【发布时间】:2011-08-25 20:51:35
【问题描述】:
我正在尝试设置一个简单的 HttpModule 来处理我的单点登录服务器之间的身份验证。我已经包含了下面模块的代码。该模块正在访问我的 SSO 并正确进行身份验证;但是,在带有表单的页面上,回发事件未正确发生(例如,即使发生 POST,isPostBack 值始终为 false,按钮点击事件未命中等)。
public sealed class MyAuthenticationModule : IHttpModule
{
public void Init(HttpApplication context)
{
context.AuthenticateRequest += OnAuthenticateRequest;
}
public void Dispose()
{
}
public static void OnAuthenticateRequest(object sender, EventArgs e)
{
FormsAuthentication.Initialize();
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
HttpResponse response = context.Response;
// Validate the ticket coming back from the authentication server
if (!string.IsNullOrEmpty(request["ticket"]))
{
// I can include code for this if you want, but it appears to be
// working correct as whenever I get a ticket from my SSO it is processed
// correctly. I only get a ticket after coming from the SSO server and
// then it is removed from the URL so this only gets hit once.
MyAuthentication.ProcessTicketValidation();
}
if (!request.IsAuthenticated)
{
// redirect to the login server
response.Redirect("https://sso.example.com/login.aspx" + "?" + "service=" +
HttpUtility.UrlEncode(context.Request.Url.AbsoluteUri), false);
}
}
}
编辑
我还要注意,如果我换行:
if (!string.IsNullOrEmpty(request["ticket"]))
到:
if (!string.IsNullOrEmpty(request.QueryString["ticket"]))
问题消失了。
【问题讨论】:
标签: asp.net authentication forms-authentication httpmodule