Ruud Lipper
119
CUST/WELK/sso/SSOprodWELK.asp
Normal file
119
CUST/WELK/sso/SSOprodWELK.asp
Normal file
@@ -0,0 +1,119 @@
|
|||||||
|
<%@language="VBScript"%>
|
||||||
|
<%
|
||||||
|
'*******************************************************************
|
||||||
|
'Script: SSO.ASP
|
||||||
|
'
|
||||||
|
' $Revision$
|
||||||
|
' $Id$
|
||||||
|
'
|
||||||
|
'Doel: SSO bewerkstelligen voor ASP providers - deel 1 van 2
|
||||||
|
'*******************************************************************
|
||||||
|
'* declare *********************************************************
|
||||||
|
Dim strGUID, strCTID, strUserName, strKey, strASPUrl, strSharedKey
|
||||||
|
Dim strEncryptedCode, strControlEncryptedCode
|
||||||
|
'* variables *******************************************************
|
||||||
|
strASPUrl = "https://welk.facilitor.nl?sso=1" 'HTTPS URL adres van ASP
|
||||||
|
strSharedKey = "GTAvoxLrNVJOaDQsHSqRHShkDVBTpQsn" 'Sharedkey - Should be the same at target side
|
||||||
|
'*******************************************************************
|
||||||
|
response.Buffer=true
|
||||||
|
Dim proto, zelf
|
||||||
|
If Request.ServerVariables("SERVER_PORT") = 443 Then
|
||||||
|
proto = "https://"
|
||||||
|
Else
|
||||||
|
proto = "http://"
|
||||||
|
End If
|
||||||
|
zelf = proto & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("SCRIPT_NAME")
|
||||||
|
%>
|
||||||
|
<HTML>
|
||||||
|
<HEAD>
|
||||||
|
<SCRIPT LANGUAGE="JavaScript">
|
||||||
|
function fnSubmit() {
|
||||||
|
window.document.form.submit();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
</SCRIPT>
|
||||||
|
</HEAD>
|
||||||
|
<BODY LANGUAGE="javascript" onload="return fnSubmit()">
|
||||||
|
Een moment aub.
|
||||||
|
<form action='<%=strASPUrl%>' method="post" name="form" ID="Form1">
|
||||||
|
<input type="hidden" name="returnurl" value="<%=zelf%>" ID="Hidden1">
|
||||||
|
<%
|
||||||
|
'* request action = requestid ***************************************
|
||||||
|
strGUID = Request.form("guid")
|
||||||
|
strCTID = Request.form("ctid")
|
||||||
|
if strGUID = "" or strCTID = "" then
|
||||||
|
'* first flow: requestid ****************************************
|
||||||
|
%>
|
||||||
|
<input type="hidden" name="action" value="requestid" ID="Hidden2">
|
||||||
|
<input type="hidden" name="jumpTo" value="<%=Request.Querystring("jumpTo")%>" ID="jumpTo">
|
||||||
|
<%
|
||||||
|
else
|
||||||
|
'* second flow: create code *************************************
|
||||||
|
strUserName = Request.ServerVariables("LOGON_USER")
|
||||||
|
if strUserName = "" then
|
||||||
|
strUserName = Request.ServerVariables("REMOTE_USER")
|
||||||
|
if strUserName = "" then
|
||||||
|
strUserName = Request.ServerVariables("HTTP_USER")
|
||||||
|
if strUserName = "" then
|
||||||
|
strUserName = Request.ServerVariables("HTTP_LOGIN")
|
||||||
|
if strUserName = "" then
|
||||||
|
'Forse user to authenticate
|
||||||
|
response.Clear
|
||||||
|
response.Status = 401
|
||||||
|
response.Flush
|
||||||
|
response.End
|
||||||
|
end if
|
||||||
|
end if
|
||||||
|
end if
|
||||||
|
end if
|
||||||
|
|
||||||
|
' * Strip domain name
|
||||||
|
Do While instr(strUserName, "\")>0
|
||||||
|
strUserName = Mid(strUserName, instr(strUserName, "\") + 1)
|
||||||
|
Loop
|
||||||
|
'* crypt ********************************************************
|
||||||
|
'First coding phase
|
||||||
|
strKey = mid(strSharedKey & strGUID,1,Len(strUserName))
|
||||||
|
strEncryptedCode = EnCrypt(strUserName)
|
||||||
|
'Second coding phase
|
||||||
|
strKey = mid(strGUID,1,Len(strEncryptedCode))
|
||||||
|
strEncryptedCode = EnCrypt(strEncryptedCode)
|
||||||
|
'* crypt Controlkey *********************************************
|
||||||
|
'First coding phase
|
||||||
|
strKey = mid(strSharedKey & strCTID,1,Len(strCTID))
|
||||||
|
strControlEncryptedCode = EnCrypt(zelf)
|
||||||
|
'Second coding phase
|
||||||
|
strKey = mid(strCTID,1,Len(strControlEncryptedCode))
|
||||||
|
strControlEncryptedCode = EnCrypt(strControlEncryptedCode)
|
||||||
|
%>
|
||||||
|
<input type="hidden" name="action" value="processcode" ID="Hidden3">
|
||||||
|
<input type="hidden" name="code" value="<%=ConvertToAsc(strEncryptedCode)%>" ID="Hidden4">
|
||||||
|
<input type="hidden" name="ctcode" value="<%=ConvertToAsc(strControlEncryptedCode)%>" ID="Hidden5">
|
||||||
|
<input type="hidden" name="ltcode" value="<%=len(strUserName)%>" ID="Hidden6">
|
||||||
|
<%
|
||||||
|
end if
|
||||||
|
'* Functions ********************************************************
|
||||||
|
Function EnCrypt(strCryptThis)
|
||||||
|
Dim strChar, iKeyChar, iStringChar, i
|
||||||
|
for i = 1 to Len(strCryptThis)
|
||||||
|
iKeyChar = Asc(mid(strKey,i,1))
|
||||||
|
iStringChar = Asc(mid(strCryptThis,i,1))
|
||||||
|
iCryptChar = iKeyChar Xor iStringChar
|
||||||
|
strEncrypted = strEncrypted & Chr(iCryptChar)
|
||||||
|
next
|
||||||
|
EnCrypt = strEncrypted
|
||||||
|
End Function
|
||||||
|
Function ConvertToAsc(strAsc)
|
||||||
|
Dim iCount
|
||||||
|
Dim strTemp
|
||||||
|
ConvertToAsc = ""
|
||||||
|
for iCount = 1 to len(strAsc)
|
||||||
|
strTemp = (asc(mid(strAsc,iCount,1)))
|
||||||
|
ConvertToAsc = ConvertToAsc & len(strTemp) & strTemp
|
||||||
|
next
|
||||||
|
End Function
|
||||||
|
'*********************************************************************
|
||||||
|
%>
|
||||||
|
</form>
|
||||||
|
</BODY>
|
||||||
|
</HTML>
|
||||||
Reference in New Issue
Block a user