Sub initSSO(apname, appath) on error resume next isLogin = KRBClient.IsLoginSSO() if err then err.clear location.href = "installAtx.htm" exit sub end if pkiVer = AresPKIClient.GetVersion() if err then err.clear location.href = "installAtx.htm" end if if isLogin = 0 then GetAPTicket apname,"NEWECPA.CPA.GOV.TW",appath,"_self" end If end sub function AdjustSystemTime() KRBClient.AdjustSystemTime End function Function GetAPTicket(apName,Domain,apPath,apTarget) isLogin = KRBClient.IsLoginSSO() if isLogin = 69 then '尚未登入,導向該系統的首頁 apPath = MID(apPath, 8) apPath = "http://" & MID(apPath, 1, InStr(apPath, "/")) window.open apPath, "pics", "" else if Right(apPath,4) = ".htm" OR Right(apPath,5) = ".html" then set linkobj = document.createElement("a") linkobj.setAttribute "id", "ssolink" linkobj.setAttribute "href", apPath linkobj.setAttribute "target", "_blank" document.body.appendChild linkobj document.getElementById("ssolink").click() else KRBClient.m_Site = "http://ecpa.cpa.gov.tw/uIAM/ARES_SSO/SSO_Proxy/proxy.asp" rv = KRBClient.GetAPTicket(apName,Domain) if rv <> 0 then Select Case rv Case 7 Msgbox("沒有此應用程式,或是此應用程式已被停用。") exit function Case 37 Msgbox("時間與伺服器誤差值太大" & vbCrLf & "請利用「國家時間與頻率標準實驗室」的 NTP 校時軟體調整電腦時間。") location.href = "http://www.stdtime.gov.tw/chinese/exe/NTPClock.exe" exit function Case 69 '尚未登入,導向該系統的首頁 Msgbox("您尚未登入Ecpa") exit function Case Else Msgbox("取得應用系統門票失敗,請將錯誤訊息回報管理者rv = " & rv) End Select exit function end if rv = KRBClient.GetAPEncodedData(apName, Domain, APReqEncodedData) User = KRBClient.m_bsUserName if rv <> 0 then MsgBox("取得AP的門票失敗(GetAPEncodedData) : "&rv) exit function end if set divobj = document.createElement("div") divobj.setAttribute "id", "ssoticket" document.body.appendChild divobj document.getElementById("ssoticket").innerHTML = "
" if KRBClient.m_IsICCardLogin = 1 then document.SendTicket.loginType.value="1" elseif KRBClient.m_IsICCardLogin = 2 then document.SendTicket.loginType.value="2" elseif KRBClient.m_IsICCardLogin = 0 then document.SendTicket.loginType.value="0" else document.SendTicket.loginType.value="0" end if document.SendTicket.APReqEncodedData.value = APReqEncodedData document.SendTicket.action=apPath document.SendTicket.target=apTarget document.SendTicket.submit end if end if End function Function LoginSSO(User,Pass,apid,sso_verify) KRBClient.m_IsICCardLogin = 0 KRBClient.m_Site = "http://ecpa.cpa.gov.tw/uIAM/ARES_SSO/SSO_Proxy/proxy.asp" User = UCase(User) rv = KRBClient.LoginSSO(User,Pass,"NEWECPA.CPA.GOV.TW") Select Case rv Case 1 Msgbox("網路連線失敗,請稍待一下再重新登入。") exit function Case 18 Msgbox("此帳戶已被鎖定,請通知管理人員。") exit function Case 24 Msgbox("帳號或密碼輸入錯誤,請確認帳號密碼。") exit function Case 6 Msgbox("帳號或密碼輸入錯誤,請確認帳號密碼。") exit function Case 37 Msgbox("時間與伺服器誤差值太大" & vbCrLf & "人事服務網將提供您連結下載校時軟體來調整電腦時間,請在按下確定鈕後,執行所跳出的「檔案下載對話框」。") location.href = "http://www.stdtime.gov.tw/chinese/exe/NTPClock.exe" exit function Case 23 Msgbox("密碼已過期,請變更密碼。") document.write "
" document.write "" document.write "
" ChangePasswd.userID.value = User ChangePasswd.submit() exit function Case 0 Domain = "NEWECPA.CPA.GOV.TW" apName = apid apTarget = "_self" if (Pass = "1111111") then apPath = sso_verify & "?new=1" else apPath = sso_verify end if KRBClient.m_Site = "http://ecpa.cpa.gov.tw/uIAM/ARES_SSO/SSO_Proxy/proxy.asp" rv = KRBClient.GetAPTicket(apName,Domain) if rv <> 0 then Select Case rv Case 7 Msgbox("沒有此應用程式,或是此應用程式已被停用。") exit function Case 37 Msgbox("時間與伺服器誤差值太大" & vbCrLf & "請利用「國家時間與頻率標準實驗室」的 NTP 校時軟體調整電腦時間。") location.href = "http://www.stdtime.gov.tw/chinese/exe/NTPClock.exe" exit function Case 69 '尚未登入,導向該系統的首頁 Msgbox("您尚未登入Ecpa") exit function Case Else Msgbox("取得應用系統門票失敗,請將錯誤訊息回報管理者rv = " & rv) End Select exit function end if rv = KRBClient.GetAPEncodedData(apName, Domain, APReqEncodedData) User = KRBClient.m_bsUserName if rv <> 0 then MsgBox("取得AP的門票失敗(GetAPEncodedData) : "&rv) exit function end if set divobj = document.createElement("div") divobj.setAttribute "id", "ssoticket" document.body.appendChild divobj document.getElementById("ssoticket").innerHTML = "
" document.SendTicket.loginType.value="0" document.SendTicket.APReqEncodedData.value = APReqEncodedData document.SendTicket.action=apPath document.SendTicket.target=apTarget document.SendTicket.submit exit function Case Else Msgbox("登入失敗,請將錯誤訊息回報管理者rv = " & rv) exit function End Select End function Function LoginSSO2(User,Pass,apid,sso_verify) KRBClient.m_Site = "http://ecpa.cpa.gov.tw/uIAM/ARES_SSO/SSO_Proxy/proxy.asp" User = UCase(User) rv = KRBClient.LoginSSO(User,Pass,"NEWECPA.CPA.GOV.TW") Select Case rv Case 1 Msgbox("網路連線失敗,請稍待一下再重新登入。") exit function Case 18 Msgbox("此帳戶已被鎖定,請通知管理人員。") exit function Case 24 Msgbox("不好意思,您的密碼曾經變更過,但是系統內部沒有同步到,請先使用帳號密碼登入ECPA,然後變更一下您的密碼。") exit function Case 6 Msgbox("不好意思,您的密碼曾經變更過,但是系統內部沒有同步到,請先使用帳號密碼登入ECPA,然後變更一下您的密碼。") exit function Case 37 Msgbox("時間與伺服器誤差值太大" & vbCrLf & "請利用「國家時間與頻率標準實驗室」的 NTP 校時軟體調整電腦時間。") location.href = "http://www.stdtime.gov.tw/chinese/exe/NTPClock.exe" exit function Case 23 Msgbox("密碼已過期,請變更密碼。") document.write "
" document.write "" document.write "
" ChangePasswd.userID.value = User ChangePasswd.submit() exit function Case 0 if (Pass = "1111111") then GetAPTicket apid,"NEWECPA.CPA.GOV.TW",sso_verify & "?new=1","_self" else GetAPTicket apid,"NEWECPA.CPA.GOV.TW",sso_verify,"_self" end if exit function Case Else Msgbox("登入失敗,請將錯誤訊息回報管理者rv = " & rv) End Select End function Function LoginSSOByICCard(apid,sso_verify) AresPKIClient.setLicense "4029b8db0518f5a2bde13c8e576271b0c9d7fd4739bfff5e69a7f9d2b96c5e238ebdf809c46c60880b8bdff5af07ab6d47e40d36682df3d912fbf7774e475aedc8e76f458458bdf3ad4fd92066e856c0951c690c6aaf30e90b24aa39305565601fd5fa8176e1bba726547e402772ca290acce302a6f5ace9372eddd86840cc11","資通電腦股份有限公司" ret = AresPKIClient.Init("HiCOSPKCS11.dll") if ret = 0 then GetEncryptedPassword UserName, EncryptedPassword if EncryptedPassword <> "" then if AresPKIClient.DecodeByToken(EncryptedPassword, pincode, 0) = false then KRBClient.m_IsICCardLogin = 0 msgbox "解密封包失敗,錯誤訊息:" & AresPKIClient.GetErrorMessage msgbox EncryptedPassword else LoginSSO2 UserName, AresPKIClient.envDecodedData, apid, sso_verify end if else KRBClient.m_IsICCardLogin = 0 end if else msgbox AresPKIClient.GetErrorMessage exit function end if AresPKIClient.Finalize End function Function GetEncryptedPassword(UserName,EncryptedPassword) KRBClient.m_EncryptedPasswordSite = "http://ecpa.cpa.gov.tw/uIAM/ARES_SSO/SSO_Service/GetEncryptedPassword.asp" if AresPKIClient.GetCertFromToken(2,,0) = true then hexCertArray = AresPKIClient.certificates for i=LBound(hexCertArray) to UBound(hexCertArray) ret = AresPKIClient.DecodeCertificate(hexCertArray(i)) if ret = 0 then sn = AresPKIClient.GetCertSubjectSN cn = AresPKIClient.GetCertSubjectCN subject = AresPKIClient.GetCertSubjectName cert = hexCertArray(i) if cn = "" then KRBClient.m_IsICCardLogin = 2 else KRBClient.m_IsICCardLogin = 1 end if rv = KRBClient.GetEncryptedPassword(UCase(sn),UserName,EncryptedPassword) if rv = 0 and UserName <> "" and EncryptedPassword <> "" then exit function else if UserName = "" and EncryptedPassword <> "" then if EncryptedPassword = "revoked" then msgbox "憑證已廢止" else msgbox EncryptedPassword end if EncryptedPassword = "" exit function end if end if else msgbox "解析IC卡內憑證發生錯誤" exit function end if next 'msgbox "找不到對應的憑證資訊,請先使用帳號密碼方式登入ECPA再到我的專區上傳憑證" 'msgbox "找不到對應的憑證資訊,請先使用帳號密碼方式登入ECPA再上傳憑證" msgbox "找不到對應的憑證資訊,請依下列步驟完成憑證上傳作業" if KRBClient.m_IsICCardLogin = 1 then KRBClient.m_IsICCardLogin = 0 window.open "/uIAM/Ares_SSO/SSO_Login/Token/login.asp", "", "width=620,height=400,scrollbars=yes" else KRBClient.m_IsICCardLogin = 0 'msgbox "請先使用人事主管的身分登入ECPA,再到我的專區上傳機關憑證" window.open "/uIAM/Ares_SSO/SSO_Login/Token2/login.asp", "", "width=620,height=400,scrollbars=yes,status=yes" end if exit function else msgbox "裝置內無加密憑證" exit function end if End function function showticket() KRBClient.ShowTicket End function on error resume next activeX1 = IsObject(CreateObject("AresPKIAtx.AtxClient")) 'CLSID: EA9EBB6D-6CBB-4BF8-9A12-E0664FFFF93E activeX2 = IsObject(CreateObject("AresKrbAtx.KrbClient")) 'CLSID: 2C2D4879-285C-4716-8B74-61EBD2418B0E