添加Soap头来增加Web Service的安全性

http://www.cnblogs.com/edobnet/

专注于 .Net (edobnet)

myService.asmx.cs

添加类:MyHeader System.Web.Services.Protocols.SoapHeader继承

完整的代码如下

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Diagnostics;

using System.Web;

using System.Web.Services;

//soap Head引用添加的命名空间

using System.Web.Services.Protocols;

 

namespace study

{

    /// <summary>

    /// myService 的摘要说明。

    /// </summary>

    //[WebService(Namespace="http://MyServer/MyWebServices/")]

    public class myService : System.Web.Services.WebService

    {

        /// <summary>

        /// Soap头实例

        /// </summary>

        public MyHeader myHeader=new MyHeader();

 

        public myService()

        {

             //CODEGEN: 该调用是 ASP.NET Web服务设计器所必需的

 

             InitializeComponent();

 

        }

 

        #region组件设计器生成的代码

        

         //Web 服务设计器所必需的

        private IContainer components = null;

                  

        /// <summary>

        /// 设计器支持所需的方法 -不要使用代码编辑器修改

        /// 此方法的内容。

        /// </summary>

        private void InitializeComponent()

        {

        }

 

        /// <summary>

        /// 清理所有正在使用的资源。

        /// </summary>

        protected overridevoid Dispose( bool disposing )

        {

             if(disposing && components != null)

             {

                  components.Dispose();

             }

             base.Dispose(disposing);        

        }

        

        #endregion

 

        // WEB 服务示例

        // HelloWorld() 示例服务返回字符串 Hello World

        // 若要生成,请取消注释下列行,然后保存并生成项目

        // 若要测试此 Web服务,请按 F5

 

        [WebMethod]

        public string HelloWorld()

        {

             return "Hello World";

        }

        [SoapHeader("myHeader")]

        [WebMethod(Description="ddddddd",EnableSession=true)]

        public string HelloWorld2(string contents)

        {

             string msg = "";

             //验证是否有权访问

             if(!myHeader.IsValid(out msg))

                  return msg;

             return "Hello World:"+contents;

        }

    }

    public class MyHeader : System.Web.Services.Protocols.SoapHeader

    {

        private string _UserID=string.Empty;

        private string _PassWord=string.Empty;

 

        /// <summary>

        /// 构造函数

        /// </summary>

        public MyHeader()

        {

 

        }

        /// <summary>

        /// 构造函数

        /// </summary>

        /// <param name="nUserID">用户ID</param>

        /// <param name="nPassWord">加密后的密码</param>

        public MyHeader(string nUserID,string nPassWord)

        {

             Initial(nUserID,nPassWord);

        }

        

        #region属性

 

        /// <summary>

        /// 用户名

        /// </summary>

        public string UserID

        {

             get{return _UserID;}

             set{_UserID=value;}

        }

        /// <summary>

        /// 加密后的密码

        /// </summary>

        public string PassWord

        {

             get{return _PassWord;}

             set{_PassWord=value;}

        }

 

        #endregion

        #region方法

 

        /// <summary>

        /// 初始化

        /// </summary>

        /// <param name="nUserID">用户ID</param>

        /// <param name="nPassWord">加密后的密码</param>

        public void Initial(string nUserID,string nPassWord)

        {

             UserID=nUserID;

             PassWord=nPassWord;

        }

        /// <summary>

        /// 用户名密码是否正确

        /// </summary>

        /// <param name="nUserID">用户ID</param>

        /// <param name="nPassWord">加密后的密码</param>

        /// <param name="nMsg">返回的错误信息</param>

        /// <returns>用户名密码是否正确</returns>

        public bool IsValid(string nUserID,string nPassWord,outstring nMsg)

        {

             nMsg="";

             try

             {

                  //判断用户名密码是否正确

                  if(nUserID == "admin" && nPassWord == "admin"){

                      return true;

                  }

                  else

                  {

                      nMsg="对不起,你无权调用此Web服务,可能有如下原因:\n 1.您的帐号被管理员禁用。\n 2.您的帐号密码不正确";

                      return false;

                  }

             }

             catch

             {

                  nMsg="对不起,你无权调用此Web服务,可能有如下原因:\n 1.您的帐号被管理员禁用。\n 2.您的帐号密码不正确";

                  return false;

             }

        }

        /// <summary>

        /// 用户名密码是否正确

        /// </summary>

        /// <returns>用户名密码是否正确</returns>

        public bool IsValid(outstring nMsg)

        {

             return IsValid(_UserID,_PassWord,out nMsg);

        }

 

        #endregion

}

 

}

通过soap调用的代码如下:

             // 在此处放置用户代码以初始化页面

             //创建myService对象

             MyWebServer.myService service = new study.MyWebServer.myService();

             //创建soap头对象

             MyWebServer.MyHeader header = new study.MyWebServer.MyHeader();

             //设置soap头变量

             header.PassWord = "admin";

             header.UserID = "admin";

             service.MyHeaderValue = header;

             //调用web方法

           this.Label1.Text = service.HelloWorld2("dob");

你可能感兴趣的:(添加Soap头来增加Web Service的安全性)