C#调用Web Service时的身份验证
C#调用Web Service时的身份验证
在项目开发,我们经常会使用WebService,但在使用WebService时我们经常会考虑以下问题:怎么防止别人访问我的WebService?从哪里引用我的WebService?对于第一个问题,就涉及到了WebService是安全问题,因为我们提供的WebService不是允许所有人能引用 的,可能只允许本公司或者是通过授权的人才能使用的。那怎么防止非法用户访问呢?很容易想到通过一组用户名与密码来防止非法用户的调用 。
在System.Net中提供了一个NetworkCredential,通过它我们可以在网络中提供一个凭证,只有获得该凭证的用户才能访问相应的服务的权限。在这里我们也使用NetworkCredential。在NetworkCredential中,我们通过提供WebService发布所在的服务器名称,以及登录服务器并调用该WebService的用户名及密码(在IIS中配置)。
在调用WebService时设置其Credential属性,把上面得到的Credential凭证赋值给它,这样只有使用提供的用户名及密码才能调用WebService服务了而其他用户则无法访问,这样就能能满足防止WebService被别人调用了。
至于主机名,用户名及密码,对于B/S可以通过webconfig来配置,对于C/S可以使用应用程序配置文件。这样就能灵活地配置了。
如下以C/S为例来说明,首先我们提供一个服务器网络凭证,然后通过WebRequest来验证连接是否成功。当然了,为了保存用户名与密码等的安全,可以对其进行加密等手段来保证其安全。
以下是主要源代码:![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
1
/// <summary>
2
/// 服务器网络凭证
3
/// </summary>
4
/// <returns></returns>
5
public static NetworkCredential MyCred()
6
{
7
string loginUser = Properties.Settings.Default.UserName;//用户名
8
string loginPSW = Properties.Settings.Default.UserPSW;//密码
9
string loginHost = Properties.Settings.Default.HostName;//主机名,可以是IP地址,也可以服务器名称
10
NetworkCredential myCred = new NetworkCredential(loginUser,loginPSW, loginHost);
11
//NetworkCredential myCred = new NetworkCredential("username", "123456", "yourip");//"username", "123456", "yourservername"
12
return myCred;
13
}
14
/// <summary>
15
/// 验证是否成功连接到服务器,若连接成功,则返回TRUE
16
/// </summary>
17
/// <param name="url">服务器WebService URL</param>
18
/// <returns></returns>
19
public static bool Credential(string url)
20
{
21
//定义局部变量
22
string url = G_Url;//2009-02-25 陈辉聪 服务器验证只验证到机器
23![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
24
try
25
{
26
if (myWebResponse == null)
27
{
28
WebRequest myWebRequest = WebRequest.Create(url);//根据URL创建一个连接请求
29
myWebRequest.Credentials = MyCred();//获取验证的凭证,这是最重要的一句
30
myWebRequest.Timeout = 20000;//单位为毫秒
31![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
32
myWebResponse = myWebRequest.GetResponse();//返回连接成功时的信息
33
}
34
}
35
catch (WebException wex)//无法连接到服务器,可能是因为服务器错误或用户名与密码错误
36
{
37
if (myWebResponse != null)//毁销
38
{
39
myWebResponse.Close();
40
myWebResponse = null;
41
}
42![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
43
return false;
44
}
45
catch (Exception ex)
46
{
47
if (myWebResponse != null)
48
{
49
myWebResponse.Close();
50
myWebResponse = null;
51
}
52![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
53
return false;
54![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
55
}
56
finally
57
{
58
}
59![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
60
return true;
61
}
62![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
63
private static WS_Webasic.WS_Webasic webasic =null;//实现华WS_Webasic.WS_Webasic
64![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
65
/// <summary>
66
/// WS_Webasic初始化
67
/// </summary>
68
public static WS_Webasic.WS_Webasic WS_Webasic
69
{
70
get
71
{
72
if (webasic == null)//若webasic 为空,则重新实例化,这样可以减少验证的时间,提高效率
73
{
74
//webasic = new ZEDI.WS_Webasic.WS_Webasic();
75
//wsBool = Credential(webasic.Url);//URL改为服务器地址 2009-02-25 陈辉聪 chhuic@163.com
76
wsBool = Credential(G_Url);
77
if (wsBool == true) //服务器连接验证通过
78
{
79
webasic = new WS_Webasic.WS_Webasic();//实例化
80
webasic.Credentials = MyCred();//得到服务器连接凭证,这样该WebService可以放心的连接了
81
}
82
}
83
return webasic;
84
}
85
}注:
(1)必须引用 System.Net;
(2)对WebService发访问,在IIS里取消匿名访问权限,若允许匿名访问,就没有必须提供验证凭证了。IIS里怎么取消匿名访问 权限请参照IIS相关文章,这里不在累赘。
验证是有时速度会比较慢,主要是因为myWebResponse = myWebRequest.GetResponse();时速度比较慢,若有更好的方法验证网络连接是否成功的话,请告诉我,呵呵。。。
通过以上的实现,就实现了WebService的安全访问问题,若还有更好的方法,不吝赐教
在System.Net中提供了一个NetworkCredential,通过它我们可以在网络中提供一个凭证,只有获得该凭证的用户才能访问相应的服务的权限。在这里我们也使用NetworkCredential。在NetworkCredential中,我们通过提供WebService发布所在的服务器名称,以及登录服务器并调用该WebService的用户名及密码(在IIS中配置)。
在调用WebService时设置其Credential属性,把上面得到的Credential凭证赋值给它,这样只有使用提供的用户名及密码才能调用WebService服务了而其他用户则无法访问,这样就能能满足防止WebService被别人调用了。
至于主机名,用户名及密码,对于B/S可以通过webconfig来配置,对于C/S可以使用应用程序配置文件。这样就能灵活地配置了。
如下以C/S为例来说明,首先我们提供一个服务器网络凭证,然后通过WebRequest来验证连接是否成功。当然了,为了保存用户名与密码等的安全,可以对其进行加密等手段来保证其安全。
以下是主要源代码:
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
1
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
2
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
3
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
4
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
5
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
6
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
7
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
8
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
9
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
10
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
11
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
12
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
13
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
14
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
15
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
16
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
17
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
18
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
19
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
20
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
21
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
22
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
23
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
24
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
25
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
26
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
27
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
28
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
29
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
30
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
31
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
32
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
33
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
34
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
35
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
36
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
37
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
38
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
39
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
40
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
41
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
42
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
43
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
44
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
45
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
46
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
47
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
48
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
49
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
50
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
51
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
52
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
53
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
54
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
55
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
56
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
57
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
58
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
59
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
60
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
61
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
62
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
63
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
64
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
65
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
66
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
67
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
68
![](https://www.cnblogs.com/Images/OutliningIndicators/None.gif)
69
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif)
70
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
71
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
72
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
73
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
74
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
75
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
76
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
77
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
78
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
79
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
80
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
81
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
82
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
83
![](https://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif)
84
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
85
![](https://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif)
(1)必须引用 System.Net;
(2)对WebService发访问,在IIS里取消匿名访问权限,若允许匿名访问,就没有必须提供验证凭证了。IIS里怎么取消匿名访问 权限请参照IIS相关文章,这里不在累赘。
验证是有时速度会比较慢,主要是因为myWebResponse = myWebRequest.GetResponse();时速度比较慢,若有更好的方法验证网络连接是否成功的话,请告诉我,呵呵。。。
通过以上的实现,就实现了WebService的安全访问问题,若还有更好的方法,不吝赐教
虽功未成,亦未敢藏私,众侠诸神通尽录于此,竟成一笈,名葵花宝典,以飨后世。
邮箱:steven9801@163.com
QQ: 48039387
邮箱:steven9801@163.com
QQ: 48039387