調用WebService時加入身份驗證,以拒絕未授權的訪
調用WebService時加入身份驗證,以拒絕未授權的訪問
眾所周知,WebService是為企業需求提供的在線應用服務,其他公司或應用軟件能夠通過Internet來訪問並使用這項在線服務。但在有些時候的某些應用服務不希望被未授權訪問,那么此時我們可以一下幾種方法來實現身份驗證。
方法一:在WebService中引入SoapHeader
view plaincopy to clipboardprint?
#region 配置登錄標頭
/// <summary>
/// Code CreateBy BanLao
/// </summary>
public class MySoapHeader : SoapHeader
{
private string strUserName = string.Empty;
private string strPassWord = string.Empty;
public MySoapHeader() { }
public MySoapHeader(string username, string password)
{
this.strUserName = username;
this.strPassWord = password;
}
#region 構造 用戶名|密碼
/// <summary>
/// 用戶名
/// </summary>
public string UserName
{
get { return strUserName; }
set { strUserName = value; }
}
/// <summary>
/// 密碼
/// </summary>
public string PassWord
{
get { return strPassWord; }
set { strPassWord = value; }
}
#endregion
#region 檢測是否正確登錄
/// <summary>
/// 檢測是否正確登錄
/// </summary>
/// <returns></returns>
public bool CheckLogin()
{
if (strUserName == "合法登錄名" && strPassWord == "合法登錄密碼")
{
return true;
}
else
{
return false;
}
}
#endregion
}
#endregion
#region 配置登錄標頭
/// <summary>
/// Code CreateBy BanLao
/// </summary>
public class MySoapHeader : SoapHeader
{
private string strUserName = string.Empty;
private string strPassWord = string.Empty;
public MySoapHeader() { }
public MySoapHeader(string username, string password)
{
this.strUserName = username;
this.strPassWord = password;
}
#region 構造 用戶名|密碼
/// <summary>
/// 用戶名
/// </summary>
public string UserName
{
get { return strUserName; }
set { strUserName = value; }
}
/// <summary>
/// 密碼
/// </summary>
public string PassWord
{
get { return strPassWord; }
set { strPassWord = value; }
}
#endregion
#region 檢測是否正確登錄
/// <summary>
/// 檢測是否正確登錄
/// </summary>
/// <returns></returns>
public bool CheckLogin()
{
if (strUserName == "合法登錄名" && strPassWord == "合法登錄密碼")
{
return true;
}
else
{
return false;
}
}
#endregion
}
#endregion
加入一個服務用於測試:
view plaincopy to clipboardprint?
#region 測試連接
[System.Web.Services.Protocols.SoapHeader("myHeader")]
[WebMethod(Description = "判斷用戶是否開通", EnableSession = true)]
public string _GetValue(string strInputValue)
{
if (myHeader.CheckLogin())
{
string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
return strReturnValue;
}
else
{
return "無效的身份驗證,請重試!";
}
}
#endregion
#region 測試連接
[System.Web.Services.Protocols.SoapHeader("myHeader")]
[WebMethod(Description = "判斷用戶是否開通", EnableSession = true)]
public string _GetValue(string strInputValue)
{
if (myHeader.CheckLogin())
{
string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
return strReturnValue;
}
else
{
return "無效的身份驗證,請重試!";
}
}
#endregion
至此我們想要的需要通過身份驗證的服務配置好了,下面讓我們進行一些測試,新建一個webForm在Page_Load中:
view plaincopy to clipboardprint?
WebLogon.MySoapHeader myHeader = new WebLogon.MySoapHeader();
myHeader.UserName = "約定的合法用戶";
myHeader.PassWord = "約定的合法密碼";
WebLogon.Service This_Service = new WebLogon.Service();
This_Service.MySoapHeaderValue = myHeader;
Response.Write(This_Service._GetValue("This is BanLao's Test Application For SoapHeader. "));
WebLogon.MySoapHeader myHeader = new WebLogon.MySoapHeader();
myHeader.UserName = "約定的合法用戶";
myHeader.PassWord = "約定的合法密碼";
WebLogon.Service This_Service = new WebLogon.Service();
This_Service.MySoapHeaderValue = myHeader;
Response.Write(This_Service._GetValue("This is BanLao's Test Application For SoapHeader. "));
當運行這個WebForm時,如果用戶名和密碼是正確的我們將看到:
This is BanLao's Test Application For SoapHeader. @CopyRight By BanLao 2010
否則
無效的身份驗證,請重試!
方法二:Web Service以Session方式驗證
view plaincopy to clipboardprint?
[WebMethod(Description = "檢測是否正確登錄", EnableSession = true)]
public bool CheckLogin(string strUserName, string strPassword)
{
if (strUserName.Equals("admin") && strPassword.Equals("123456"))
{
Session["LoginState"] = true;
}
else
{
Session["LoginState"] = false;
}
return (bool)Session["LoginState"];
}
#region 測試連接
[WebMethod(Description = "測試連接", EnableSession = true)]
public string _GetValue(string strInputValue)
{
if (Session["LoginState"] == null || Session["LoginState"].Equals(false))
{
return "無效的身份驗證,請重試!";
}
else
{
string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
return strReturnValue;
}
}
#endregion
[WebMethod(Description = "檢測是否正確登錄", EnableSession = true)]
public bool CheckLogin(string strUserName, string strPassword)
{
if (strUserName.Equals("admin") && strPassword.Equals("123456"))
{
Session["LoginState"] = true;
}
else
{
Session["LoginState"] = false;
}
return (bool)Session["LoginState"];
}
#region 測試連接
[WebMethod(Description = "測試連接", EnableSession = true)]
public string _GetValue(string strInputValue)
{
if (Session["LoginState"] == null || Session["LoginState"].Equals(false))
{
return "無效的身份驗證,請重試!";
}
else
{
string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
return strReturnValue;
}
}
#endregion
調用該服務,
view plaincopy to clipboardprint?
WebLogon.Service This_Service = new WebLogon.Service();
This_Service.CookieContainer = new System.Net.CookieContainer();
if (This_Service.CheckLogin("admin", "123456"))
{
Response.Write(This_Service._GetValue("This is BanLao's Test Application For Session. "));
}
WebLogon.Service This_Service = new WebLogon.Service();
This_Service.CookieContainer = new System.Net.CookieContainer();
if (This_Service.CheckLogin("admin", "123456"))
{
Response.Write(This_Service._GetValue("This is BanLao's Test Application For Session. "));
}
當運行這個WebForm時,如果用戶名和密碼是正確的我們將看到:
This is BanLao's Test Application For Session. @CopyRight By BanLao 2010
否則
無效的身份驗證,請重試!
注:如果需要多個合法用戶,可以在WebService中聲明判斷即可