RSS订阅悠然探索,悠然索取
你的位置:首页 » 学习收藏 » 正文

WebService安全

选择字号: 超大 标准 发布时间:2008-12-18 9:15:5 | 作者:admin | 0个评论 | 人浏览

一、Web Service端的设计

先从SoapHeader继承一个自定义类CredentialSoapHeader,该类包含用户名和密码:
public class CredentialSoapHeader : SoapHeader
{
    public string Username
    {
        get {  }
        set {  }
    }

    public string Password
    {
        get {  }
        set {  }
    }
}
在WebService类里面创建一个属性Credentials,类型为CredentialSoapHeader:
public class IssueVisionServices : WebService
{
    // custom SOAP header to pass credentials
    public CredentialSoapHeader Credentials
    {
        get {  }
        set {  }
    }
   
}
在WebMethod的方法上使用SoapHeader标识,成员名称为"Credentials":
[WebMethod(Description="Returns the lookup tables for IssueVision.")]
[SoapHeader("Credentials")]
public IVDataSet GetLookupTables()
{
    SecurityHelper.VerifyCredentials(this);
    return new IVData().GetLookupTables();
}
public class SecurityHelper
{
    // verifies the clients credentials
    public static void VerifyCredentials(IssueVisionServices service)
    {
        String userName = service.Credentials.Username;
        String password = service.Credentials.Password;
        // 按照userName 和 password 进行授权验证
       
    }
}
二、客户端对Web Service的调用

private static IssueVisionServices GetWebServiceReference()
{
    return GetWebServiceReference(UserSettings.Instance.Username, UserSettings.Instance.Password);
}

private static IssueVisionServices GetWebServiceReference(string username, string password)
{
    IssueVisionServices dataService = new IssueVisionServices();
       
    //<ReplaceWithWse>
    CredentialSoapHeader header = new CredentialSoapHeader();
    header.Username = username;
    header.Password = password;
    dataService.CredentialSoapHeaderValue = header;
    //</ReplaceWithWse>
           
    InitWebServiceProxy(dataService);
           
    return dataService;
}

标签:WebService安全  

猜你喜欢

发表评论

必填

选填

选填

必填,不填不让过哦,嘻嘻。

记住我,下次回复时不用重新输入个人信息

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。