WebService head加密,可以對 WebService設置訪問用戶名和密碼,增強 WebService的安全性 使 WebService只能被授權用戶使用。
具體實現步驟:
1、 定義一個 soapheader派生類用來實現 WebService訪問權限驗證
具體實現步驟:
1、 定義一個 soapheader派生類用來實現 WebService訪問權限驗證
- <span style="font-size:10px;">using System;
- using System.Data;
- using System.Configuration;
- using System.Web;
- using System.Web.Security;
- using System.Web.UI;
- using System.Web.UI.HtmlControls;
- using System.Web.UI.WebControls;
- using System.Web.UI.WebControls.WebParts;
- /// <summary>
- ///MySoapHeader 的摘要說明
- /// </summary>
- public class MySoapHeader:System .Web .Services .Protocols .SoapHeader
- {
- private string _uname = string.Empty;//webservice訪問用戶名
- public string Uname
- {
- get { return _uname; }
- set { _uname = value; }
- }
- private string _password = string.Empty;//webservice訪問密碼
- public string Password
- {
- get { return _password; }
- set { _password = value; }
- }
- public MySoapHeader()
- {
- //
- //TODO: 在此處添加構造函數邏輯
- //
- }
- public MySoapHeader(string uname, string upass)
- {
- init(uname, upass);
- }
- private void init(string uname, string upass)
- {
- this._password = upass;
- this._uname = uname;
- }
- //驗證用戶是否有權訪問內部接口
- private bool isValid(string uname, string upass, out string msg)
- {
- msg = "";
- if (uname == "admin" && upass =="admin")
- {
- return true;
- }
- else {
- msg = "對不起!您無權調用此WebService!";
- return false;
- }
- }
- //驗證用戶是否有權訪問外部接口
- public bool isValid(out string msg)
- {
- return isValid(_uname, _password,out msg);
- }
- }
- </span>
2、 定義有需要驗證的 WebService。
- <span style="font-size:10px;">using System;
- using System.Collections;
- using System.Linq;
- using System.Web;
- using System.Web.Services;
- using System.Web.Services.Protocols;
- using System.Xml.Linq;
- /// <summary>
- ///test 的摘要說明
- /// </summary>
- [WebService(Namespace = "http://tempuri.org/")]
- [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
- //若要允許使用 ASP.NET AJAX 從腳本中調用此 Web 服務,請取消對下行的注釋。
- // [System.Web.Script.Services.ScriptService]
- public class test : System.Web.Services.WebService {
- public test () {
- //如果使用設計的組件,請取消注釋以下行
- //InitializeComponent();
- }
- public MySoapHeader myheader = new MySoapHeader();
- [WebMethod]
- public string HelloWorld() {//普通WebService,無需驗證
- return "Hello World";
- }
- [SoapHeader("myheader")]//加入此頭部的WebService需要驗證,不加則為普通WebService無需驗證
- [WebMethod(Description = "根據產品編號查詢產品的價格", EnableSession = true)]
- public string GetProductPrice2(string ProductId)
- {
- string msg = "";
- //驗證是否有權訪問
- if (!myheader.isValid(out msg))
- {
- return -1;//返回錯誤信息
- }
- return ProductId;
- }
- }
- </span>
3、 客戶端調用方法
引用 WebService定義 WebService名稱為 :Myservice
- <span style="font-size:10px;">using System;
- using System.Configuration;
- using System.Data;
- using System.Web;
- using System.Web.Security;
- using System.Web.UI;
- using System.Web.UI.HtmlControls;
- using System.Web.UI.WebControls;
- using System.Web.UI.WebControls.WebParts;
- public partial class _Default : System.Web.UI.Page
- {
- protected void Page_Load(object sender, EventArgs e)
- {
- myservice.test te = new abc.test();
- myservice.MySoapHeader myhead = new MySoapHeader();
- myhead.Uname = "admin";//輸入WebService訪問用戶名
- myhead.Password = "admin";//輸入WebService訪問密碼
- te.MySoapHeaderValue = myhead;//
- string test = te.GetProductPrice2("ok!");
- Response.Write(aa);//用戶名、密碼輸入正確則輸出ok 否則輸出 錯誤msg
- }
- } </span>
也推薦另外一個cookie的方式http://blog.csdn.net/dz45693/article/details/6151170