SSO单点登录系统WEB Service代码
ssoWebMethod/sso.asmx
-------------------------------------------------------------------------
<%@ WebService Language="C#" CodeBehind="~/App_Code/sso.cs" Class="sso" %>
ssoWebMethod/web.config
----------------------------------------------------------------------------------------------
ssoWebMethod/App_Code/sso.cs
using System;
using System.Data;
using System.Data.SqlClient;
using System.Web;
using System.Collections;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.Configuration;
using System.Xml;
using System.IO;
///
/// SSO系统
///
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class sso : System.Web.Services.WebService
{
public sso()
{
//如果使用设计的组件,请取消注释以下行
//InitializeComponent();
}
#region public
///
/// 获取用户在应用系统中的登录帐号(密码暂时不返回)
/// 返回noneLogin表示未登录,此时转入应用系统对应的登录页面..
///
///
///
[WebMethod]
public String GetLoginByToken(String Token)
{
//根据Token读取对应的原业务系统的登录用户名与密码,并加密返回
String result = "noneLogin";
using (SqlConnection conn = new SqlConnection(ConnectionString))
{
conn.Open();
String sql;
sql = "SELECT AppsUsers.AppLoginId ";
sql += "FROM AppToken ";
sql += "INNER JOIN AppsUsers ";
sql += "ON AppToken.AppId = AppsUsers.AppId AND AppToken.ssoUserId = AppsUsers.ssoUserId ";
sql += "WHERE AppToken.Token = @Token";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@Token", Token));
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
//result = "LoginId=" + dr["AppLoginId"].ToString().Trim() + ";LoginPwd=" + dr["AppPassword"].ToString().Trim();
result = dr["AppLoginId"].ToString().Trim();
}
dr.Dispose();
cmd.Dispose();
}
return result;
}
///
/// 删除令牌。
/// 成功返回true,否则返回false
///
///
///
[WebMethod]
public Boolean TokenLost(String Token)
{
Boolean result = false;
using (SqlConnection conn = new SqlConnection(ConnectionString))
{
conn.Open();
String sql = "DELETE FROM AppToken WHERE Token = @Token";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@Token", Token));
Int32 line = cmd.ExecuteNonQuery();
if (line == 1)
{
result = true;
}
cmd.Dispose();
}
return result;
}
///
/// 激活单点登录
///
/// 应用系统标识,由SSO开发人员提供
/// 单点登录ID号(局内用户列表ID,下拉列表选择)
/// 应用系统登录帐号
/// 激活客户端IP地址
///
[WebMethod]
public String SSOActive(String AppId, String ssoUserId, String LoginId)
{
//1.判断对应的系统,用户是否已激活过
Int32 result = m_CheckAppsUsers(AppId, LoginId);
if (result == -1)
{
return "Web Service执行错误,请联络技术支持.";
}
else if (result == 1)
{
return "该帐户已经是单点登录帐户,不用再次激活.";
}
//2.激活
Boolean active = m_InsertAppsUsers(AppId, Convert.ToInt32(ssoUserId), LoginId);
if (!active)
{
return "帐号激活失败,请联络技术支持.";
}
return "单点登录已激活";
}
///
/// 获取局内用户列表,激活必须选择一个用户名
/// 填充一个DropDownList,用于选择用户名
///
///
[WebMethod]
public XmlNode GetSSOUsers()
{
DataTable dt = m_GetSSOUsers();
String xmlstr = m_GetXmlStrFromDataTable(dt);
XmlDocument doc = new XmlDocument();
doc.LoadXml(xmlstr);
dt.Dispose();
return doc;
}
///
/// 判断客户端IP地址是否为局内IP地址段
/// true为局内IP,false局外IP
///
/// 客户端IP地址
///
[WebMethod]
public Boolean CheckIP(String ClientIP)
{
//判断IP是否为本局IP,否则不能激活
if (ClientIP.IndexOf(ClientIPZone) == -1)
{
return false;
}
return true;
}
#endregion
#region private
///
/// 检查帐号是否已经激活
///
/// 应用系统标识,由SSO开发人员提供
/// 应用系统登录帐号
///
private Int32 m_CheckAppsUsers(String AppId, String AppLoginId)
{
Int32 result = -1;
using (SqlConnection conn = new SqlConnection(ConnectionString))
{
conn.Open();
String sql;
sql = "SELECT * FROM AppsUsers ";
sql += "WHERE AppId = @AppId AND AppLoginId = @AppLoginId";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@AppId", AppId));
cmd.Parameters.Add(new SqlParameter("@AppLoginId", AppLoginId));
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
result = 1;
}
else
{
result = 0;
}
dr.Dispose();
cmd.Dispose();
}
return result;
}
///
/// 新增帐号关联
///
///
///
///
///
private Boolean m_InsertAppsUsers(String AppId, Int32 ssoUserId, String AppLoginId)
{
Boolean result = false;
SqlConnection conn = null;
SqlTransaction trans = null;
try
{
conn = new SqlConnection(ConnectionString);
conn.Open();
trans = conn.BeginTransaction();
SqlCommand cmd = new SqlCommand();
cmd.Transaction = trans;
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
//新增应用程序激活
String sql;
sql = "INSERT INTO AppsUsers(AppId, ssoUserId, AppLoginId) ";
sql += "VALUES(@AppId, @ssoUserId, @AppLoginId)";
cmd.CommandText = sql;
cmd.Parameters.Add(new SqlParameter("@AppId", AppId));
cmd.Parameters.Add(new SqlParameter("@ssoUserId", ssoUserId));
cmd.Parameters.Add(new SqlParameter("@AppLoginId", AppLoginId));
cmd.ExecuteNonQuery();
////更新单点登录密码
//sql = "UPDATE ssoUsers SET ssoPassword = @ssoPassword WHERE ssoUserId = @ssoUserId";
//cmd.CommandText = sql;
//cmd.Parameters.Clear();
//cmd.Parameters.Add(new SqlParameter("@ssoPassword", ssoPassword));
//cmd.Parameters.Add(new SqlParameter("@ssoUserId", ssoUserId));
//cmd.ExecuteNonQuery();
trans.Commit();
cmd.Dispose();
result = true;
}
catch
{
try
{
trans.Rollback();
}
catch (SqlException ex)
{
throw new Exception(ex.Message);
}
throw;
}
finally
{
if (conn != null)
conn.Dispose();
if (trans != null)
trans.Dispose();
}
return result;
}
///
/// 获取单点登录预设帐号列表
///
///
private DataTable m_GetSSOUsers()
{
DataTable dt = new DataTable();
SqlConnection conn = null;
try
{
conn = new SqlConnection(ConnectionString);
conn.Open();
String sql = "SELECT * FROM ssoUsers ORDER BY ssoUserName ASC FOR XML AUTO";
SqlDataAdapter da = new SqlDataAdapter(sql, conn);
da.Fill(dt);
da.Dispose();
}
catch
{
throw;
}
finally
{
if (conn != null)
conn.Close();
}
return dt;
}
///
/// 将DataTable转换成xml字串
///
///
///
public static string m_GetXmlStrFromDataTable(DataTable dt)
{
String Result = "";
foreach (DataRow row in dt.Rows)
{
Result += row[0].ToString();
}
Result = "
return Result;
}
///
/// SSO数据库连接
///
private readonly String ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["ssoDatabase"].ConnectionString;
///
/// 客户端IP地址段
///
private readonly String ClientIPZone = System.Configuration.ConfigurationManager.AppSettings["ClientIPZone"];
#endregion
}
备注:ssoWebMethod为项目文件夹