跨站点的单点登录
1、Web.config里设置Form登录,name为Cookie名,关键在于domain和loginUrl。把几个要单点登录的站点做同样设置。
<authentication mode='Forms'> <forms name='rkanr_validuser' domain='.rkr.com' loginUrl='http://user.rkr.com/SignIn.aspx'/> </authentication>2、写默认转跳的方法。
/// <summary>
/// 返回原先登陆页面地址 /// </summary>
/// <returns></returns> public static string GetLoginUrl {
return 'http://' + WebHelper.Domain.UserDomain + '/SignIn.aspx?ReturnUrl=' + System.Web.HttpContext.Current.Server.UrlEncodeGetUrl; } /// <summary> /// 直接跳转向页面 /// </summary> public static void RedirectLoginPage { System.Web.HttpContext.Current.Response.RedirectGetLoginUrl; }3、点击登录或注销时调用上面的方法,页头如果要判断是否登录也一样
protected void btnLogin_Clickobject sender, EventArgs e { if Profile.IsAnonymous
{
WebHelper.Pages.RequestInfo.RedirectLoginPage;
} else { FormsAuthentication.SignOut; Response.RedirectSession['CurrUrl'].ToString; } }注意上面注销的时候要转跳,其实转跳的地方就是本页面,因为注销要刷新才看到效果,不得已而为之
protected void Page_Loadobject sender, EventArgs e { if !IsPostBack { Session['CurrUrl'] = WebHelper.Pages.RequestInfo.GetUrl; } }4、登录页面显示时保存要转跳的地址
private void Page_Loadobject sender, EventArgs e { //自动转跳,start if this.Request.QueryString['ReturnUrl'] != null { string ReturnUrl = WebHelper.Pages.RequestInfo.GetQueryString'ReturnUrl'; Session['ReturnUrl'] = ReturnUrl; } //自动转跳,end }5、点击登录时,如成功就转跳回要返回的地址
/// <summary> /// 登陆 /// </summary> /// <param name='sender'></param> /// <param name='e'></param> protected void btnLogin_Clickobject sender, EventArgs e { //收集数据 string strUserName = this.txtUserName.Text.Trim; string strPsw = this.txtPsw.Text.Trim; string strValidTime = rbtnValidTime.SelectedItem.Text; if Membership.ValidateUserstrUserName, strPsw { setValidTimestrValidTime, strUserName; //测试返回地址是否存在,start if Session['ReturnUrl'] != null { Response.RedirectSession['ReturnUrl'].ToString; } //测试返回地址是否存在,end } else { lblTipInfo.Text = '登陆失败,请重新输入!'; } } /// <summary> /// 设置有效时间,注释的部分原本是要的,但要跨站点登录就不需要了 /// 而是在上面的方法中转跳,因为系统的转跳只到本站点 /// </summary> /// <param name='strValid'></param> protected void setValidTimestring strValid, string strUserName { string encTicket; FormsAuthenticationTicket ticketObj; switch strValid { case '永远': ticketObj = new FormsAuthenticationTicketstrUserName, true, 86400; encTicket = FormsAuthentication.EncryptticketObj; Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket; //FormsAuthentication.RedirectFromLoginPagestrUserName, true; FormsAuthentication.SetAuthCookiestrUserName, true; break; case '一个月': ticketObj = new FormsAuthenticationTicketstrUserName, true, 43200; encTicket = FormsAuthentication.EncryptticketObj; Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket; //FormsAuthentication.RedirectFromLoginPagestrUserName, true; FormsAuthentication.SetAuthCookiestrUserName, true; break; case '一天': ticketObj = new FormsAuthenticationTicketstrUserName, true, 1440; encTicket = FormsAuthentication.EncryptticketObj; Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket; //FormsAuthentication.RedirectFromLoginPagestrUserName, true; FormsAuthentication.SetAuthCookiestrUserName, true; break; case '一小时': ticketObj = new FormsAuthenticationTicketstrUserName, true, 60; encTicket = FormsAuthentication.EncryptticketObj; Response.Cookies.Addnew HttpCookieFormsAuthentication.FormsCookieName, encTicket; FormsAuthentication.SetAuthCookiestrUserName, true; //FormsAuthentication.RedirectFromLoginPagestrUserName, true; break; //浏览器进程 default: //FormsAuthentication.RedirectFromLoginPagestrUserName, false; FormsAuthentication.SetAuthCookiestrUserName, true; break; } }
浙公网安备 33010602011771号