ASP.NET中WebService的两种身份验证方法
一、通过SOAP Header身份验证
此方法是通过设置SOAP Header信息来验证身份,主要通过以下几步:
1、在服务端实现一个SOAP Header类
public class CredentialSoapHeader : System.Web.Services.Protocols.SoapHeader
{
//验证身份的用户名
public string UserId
{
get;
set;
}
//验证身份的密码
public string Password
{
get;
set;
}
}
2、创建WebService
[WebService(Namespace=http://tempuri.org/)]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class WebService : System.Web.Services.WebService
{
public WebService()
{
//如果使用设计的组件,请取消注释以下行
//InitializeComponent();
}
//生成一个CredentialSoapHeader类的实例
public CredentialSoapHeader header;
[WebMethod(Description="用户验证测试")]
[System.Web.Services.Protocols.SoapHeader("header")] //用户身份验证的soap header
public string HelloWorld(string contents)
{
//验证是否有权访问(当然,也可以通过查询数据库实现,具体视项目要求)
if(header.UserId.equals("admin") && header.Password.equals("admin"))
{
return "Hello World " + contents;
}
else
{
return "无权使用此服务";
}
}
}
3、调用WebService
protected void Button1_Click(object sender, EventArgs e)
{
localhost.WebService service = new localhost.WebService();
localhost.CredentialSoapHeader header = new localhost.CredentialSoapHeader();
//设置SOAP Header
Header.UserId = "admin";
Header.Password = "admin";
service.CredentialSoapHeader = header;
//调用Web方法
Response.Write(service.HelloWorld("测试"));
}
二、通过集成windows身份验证
1、将WebService设为集成Windows身份验证
2、客户端引用代码
localhost.WebService service = new localhost.WebService();
service.Credentials = new NetworkCredential("guest","123"); //guest是用户名,123是密码
string result = service.HelloWorld("测试");