1. Use soapheader to pass and verify the user
Web service endCode:
1.1 first create a system. Web. Services. Protocols. soapheader
Credentialsoapheader class:
Public class credentialsoapheader: soapheader
{
Private string _ username;
Private string _ userpassword;
Public String Username
{
Get {return _ username ;}
Set {_ username = value ;}
}
Public String userpassword
{
Get {return _ userpassword ;}
Set {_ userpassword = value ;}
}
}
1.2 create a Web Service for external publishing
Public class myservice: system. Web. Services. WebService
{
Private credentialsoapheader m_credentials;
Public credentialsoapheader credentails
{
Get {return m_credentials ;}
Set {m_credentials = value ;}
}
// Externally published services
[Webmethod (bufferresponse = true, description = "Welcome
Method ", cacheduration = 0, enablesession = false,
Messagename = "hellofriend", transactionoption =
Transactionoption. Required)]
[Soapheader ("credentails")]
Public String welcome (string username)
{
This. verifycredential (this );
Return "welcome" + username;
}
// Verify validity
private void verifycredential (myservice s)
{< br>
If (S. credentails = NULL |
S. credentails. username = NULL |
S. credentails. userpassword = NULL)
{< br>
throw new soapexception ("Verification Failed
failed", soapexception. clientfaultcode, "security ");
}< br>
// here, You can further customize user verification
}< BR>
Create a client using myservice (winform is used as an instance here)
Add reference of myservice first
public class clientform: system. windows. forms. form
{
Public clientform ()
{
myservice S = new myservice ();
This. initwebserviceproxy (s);
string temp = S. welcome ("test");
MessageBox. show (temp);
}
Private void initwebserviceproxy (myservice S)
{
Credentialsoapheader soapheader =
New credentialsoapheader ();
Soapheader. Username = "test ";
Soapheader. userpassword = "test ";
S. credentialsoapheadervalue = soapheader;
String urlsettings = NULL; // This can be obtained from the configuration file
If (urlsettings! = NULL)
{
S. url = urlsettings;
}
S. Credentials = (system. net. networkcredential)
Credentialcache. defaultcredentials;
}
}
2. Use the authentication ticket (authorizationticket)
Using system. Web. Security;
[Webmethod ()]
Public String getauthorizationticket (string username, string password)
{
// Here you can perform some custom verification actions, such as verifying the user's legality in the database.
Formsauthenticationticket ticket = new
Formsauthenticationticket (username, false, timeout );
String encryptedticket =
Formsauthentication. Encrypt (ticket );
Context. cache. insert (encryptedticket, username, null,
Datetime. Now. addminutes (timeout), timespan. Zero );
Return encryptedticket;
}
Private bool isticketvalid (string ticket, bool isadmincall)
{
If (ticket = NULL | context. cache [ticket] = NULL)
{
// Not authenticated
Return false;
}
Else
{
// Verify the validity of the user in the database.
}
}
[Webmethod ()]
Public book getbookbybookid (INT bookid)
{
If (isticketvalid)
{
// The operation can be performed only after the verification is passed.
}
}