方法如下:
<?php
header('Content-Type: text/html; charset=UTF-8');
define('APP_ROOT', dirname(__FILE__) . DIRECTORY_SEPARATOR);
$wsdlurl = "http://uniplatform.essence.com.cn/UniIdentity.asmx?wsdl";
$domain = "http://tgfx.essence.com.cn";
$qydomain = "http://ep.essence.com.cn";
$scharset = "utf-8";
$qyuser = null;
session_start();
$logincert =(empty($_GET["logincert"])) ? false:trim( $_GET["logincert"]);
$loginsso =(empty($_GET["ssocert"])) ? false:trim( $_GET["ssocert"]);//F38531ADE7D5221BE0438C92070AC392
if($logincert){
//是否已经在本平台登录过
$qyuser = $_SESSION['loginQiYeUserInfo'];
if(isset($qyuser) && !empty($qyuser)){
if( $qyuser['loginCert'] && $qyuser['loginCert'] == $logincert ){
//已经登录 直接进入 系统
echo '<script>window.location.href="'. $domain .'"</script>';exit;
}else{
//清空session
$_SESSION['loginQiYeUserInfo'] = null; //可能是另一个用户进来
}
}else{
//取下COOKIE中是否有
/*if (isset($_COOKIE["loginQissocert"]))
$loginsso = trim($_COOKIE["loginQissocert"]);*/
}
$rest = checkIntoSystem ($wsdlurl ,$logincert,$loginsso , $scharset , $qyuser); //认证
if($rest) {
//把$loginsso 保存到Cookie
//setcookie("loginQissocert", $loginsso,time()+3600);
//去拿到 员工的ID 以及其它信息保存在Session中
echo '<script>window.location.href="'. $domain .'"</script>';exit;
}else{
echo '<script>window.location.href="'. $domain .'/fail.html"</script>';exit;
}
}
/**
* 认证 登录人员
*/
function checkIntoSystem( $wsdlurl ,$logincert,$loginsso ="" ,$scharset="utf-8",& $qyuser =null ){
if(empty($logincert)) return false;
$scoptions = array (
'trace' => true, 'soap_version' => SOAP_1_2,
'exceptions' => false, 'encoding' => $scharset
);
$checkparam = array (
'userIP' => getClientIP(), //IP地址
'loginCert' => @ $logincert ,'SSOCert' => $loginsso, //登录的信息
'target' => "1045"//机器编号
);
//print_r($checkparam);
//调用门户接口测试
try {
$client = new SoapClient($wsdlurl, $scoptions); //print_r($client->__getFunctions()); //print_r($client->__getTypes());
/**
* 验证用用户是否能够进入系统性
*/
$resultdata=null ;
$check_rt = $client->__soapCall("SSOAuthenticat", array($checkparam) );
if ( $check_rt ) { //SSOAuthenticatResult是认证返回值变量
$returnstr = $check_rt->SSOAuthenticatResult;
if ($returnstr) {
$resultdata = explode('|', $returnstr);
}
//print_r($resultdata);
$rcode = trim($resultdata[0]);
switch ($rcode){
case "100":
$logusername = @ trim($resultdata[1]);
$qyuser['loginCert'] = $_GET["logincert"];
$qyuser['ltype'] = "QAN";
$qyuser['loginuname'] = $logusername;
$_SESSION['loginQiYeUserInfo'] = $qyuser; return true;//认证通过 可以登录
break;
case "201": echo "认证结果:验证失败"; break;
case "101": echo "认证结果:没有权限"; break;
default:echo "未知错误"; break;
}
} else {
echo "认证返回结果为NULL,请检查再试。";
}
} catch (SoapFault $soapFault) {
//echo $soapFault;
echo "<===>" . $soapFault->faultstring;
$file = APP_ROOT."logs/error/".date("Ymd_His").time()."log";
file_put_contents($file,$soapFault);//记录异常信息
}
return false;
}
// 定义一个函数getIP()
function getClientIP(){
$ip = "";
if (getenv("HTTP_CLIENT_IP"))
$ip = getenv("HTTP_CLIENT_IP");
else if(getenv("HTTP_X_FORWARDED_FOR"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if(getenv("REMOTE_ADDR"))
$ip = getenv("REMOTE_ADDR");
else $ip = "Unknow";
return $ip;
}
//获取所有部门
function SoapAllDepar($wdsl, $options) {
$mms = $client->GetAllDepartment(NULL);
//$xmlstring = base64_decode($mms->GetAllDepartmentResult);
}