我已成功从客户端发布到CA SiteMinder,但是,当我尝试执行服务器端发布时,我没有得到服务器的响应,但我确实获得了状态200(确定)。我应该在响应或响应标头中返回SMSESSION。我从帖子里得不到任何回报。所以,我的代码如下(我将整个代码发布在文件后面,只需查看服务器端post方法):
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Web.Services;
using System.Text;
using System.Net;
using System.IO;
using System.Collections;
namespace SiteMinder_SiteMinder_Side
{
public partial class login : System.Web.UI.Page
{
com.ezmultifactor.demoappliance.Service1 service = new com.ezmultifactor.demoappliance.Service1();
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Cookies["reauthen"] == null)
{
Response.Redirect(ConfigurationManager.AppSettings["secureauthUri"] + "?returnSession="+Server.UrlEncode(Request.QueryString["target"].Replace("-SM-","").Replace("$SM$","")));
}
else
{
LoadSession();
if (ConfigurationManager.AppSettings["ClientOrServerPost"] == "client")
{
ClientPost();
}
if (ConfigurationManager.AppSettings["ClientOrServerPost"] == "server")
{
ServerPost();
}
}
}
protected string createPramString()
{
String Params = String.Empty;
Params+=(String)Session["userName"]+"="+ Server.UrlEncode((String)Session["userNameValue"]);
Params+="&"+(String)Session["password"]+"="+ Server.UrlEncode((String)Session["passwordValue"]);
if ((String)Session["name1"] != "e" && (String)Session["value1"] != "e")
{
Params += "&" + (String)Session["name1"] + "=" + Server.UrlEncode((String)Session["value1"]);
}
if ((String)Session["name2"] != "e" && (String)Session["value2"] != "e")
{
Params += "&" + (String)Session["name2"] + "=" + Server.UrlEncode((String)Session["value2"]);
}
if ((String)Session["name3"] != "e" && (String)Session["value3"] != "e")
{
Params += "&" + (String)Session["name3"] + "=" + Server.UrlEncode((String)Session["value3"]);
}
if ((String)Session["name4"] != "e" && (String)Session["value4"] != "e")
{
Params += "&" + (String)Session["name4"] + "=" + Server.UrlEncode((String)Session["value4"]);
}
if ((String)Session["name5"] != "e" && (String)Session["value5"] != "e")
{
Params += "&" + (String)Session["name5"] + "=" + Server.UrlEncode((String)Session["value5"]);
}
if ((String)Session["name6"] != "e" && (String)Session["value6"] != "e")
{
Params += "&" + (String)Session["name6"] + "=" + Server.UrlEncode((String)Session["value6"]);
}
if ((String)Session["name7"] != "e" && (String)Session["value7"] != "e")
{
Params += "&" + (String)Session["name7"] + "=" + Server.UrlEncode((String)Session["value7"]);
}
if ((String)Session["name8"] != "e" && (String)Session["value8"] != "e")
{
Params += "&" + (String)Session["name8"] + "=" + Server.UrlEncode((String)Session["value8"]);
}
if ((String)Session["name9"] != "e" && (String)Session["value9"] != "e")
{
Params += "&" + (String)Session["name9"] + "=" + Server.UrlEncode((String)Session["value9"]);
}
if ((String)Session["name10"] != "e" && (String)Session["value10"] != "e")
{
Params += "&" + (String)Session["name10"] + "=" + Server.UrlEncode((String)Session["value10"]);
}
if ((String)Session["name11"] != "e" && (String)Session["value11"] != "e")
{
Params += "&" + (String)Session["name11"] + "=" + Server.UrlEncode((String)Session["value11"]);
}
if ((String)Session["name12"] != "e" && (String)Session["value12"] != "e")
{
Params += "&" + (String)Session["name12"] + "=" + Server.UrlEncode((String)Session["value12"]);
}
if ((String)Session["name13"] != "e" && (String)Session["value13"] != "e")
{
Params += "&" + (String)Session["name13"] + "=" + Server.UrlEncode((String)Session["value13"]);
}
return Params;
}
protected void ServerPost()
{
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create((String)Session["PostURL"]);
request.Method = "POST";
string postData = createPramString();
byte[] byteArray = Encoding.UTF8.GetBytes(postData);
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = byteArray.Length;
request.UserAgent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
//request.PreAuthenticate = true;
//request.Credentials = CredentialCache.DefaultCredentials;
Stream dataStream = request.GetRequestStream();
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
WebResponse response = request.GetResponse();
Response.Write(((HttpWebResponse)response).GetResponseHeader("SESSION"));
dataStream = response.GetResponseStream();
for (int i = 0; i < response.Headers.Count; ++i)
Response.Write(response.Headers.Keys[i]+" : "+response.Headers[i]);
StreamReader reader = new StreamReader(dataStream);
string responseFromServer = reader.ReadToEnd();
Response.Write(responseFromServer);
reader.Close();
dataStream.Close();
response.Close();
Response.End();
}
protected void ClientPost()
{
//Create HTML Doc
StringBuilder createhtm = new StringBuilder();
createhtm.Append("<body onload=\"document.forms.SecurePass.submit()\">");
createhtm.Append("<div>");
createhtm.Append("<form action=\"" + (String)Session["PostURL"] + "\" method=\"post\" id=\"SecurePass\">");
createhtm.Append("<input type=\"text\" style=\"display:none\" name=\"" + (String)Session["userName"] + "\" " + "value=\"" + (String)Session["userNameValue"] + "\">");
createhtm.Append("<input type=\"password\" style=\"display:none\" name=\"" + (String)Session["password"] + "\" " + "value=\"" + (String)Session["passwordValue"] + "\">");
if ((String)Session["name1"] != "e" && (String)Session["value1"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name1"] + "\" " + "value=\"" + (String)Session["value1"] + "\">");
}
if ((String)Session["name2"] != "e" && (String)Session["value2"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name2"] + "\" " + "value=\"" + (String)Session["value2"] + "\">");
}
if ((String)Session["name3"] != "e" && (String)Session["value3"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name3"] + "\" " + "value=\"" + (String)Session["value3"] + "\">");
}
if ((String)Session["name4"] != "e" && (String)Session["value4"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name4"] + "\" " + "value=\"" + (String)Session["value4"] + "\">");
}
if ((String)Session["name5"] != "e" && (String)Session["value5"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name5"] + "\" " + "value=\"" + (String)Session["value5"] + "\">");
}
if ((String)Session["name6"] != "e" && (String)Session["value6"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name6"] + "\" " + "value=\"" + (String)Session["value6"] + "\">");
}
if ((String)Session["name7"] != "e" && (String)Session["value7"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name7"] + "\" " + "value=\"" + (String)Session["value7"] + "\">");
}
if ((String)Session["name8"] != "e" && (String)Session["value8"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name8"] + "\" " + "value=\"" + (String)Session["value8"] + "\">");
}
if ((String)Session["name9"] != "e" && (String)Session["value9"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name9"] + "\" " + "value=\"" + (String)Session["value9"] + "\">");
}
if ((String)Session["name10"] != "e" && (String)Session["value10"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name10"] + "\" " + "value=\"" + (String)Session["value10"] + "\">");
}
if ((String)Session["name11"] != "e" && (String)Session["value11"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name11"] + "\" " + "value=\"" + (String)Session["value11"] + "\">");
}
if ((String)Session["name12"] != "e" && (String)Session["value12"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name12"] + "\" " + "value=\"" + (String)Session["value12"] + "\">");
}
if ((String)Session["name13"] != "e" && (String)Session["value13"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name13"] + "\" " + "value=\"" + (String)Session["value13"] + "\">");
}
createhtm.Append("</form>");
createhtm.Append("</div>");
createhtm.Append("</body>");
Response.Write(createhtm);
}
protected void LoadSession()
{
//Response.Write(Request.Cookies["reauthen"].Value);
//Response.End();
String credential = service.DecryptData(Request.Cookies["reauthen"].Value);
String[] splitcredential = credential.Split('_');
Session["userName"] = "USER";
Session["password"] = "PASSWORD";
Session["userNameValue"] = splitcredential[1];
Session["passwordValue"] = splitcredential[2];
Session["PostURL"] = ConfigurationManager.AppSettings["postURL"];
if (ConfigurationManager.AppSettings["ShowSession"] == "true")
{
foreach (string key in Session.Keys)
{
Response.Write(key + "-" + Session[key] + "<br />");
}
Response.End();
}
}
}
}
答案 0 :(得分:1)
答案比我预期的要容易,从siteminder拉出标题后,我能够拉出“set-cookie”标题。如果您使用标题中的值(即“SMSESSION =”之后的加密值)创建名为SMSESSION的cookie,则该标题内部是以“SMSESSION =”开头的字符串。您将能够重定向回登录的受保护资源。
请务必密切关注加密字符串的底部,以免获取其他不需要的值。
我的代码如下:
参数字符串可能看起来有点混乱,因为我正在调用其他模块,但您应该能够从代码中获得所需内容:
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Web.Services;
using System.Text;
using System.Net;
using System.IO;
using System.Collections;
using MFA.WebControls;
using System.Web.Security;
namespace SiteMinder_SiteMinder_Side
{
public partial class login : System.Web.UI.Page
{
//Config Values for Siteminder on this page are
// appsetting name "ClientOrServerPost" possible values "server"/"client"
// appsetting name "postURL" possible values "This is the url of the .fcc file on the webserver"
// appsetting name "ShowSession" possible values "true"/"false"
// appsettings name "serviceurl" possible values "the URL of the tdez webservice"
// appsettings name "CookieDomain" this is set in the admin "value should exist"
com.ezmultifactor.demoappliance.Service1 service = new com.ezmultifactor.demoappliance.Service1();
protected void Page_Load(object sender, EventArgs e)
{
LoadSession();
if (ConfigurationManager.AppSettings["ClientOrServerPost"] == "client")
{
ClientPost();
}
if (ConfigurationManager.AppSettings["ClientOrServerPost"] == "server")
{
ServerPost();
}
}
//Specifically for the Server Post
protected string createPramString()
{
String Params = String.Empty;
Params+=(String)Session["userName"]+"="+ Server.UrlEncode((String)Session["userNameValue"]);
Params+="&"+(String)Session["password"]+"="+ Server.UrlEncode((String)Session["passwordValue"]);
if ((String)Session["name1"] != "e" && (String)Session["value1"] != "e")
{
Params += "&" + (String)Session["name1"] + "=" + Server.UrlEncode((String)Session["value1"]);
}
if ((String)Session["name2"] != "e" && (String)Session["value2"] != "e")
{
Params += "&" + (String)Session["name2"] + "=" + Server.UrlEncode((String)Session["value2"]);
}
if ((String)Session["name3"] != "e" && (String)Session["value3"] != "e")
{
Params += "&" + (String)Session["name3"] + "=" + Server.UrlEncode((String)Session["value3"]);
}
if ((String)Session["name4"] != "e" && (String)Session["value4"] != "e")
{
Params += "&" + (String)Session["name4"] + "=" + Server.UrlEncode((String)Session["value4"]);
}
if ((String)Session["name5"] != "e" && (String)Session["value5"] != "e")
{
Params += "&" + (String)Session["name5"] + "=" + Server.UrlEncode((String)Session["value5"]);
}
if ((String)Session["name6"] != "e" && (String)Session["value6"] != "e")
{
Params += "&" + (String)Session["name6"] + "=" + Server.UrlEncode((String)Session["value6"]);
}
if ((String)Session["name7"] != "e" && (String)Session["value7"] != "e")
{
Params += "&" + (String)Session["name7"] + "=" + Server.UrlEncode((String)Session["value7"]);
}
if ((String)Session["name8"] != "e" && (String)Session["value8"] != "e")
{
Params += "&" + (String)Session["name8"] + "=" + Server.UrlEncode((String)Session["value8"]);
}
if ((String)Session["name9"] != "e" && (String)Session["value9"] != "e")
{
Params += "&" + (String)Session["name9"] + "=" + Server.UrlEncode((String)Session["value9"]);
}
if ((String)Session["name10"] != "e" && (String)Session["value10"] != "e")
{
Params += "&" + (String)Session["name10"] + "=" + Server.UrlEncode((String)Session["value10"]);
}
if ((String)Session["name11"] != "e" && (String)Session["value11"] != "e")
{
Params += "&" + (String)Session["name11"] + "=" + Server.UrlEncode((String)Session["value11"]);
}
if ((String)Session["name12"] != "e" && (String)Session["value12"] != "e")
{
Params += "&" + (String)Session["name12"] + "=" + Server.UrlEncode((String)Session["value12"]);
}
if ((String)Session["name13"] != "e" && (String)Session["value13"] != "e")
{
Params += "&" + (String)Session["name13"] + "=" + Server.UrlEncode((String)Session["value13"]);
}
return Params;
}
protected void ServerPost()
{
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create((String)Session["PostURL"]);
request.Method = "POST";
string postData = createPramString();
byte[] byteArray = Encoding.UTF8.GetBytes(postData);
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = byteArray.Length;
request.UserAgent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
request.AllowAutoRedirect = false;
Stream dataStream = request.GetRequestStream();
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
WebResponse response = request.GetResponse();
dataStream = response.GetResponseStream();
String[] headers = new String[response.Headers.Count];
//for (int i = 0; i < response.Headers.Count; ++i)
//{
// Response.Write("*" + response.Headers.Keys[i] + "~" + response.Headers[i]);
// headers[i] = response.Headers.Keys[i] + "*" + response.Headers[i];
//}
StreamReader reader = new StreamReader(dataStream);
string responseFromServer = reader.ReadToEnd();
reader.Close();
dataStream.Close();
response.Close();
HttpCookie smsession = new HttpCookie("SMSESSION");
smsession.Value = ripOutSession((String)((HttpWebResponse)response).GetResponseHeader("Set-Cookie"),"sessionData");
smsession.Domain = ripOutSession((String)((HttpWebResponse)response).GetResponseHeader("Set-Cookie"), "domainData");
smsession.Path = "/";
smsession.Expires = Convert.ToDateTime(ripOutSession((String)((HttpWebResponse)response).GetResponseHeader("Set-Cookie"), "expireData"));
Response.SetCookie(smsession);
Response.Redirect((String)((HttpWebResponse)response).GetResponseHeader("Location"));
}
protected void ClientPost()
{
//Create HTML Doc
StringBuilder createhtm = new StringBuilder();
createhtm.Append("<body onload=\"document.forms.SecurePass.submit()\">");
createhtm.Append("<div>");
createhtm.Append("<form action=\"" + (String)Session["PostURL"] + "\" method=\"post\" id=\"SecurePass\">");
createhtm.Append("<input type=\"text\" style=\"display:none\" name=\"" + (String)Session["userName"] + "\" " + "value=\"" + (String)Session["userNameValue"] + "\">");
createhtm.Append("<input type=\"password\" style=\"display:none\" name=\"" + (String)Session["password"] + "\" " + "value=\"" + (String)Session["passwordValue"] + "\">");
if ((String)Session["name1"] != "e" && (String)Session["value1"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name1"] + "\" " + "value=\"" + (String)Session["value1"] + "\">");
}
if ((String)Session["name2"] != "e" && (String)Session["value2"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name2"] + "\" " + "value=\"" + (String)Session["value2"] + "\">");
}
if ((String)Session["name3"] != "e" && (String)Session["value3"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name3"] + "\" " + "value=\"" + (String)Session["value3"] + "\">");
}
if ((String)Session["name4"] != "e" && (String)Session["value4"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name4"] + "\" " + "value=\"" + (String)Session["value4"] + "\">");
}
if ((String)Session["name5"] != "e" && (String)Session["value5"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name5"] + "\" " + "value=\"" + (String)Session["value5"] + "\">");
}
if ((String)Session["name6"] != "e" && (String)Session["value6"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name6"] + "\" " + "value=\"" + (String)Session["value6"] + "\">");
}
if ((String)Session["name7"] != "e" && (String)Session["value7"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name7"] + "\" " + "value=\"" + (String)Session["value7"] + "\">");
}
if ((String)Session["name8"] != "e" && (String)Session["value8"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name8"] + "\" " + "value=\"" + (String)Session["value8"] + "\">");
}
if ((String)Session["name9"] != "e" && (String)Session["value9"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name9"] + "\" " + "value=\"" + (String)Session["value9"] + "\">");
}
if ((String)Session["name10"] != "e" && (String)Session["value10"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name10"] + "\" " + "value=\"" + (String)Session["value10"] + "\">");
}
if ((String)Session["name11"] != "e" && (String)Session["value11"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name11"] + "\" " + "value=\"" + (String)Session["value11"] + "\">");
}
if ((String)Session["name12"] != "e" && (String)Session["value12"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name12"] + "\" " + "value=\"" + (String)Session["value12"] + "\">");
}
if ((String)Session["name13"] != "e" && (String)Session["value13"] != "e")
{
createhtm.Append("<input type=\"hidden\" name=\"" + (String)Session["name13"] + "\" " + "value=\"" + (String)Session["value13"] + "\">");
}
createhtm.Append("</form>");
createhtm.Append("</div>");
createhtm.Append("</body>");
Response.Write(createhtm);
}
protected void LoadSession()
{
Session["userName"] = "USER";
Session["password"] = "PASSWORD";
Session["PostURL"] = ConfigurationManager.AppSettings["postURL"];
if (loginUserID() != "Empty")
{
LoadUserFromContext();
}
else
{
LoadUserDataFromCookie();
}
com.ezmultifactor.demoappliance.Service1 service = new com.ezmultifactor.demoappliance.Service1();
service.Url = ConfigurationManager.AppSettings["serviceurl"];
String userdelimpass = service.EncryptData("_" + Session["userNameValue"].ToString() + "_" + Session["passwordValue"].ToString() + "_Succsful");
HttpCookie reauthen = new HttpCookie("reauthen");
reauthen.Value = userdelimpass;
if (ConfigurationManager.AppSettings["CookieDomain"] != null)
{
reauthen.Domain = ConfigurationManager.AppSettings["CookieDomain"];
}
reauthen.Expires = DateTime.Now.AddMinutes(3.1);
Response.SetCookie(reauthen);
if (ConfigurationManager.AppSettings["ShowSession"] == "true")
{
foreach (string key in Session.Keys)
{
Response.Write(key + "-" + Session[key] + "<br />");
}
Response.End();
}
}
protected String ripOutSession(string validSessionHeader, string valuetoreturn)
{
String SMSESSION = validSessionHeader;
String SMSESSIONMinusSpace = SMSESSION.Replace(" ", "");
String[] SplitSession = SMSESSIONMinusSpace.Split(';');
String SaveSession = String.Empty;
String SaveDomain = String.Empty;
String SaveExpire = String.Empty;
String FinalResult = String.Empty;
for (int i = 0; i < SplitSession.Length; i++)
{
if (SplitSession[i].Contains("SMSESSION"))
{
SaveSession = SplitSession[i];
}
if (SplitSession[i].Contains("domain"))
{
SaveDomain = SplitSession[i].Replace("domain=", "");
}
if (SplitSession[i].Contains("expires"))
{
SaveExpire = SplitSession[i].Replace("expires=", "");
}
}
String[] splitSaveSession = SaveSession.Split(',');
for (int i = 0; i < splitSaveSession.Length; i++)
{
if (splitSaveSession[i].Contains("SMSESSION"))
{
SaveSession = splitSaveSession[i].Replace("SMSESSION=", "");
}
}
if (valuetoreturn == "sessionData")
{
FinalResult=SaveSession;
}
if (valuetoreturn == "domainData")
{
FinalResult=SaveDomain;
}
if (valuetoreturn == "expireData")
{
FinalResult = SaveExpire;
}
return FinalResult;
}
public static String loginUserID()
{
try
{
string userid = "";
ContextUser user = (ContextUser)HttpContext.Current.Session["currentuser"];
if (!string.IsNullOrEmpty(user.UserID.ToString()))
{
userid = user.UserID.ToString();
}
else { }
return userid;
}
catch
{
return "Empty";
}
}
public static String loginUP()
{
string up = String.Empty;
ContextUser user = (ContextUser)HttpContext.Current.Session["currentuser"];
if (!string.IsNullOrEmpty(user.Password.ToString()))
{
up = user.Password.ToString();
}
else { }
return up;
}
protected void LoadUserFromContext()
{
String loginValue = loginUP();
String RemoveDomain = loginUserID();
bool containDomain;
containDomain = (RemoveDomain.Contains("@"));
string[] UserSplit = RemoveDomain.Split(new Char[] { '@' });
if (containDomain == true)
{
RemoveDomain = UserSplit[0];
}
Session["userNameValue"] = RemoveDomain;
Session["passwordValue"] = loginValue;
}
protected void LoadUserDataFromCookie()
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value);
String CookieDecryptedValueUserData = ticket.UserData.ToString();
String CookieDecryptedValueUserName = ticket.Name.ToString();
String RemoveDomain = CookieDecryptedValueUserName;
bool containDomain;
containDomain = (RemoveDomain.Contains("@"));
string[] UserSplit = RemoveDomain.Split(new Char[] { '@' });
if (containDomain == true)
{
RemoveDomain = UserSplit[0];
}
Session["userNameValue"] = RemoveDomain;
Session["passwordValue"] = CookieDecryptedValueUserData;
}
}
}