromLoginPage(strUserName, true); FormsAuthentication.SetAuthCookie(strUserName, true); break; case "一小时": ticketObj = new FormsAuthenticationTicket(strUserName, true, 60); encTicket = FormsAuthentication.Encrypt(ticketObj); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); FormsAuthentication.SetAuthCookie(strUserName, true); //FormsAuthentication.RedirectFromLoginPage(strUserName, true); break; //浏览器进程 default: //FormsAuthentication.RedirectFromLoginPage(strUserName, false); FormsAuthentication.SetAuthCookie(strUserName, true); break; } }
