web api 单点登录(SSO) 权限验证
2014-10-29 15:31
162 查看
本文介绍利用web api实现单点登录,具体原理请看/article/7183854.html,下面主要介绍相关代码:
分站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Web;
using System.Web.Mvc;
using System.Net.Http;
namespace MvcApplication2.Controllers
{
public class HomeController : Controller
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
}
public ActionResult Index()
{
//令牌验证结果
if (Request.QueryString["Token"] != null)
{
//持有令牌
string tokenValue = Request.QueryString["Token"];
HttpCookie tokenCookie = new HttpCookie("Token");
tokenCookie.Values.Add("Value", tokenValue);
tokenCookie.Expires = DateTime.Now.Add(new TimeSpan(24, 0, 0));
tokenCookie.Path = "/";
Response.AppendCookie(tokenCookie);
if (Session["Info"]==null)
{
getInfo(tokenValue);
}
}
else if (Request.Cookies["Token"]!= null)
{
string tokenValue = Convert.ToString(Request.Cookies["Token"].Value);
if (Session["Info"] == null)
{
getInfo(tokenValue);
}
}
else
{
//未持有令牌
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
}
return View();
}
public void getInfo(string tokenValue)
{ //客户端调用Web api
System.Net.Http.HttpClient client = new System.Net.Http.HttpClient();
client.BaseAddress = new Uri("http://localhost:4213/");
client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
HttpResponseMessage response = client.GetAsync("api/Login/?token=" + tokenValue).Result;
if (response.IsSuccessStatusCode)
{
infoMassege info = response.Content.ReadAsAsync<infoMassege>().Result;
string[] a = info.message;
System.Web.HttpContext.Current.Session["Info"] = a;
System.Web.HttpContext.Current.Session.Timeout = 1;
}
else
{
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
return;
}
}
}
}
主站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http;
using SSO.Passport.Class;
using System.Data;
namespace MvcApplication1.Controllers
{
public class LoginController : ApiController
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
//public string webName = "a";
//public string[] message = { "user", "admin", "tuorist" };
};
HttpResponseMessage response;
LoginController()
{
response = new HttpResponseMessage();
}
[HttpPost]
public HttpResponseMessage Post()
{
//摸拟用户登录验证(帐号、密码于web.config中)
//真实环境此处应通过数据库进行验证
//if (this.txtAccount.Text == System.Configuration.ConfigurationManager.AppSettings["acc"] && this.txtPassport.Text == System.Configuration.ConfigurationManager.AppSettings["pas"])
//{
//产生令牌
string tokenValue = this.getGuidString();
HttpContext.Current.Cache.Insert(tokenValue+"a", tokenValue, null, DateTime.Now.AddMinutes(3), TimeSpan.Zero);
//产生主站凭证
CreateInfo(tokenValue);
response = Request.CreateResponse(HttpStatusCode.OK, @"{""tokenValue"":""" + tokenValue+@"""}");
return response;
}
//产生主站凭证
private void CreateInfo(string tokenValue)
{
infoMassege info = new infoMassege();
info.message = new string[] { "user", "admin", "tuorist" };
info.webName = "a";
if (HttpContext.Current.Cache[tokenValue] == null)
{
HttpContext.Current.Cache.Insert(tokenValue, info, null, DateTime.Now.AddMinutes(1),TimeSpan.Zero);
}
//System.Web.Caching.Cache c = HttpContext.Current.Cache;
//CacheManager.TokenInsert(tokenValue, info, DateTime.Now.AddMinutes(100));
}
[HttpGet]
public HttpResponseMessage getCache(string token)
{
if (HttpContext.Current.Cache[token + "a"] != null)
{
infoMassege proof = new infoMassege();
proof = (infoMassege)HttpContext.Current.Cache[token];
if (proof != null)
{
response = Request.CreateResponse(HttpStatusCode.OK, proof);
}
else
{
CreateInfo(token);
getCache(token);
}
}
else
{
response = Request.CreateResponse(HttpStatusCode.Forbidden);
}
return response;
}
/// <summary>
/// 产生绝对唯一字符串,用于令牌
/// </summary>
/// <returns></returns>
private string getGuidString()
{
return Guid.NewGuid().ToString().ToUpper();
}
}
}
分站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Web;
using System.Web.Mvc;
using System.Net.Http;
namespace MvcApplication2.Controllers
{
public class HomeController : Controller
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
}
public ActionResult Index()
{
//令牌验证结果
if (Request.QueryString["Token"] != null)
{
//持有令牌
string tokenValue = Request.QueryString["Token"];
HttpCookie tokenCookie = new HttpCookie("Token");
tokenCookie.Values.Add("Value", tokenValue);
tokenCookie.Expires = DateTime.Now.Add(new TimeSpan(24, 0, 0));
tokenCookie.Path = "/";
Response.AppendCookie(tokenCookie);
if (Session["Info"]==null)
{
getInfo(tokenValue);
}
}
else if (Request.Cookies["Token"]!= null)
{
string tokenValue = Convert.ToString(Request.Cookies["Token"].Value);
if (Session["Info"] == null)
{
getInfo(tokenValue);
}
}
else
{
//未持有令牌
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
}
return View();
}
public void getInfo(string tokenValue)
{ //客户端调用Web api
System.Net.Http.HttpClient client = new System.Net.Http.HttpClient();
client.BaseAddress = new Uri("http://localhost:4213/");
client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
HttpResponseMessage response = client.GetAsync("api/Login/?token=" + tokenValue).Result;
if (response.IsSuccessStatusCode)
{
infoMassege info = response.Content.ReadAsAsync<infoMassege>().Result;
string[] a = info.message;
System.Web.HttpContext.Current.Session["Info"] = a;
System.Web.HttpContext.Current.Session.Timeout = 1;
}
else
{
Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
return;
}
}
}
}
主站代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http;
using SSO.Passport.Class;
using System.Data;
namespace MvcApplication1.Controllers
{
public class LoginController : ApiController
{
public class infoMassege
{
public string webName { get; set; }
public string[] message { get; set; }
//public string webName = "a";
//public string[] message = { "user", "admin", "tuorist" };
};
HttpResponseMessage response;
LoginController()
{
response = new HttpResponseMessage();
}
[HttpPost]
public HttpResponseMessage Post()
{
//摸拟用户登录验证(帐号、密码于web.config中)
//真实环境此处应通过数据库进行验证
//if (this.txtAccount.Text == System.Configuration.ConfigurationManager.AppSettings["acc"] && this.txtPassport.Text == System.Configuration.ConfigurationManager.AppSettings["pas"])
//{
//产生令牌
string tokenValue = this.getGuidString();
HttpContext.Current.Cache.Insert(tokenValue+"a", tokenValue, null, DateTime.Now.AddMinutes(3), TimeSpan.Zero);
//产生主站凭证
CreateInfo(tokenValue);
response = Request.CreateResponse(HttpStatusCode.OK, @"{""tokenValue"":""" + tokenValue+@"""}");
return response;
}
//产生主站凭证
private void CreateInfo(string tokenValue)
{
infoMassege info = new infoMassege();
info.message = new string[] { "user", "admin", "tuorist" };
info.webName = "a";
if (HttpContext.Current.Cache[tokenValue] == null)
{
HttpContext.Current.Cache.Insert(tokenValue, info, null, DateTime.Now.AddMinutes(1),TimeSpan.Zero);
}
//System.Web.Caching.Cache c = HttpContext.Current.Cache;
//CacheManager.TokenInsert(tokenValue, info, DateTime.Now.AddMinutes(100));
}
[HttpGet]
public HttpResponseMessage getCache(string token)
{
if (HttpContext.Current.Cache[token + "a"] != null)
{
infoMassege proof = new infoMassege();
proof = (infoMassege)HttpContext.Current.Cache[token];
if (proof != null)
{
response = Request.CreateResponse(HttpStatusCode.OK, proof);
}
else
{
CreateInfo(token);
getCache(token);
}
}
else
{
response = Request.CreateResponse(HttpStatusCode.Forbidden);
}
return response;
}
/// <summary>
/// 产生绝对唯一字符串,用于令牌
/// </summary>
/// <returns></returns>
private string getGuidString()
{
return Guid.NewGuid().ToString().ToUpper();
}
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- web api 单点登录(SSO) 权限验证
- web api 单点登录(SSO) 权限验证
- Web API 登录接口,查询接口权限验证设计(理论)
- shiro框架---关于用户登录和权限验证功能的实现步骤(七)
- ASP.NET MVC View 和 Web API 的基本权限验证
- shiro框架---关于用户登录和权限验证功能的实现步骤(八)
- SpringMVC+Apache Shiro+JPA(hibernate)案例教学(二)基于SpringMVC+Shiro的用户登录权限验证
- .net MVC使用IPrincipal进行Form登录即权限验证(3)
- springMVC中实现用户登录权限验证
- Asp.net的登录验证方法Web.config访问权限配置
- Jeeplus框架SSM+shiro权限控制中实现跳过登录验证访问接口数据
- shiro 权限控制框架 入门级实例(一)加密、登录验证
- OpenWRT新建普通用户+权限设置+免密码登录(ssh公钥验证)
- TP 验证登录权限
- ssh+maven+annotation+shiro搭建运行用户登录权限验证代码demo下载
- Shiro与ssm登录权限验证案例演示
- 基于CAS实现单点登录(SSO):自定义登录验证方法
- spring boot配置shiro安全框架及用户登录权限验证实现
- Ajax用户登录权限验证
- shiro 用户权限管理(2)-----注册md5加密,登录验证