WebService 用户名密码验证

在项目开发的过程中,WebService是经常要用的,当调用WebService方法时,需要经过服务的验证才可以调用,一般就是用户名/密码验证,还有一个就是证书.下面程序使用的是用户名/密码的方式,很简单的一个程序.

项目截图:

XFS0AP{4)[[5ZA1{AFB[B_H

先看服务端的代码(ws_Service)

MySoapHeader.cs   这里通过继承SoapHeader实现对用户名/密码的验证

 

public class MySoapHeader:System.Web.Services.Protocols.SoapHeader
   {
       private string userID = string.Empty;
       private string userPW = string.Empty;

       public string UserId
       {
           get { return userID; }
           set { userID = value; }
       }
       public string UserPW
       {
           get { return userPW; }
           set { userPW = value; }
       }
       public MySoapHeader()
       { }
       public MySoapHeader(string name, string password)
       {
           userID = name;
           userPW = password;
       }

       private bool IsValid(string nUserId, string nPassWord, out string nMsg)
       {
           nMsg = "";
           try
           {
               if (nUserId == "admin" && nPassWord == "admin")
               {
                   return true;
               }
               else
               {
                   nMsg = "对不起,你无权调用Web服务";
                   return false;
               }
           }
           catch
           {
               nMsg = "对不起,你无权调用Web服务";
               return false;
           }
       }
       public bool IsValid(out string nMsg)
       {
           return IsValid(userID,userPW,out nMsg);
       }
   }

 

Service1.asmx文件代码:

[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]

public class Service1 : System.Web.Services.WebService
{
    public MySoapHeader myHeader = new MySoapHeader();
    [WebMethod]
    public string GetMsg()
    {
        Thread.Sleep(5000);
        return "Hello World";
    }

    [SoapHeader("myHeader")]
    [WebMethod(Description="获取用户列表")]
    public string GetMain()
    {
        string msg = "";
        if (!myHeader.IsValid(out msg))
        {
            return msg;
        }
        return "Main";
    }
}

这里面有两个方法,其中GetMsg方法是不需要验证的,而GetMain方法需要进行用户名/密码的验证,这个可以在客户端调用时进行验证.

 

客户端添加对服务端的引用…

Program.cs文件

class Program
{
    static void Main(string[] args)
    {
        localhost.Service1SoapClient proxy = new ws_Client.localhost.Service1SoapClient();
        MySoapHeader header = new MySoapHeader();

        header.UserId = "admin";
        header.UserPW = "admin";
        string result = proxy.GetMain(header);

        //string result = proxy.GetMsg();

        Console.WriteLine(result);
        Console.ReadKey();
    }

}
posted on 2012-08-07 14:04  peter_zhang  阅读(16849)  评论(0编辑  收藏  举报