从一个系统单点登录到sharepoint的配置.docx
- 文档编号:8873423
- 上传时间:2023-02-02
- 格式:DOCX
- 页数:32
- 大小:279.76KB
从一个系统单点登录到sharepoint的配置.docx
《从一个系统单点登录到sharepoint的配置.docx》由会员分享,可在线阅读,更多相关《从一个系统单点登录到sharepoint的配置.docx(32页珍藏版)》请在冰豆网上搜索。
从一个系统单点登录到sharepoint的配置
从一个系统单点登录到sharepoint,首先把sharepoint配置成表单登录的形式。
^_^,配置完后就可以给表单自定义代码登录自己添加的后置代码类文件中加上单点登录的代码。
一、创建一个基于声明验证的应用程序。
2、.修改wen.config配置文件。
1.修改WEB应用程序配置文件C:
\inetpub\wwwroot\wss\VirtualDirectories\400
该行
该行
2.修改管理中心配置文件C:
\inetpub\wwwroot\wss\VirtualDirectories\12966
该行
type="Microsoft.Office.Server.Security.LdapMembershipProvider,Microsoft.Office.Server,Version=14.0.0.0,Culture=neutral,PublicKeyToken=71e9bce111e9429c" server="(域控制器服务地址)WIN-9Y7ER4AZW2T" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="CN=Users,DC=gzgi,DC=com" userObjectClass="person" userFilter="(ObjectClass=person)" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" connectionUsername="gzgi\administrator"connectionPassword="merlin"/> type="Microsoft.Office.Server.Security.LdapRoleProvider,Microsoft.Office.Server,Version=14.0.0.0,Culture=neutral,PublicKeyToken=71e9bce111e9429c" server="(域控制器服务地址)WIN-9Y7ER4AZW2T" port="389" useSSL="false" groupContainer="DC=gzgi,DC=com" groupNameAttribute="cn" groupNameAlternateSearchAttribute="samAccountName" groupMemberAttribute="member" userNameAttribute="sAMAccountName" dnAttribute="distinguishedName" groupFilter="((ObjectClass=group)" userFilter="((ObjectClass=person)" scope="Subtree"connectionUsername="gzgi\administrator"connectionPassword="merlin"/> 3.修改安全住处管理中心配置文件: 安全令牌设置SecurityTokenServiceApplication,IIS中找到这个子站点 找到system.web(没有的得自己添加该节点)节点中加上: type="Microsoft.Office.Server.Security.LdapMembershipProvider,Microsoft.Office.Server,Version=14.0.0.0,Culture=neutral,PublicKeyToken=71e9bce111e9429c" server="WIN-9Y7ER4AZW2T" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="CN=Users,DC=gzgi,DC=com" userObjectClass="person" userFilter="(&(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn"connectionUsername="gzgi\administrator"connectionPassword="merlin"/> type="Microsoft.Office.Server.Security.LdapRoleProvider,Microsoft.Office.Server,Version=14.0.0.0,Culture=neutral,PublicKeyToken=71e9bce111e9429c" server="WIN-9Y7ER4AZW2T" port="389" useSSL="false" groupContainer="DC=gzgi,DC=com" groupNameAttribute="cn" groupNameAlternateSearchAttribute="samAccountName" groupMemberAttribute="member" userNameAttribute="sAMAccountName" dnAttribute="distinguishedName" groupFilter="(&(ObjectClass=group))" userFilter="(&(ObjectClass=person))" scope="Subtree"connectionUsername="gzgi\administrator"connectionPassword="merlin" /> 三、打开管理中心--安全性--指定Web应用程序用户策略: 1. 2.右边选择对应站点,然后添加用户, 选择人员: 添加权限--完成。 配置成表单登录完成^_^ 打开网站集可用该添加的用户登录 4、创建一个vs应用程序,添加一个类文件将作该表单登录的自定义代码登录时的后置代码页面。 cs类文件,自定义代码登录结合单点登录代码: usingSystem; usingSystem.Collections.Generic; usingSystem.Linq; usingSystem.Web; usingSystem.Web.UI; usingSystem.Web.UI.WebControls; usingLoginControl=System.Web.UI.WebControls.Login; usingSystem.Security; usingMicrosoft.SharePoint; usingMicrosoft.SharePoint.WebControls; usingMicrosoft.SharePoint.IdentityModel; usingMicrosoft.SharePoint.IdentityModel.Pages; usingSystem.IdentityModel.Tokens; usingMicrosoft.SharePoint.Administration; usingSystem.Web.Security; usingSystem.Runtime.InteropServices; usingSystem.Security.Cryptography; usingSystem.Text; usingSystem.Collections.Specialized; usingSystem.Xml; namespaceFormsSignInPage { publicpartialclass_Default: IdentityModelSignInPageBase { //protectedLoginControlloginControl; //protectedEncodedLiteralClaimsFormsPageMessage; //protectedTextBoxsecureCode; //protectedEncodedLiteralsecureCodeLit; protectedvoidPage_Load(objectsender,EventArgse) { //try //{ //ClaimsFormsPageMessage.Text=""; //loginControl.Focus();secureCode=(TextBox)loginControl.FindControl("secureCode"); //secureCodeLit=(EncodedLiteral)loginControl.FindControl("secureCodeLit"); //} //catch //(Exceptionex) //{ //Response.Write(ex.Message); //} if(! IsPostBack) { //Response.Write("进? 入? "); if(Request["IASID"]==null) { //Response.Write("进? 入? 1"); try { //Response.Write(InterfaceUtility.GetIASID()); if(AppSSOBLL.TOEACAuthenticat(InterfaceUtility.GetIASID(),AppSSOBLL.GetTimeStamp(), Request.Url.ToString(),"")) { //todo } } catch(Exceptionee) { Response.Write(ee.ToString()); } } //接ó受酣笶AC发ぁ? 送í回? 来ぁ? 的? 认? 证¤信? 息¢,如? 果? 通? 过y定¨位? 到? 保馈? 护¤页? 面? if(Request["IASID"]! =null) { //Response.Write("进? 入? 2"); if(Request["Result"].ToString()=="0") { if(AppSSOBLL.ValidateFromEAC(Request["IASID"].ToString(),Request["TimeStamp"].ToString(), Request["UserAccount"].ToString(),Request["Result"].ToString(),Request["ErrorDescription"].ToString(), Request["Authenticator"].ToString())) { FormsAuthentication.SetAuthCookie(Request["UserAccount"],false); stringname=Request["UserAccount"].ToString(); stringpass="123"; Submit(name,pass); //Redircet(); } } } } } /// ///转到内容页 /// //privatevoidRedircet() //{ //try //{ //if(ViewState["ParentUrl"]! =null) //{ //stringurl=ViewState["ParentUrl"].ToString(); //ViewState["ParentUrl"]=null; //System.Web.HttpContext.Current.Response.Redirect(url,false); //} //else //{ ////System.Web.HttpContext.Current.Response.Redirect("",false); //System.Web.HttpContext.Current.Response.Redirect("base.RedirectToSuccessUrl()",false); //} //} //catch(Exceptionex) //{ //Response.Write(ex.ToString()); //} //} /// ///根据安全令牌登录 ////// ////// privatevoidEstablishSessionWithToken(SecurityTokensecurityToken) { if(null==securityToken) { thrownewArgumentNullException("securityToken"); } SPFederationAuthenticationModulefam=SPFederationAuthenticationModule.Current; if(null==fam) { thrownewArgumentException(null,"FederationAuthenticationModule"); } fam.SetPrincipalAndWriteSessionToken(securityToken); } /// ///登录 /// protectedvoidSubmit(stringname,stringpass) { SecurityTokentoken=null; if(null! =(token=GetSecurityToken(name,pass))) { EstablishSessionWithToken(token); base.RedirectToSuccessUrl(); } } /// //////登录事件 ////// ////// ////// //protectedvoidsignInControl_Authenticate(objectsender,AuthenticateEventArgse) //{ //SecurityTokentoken=null; //LoginControlformsLoginControl=senderasLoginControl; //if(null! =(token=GetSecurityToken(formsLoginControl))) //{ //EstablishSessionWithToken(token); //e.Authenticated=true; //base.RedirectToSuccessUrl(); //} //} /// //////获取当前web.congif ////// privateSPIisSettingsIisSettings { get { SPWebApplicationwebApp=SPWebApplication.Lookup(newUri(SPContext.Current.Web.Url)); SPIisSettingssettings=webApp.IisSettings[SPUrlZone.Default]; returnsettings; } } /// //////设置安全令牌 ////// ////// ////// privateSecurityTokenGetSecurityToken(stringname,stringpass) { SecurityTokentoken=null; SPIisSettingsiisSettings=IisSettings; UriappliesTo=base.AppliesTo; if(string.IsNullOrEmpty(name)||string.IsNullOrEmpty(pass)) returnnull; SPFormsAuthenticationProviderauthProvider=iisSettings.FormsClaimsAuthenticationProvider; token=SPSecurityContext.SecurityTokenForFormsAuthentication(appliesTo,authProvider.Membe
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 一个 系统 单点 登录 sharepoint 配置