Web Service 身份验证
解决方案一:通过通过SOAP Header身份验证。
1.我们实现一个用于身份验证的类,文件名MySoapHeader.cs
MySoapHeader类继承自System.Web.Services.Protocols.SoapHeader。且定义了两个成员变量,UserName和PassWord,还定义了一个用户认证的函数ValideUser。它提供了对UserName和PassWord检查的功能
using
System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.Services;
using System.Web.Services.Protocols;
/// <summary>
/// MySoapHeader 的摘要说明
/// </summary>
public class MySoapHeader:SoapHeader
{
public MySoapHeader()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
public string UserName;
public string PassWord;
public bool ValideUser( string in_UserName, string in_PassWord)
{
if ((in_UserName == " zxq " ) && (in_PassWord == " 123456 " ))
{
return true ;
}
else
{
return false ;
}
}
}
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.Services;
using System.Web.Services.Protocols;
/// <summary>
/// MySoapHeader 的摘要说明
/// </summary>
public class MySoapHeader:SoapHeader
{
public MySoapHeader()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
public string UserName;
public string PassWord;
public bool ValideUser( string in_UserName, string in_PassWord)
{
if ((in_UserName == " zxq " ) && (in_PassWord == " 123456 " ))
{
return true ;
}
else
{
return false ;
}
}
}
2.下面我们创建WebService.asmx WebService.cs代码如下:
using
System;
using System.Collections;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
/// <summary>
/// WebService 的摘要说明
/// </summary>
[WebService(Namespace = " http://tempuri.org/ " )]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class WebService : System.Web.Services.WebService
{
public WebService()
{
// 如果使用设计的组件,请取消注释以下行
// InitializeComponent();
}
public MySoapHeader header; /// /定义用户身份验证类变量header
[WebMethod(Description = " 用户验证测试 " )]
[System.Web.Services.Protocols.SoapHeader( " header " )] // 用户身份验证的soap头
public string HelloWorld( string contents)
{
// 验证是否有权访问
if (header.ValideUser(header.UserName, header.PassWord))
{
return contents + " 执行了 " ;
}
else
{
return " 您没有权限访问 " ;
}
}
}
using System.Collections;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
/// <summary>
/// WebService 的摘要说明
/// </summary>
[WebService(Namespace = " http://tempuri.org/ " )]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class WebService : System.Web.Services.WebService
{
public WebService()
{
// 如果使用设计的组件,请取消注释以下行
// InitializeComponent();
}
public MySoapHeader header; /// /定义用户身份验证类变量header
[WebMethod(Description = " 用户验证测试 " )]
[System.Web.Services.Protocols.SoapHeader( " header " )] // 用户身份验证的soap头
public string HelloWorld( string contents)
{
// 验证是否有权访问
if (header.ValideUser(header.UserName, header.PassWord))
{
return contents + " 执行了 " ;
}
else
{
return " 您没有权限访问 " ;
}
}
}
3.客户端 创建个Default.aspx
Default.aspx .cs代码
using
System;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load( object sender, EventArgs e)
{
com.cn1yw.WebService test = new com.cn1yw.WebService(); // web引用(改成您自己的)
com.cn1yw.MySoapHeader Header = new com.cn1yw.MySoapHeader(); // web引用创建soap头对象(改成您自己的)
// 设置soap头变量
Header.UserName = " zxq " ;
Header.PassWord = " 123456 " ;
test.MySoapHeaderValue = Header;
// 调用web 方法
Response.Write(test.HelloWorld( " 我是强 " ));
}
}
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load( object sender, EventArgs e)
{
com.cn1yw.WebService test = new com.cn1yw.WebService(); // web引用(改成您自己的)
com.cn1yw.MySoapHeader Header = new com.cn1yw.MySoapHeader(); // web引用创建soap头对象(改成您自己的)
// 设置soap头变量
Header.UserName = " zxq " ;
Header.PassWord = " 123456 " ;
test.MySoapHeaderValue = Header;
// 调用web 方法
Response.Write(test.HelloWorld( " 我是强 " ));
}
}
解决方案二:通过集成windows身份验证。
1. 将web服务程序设为集成windows身份验证
2.客户端web引用代码
Test.WebReference.Service1 wr = new Test.WebReference.Service1(); //生成web service实例
wr.Credentials = new NetworkCredential("guest","123"); //guest是用户名,该用户需要有一定的权限
lblTest.Text = wr.Add(2,2).ToString(); //调用web service方法
该方案的优点是比较安全,性能较好,缺点是不便于移植,部署工作量大。
转[しovの沉没]