webService訪問加密-Soapheader

WebService head加密，能夠對 WebService設置訪問用戶名和密碼，加強 WebService的安全性 使 WebService只能被受權用戶使用。 

具體實現步驟： 

一、 定義一個 soapheader派生類用來實現 WebService訪問權限驗證

<span style="font-size:10px;">using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;

/// <summary>
///MySoapHeader 的摘要說明
/// </summary>
public class MySoapHeader:System .Web .Services .Protocols .SoapHeader
{
    private string _uname = string.Empty;//webservice訪問用戶名

    public string Uname
    {
        get { return _uname; }
        set { _uname = value; }
    }
    private string _password = string.Empty;//webservice訪問密碼

    public string Password
    {
        get { return _password; }
        set { _password = value; }
    }


    public MySoapHeader()
    {
     //
     //TODO: 在此處添加構造函數邏輯
     //
    }
    public MySoapHeader(string uname, string upass)
    {
        init(uname, upass);
    }
    private void init(string uname, string upass)
    {
        this._password = upass;
        this._uname = uname;
    }
    //驗證用戶是否有權訪問內部接口
    private bool isValid(string uname, string upass, out string msg)
    {
        msg = "";
        if (uname == "admin" && upass =="admin")
        {
            return true;
        }
        else {
            msg = "對不起！您無權調用此WebService！";
            return false;
        }
    }
    //驗證用戶是否有權訪問外部接口
    public bool isValid(out string msg)
    {
        return isValid(_uname, _password,out msg);
    }
}


</span>

二、 定義有須要驗證的 WebService。 

<span style="font-size:10px;">using System;
using System.Collections;
using System.Linq;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.Xml.Linq;

/// <summary>
///test 的摘要說明
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
//若要容許使用 ASP.NET AJAX 從腳本中調用此 Web 服務，請取消對下行的註釋。
// [System.Web.Script.Services.ScriptService]
public class test : System.Web.Services.WebService {

    public test () {

        //若是使用設計的組件，請取消註釋如下行
        //InitializeComponent();
    }
    public MySoapHeader myheader = new MySoapHeader();
    [WebMethod]
    public string HelloWorld() {//普通WebService，無需驗證
        return "Hello World";
    }
    [SoapHeader("myheader")]//加入此頭部的WebService須要驗證，不加則爲普通WebService無需驗證

    [WebMethod(Description = "根據產品編號查詢產品的價格", EnableSession = true)]

    public string GetProductPrice2(string ProductId)
    {

        string msg = "";

        //驗證是否有權訪問

        if (!myheader.isValid(out  msg))
        {

            return -1;//返回錯誤信息

        }

        return ProductId;
    }
 }
   </span>

三、 客戶端調用方法 

引用 WebService定義 WebService名稱爲 :Myservice

<span style="font-size:10px;">using System;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        myservice.test te = new abc.test();
        myservice.MySoapHeader myhead = new MySoapHeader();
        myhead.Uname = "admin";//輸入WebService訪問用戶名
        myhead.Password = "admin";//輸入WebService訪問密碼
        te.MySoapHeaderValue = myhead;//
        string test = te.GetProductPrice2("ok!");
      Response.Write(aa);//用戶名、密碼輸入正確則輸出ok 不然輸出 錯誤msg
    }
} </span>

 

 

也推薦另一個cookie的方式http://blog.csdn.net/dz45693/article/details/6151170