調用WebService時加入身份驗證,以拒絕未授權的訪問
阿新 • • 發佈:2017-10-15
trre size 登錄 p s 服務配置 ext details current return
眾所周知,WebService是為企業需求提供的在線應用服務,其他公司或應用軟件能夠通過Internet來訪問並使用這項在線服務。但在有些時候的某些應用服務不希望被未授權訪問,那麽此時我們可以一下幾種方法來實現身份驗證。
方法一:在WebService中引入SoapHeader
[c-sharp] view plain copy- #region 配置登錄標頭
- /// <summary>
- /// Code CreateBy BanLao
- /// </summary>
- public class MySoapHeader : SoapHeader
- {
- private string strUserName = string.Empty;
- private string strPassWord = string.Empty;
- public MySoapHeader() { }
- public MySoapHeader(string username, string password)
- {
- this.strUserName = username;
- this.strPassWord = password;
- }
- #region 構造 用戶名|密碼
- /// <summary>
- /// 用戶名
- /// </summary>
- public string UserName
- {
- get { return strUserName; }
- set { strUserName = value; }
- }
- /// <summary>
- /// 密碼
- /// </summary>
- public string PassWord
- {
- get { return strPassWord; }
- set { strPassWord = value; }
- }
- #endregion
- #region 檢測是否正確登錄
- /// <summary>
- /// 檢測是否正確登錄
- /// </summary>
- /// <returns></returns>
- public bool CheckLogin()
- {
- if (strUserName == "合法登錄名" && strPassWord == "合法登錄密碼")
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- #endregion
- }
- #endregion
加入一個服務用於測試:
[c-sharp] view plain copy
- #region 測試連接
- [System.Web.Services.Protocols.SoapHeader("myHeader")]
- [WebMethod(Description = "判斷用戶是否開通", EnableSession = true)]
- public string _GetValue(string strInputValue)
- {
- if (myHeader.CheckLogin())
- {
- string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
- return strReturnValue;
- }
- else
- {
- return "無效的身份驗證,請重試!";
- }
- }
- #endregion
至此我們想要的需要通過身份驗證的服務配置好了,下面讓我們進行一些測試,新建一個webForm在Page_Load中:
[c-sharp] view plain copy
- WebLogon.MySoapHeader myHeader = new WebLogon.MySoapHeader();
- myHeader.UserName = "約定的合法用戶";
- myHeader.PassWord = "約定的合法密碼";
- WebLogon.Service This_Service = new WebLogon.Service();
- This_Service.MySoapHeaderValue = myHeader;
- Response.Write(This_Service._GetValue("This is BanLao‘s Test Application For SoapHeader. "));
當運行這個WebForm時,如果用戶名和密碼是正確的我們將看到:
This is BanLao‘s Test Application For SoapHeader. @CopyRight By BanLao 2010
否則
無效的身份驗證,請重試!
方法二:Web Service以Session方式驗證
[c-sharp] view plain copy
- [WebMethod(Description = "檢測是否正確登錄", EnableSession = true)]
- public bool CheckLogin(string strUserName, string strPassword)
- {
- if (strUserName.Equals("admin") && strPassword.Equals("123456"))
- {
- Session["LoginState"] = true;
- }
- else
- {
- Session["LoginState"] = false;
- }
- return (bool)Session["LoginState"];
- }
- #region 測試連接
- [WebMethod(Description = "測試連接", EnableSession = true)]
- public string _GetValue(string strInputValue)
- {
- if (Session["LoginState"] == null || Session["LoginState"].Equals(false))
- {
- return "無效的身份驗證,請重試!";
- }
- else
- {
- string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
- return strReturnValue;
- }
- }
- #endregion
調用該服務,
[c-sharp] view plain copy
- WebLogon.Service This_Service = new WebLogon.Service();
- This_Service.CookieContainer = new System.Net.CookieContainer();
- if (This_Service.CheckLogin("admin", "123456"))
- {
- Response.Write(This_Service._GetValue("This is BanLao‘s Test Application For Session. "));
- }
當運行這個WebForm時,如果用戶名和密碼是正確的我們將看到:
This is BanLao‘s Test Application For Session. @CopyRight By BanLao 2010
否則
無效的身份驗證,請重試!
註:如果需要多個合法用戶,可以在WebService中聲明判斷即可
調用WebService時加入身份驗證,以拒絕未授權的訪問