1, and the validation code is transmitted using SoapHeader Web Service end user: to create a class that inherits from 1.1 System.Web.Services.Protocols.SoapHeader CredentialSoapHeader class: public class CredentialSoapHeader: SoapHeader {private string _userName; private string _userPassword;
Public string username {get {return_username;} set {_username = value;}}
Public string userpassword {get {return _userpassword;} set {_USERPASSWORD = value;}}}
1.2 Creating released a Web Service method public class MyService: System.Web.Services.WebService {private CredentialSoapHeader m_credentials; public CredentialSoapHeader Credentails {get {return m_credentials;} set {m_credentials = value;}} // released Service [WebMethod (BufferResponse = true, Description = "Welcome method", CacheDuration = 0, EnableSession = false, MessageName = "HelloFriend", TransactionOption = TransactionOption.Required)] [SoapHeader ( "Credentails")] public string Welcome (string userName) {this .Verifycredential (this); Return "Welcome" UserName;}
// verify the legality of private void VerifyCredential (MyService s) {if (s.Credentails == null || s.Credentails.UserName == null || s.Credentails.UserPassword == null) {throw new SoapException ( "verification failure "SOAPEXCEPTION.CLIENTFAULTCODE," SECURITY ");} / / You can further customize user authentication}}
Create a client using MyService (use WinForm to do instance) first add MyService's reference to the public class clientform: system.windows.forms.form {public clientform () {MyService s = new myservice (); this.initwebserviceProxy (s); string temp = s.welcome ("test"); messagebox.show (temp);
private void InitWebServiceProxy (MyService s) {CredentialSoapHeader soapHeader = new CredentialSoapHeader (); soapHeader.UserName = "test"; soapHeader.UserPassword = "test"; s.CredentialSoapHeaderValue = soapHeader; string urlSettings = null; // profile from here Acquired
IF (UrlSettings! = null) {s.url = urlsetting;
s.Credentials = (System.Net.NetworkCredential) CredentialCache.DefaultCredentials;}} 2, using the authentication ticket (AuthorizationTicket) using System.Web.Security; [WebMethod ()] public string GetAuthorizationTicket (string userName, string password) {// here you can do some custom validation actions, such as validation of the legitimacy of the user in the database, etc. FormsAuthenticationTicket ticket = new FormsAuthenticationTicket (userName, false, timeOut); string encryptedTicket = FormsAuthentication.Encrypt (ticket); Context.Cache.Insert (encryptedTicket Username, null, datetime.now.addminutes (timeout), timeout, return encryptedticket;}
Private Bool IsticketValid (String Ticket, Bool Isadmincall) {if (Ticket == Null || Context.cache [Ticket] == NULL) {// NOT Authenticated Return False;} else {// Here is some verification, such as Verify the legality of the user in the database}}
[WebMethod ()] Public book recogn (Istic) {if (iSticketValid) {// verification can be performed to perform a specific operation}}
