利用客户端代理和SOAPHeader进行Webservice权限控制

一、继承客户端Reference.cs的代理类:

class CustomWSProxy:TestException.localhost.Service
    {
        public CustomWSProxy()
            : base()
        {
            this.InitWebServiceProxy(this);
        }

        private void InitWebServiceProxy(TestException.localhost.Service s)
        {
            TestException.localhost.CredentialSoapHeader header = new TestException.localhost.CredentialSoapHeader();
            header.UserName = "lanshh";
            header.UserPassword = "hello";

            // 为什么更改为CredentialSoapHeaderValue
            // s.Credentials = header;
            s.CredentialSoapHeaderValue = header;
        }
    }

二、客户端调用:
private void button2_Click(object sender, EventArgs e)
        {
            TestException.localhost.CustomWSProxy s = new CustomWSProxy();
            s.MyHelloWorld("hello");
        }

三、Webservice端模拟:
1. SoapHeader的继承类:
///<summary>
/// CredentialSoapHeader 的摘要说明
///</summary>
public class CredentialSoapHeader : System.Web.Services.Protocols.SoapHeader
{
    private string _userName;
    private string _userPassword;

    public CredentialSoapHeader()
    {
        //
        // TODO: 在此处添加构造函数逻辑
        //
    }

    public string UserName
    {
        get return _userName; }
        set { _userName = value; }
    }

    public string UserPassword
    {
        get return _userPassword; }
        set { _userPassword = value; }
    }
}

2. WebService代码(需要优化):
/// <summary> 
/// WebService 的摘要说明 
/// </summary> 
[WebService(Namespace = "http://tempuri.org/")] 
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] 
public class Service : System.Web.Services.WebService 

    private CredentialSoapHeader m_credentials; 
    public CredentialSoapHeader Credentails 
    
        get return m_credentials; } 
        set { m_credentials = value; } 
    } 

    public Service () 

        //如果使用设计的组件,请取消注释以下行 
        //InitializeComponent(); 
    } 

    [WebMethod] 
    [SoapHeader("Credentails")] 
    public string MyHelloWorld(string s) 
    
        this.VerifyCredential(this); 
        
        return "Hello World"
    } 

    //验证是否合法 
    private void VerifyCredential(Service s) 
    
        if (s.Credentails == null || s.Credentails.UserName == null || s.Credentails.UserPassword == null
        
            throw new SoapException("验证失败", SoapException.ClientFaultCode, "Security"); 
        } 
        else 
        
            if (s.Credentails.UserName != "test" ||s.Credentails.UserPassword != "test"
            

                throw new SoapException("用户和密码错误", SoapException.ClientFaultCode, "Security"); 
            } 
        } 
    }  
}
posted @ 2008-06-01 15:29  晓岚  阅读(2958)  评论(0编辑  收藏  举报