内容转自:http://www.cnblogs.com/houdejun214/archive/2007/10/14/923790.html
介绍
最经我开发了为我的客户端返回一些敏感数据的 webservice 方法,我需要找到一个简单的方法来验证调用这些webservice方法的用户身份。这就是我要谈到的方法。
背景
我一直在开发 webservice 方法为我正在开发的客户端。在大多数情况下,他们传递的信息都是适应于任何公共的对象的,但最近我正在开发的一个项目要求我必须采取另一种的验证方法。
代码
我想让它在客户端容易实现,如下所示
1
protected System.Web.UI.WebControls.DataGrid dgData;
2
3
private
void
Page_Load(
object sender, System.EventArgs e)
4
{
5
//simple client
6 AuthWebService.WebService webService = new AuthWebService.WebService();
7 AuthWebService.AuthHeader authentication = new
8 AuthWebService.AuthHeader();
9
10 authentication.Username = "test";
11 authentication.Password = "test";
12 webService.AuthHeaderValue = authentication;
13
14 //Bind the results - do something here
15 DataSet dsData = webService.SensitiveData();
16
17 dgData.DataSource = dsData;
18 dgData.DataBind();
19
20
}
protected System.Web.UI.WebControls.DataGrid dgData;2
3
private
void
Page_Load(
object sender, System.EventArgs e)4
{5
//simple client6
AuthWebService.WebService webService = new AuthWebService.WebService();7
AuthWebService.AuthHeader authentication = new 8
AuthWebService.AuthHeader();9
10
authentication.Username = "test";11
authentication.Password = "test";12
webService.AuthHeaderValue = authentication;13
14
//Bind the results - do something here15
DataSet dsData = webService.SensitiveData();16
17
dgData.DataSource = dsData;18
dgData.DataBind(); 19
20
}
基本上所有应用客户端所要做的只是需要创建一个验证对象实例(此处即为下面要要定义的soap header 和 webservice类),填充用户名称和密码,然后传递此验证对象给webservice项目中。webservice代码也非常的简单,.NET framwork让你能轻松的创建一个自定义继承于SoapHeader 类的SOAP头,在此自定义类中我们添加了新的用户名和密码成员属性
1
<
PRE lang
=
cs
>
using
System.Web.Services.Protocols;
2
3
public
class
AuthHeader : SoapHeader
4
{
5 public string Username;
6 public string Password;
7}
</
PRE
>
<
PRE lang
=
cs
>
using
System.Web.Services.Protocols;2
3
public
class
AuthHeader : SoapHeader4
{5
public string Username;6
public string Password;7
}
</
PRE
>
下一步是添加自定义的验证对象到webservice方法中,在次示例中我包含一个webmethod方法SensitiveData,我了增加我们自定义的新的SOAP头,我们需要添加如下属性到方法中
[SoapHeader (
"
Authentication
"
, Required
=
true
)]
完整的方法定义如下
public
AuthHeader Authentication;[SoapHeader (
"
Authentication
"
, Required
=
true
)][WebMethod (Description
=
"
Returns some sample data
"
)]
public
DataSet SensitiveData()
{ DataSet data = new DataSet(); //Do our authentication //this can be via a database or whatever if(Authentication.Username == "test" && Authentication.Password == "test")
{ //they are allowed access to our sensitive data //just create some dummy data DataTable dtTable1 = new DataTable(); DataColumn drCol1 = new DataColumn("Data", System.Type.GetType("System.String")); dtTable1.Columns.Add(drCol1); DataRow drRow = dtTable1.NewRow(); drRow["Data"] = "Sensitive Data"; dtTable1.Rows.Add(drRow); dtTable1.AcceptChanges(); data.Tables.Add(dtTable1); }else{ data = null;
} return data;}
这里我要提醒一点就是当我所说到的SOAP 头时,我是指的在一个soap请求中的 SOAP:Header元素,与我们常说的http协议中的http header没有关系。soap请求的代码形式如下所示:
1
<?
xml version
=
"
1.0
"
encoding
=
"
utf-8
"
?>
2
<
soap:Envelope xmlns:soap
=
"
http://schemas.xmlsoap.org/soap/envelope/
"
>
3
<
soap:Header
>
4
<
AUTHHEADER xmlns
=
"
http://tempuri.org/
"
>
5
<
USERNAME
>
string
</
USERNAME
>
6
<
PASSWORD
>
string
</
PASSWORD
>
7
</
AUTHHEADER
>
8
</
soap:Header
>
9
<
soap:Body
>
10
<
SENSITIVEDATA xmlns
=
"
http://tempuri.org/
"
/>
11
</
soap:Body
>
12
</
soap:Envelope
>
<?
xml version
=
"
1.0
"
encoding
=
"
utf-8
"
?>
2
<
soap:Envelope xmlns:soap
=
"
http://schemas.xmlsoap.org/soap/envelope/
"
>
3
<
soap:Header
>
4
<
AUTHHEADER xmlns
=
"
http://tempuri.org/
"
>
5
<
USERNAME
>
string
</
USERNAME
>
6
<
PASSWORD
>
string
</
PASSWORD
>
7
</
AUTHHEADER
>
8
</
soap:Header
>
9
<
soap:Body
>
10
<
SENSITIVEDATA xmlns
=
"
http://tempuri.org/
"
/>
11
</
soap:Body
>
12
</
soap:Envelope
>
在实例代码中有相应的client 和 service 源代码
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
