前台:
<html>
<head>
<title>签名验证</title>
<meta http-equiv="Content-Language" content="zh-cn">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<script id="clientEventHandlersVBS" type="text/vbscript">
<!--
'从服务端获取SessionKey
dim strAccount
dim strSignature
Sub btnAuthSign_onclick '服务器端代码,用于验证签名
on error resume next
Set RTXCRoot = RTXAX.GetObject("KernalRoot") ' 获取KernalRoot对象
Set rtcData = RTXCRoot.Sign '获取签名,并把它赋给rtcData strAccount = RTXCRoot.Account '获取用户帐号
strSignature = rtcData.GetString("Sign") '获取rtcData对象的Sign 的内容,也就是用户签名 form1.user.value= strAccount
form1.sign.value = strSignature
If Err.Number <> Then
MsgBox "程序运行错误 " & Err.Description
Err.Clear
End If
end sub
-->
</script>
</head>
<body>
<form name="form1" method="get" action="Handler.ashx">
<table>
<tr>
<td>
<!--用户名-->
</td>
<td>
<input type="hidden" name="user" />
</td>
</tr>
<tr>
<td>
<!-- 签 名-->
</td>
<td>
<input type="hidden" name="sign" />
</td>
</tr>
<tr>
<td>
</td>
<td>
<input name="btnAuthSign" type="submit" id="btnAuthSign" style="width: 100px; height: 21px"
value="登录OA" size="">
</td>
</tr>
</table>
</form>
<object id="RTXAX" data="data:application/x-oleobject;base64,fajuXg4WLUqEJ7bDM/7aTQADAAAaAAAAGgAAAA=="
classid="clsid:5EEEA87D-160E-4A2D-8427-B6C333FEDA4D" viewastext>
</object>
</body>
</html>
后台Handler.ashx(一般处理程序):
添加引用 System.Data.OracleClient和Interop.RTXSAPILib去下载
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
string strName = HttpContext.Current.Request.QueryString["user"];
string strSign = HttpContext.Current.Request.QueryString["sign"]; //OA验证
string selectSql = "select * from usr where PHONEHOME=:lName";
DataSet DSRst = ExecuteScalar(ConnString(), CommandType.Text, selectSql, strName);
DataTable table = DSRst.Tables[]; RTXSAPILib.IRTXSAPIRootObj RootObj = new RTXSAPILib.RTXSAPIRootObjClass();
RTXSAPILib.IRTXSAPIUserAuthObj2 AuthObj2 = (RTXSAPILib.IRTXSAPIUserAuthObj2)RootObj.UserAuthObj; bool bOK = AuthObj2.SignatureAuth(strName, strSign);
if (bOK == true && table != null && table.Rows.Count > )
{
context.Response.Redirect("http://192.168.30.157:8078/MainPages/Login.htm?username=" + strName + "uId=" + table.Rows[]["ID"]); //验证通过
}
else
{
context.Response.Redirect("http://192.168.30.157:8078/MainPages/Login.htm");
}
}
////提供的接口,Url参数格式:..Login.htm?username=admin&password=c4ca4238a0b923820dcc509a6f75849b
// $().ready(function () {
// if (request("username") == "") {
// return;
// }
// else {
// var uName = escape(request("username"));
// $.ajax({
// type: "POST",
// url: "../WebSiteRequestManager.ashx",
// data: { method: "BlnLogin", ValidateUser: uName, selectxt: $("#selxt").val() },
// success: function (msg) {
// alert(msg);
// if (msg == "Main" || msg == null) {
// top.location = "../MainPages/WindowMain.htm";
// }
// }
// });
// }
// }); public static string ConnString()
{
return System.Web.Configuration.WebConfigurationManager.AppSettings["OrclConnectionstring"];
}
public static DataSet ExecuteScalar(string connectionString, CommandType cmdType, string cmdText, string uname)
{
OracleConnection orclCon = new OracleConnection(connectionString);//添加引用 System.Data.OracleClient
OracleCommand Cmd = new OracleCommand(cmdText, orclCon);
Cmd.Parameters.AddWithValue(":lName", uname);
orclCon.Open();
DataSet ds = new DataSet();
OracleDataAdapter da = new OracleDataAdapter(Cmd);
da.Fill(ds);
return ds;
}