SoapHeader為webservice的頭部信息,頭部信息可用於相關的驗證等功能
在webservice服務端定義SoapHeader類,繼承自SoapHeader
/// <summary>
/// 用於webservice認證
/// </summary>
public class CertficateSoapHeader : SoapHeader
{
/// <summary>
/// 屬性
/// </summary>
public string UserName { get; set; }
public string PassWord { get; set; }
public CertficateSoapHeader() { }
/// <summary>
/// 構造函數認證
/// </summary>
/// <param name="userName">用戶名</param>
/// <param name="passWord">密碼</param>
public CertficateSoapHeader(string userName, string passWord)
{
this.UserName = userName;
this.PassWord = passWord;
}
}
服務類中:
public class BotWebService : System.Web.Services.WebService
{
public CertficateSoapHeader soapHeader;
[SoapHeader("soapHeader",Direction=SoapHeaderDirection.In)]//這里的聲明必需和上次的名字對應
[WebMethod]
public string HelloWorld()
{
if (myHeader.UserName == null || myHeader.PassWord == null)
{
break;
}
if (myHeader.UserName.Equals("LY") && myHeader.PassWord.Equals("LY"))
{
return "Hello World";
break;
}
else
{
throw new SoapHeaderException("認證失敗", SoapException.ClientFaultCode);}
}
客戶端調用:
BotWebServiceSoapClient service = new BotWebServiceSoapClient();
// BotWebService service = new BotWebService();
CertficateSoapHeader header = new CertficateSoapHeader();
header.UserName = "LY";
header.PassWord = "LY";
service.CertficateSoapHeaderValue = header;
string aa = service.HelloWorld(header);
這樣就能正常返回,如果不定義,就不能認證
這種方式實現起來比較簡單,但在webservice中每個webmethod方法中都必須加上if。。else。。的判斷條件,使用起來不夠靈活,從軟件設計的角度講藕合性太強,
一般的權限認證和日志認證,一般會用動態代理來處理相關問題. 而在webservice中一般用SoapExtensionAttribute和SoapExtension方法來處理。