Authentication when WS is called in Flash _ 6: user authentication and authorized access by ws

It is very easy to build the ws service on Asp.net and perform user verification. There are three authentication methods for Asp.net: Windows | Forms | Passport, among which Forms is the most used and most flexible. There is no difference between normal Aspx user authentication and authorized access. Forms authentication provides good support for user authorization. in asmx, the user's identity is verified and the identity is sent back to the client's cookie. After the user accesses the web application, the identity cookie is sent to the server together with the identity cookie. The authorization settings on the server can control the access authorization of different users according to different directories.
The following example shows how to implement role-based user authentication and authorized access in Flash + asp.net WS.
1. directory structure
Claw root directory
Default. aspx default access page
Default. build Nant compilation File
Global. asax
Global. asax. cs handles Application_AuthorizeRequest events
Login. asmx
Login. asmx. cs ws service, User login
Web. config application configuration file
Admin sub-directory, authorized access directory
Web. config application configuration file
Ws service authorized by admin. asmx
Admin. asmx. cs
Bin sub-directory, place the compiled dll file

2. Authentication:
In this example, the admin directory is authorized to be accessed by the admin user group. User identity authentication is mainly set through the <authorization> </authorization> section in the web. config file under two levels of directories (of course. You can also use the <location> section to set the <authentication> section when setting web. config in the root directory as follows, and define the application to use Forms settings:
<Authentication mode = "Forms">
<Forms name = ". AKS_Claw" loginUrl = "./default. aspx" timeout = "1" path = "/"/>
</Authentication>

<Authorization> This section allows anonymous users to access:
<Authorization>
<Allow users = "*"/>
</Authorization>

The admin directory is mainly used to place anonymous access. Because Forms authentication does not support the Roles attribute, User Role authorization is completed in Global. asax:
<Configuration>
<System. web>
<Authorization>
<Deny users = "? "/>
</Authorization>
</System. web>
</Configuration>

The following code writes the WS service login. asmx:
/* ===================================================== ======================================

C # Source File -- Created with SAPIEN technology Primalcode 3.0

NAME: login. asmx. cs

AUTHOR: JimLee, Dxl School
DATE: 2004-10-19

COMMENT: check user logon

========================================================== ===================================== */

Using System;
Using System. Web;
Using System. Web. Security;
Using System. Web. Services;
Using System. Security. Principal;

Namespace AKS. Claw {
[WebService (Namespace = "http://www.AKS2046.com/ws/", Description = "check user login and save to client", Name = "login")]
Public class login: WebService {
Public login (){}

[WebMethod (Description = "check user logon")]
Public bool checkUser (string uName, string uPW ){
Bool t = false;
If (confirm (uName, uPW )){
WriteUserTicket (uName, uPW );
T = true;
}
Return t;
}

[WebMethod (Description = "check whether a user logs in as admin")]
Public bool showRoles (){
String tstr = "";
Tstr = Context. User. Identity. ToString ();
Return Context. User. IsInRole ("admin ");
}

Private void WriteUserTicket (string uName, string uPW ){
String userRoles = UserToRole (uName );
FormsAuthenticationTicket tk = new FormsAuthenticationTicket (1, uName, DateTime. Now, DateTime. Now. AddMinutes (1), false, userRoles ,"/");
String Hashtk = FormsAuthentication. Encrypt (tk );
HttpCookie UserCookie = new HttpCookie (FormsAuthentication. FormsCookieName, Hashtk );
Context. Response. Cookies. Add (UserCookie );
}

Private bool confirm (string uName, string uPW ){
Return (uName = "JimLee") & (uPW = "123456 "));
}

Private string UserToRole (string uName ){
String tStr = "user ";
If (uName = "JimLee") tStr = "admin ";
Return tStr;
}
}
}
Here, I am lazy: The Account Verification Method confirm and rule settings are all hardcoded in the code. Hehe.
3. Authorized access
In web. config, user authentication is not set, but anonymous access is forbidden in admin. In fact, I want users of the admin user group to access services in the admin directory. Again: Forms authentication does not support the Roles attribute. Therefore, you can use the IsInRole method of the GenericPrincipal user object to determine whether the user is an admin user group before performing operations. Of course, you can put authorization verification at the method level. Here, I put this process in the Application_AuthorizeRequest event of the application, and do not need to encode each method:
As follows:
/* ===================================================== ======================================

C # Source File -- Created with SAPIEN technology Primalcode 3.0

NAME: Global. asax. cs

AUTHOR: JimLee, Dxl School
DATE: 2004-10-19

COMMENT: <comment>

========================================================== ===================================== */

Using System;
Using System. Collections;
Using System. ComponentModel;
Using System. Web;
Using System. Web. Security;
Using System. Web. SessionState;
Using System. Security. Principal;

Namespace AKS. Claw
{
Public class Global: System. Web. HttpApplication
{
Public Global (){}

Protected void Application_AuthorizeRequest (object Sender, System. EventArgs e ){
HttpApplication App = (HttpApplication) Sender;
HttpContext Ctx = App. Context;
If (Ctx. Request. IsAuthenticated = true ){
FormsIdentity Id = (FormsIdentity) Ctx. User. Identity;
FormsAuthenticationTicket tk = Id. Ticket;
String [] Roles = tk. UserData. Split (',');
Ctx. User = new GenericPrincipal (Id, Roles );
If (Ctx. Request. Path. Split ('/') [2] = "admin "){
If (Ctx. User. IsInRole ("admin") = false ){
Ctx. Response. Redirect (".../default. aspx ");
}
}
}
}

}
}
4. Write the WS service admin. asmx In the admin directory for authorized access:
/* ===================================================== ======================================

C # Source File -- Created with SAPIEN technology Primalcode 3.0

NAME: admin. asmx. cs

AUTHOR: JimLee, Dxl School
DATE: 2004-10-19

COMMENT:

========================================================== ===================================== */

Using System;
Using System. Web;
Using System. Web. Services;

Namespace AKS. Claw {
[WebService (Namespace = "http://www.AKS2046.com/ws/", Description = "Administrator actions", Name = "admin")]
Public class admin: WebService {
Public admin (){}

[WebMethod]
Public string test (){
Return "test ";
}
}
}
5. Nant. build File
Note that the files under the admin directory should be put under the bin directory under the root directory after compilation.
<? Xml version = "1.0" encoding = "gb2312"?>
<Project name = "AKS_Claw_v1.0" default = "run">
<Property name = "basename" value = "AKS_Claw_v1.0"/>
<Property name = "debug" value = "true"/>

<Target name = "clean">
<Delete>
<Fileset>
<Include name = "bin \ $ {basename }-??. Exe "/>
<Include name = "bin \ *. dll"/>
<Include name = "bin \ *. pdb"/>
</Fileset>
</Delete>
</Target>

<Target name = "build" depends = "clean">
<Csc target = "library" output = "bin \ Global. asax. dll" debug = "$ {debug}">
<Sources>
<Include name = "Global. asax. cs"/>
</Sources>
</Csc>
<Csc target = "library" output = "bin \ admin. asmx. dll" debug = "$ {debug}">
<Sources>
<Include name = "admin \ admin. asmx. cs"/>
</Sources>
</Csc>
<Csc target = "library" output = "bin \ login. asmx. dll" debug = "$ {debug}">
<Sources>
<Include name = "login. asmx. cs"/>
</Sources>
</Csc>
<Csc target = "library" output = "bin \ function. dll" debug = "$ {debug}">
<Sources>
<Include name = "function. cs"/>
</Sources>
</Csc>
<Csc target = "exe" output = "bin \$ {basename}-cs.exe" debug = "$ {debug}">
<Sources>
<Include name = "tMain. cs"/>
</Sources>
<References>
<Include name = "bin \ function. dll"/>
</References>
</Csc>

</Target>

<Target name = "run" depends = "build">
<Exec program = "bin \ $ {basenameapps-cs.exe" basedir = "."/>
</Target>
</Project>

Then, you can use Nant to compile and test.