2

ユーザーが別のページにログインしている場合にのみ、ユーザーをリダイレクトしようとしています。HTTPHandlerこのリクエストを傍受してリダイレクトするために使用しています。ユーザーがログインした後、コントロールはこれに戻りませんHTTPHandler。アイデアや提案

namespace NES.HiLo.Security
{
    public class PallativeAuthenticationHandler : IHttpHandler, IRequiresSessionState
    {
        /// <summary>
        /// You will need to configure this handler in the web.config file of your 
        /// web and register it with IIS before being able to use it. For more information
        /// see the following link: http://go.microsoft.com/?linkid=8101007
        /// </summary>


        public bool IsReusable
        {
        // Return false in case your Managed Handler cannot be reused for another request.
        // Usually this would be false in case you have some state information preserved per request.
        get { return false; }
    }

    public void ProcessRequest(HttpContext context)
    {

        string UserName = "";
        int TSecUserID = 0;

        HttpContext context2 = HttpContext.Current;

        if (string.IsNullOrEmpty(context2.User.Identity.Name))
            UserName = "UNKNOWN";
        else
            UserName = context2.User.Identity.Name.ToString();

        if (UserName != "UNKNOWN")
        {

            string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["NES.HiLo.Data.Properties.Settings.HiLoConnectionString"].ConnectionString;
            using (SqlConnection connection = new SqlConnection(connectionString))
            {

                connection.Open();
                SqlCommand command = new SqlCommand("Select tSec_UserId from dbo.HiLoUser where Username='" + HttpContext.Current.User.Identity.Name.ToString() + "'", connection);


                TSecUserID = (Int32)command.ExecuteScalar();
                connection.Close();
                HttpContext.Current.Response.Redirect("http://www.google.com?retUrl=" + TSecUserID);

            }

        }
        else
        {
            HttpContext.Current.Response.Redirect("~/Login.aspx?retUrl=" + HttpUtility.UrlEncode(context2.Request.Url.ToString()));

        }



    }
}

web.config の Httphander エントリ

<httpHandlers>
        <!--<add path="*.pdf" type="HttpSecurity.HttpHandlerAuthentication, HttpSecurity"  verb="*"/>-->

        <!--<add verb="GET" path="/calderdale/*/*.pdf" type="NES.HiLo.Security.CalderDaleAuthenticationHandler, NES.HiLo.Security" />-->
        <add verb="*" path="/calderdale/*.pdf" type="NES.HiLo.Security.CalderDaleAuthenticationHandler, NES.HiLo.Security" />
        <remove verb="*" path="*.asmx" />
        <!-- ASPNETAJAX -->
        <add verb="*" path="*.asmx" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add verb="*" path="*_AppService.axd" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false" />
        <!-- UMBRACO CHANNELS -->
        <add verb="*" path="umbraco/channels.aspx" type="umbraco.presentation.channels.api, umbraco" />
        <add verb="*" path="umbraco/channels/word.aspx" type="umbraco.presentation.channels.wordApi, umbraco" />
        <add verb="*" path="umbraco/clt/ajaxCommunityAdministrators.aspx" type="NES.HiLo.UserControls.DataTypes.AjaxCommunityAdministrators, NES.HiLo" />
        <!-- ELMAH -->
        <add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" />
        <!-- WIDGET AJAX HANDLER -->
        <add verb="*" path="umbraco/WidgetLibrary/WidgetAjaxHandler.aspx" type="NES.WidgetLibrary.WidgetAjaxHandler" />
        <add verb="GET" path="umbraco/WidgetLibrary/SubjectSelectorAjaxHandler.aspx" type="NES.WidgetLibrary.MetaDataControls.ChildControls.SubjectSelectorControl.AjaxSelector" />
        <add verb="*" path="/FilterByDevice.ashx" type="NES.HiLo.Web.Handlers.DeviceFilterHandler" />
        <add verb="GET" path="/Pallative/*.xml" type="NES.HiLo.Security.PallativeAuthenticationHandler, NES.HiLo.Security" />
    </httpHandlers>




 <authentication mode="Forms">
        <forms name="KFCSAUTH" loginUrl="login.aspx" protection="All" slidingExpiration="true" path="/" domain=".scot.nhs.uk" />
    </authentication>
    <authorization>
        <allow users="?" />
    </authorization>

 <system.webServer>
    <!--<validation validateIntegratedModeConfiguration="false" />-->
    <handlers>
        <add name="Pallative Handler" path="/Pallative/*.xml" verb="GET" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
        <add name="Calderdale Handler" path="/calderdale/*.pdf" verb="GET" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
        <!--<add name="Pallative Handler" path="Pallative/pallative_doc.html" verb="GET" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv2.0,bitness32" />-->
    </handlers>
    <!--<handlers  accessPolicy="Read, Write, Script, Execute">
      -->
    <!--<add name="PictHandler" preCondition="integratedMode" verb="*" path="*.pictx" type="PictHttpHandler,PictHandler"/>-->
    <!--
      <add name="Pdfhandler" verb="*" path="/calderdale/*.html" type="NES.HiLo.Security.CalderDaleAuthenticationHandler, NES.HiLo.Security" preCondition="integratedMode" />
  </handlers>-->

</system.webServer>
4

1 に答える 1

1

あなたが直面している問題は、認証 Cookie が指定されたドメインに対してのみ有効であるという事実と関係があります。

<forms name="KFCSAUTH" 
    loginUrl="login.aspx" 
    protection="All" 
    slidingExpiration="true" 
    path="/" 
    domain=".scot.nhs.uk" />

この問題は、他のドメインで Web アプリケーションを実行している場合にのみ発生する可能性があります。domain属性を削除してみて、問題が解決しないかどうかを確認してください。

于 2013-02-03T01:36:19.843 に答える