admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
652737902236292241b6497b2cf7fbec6738c244
Facilitor/CUST/AANS/sso/SSOprodAANS.asp
Arthur Egberink f321eb5473 AAFM#32982 -- implementatie SSO2 
svn path=/Website/branches/v2015.1/; revision=25404
2015-06-05 13:36:35 +00:00

120 lines
4.2 KiB
Plaintext
Raw Blame History

<%@language="VBScript"%>
<%
'*******************************************************************
'Script: SSO.ASP
'
' $Revision$
' $Id$
'
'Doel: SSO bewerkstelligen voor ASP providers - deel 1 van 2
'*******************************************************************
'* declare *********************************************************
Dim strGUID, strCTID, strUserName, strKey, strASPUrl, strSharedKey
Dim strEncryptedCode, strControlEncryptedCode
'* variables *******************************************************
strASPUrl = "https://aans.facilitor.nl?sso=2" 'HTTPS URL adres van ASP
strSharedKey = "0cbdd3ad-4428-469a-a5c3-9ab71f8626af" 'Sharedkey - Should be the same at target side
'*******************************************************************
response.Buffer=true
Dim proto, zelf
If Request.ServerVariables("SERVER_PORT") = 443 Then
proto = "https://"
Else
proto = "http://"
End If
zelf = proto & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("SCRIPT_NAME")
%>
<HTML>
<HEAD>
<SCRIPT LANGUAGE="JavaScript">
function fnSubmit() {
window.document.form.submit();
return;
}
</SCRIPT>
</HEAD>
<BODY LANGUAGE="javascript" onload="return fnSubmit()">
Een moment aub.
<form action='<%=strASPUrl%>' method="post" name="form" ID="Form1">
<input type="hidden" name="returnurl" value="<%=zelf%>" ID="Hidden1">
<%
'* request action = requestid ***************************************
strGUID = Request.form("guid")
strCTID = Request.form("ctid")
if strGUID = "" or strCTID = "" then
'* first flow: requestid ****************************************
%>
<input type="hidden" name="action" value="requestid" ID="Hidden2">
<input type="hidden" name="jumpTo" value="<%=Request.Querystring("jumpTo")%>" ID="jumpTo">
<%
else
'* second flow: create code *************************************
strUserName = Request.ServerVariables("LOGON_USER")
if strUserName = "" then
strUserName = Request.ServerVariables("REMOTE_USER")
if strUserName = "" then
strUserName = Request.ServerVariables("HTTP_USER")
if strUserName = "" then
strUserName = Request.ServerVariables("HTTP_LOGIN")
if strUserName = "" then
'Forse user to authenticate
response.Clear
response.Status = 401
response.Flush
response.End
end if
end if
end if
end if
' * Strip domain name
Do While instr(strUserName, "\")>0
strUserName = Mid(strUserName, instr(strUserName, "\") + 1)
Loop
'* crypt ********************************************************
'First coding phase
strKey = mid(strSharedKey & strGUID,1,Len(strUserName))
strEncryptedCode = EnCrypt(strUserName)
'Second coding phase
strKey = mid(strGUID,1,Len(strEncryptedCode))
strEncryptedCode = EnCrypt(strEncryptedCode)
'* crypt Controlkey *********************************************
'First coding phase
strKey = mid(strSharedKey & strCTID,1,Len(strCTID))
strControlEncryptedCode = EnCrypt(zelf)
'Second coding phase
strKey = mid(strCTID,1,Len(strControlEncryptedCode))
strControlEncryptedCode = EnCrypt(strControlEncryptedCode)
%>
<input type="hidden" name="action" value="processcode" ID="Hidden3">
<input type="hidden" name="code" value="<%=ConvertToAsc(strEncryptedCode)%>" ID="Hidden4">
<input type="hidden" name="ctcode" value="<%=ConvertToAsc(strControlEncryptedCode)%>" ID="Hidden5">
<input type="hidden" name="ltcode" value="<%=len(strUserName)%>" ID="Hidden6">
<%
end if
'* Functions ********************************************************
Function EnCrypt(strCryptThis)
Dim strChar, iKeyChar, iStringChar, i
for i = 1 to Len(strCryptThis)
iKeyChar = Asc(mid(strKey,i,1))
iStringChar = Asc(mid(strCryptThis,i,1))
iCryptChar = iKeyChar Xor iStringChar
strEncrypted = strEncrypted & Chr(iCryptChar)
next
EnCrypt = strEncrypted
End Function
Function ConvertToAsc(strAsc)
Dim iCount
Dim strTemp
ConvertToAsc = ""
for iCount = 1 to len(strAsc)
strTemp = (asc(mid(strAsc,iCount,1)))
ConvertToAsc = ConvertToAsc & len(strTemp) & strTemp
next
End Function
'*********************************************************************
%>
</form>
</BODY>
</HTML>
View Git Blame Copy Permalink