通过SoapHeader来增强webService 的安全性

来源：互联网发布：公司网络更换路由监控编辑：程序博客网时间：2024/04/28 15:58

1。定义自己的soapheader的派生类

///<summary>

///定义自己的soapheader的派生类

///</summary>

public class Mysoapheader : System.Web.Services.Protocols.SoapHeader
{
private string _UserID = string.Empty;
private string _PassWord = string.Empty;
public Mysoapheader()
{ }
public Mysoapheader(string nUserID, string nPasswWord)
{ Initial(nUserID, nPasswWord);
}
public string UserID
{ get { return _UserID; }
set { _UserID = value; }
}
public string PassWord
{
get { return _PassWord; }
set { _PassWord = value; }
}
readonly
private void Initial(string nUserID, string nPasswWord)
{
UserID = nUserID;
PassWord = nPasswWord;
}
private bool IsValid(string nUserID, string npassWord, out string nMsg)
{
nMsg = "";
try
{
if(nUserID == "admin" && npassWord == "admin")
{
return true;
}
else
{
nMsg = "对不起你无权此Web服务。";
return false;
}
}
catch
{
nMsg = "对不起你无权此Web服务。";
return false;
}
}
public bool IsValid(out string nMsg)
{
return IsValid（_UserID,_PassWord,out nMsg）;
}
}

2.添加给予SoapHeader 验证的WebService接口方法

/// <summary>
/// Summary description for DownloadOrders
/// </summary>
[WebService(Namespace = "http://shop.jnby.com",Name="订单信息")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
// To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
[System.Web.Script.Services.ScriptService]
public class DownloadOrders : System.Web.Services.WebService
{

//声明Soap头实例

public Mysoapheader myHeader=new Mysoapheader();

[SoapHeader("myHeader")]
[WebMethod(Description = "获取退货单及退货单列表")]
public List<Order2> GetReturnOrderItems( DateTime time, string valilate)
{
return null;

}

}

3.客户端调用

service1.MySoapHeader header=new service1.MySoapHeader();

header.PassWord="admin";

header.UserID="admin";

service.MySoapHeaderValue=header;

IList<Order2> order=service.GetReturnOrderItems("","");