调用WebService时加入身份验证

调用WebService时加入身份验证，以拒绝未授权的访

导读：调用WebService时加入身份验证，以拒绝未授权的访问 众所周知，WebService是为企业需求提供的在线应用服务,其他公司或应用软件能够通过Internet来访问并使用这项在线服务。但在有些时候......

---

调用WebService时加入身份验证，以拒绝未授权的访问

众所周知，WebService是为企业需求提供的在线应用服务,其他公司或应用软件能够通过Internet来访问并使用这项在线服务。但在有些时候的某些应用服务不希望被未授权访问，那么此时我们可以一下几种方法来实现身份验证。

方法一：在WebService中引入SoapHeader

view plaincopy to clipboardprint?
#region 配置登录标头   
/// <summary>   
/// Code CreateBy BanLao   
/// </summary>   
public class MySoapHeader : SoapHeader   
{   
    private string strUserName = string.Empty;   
    private string strPassWord = string.Empty;   
  
    public MySoapHeader() { }   
  
    public MySoapHeader(string username, string password)   
    {   
        this.strUserName = username;   
        this.strPassWord = password;   
    }  
 
    #region 构造 用户名|密码   
    /// <summary>   
    /// 用户名   
    /// </summary>   
    public string UserName   
    {   
        get { return strUserName; }   
        set { strUserName = value; }   
    }   
    /// <summary>   
    /// 密码   
    /// </summary>   
    public string PassWord   
    {   
        get { return strPassWord; }   
        set { strPassWord = value; }   
    }  
 
    #endregion  
 
    #region 检测是否正确登录   
    /// <summary>   
    /// 检测是否正确登录   
    /// </summary>   
    /// <returns></returns>   
    public bool CheckLogin()   
    {   
        if (strUserName == "合法登录名" && strPassWord == "合法登录密码")   
        {   
            return true;   
        }   
        else  
        {   
            return false;   
        }   
    }  
 
    #endregion   
}  
#endregion  
#region 配置登录标头
/// <summary>
/// Code CreateBy BanLao
/// </summary>
public class MySoapHeader : SoapHeader
{
    private string strUserName = string.Empty;
    private string strPassWord = string.Empty;

    public MySoapHeader() { }

    public MySoapHeader(string username, string password)
    {
        this.strUserName = username;
        this.strPassWord = password;
    }

    #region 构造 用户名|密码
    /// <summary>
    /// 用户名
    /// </summary>
    public string UserName
    {
        get { return strUserName; }
        set { strUserName = value; }
    }
    /// <summary>
    /// 密码
    /// </summary>
    public string PassWord
    {
        get { return strPassWord; }
        set { strPassWord = value; }
    }

    #endregion

    #region 检测是否正确登录
    /// <summary>
    /// 检测是否正确登录
    /// </summary>
    /// <returns></returns>
    public bool CheckLogin()
    {
        if (strUserName == "合法登录名" && strPassWord == "合法登录密码")
        {
            return true;
        }
        else
        {
            return false;
        }
    }

    #endregion
}
#endregion

加入一个服务用于测试：

view plaincopy to clipboardprint?
#region 测试连接   
 [System.Web.Services.Protocols.SoapHeader("myHeader")]   
 [WebMethod(Description = "判断用户是否开通", EnableSession = true)]   
 public string _GetValue(string strInputValue)   
 {   
     if (myHeader.CheckLogin())   
     {   
         string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";   
         return strReturnValue;   
     }   
     else  
     {   
         return "无效的身份验证，请重试！";   
     }   
 }  
 #endregion  
   #region 测试连接
    [System.Web.Services.Protocols.SoapHeader("myHeader")]
    [WebMethod(Description = "判断用户是否开通", EnableSession = true)]
    public string _GetValue(string strInputValue)
    {
        if (myHeader.CheckLogin())
        {
            string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
            return strReturnValue;
        }
        else
        {
            return "无效的身份验证，请重试！";
        }
    }
    #endregion

至此我们想要的需要通过身份验证的服务配置好了，下面让我们进行一些测试，新建一个webForm在Page_Load中：

view plaincopy to clipboardprint?
WebLogon.MySoapHeader myHeader = new WebLogon.MySoapHeader();   
myHeader.UserName = "约定的合法用户";   
myHeader.PassWord = "约定的合法密码";   
  
WebLogon.Service This_Service = new WebLogon.Service();   
This_Service.MySoapHeaderValue = myHeader;   
Response.Write(This_Service._GetValue("This is BanLao's Test Application For SoapHeader. "));  
        WebLogon.MySoapHeader myHeader = new WebLogon.MySoapHeader();
        myHeader.UserName = "约定的合法用户";
        myHeader.PassWord = "约定的合法密码";

        WebLogon.Service This_Service = new WebLogon.Service();
        This_Service.MySoapHeaderValue = myHeader;
        Response.Write(This_Service._GetValue("This is BanLao's Test Application For SoapHeader. "));

当运行这个WebForm时，如果用户名和密码是正确的我们将看到:

This is BanLao's Test Application For SoapHeader. @CopyRight By BanLao 2010

否则

无效的身份验证，请重试！

方法二：Web Service以Session方式验证

 view plaincopy to clipboardprint?
[WebMethod(Description = "检测是否正确登录", EnableSession = true)]   
public bool CheckLogin(string strUserName, string strPassword)   
{   
    if (strUserName.Equals("admin") && strPassword.Equals("123456"))   
    {   
        Session["LoginState"] = true;   
    }   
    else  
    {   
        Session["LoginState"] = false;   
    }   
    return (bool)Session["LoginState"];   
}  
 
#region 测试连接   
[WebMethod(Description = "测试连接", EnableSession = true)]   
public string _GetValue(string strInputValue)   
{   
    if (Session["LoginState"] == null || Session["LoginState"].Equals(false))   
    {   
        return "无效的身份验证，请重试！";   
    }   
    else  
    {   
        string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";   
        return strReturnValue;   
    }   
}  
#endregion  
    [WebMethod(Description = "检测是否正确登录", EnableSession = true)]
    public bool CheckLogin(string strUserName, string strPassword)
    {
        if (strUserName.Equals("admin") && strPassword.Equals("123456"))
        {
            Session["LoginState"] = true;
        }
        else
        {
            Session["LoginState"] = false;
        }
        return (bool)Session["LoginState"];
    }

    #region 测试连接
    [WebMethod(Description = "测试连接", EnableSession = true)]
    public string _GetValue(string strInputValue)
    {
        if (Session["LoginState"] == null || Session["LoginState"].Equals(false))
        {
            return "无效的身份验证，请重试！";
        }
        else
        {
            string strReturnValue = strInputValue + "@CopyRight By BanLao 2010";
            return strReturnValue;
        }
    }
    #endregion

调用该服务，

view plaincopy to clipboardprint?
WebLogon.Service This_Service = new WebLogon.Service();   
This_Service.CookieContainer = new System.Net.CookieContainer();   
if (This_Service.CheckLogin("admin", "123456"))   
{   
    Response.Write(This_Service._GetValue("This is BanLao's Test Application For Session. "));   
}  
        WebLogon.Service This_Service = new WebLogon.Service();
        This_Service.CookieContainer = new System.Net.CookieContainer();
        if (This_Service.CheckLogin("admin", "123456"))
        {
            Response.Write(This_Service._GetValue("This is BanLao's Test Application For Session. "));
        }

当运行这个WebForm时，如果用户名和密码是正确的我们将看到:

This is BanLao's Test Application For Session. @CopyRight By BanLao 2010

否则

无效的身份验证，请重试！

注：如果需要多个合法用户，可以在WebService中声明判断即可