前台:
<html> <head> <title>签名验证</title> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <meta name="GENERATOR" content="Microsoft FrontPage 4.0"> <meta name="ProgId" content="FrontPage.Editor.Document"> <script id="clientEventHandlersVBS" type="text/vbscript"> <!-- '从服务端获取SessionKey dim strAccount dim strSignature Sub btnAuthSign_onclick '服务器端代码,用于验证签名 on error resume next Set RTXCRoot = RTXAX.GetObject("KernalRoot") ' 获取KernalRoot对象 Set rtcData = RTXCRoot.Sign '获取签名,并把它赋给rtcData strAccount = RTXCRoot.Account '获取用户帐号 strSignature = rtcData.GetString("Sign") '获取rtcData对象的Sign 的内容,也就是用户签名 form1.user.value= strAccount form1.sign.value = strSignature If Err.Number <> 0 Then MsgBox "程序运行错误 " & Err.Description Err.Clear End If end sub --> </script> </head> <body> <form name="form1" method="get" action="Handler.ashx"> <table> <tr> <td> <!--用户名--> </td> <td> <input type="hidden" name="user" /> </td> </tr> <tr> <td> <!-- 签 名--> </td> <td> <input type="hidden" name="sign" /> </td> </tr> <tr> <td> </td> <td> <input name="btnAuthSign" type="submit" id="btnAuthSign" style=" 100px; height: 21px" value="登录OA" size="18"> </td> </tr> </table> </form> <object id="RTXAX" data="data:application/x-oleobject;base64,fajuXg4WLUqEJ7bDM/7aTQADAAAaAAAAGgAAAA==" classid="clsid:5EEEA87D-160E-4A2D-8427-B6C333FEDA4D" viewastext> </object> </body> </html>
后台Handler.ashx(一般处理程序):
添加引用 System.Data.OracleClient和Interop.RTXSAPILib去下载
public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/plain"; string strName = HttpContext.Current.Request.QueryString["user"]; string strSign = HttpContext.Current.Request.QueryString["sign"]; //OA验证 string selectSql = "select * from usr where PHONEHOME=:lName"; DataSet DSRst = ExecuteScalar(ConnString(), CommandType.Text, selectSql, strName); DataTable table = DSRst.Tables[0]; RTXSAPILib.IRTXSAPIRootObj RootObj = new RTXSAPILib.RTXSAPIRootObjClass(); RTXSAPILib.IRTXSAPIUserAuthObj2 AuthObj2 = (RTXSAPILib.IRTXSAPIUserAuthObj2)RootObj.UserAuthObj; bool bOK = AuthObj2.SignatureAuth(strName, strSign); if (bOK == true && table != null && table.Rows.Count > 0) { context.Response.Redirect("http://192.168.30.157:8078/MainPages/Login.htm?username=" + strName + "uId=" + table.Rows[0]["ID"]); //验证通过 } else { context.Response.Redirect("http://192.168.30.157:8078/MainPages/Login.htm"); } } ////提供的接口,Url参数格式:..Login.htm?username=admin&password=c4ca4238a0b923820dcc509a6f75849b // $().ready(function () { // if (request("username") == "") { // return; // } // else { // var uName = escape(request("username")); // $.ajax({ // type: "POST", // url: "../WebSiteRequestManager.ashx", // data: { method: "BlnLogin", ValidateUser: uName, selectxt: $("#selxt").val() }, // success: function (msg) { // alert(msg); // if (msg == "Main" || msg == null) { // top.location = "../MainPages/WindowMain.htm"; // } // } // }); // } // }); public static string ConnString() { return System.Web.Configuration.WebConfigurationManager.AppSettings["OrclConnectionstring"]; } public static DataSet ExecuteScalar(string connectionString, CommandType cmdType, string cmdText, string uname) { OracleConnection orclCon = new OracleConnection(connectionString);//添加引用 System.Data.OracleClient OracleCommand Cmd = new OracleCommand(cmdText, orclCon); Cmd.Parameters.AddWithValue(":lName", uname); orclCon.Open(); DataSet ds = new DataSet(); OracleDataAdapter da = new OracleDataAdapter(Cmd); da.Fill(ds); return ds; }