Web Service Soap认证

SOAP 中的验证

VisualSW

Web Service 提供开放式的服务，但是在我们的开发中，需要涉及到访问 Web Service 权限的问题，这就需要解决控制 Web Service 的访问权限。

通过 SOAP Header ，我们可以简单的实现权限控制：

首先创建一个简单的 Web Service （ SoapCheck ） :

SoapCheck.cs( 注意红色部分注释 )

using System;

using System.IO;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Data.SqlClient;

using System.Diagnostics;

using System.Web;

using System.Web.Services;

using System.Web.Services.Protocols;

namespace TESTSOAP.WebService

{

[WebService (Namespace="TESTSOAP.WebService",

Description="TESTSOAP Web Services",

Name="TESTSOAP GEID")]

public class SoapCheck : System.Web.Services.WebService

{

// 实例化 Account 对象

public Account oAccount=new Account();

public SoapCheck()

{

InitializeComponent();

strConnection=GetConString();

}

#region Component Designer generated code

//Required by the Web Services Designer

private IContainer components = null;

///

1<summary>
2
3/// Required method for Designer support - do not modify 
4
5/// the contents of this method with the code editor. 
6
7/// </summary>

private void InitializeComponent()

{

}

///

1<summary>
2
3/// Clean up any resources being used. 
4
5/// </summary>

protected override void Dispose( bool disposing )

{

if(disposing && components != null)

{

components.Dispose();

}

base.Dispose(disposing);

}

#endregion

// 需要 Soap Header 验证的方法前面添加如下

[SoapHeader("oAccount")]

[WebMethod (Description="TESTSOAP GetReturn")]

public string GetReturn()

{

if(oAccount.CheckAccount())

{

return "Login Successed!";

}

else

{

return "Login Fail!";

}

Account 类：

继承自 SoapHeader ，以使用 SoapHeader 。

Account.cs

using System;

using System.Web.Services.Protocols;

namespace TESTSOAP.WebService

{

public class Account:SoapHeader

{

public string User;

public string PassWord;

public Boolean CheckAccount()

{

if(User=="Admin" && PassWord=="Admin")

{

return true;

}

else

{

return false;

}

Soap Xml 格式：

 1<soap:envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 2<soap:header>
 3<account xmlns=" TESTWebService ">
 4<user> string  </user>
 5<password> string  </password>
 6</account>
 7</soap:header>
 8<soap:body>
 9<getglobalempid xmlns=" TESTWebService ">
10</getglobalempid>
11</soap:body>
12
13用用户名和密码替换  xml  中的红色部分。 
14
15客户端调用的  VB  例子： 
16
17Public Function TESTSoap(byval strUser as string,byval strPassWord as string) As String 
18
19Dim objHttp As MSXML2.XMLHTTP 
20
21Dim strSoap As String 
22
23Dim strUrl As String 
24
25Dim xmlDoc As MSXML2.DOMDocument 
26
27On Error GoTo ErrHandle 
28
29Set objHttp = CreateObject("MSXML2.XMLHTTP") 
30
31Set xmlDoc = CreateObject("MSXML2.DOMDocument") 
32
33strUrl = "http://localhost/SoapCheck.asmx" 
34
35strUser = Trim$(strUser) 
36
37strPassWord = Trim$(strPassWord) 
38
39'  生成  Soap XML 
40
41strSoap = "<?xml version=""1.0"" encoding=""utf-8""?>" 
42
43strSoap = strSoap &amp; vbCrLf &amp; "<soap:envelope "="" ""="" "xmlns:soap="" "xmlns:xsd="" &="" 2001="" envelope="" http:="" schemas.xmlsoap.org="" soap="" strsoap="strSoap" vbcrlf="" www.w3.org="" xmlns:xsi="" xmlschema""="" xmlschema-instance""="">" 
44
45strSoap = strSoap &amp; vbCrLf &amp; "<soap:header>" 
46
47strSoap = strSoap &amp; vbCrLf &amp; "<account xmlns="TESTSOAP.WebService">" 
48
49strSoap = strSoap &amp; vbCrLf &amp; "<struser>" &amp; strUser &amp; "</struser>" 
50
51strSoap = strSoap &amp; vbCrLf &amp; "<strpassword>" &amp; strPassWord &amp; "</strpassword>" 
52
53strSoap = strSoap &amp; vbCrLf &amp; "</account>" 
54
55strSoap = strSoap &amp; vbCrLf &amp; "</soap:header>" 
56
57strSoap = strSoap &amp; vbCrLf &amp; "<soap:body>" 
58
59strSoap = strSoap &amp; vbCrLf &amp; "<getreturn xmlns="TESTSOAP.WebService">" 
60
61strSoap = strSoap &amp; vbCrLf &amp; "</getreturn>" 
62
63strSoap = strSoap &amp; vbCrLf &amp; "</soap:body>" 
64
65strSoap = strSoap &amp; vbCrLf &amp; "</soap:envelope>" 
66
67objHttp.open "POST", strUrl, False 
68
69objHttp.setRequestHeader "Content-Type", "text/xml;charset=utf-8" 
70
71objHttp.setRequestHeader "Content-Length", Len(strSoap) 
72
73objHttp.setRequestHeader "SOAPAction", strUrl &amp; "GetReturn" 
74
75objHttp.send strSoap 
76
77xmlDoc.async = False 
78
79xmlDoc.loadXML (objHttp.responseText) 
80
81TESTSoap = xmlDoc.selectNodes("//soap:Envelope//soap:Body//SoapCheckResponse//GetReturnResult").Item(0).Text 
82
83Exit Function 
84
85ErrHandle: 
86
87TESTSoap = "Communicate With Web Services Error" 
88
89End Function</soap:envelope>