[SharePoint 2010 的那些事儿 – Secure Store Service]SharePoint 2010中的单点登录

在SharePoint 2007时代我们可以通过Microsoft Single Sign-on Service来实现单点登录，但到了SharePoint 2010中不再有Single Sign-on这个服务了，取而代之的则是Secure Store Service简称SSS。与以前的SSO一样，SSS也提供了一个数据库实例来保存用于访问某些外部应用程序或外部数据源的用户凭据信息，所不同的是我们不仅可以使用SSS中保存的凭据信息来实现单点登录，同时BDC、Excel Service等服务应用程序现在也可使用SSS中保存的凭据来访问外部数据源。接下来的内容中小弟我将对如何使用SSS实现单点登录进行详细的说明。

与2007相同的是在SP 2010中要实现单点登录依然需要我们写代码来实现，不过在这之前还需要对场中的SSS服务进行初始配置。

对SSS进行初始配置

首先进入SharePoint 2010管理中心，在应用程序管理页面选择管理服务应用程序。

代码

1 using System;
2  using System.Security;
3  using System.Web.UI;
4 using System.Web.UI.WebControls;
5 using System.Web.UI.WebControls.WebParts;
6 using Microsoft.SharePoint;
7 using Microsoft.Office.SecureStoreService.Server;
8 using Microsoft.BusinessData.Infrastructure.SecureStore;
9 namespace SP2010SingleSignOnWebPart.SingleSignOnWebPart
10 {
11     public partial class SingleSignOnWebPartUserControl : UserControl
12     {
13         protected void Button1_Click(object sender, EventArgs e)
14         {
15             string m_userName = string.Empty;
16             string m_password = string.Empty;
17             string m_html = string.Empty;
18             string m_appId = "163Mail";
19             SecureStoreProvider m_provider = new SecureStoreProvider();
20             SPSite m_site = SPContext.Current.Site;
21             SPServiceContext m_serviceContext = SPServiceContext.GetContext(m_site);
22             m_provider.Context = m_serviceContext;
23             try
24             {
25                 SecureStoreCredentialCollection m_sscc = m_provider.GetCredentials(m_appId);
26                 foreach (SecureStoreCredential ssc in m_sscc)
27                 {
28                     switch (ssc.CredentialType)
29                     {
30                         case SecureStoreCredentialType.Generic:
31                             break;
32                         case SecureStoreCredentialType.Key:
33                             break;
34                         case SecureStoreCredentialType.Password:
35                             m_password = ToClrString(ssc.Credential);
36                             break;
37                         case SecureStoreCredentialType.Pin:
38                             break;
39                         case SecureStoreCredentialType.UserName:
40                             m_userName = ToClrString(ssc.Credential);
41                             break;
42                         case SecureStoreCredentialType.WindowsPassword:
43                             break;
44                         case SecureStoreCredentialType.WindowsUserName:
45                             break;
46                         default:
47                             break;
48                     }
49                 }
50                 m_html += "<script>";
51                 m_html += string.Format("window.location.href='http://reg.163.com/login.jsp?url=&type=1&product=&savelogin=&outfoxer=&domains=&syscheckcode=4ecd8fe3803494cff0df5414f321fd5f9afa4c78&username={0}%40163.com&password={1}&Submit='", m_userName, m_password);
52                 m_html += "</script>";
53                 Response.Write(m_html);
54             }
55             catch (Exception ex)
56             {
57                 Response.Write("<script>window.location.href= '/_layouts/SecureStoreSetCredentials.aspx?TargetAppId=" + m_appId + "';</script>");
58             }
59         }
60         internal string ToClrString(SecureString p_string)
61         {
62             var m_ptr = System.Runtime.InteropServices.Marshal.SecureStringToBSTR(p_string);
63             try
64             {
65                 return System.Runtime.InteropServices.Marshal.PtrToStringBSTR(m_ptr);
66             }
67             finally
68             {
69                 System.Runtime.InteropServices.Marshal.FreeBSTR(m_ptr);
70             }
71         }
72     }
73 }