Asp.net WebService entry instance

My advertisement unit. Please click here. Thank you!

WebService is a universal model for building applications and can be run in any operating system that supports network communication. WebService is a new Web Application Branch, it is a self-contained, self-describing, and modular application that can be released, located, and called through the Web. Web
A service is an application component that logically provides data and services for other applications. each application accesses the Web through the network protocol and some standard data formats (HTTP, XML, and SOAP ).
You can use the Web service to obtain the required results. Web Service can execute any function from simple requests to complex business processing. After deployment
The service application can discover and call the services it deploys.

Implementing a WebService in Asp.net is actually a very simple task. Just like creating a website, you need to know how to make your WebService more robust, safer, and more stable.

This article focuses on two things: How to build a WebService, and how to add SOAP header authentication to increase security.

Good first:

① Open vs -- create a project -- select Web -- select Asp.net Web Service Application

　　

② Well, a WebService is successful. You can run it directly and use other programs to call the helloworld method.

③ You can write your own methods with parameters.

　　
WebService is easy to implement, but it is very dangerous for all programs to call your WebService. WebService provides many security features, such as SOAP header authentication, Token password authentication, SSL authentication, form authentication, and self-constructed parameter authentication.

　　
The SOAP header authentication method is used here.

① First, we construct an authentication class. Note that the class inherits the purple soapheader. Enter the user name and password in the authentication class.

Using system;
Using system. Collections. Generic;
Using system. LINQ;
Using system. Web;

Namespace amsendmsg
{
Public class certificate: system. Web. Services. Protocols. soapheader
{
Public certificate (){}
/// <Summary>
/// User Name
/// </Summary>
Public String username {Get; set ;}

/// <Summary>
/// Password
/// </Summary>
Public String password {Get; set ;}
}
}

　　
② WebService Method

Using system;
Using system. Collections. Generic;
Using system. LINQ;
Using system. Web;
Using system. Web. Services;
Using CJ;
Using system. Data;
Using system. configuration;

Namespace amsendmsg
{

[WebService (namespace = "http://www.chinacloudtech.com/")]
[Webservicebinding (conformsto = wsiprofiles. basicprofile1_1)]
[System. componentmodel. toolboxitem (false)]

Public class amsendmsg: system. Web. Services. WebService
{
Public certificate CER = new certificate ();


[System. Web. Services. Protocols. soapheader ("CER")]
[Webmethod]
Public String sendmsg (string sender, string senderpwd, string jsoner, string subject, string content, bool ishtml)
{
Try
{
Cj_develophelper.sqlconn_str = configurationmanager. deleettings ["amdbconnect"]. tostring ();

// First, verify that you have the permission to call this function.
Cj_develophelper.sqlstr = "select * From webserviceuser where username = '" + server. htmlencode (Cer. username. Replace ("'", "") + "'";

}
}
}

　　

③ Note: In WebService, first obtain the user name and password, that is, the CER. username, Cer. after obtaining the password, verify that the authentication is correct in the system database and have the permission to call this method. Here, I have prepared a WebService permission control table that specifies the method that the user can call. The table structure is very simple.

Username Authentication Name, password, and method to call methods. Then each client needs to apply for an authentication key like this method. In fact, a data entry is inserted into the table. Then use the applied key to access this WebService method.

④ This is one of my security verification ideas. In fact, it can be expanded again, such as agreeing on encryption algorithms and encrypting SOAP Headers. for B/S, you can use machine codes as passwords.

⑤ Client call

private void button1_Click(object sender, EventArgs e)
        {
            EPWS.AMSendMsgSoapClient sc = new EPWS.AMSendMsgSoapClient();
            EPWS.Certificate cer = new EPWS.Certificate();
            cer.UserName = "xxx";
            cer.PassWord = "xxxxx";
            MessageBox.Show(sc.SendMsg(cer, "", "", "", "", "xx<font color=red>xxxxx</font>", true));
        }

　　

This is just a simple getting started example and a common authentication method. You can communicate with us in a better way.