.Net WebService基于SoapHeader实现安全认证

主要是接收android传递的数据容易受到误导,多留意参数变化。
一、新增一个类MySoapHeader

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services.Protocols;

namespace WebDemo
{
    public class MySoapHeader : SoapHeader
    {
        public MySoapHeader() { }
        public string UserName { get; set; }
        public string PassWord { get; set; }
        public bool ValideUser(string Account, string PassWord)
        {
            if ((Account == "SoapHeader") && (PassWord == "123456"))
                return true;
            else
                return false;
        }
    }
}

2、在WebService类中使用

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Web.Script.Services;
using System.Web.Services;
using System.Web.Services.Protocols;

namespace WebDemo
{
    /// 
    /// WebService 的摘要说明
    /// 
    [WebService(Namespace = "http://tempuri.org/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [System.ComponentModel.ToolboxItem(false)]
    // 若要允许使用 ASP.NET AJAX 从脚本中调用此 Web 服务,请取消注释以下行。 
    [System.Web.Script.Services.ScriptService]
    public class WebService : System.Web.Services.WebService
    {
        public WebService()
        {  
            HttpBrowserCapabilities myBrowserCaps = Context.Request.Browser;
            //判断是否为移动设备
            if (((HttpCapabilitiesBase)myBrowserCaps).IsMobileDevice)
            {
                header = new MySoapHeader();
                header.UserName = Context.Request["HTTP_ACCOUNT"];//帐号
                header.PassWord = Context.Request["HTTP_PASSWORD"];//密码
            }
        }

        public MySoapHeader header; ////定义用户身份验证类变量header
        [WebMethod(Description = "用户WebService基于SoapHeader实现安全认证测试")]
        [SoapHeader("header")]//用户身份验证的soap头 
        public string HelloWorld(string contents)
        {
            //验证是否有权访问
            if (header.ValideUser(header.UserName, header.PassWord))
                return "访问成功";
            else
                return "您没有权限访问!";
        }
    }
}

3、android调用
获取android传递的帐号和密码,设定获取帐号的Key为”HTTP_ACCOUNT”,但是android传递参数的名称是没有”HTTP_”的,即account即可,密码也是如此。
我们查看下android调用部分代码:

@Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        RequestParams params = getParams();
        params.addBodyParameter("contents", "Hello World!");
        new HttpUtils(1500).send(HttpMethod.POST,
                "http://192.168.1.106:105/WebService.asmx/HelloWorld", params,
                new RequestCallBack<string>() {

                    @Override
                    public void onFailure(HttpException arg0, String arg1) {
                        // TODO 自动生成的方法存根
                        LogUtils.d("login----------------------" + arg0);
                    }

                    @Override
                    public void onSuccess(ResponseInfo<string> arg0) {
                        // TODO 自动生成的方法存根
                        LogUtils.d("login----------------------" + arg0.result);
                    }
                });

    }

    public RequestParams getParams() {
        RequestParams params = new RequestParams();
         params.addHeader("account", "SoapHeader");
         params.addHeader("password", "456789");
        return params;
    }

4、PC调用
记得添加服务引用

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using WebDemo.ServiceReference;

namespace WebDemo
{
    public partial class Index : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            ServiceReference.WebServiceSoapClient sc = new WebServiceSoapClient();
            ServiceReference.MySoapHeader Header = new ServiceReference.MySoapHeader();
            Header.UserName = "SoapHeader";
            Header.PassWord = "456789";
            string s = sc.HelloWorld(Header,"Hello World!");
            Response.Write(s);
        }
    }
}

你可能感兴趣的:(.net)