WebService access encryption and webservice Encryption
WebService encryption allows you to set the access username and password for WebService, enhancing the security of WebService so that WebService can only be used by authorized users.
Specific steps:
1. Define a soapheader derived class to verify WebService Access Permissions
- <Span style = "font-size: 10px;"> using System;
- Using System. Data;
- Using System. Configuration;
- Using System. Web;
- Using System. Web. Security;
- Using System. Web. UI;
- Using System. Web. UI. HtmlControls;
- Using System. Web. UI. WebControls;
- Using System. Web. UI. WebControls. WebParts;
- /// <Summary>
- /// Summary of MySoapHeader
- /// </Summary>
- Public class MySoapHeader: System. Web. Services. Protocols. SoapHeader
- {
- Private string _ uname = string. Empty; // webservice access Username
- Public string Uname
- {
- Get {return _ uname ;}
- Set {_ uname = value ;}
- }
- Private string _ password = string. Empty; // webservice Access password
- Public string Password
- {
- Get {return _ password ;}
- Set {_ password = value ;}
- }
- Public MySoapHeader ()
- {
- //
- // TODO: add the constructor logic here
- //
- }
- Public MySoapHeader (string uname, string upass)
- {
- Init (uname, upass );
- }
- Private void init (string uname, string upass)
- {
- This. _ password = upass;
- This. _ uname = uname;
- }
- // Verify whether the user has the right to access the internal interface
- Private bool isValid (string uname, string upass, out string msg)
- {
- Msg = "";
- If (uname = "admin" & upass = "admin ")
- {
- Return true;
- }
- Else {
- Msg = "Sorry! You do not have permission to call this WebService! ";
- Return false;
- }
- }
- // Verify whether the user has the right to access the external interface
- Public bool isValid (out string msg)
- {
- Return isValid (_ uname, _ password, out msg );
- }
- }
- </Span>
2. Define the WebService to be verified.
- <Span style = "font-size: 10px;"> using System;
- Using System. Collections;
- Using System. Linq;
- Using System. Web;
- Using System. Web. Services;
- Using System. Web. Services. Protocols;
- Using System. Xml. Linq;
- /// <Summary>
- /// Summary of test
- /// </Summary>
- [WebService (Namespace = "http://tempuri.org/")]
- [WebServiceBinding (ConformsTo = WsiProfiles. BasicProfile1_1)]
- // To allow ASP. net ajax to call this Web service from a script, cancel the comments to the downstream.
- // [System. Web. Script. Services. ScriptService]
- Public class test: System. Web. Services. WebService {
- Public test (){
- // If you use the designed component, uncomment the following line
- // InitializeComponent ();
- }
- Public MySoapHeader myheader = new MySoapHeader ();
- [WebMethod]
- Public string HelloWorld () {// common WebService, no verification required
- Return "Hello World ";
- }
- [SoapHeader ("myheader")] // the WebService with this header needs to be verified. If this header is not added, it is a common WebService and does not need to be verified.
- [WebMethod (Description = "querying product prices by product number", EnableSession = true)]
- Public string GetProductPrice2 (string ProductId)
- {
- String msg = "";
- // Verify the access permission
- If (! Myheader. isValid (out msg ))
- {
- Return-1; // return the error message
- }
- Return ProductId;
- }
- }
- </Span>
3. Client call Method
Reference WebService definition WebService name: Myservice
- <Span style = "font-size: 10px;"> using System;
- Using System. Configuration;
- Using System. Data;
- Using System. Web;
- Using System. Web. Security;
- Using System. Web. UI;
- Using System. Web. UI. HtmlControls;
- Using System. Web. UI. WebControls;
- Using System. Web. UI. WebControls. WebParts;
- Public partial class _ Default: System. Web. UI. Page
- {
- Protected void Page_Load (object sender, EventArgs e)
- {
- Myservice. test te = new abc. test ();
- Myservice. MySoapHeader myhead = new MySoapHeader ();
- Myhead. Uname = "admin"; // enter the WebService access Username
- Myhead. Password = "admin"; // enter the WebService Access Password
- Te. MySoapHeaderValue = myhead ;//
- String test = te. GetProductPrice2 ("OK! ");
- Response. Write (aa); // if the user name and password are entered correctly, the output is OK; otherwise, the output is incorrect.
- }
- } </Span>