学步园

本文仅提供通过设置SoapHeader来控制非法用户对WebService的调用，如果是WebService建议使用WSE3.0来保护Web服务，如果使用的是Viaual Studio 2008可以使用WCF，WCF里面提供了更多的服务认证方法。以下提供一种基于SoapHeader的自定义验证方式。

1.首先要自定义SoapHeader,须继承System.Web.Services.Protocols.SoapHeader 。

using System;
using System.Collections.Generic;
using System.Web;

/// <summary>
///自定义的SoapHeader
/// </summary>
public class MySoapHeader : System.Web.Services.Protocols.SoapHeader
{

    private string userName=string.Empty;
    private string passWord=string.Empty;

    /// <summary>
    /// 构造函数
    /// </summary>
    public MySoapHeader()
    {

    }

    /// <summary>
    /// 构造函数
    /// </summary>
    /// <param name="userName">用户名</param>
    /// <param name="passWord">密码</param>
    public MySoapHeader(string userName, string passWord)
    {
        this.userName = userName;
        this.passWord = passWord;
    }

    /// <summary>
    /// 获取或设置用户用户名
    /// </summary>
    public string UserName
    {
        get { return userName; }
        set { userName = value; }

    }

    /// <summary>
    /// 获取或设置用户密码
    /// </summary>
    public string PassWord
    {
        get { return passWord; }
        set { passWord = value; }
    }
}
2.添加WebService,并编写相应代码。

using System;
using System.Collections.Generic;
using System.Web;
using System.Web.Services;

/// <summary>
///WebService 的摘要说明
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class WebService : System.Web.Services.WebService
{

    //声明Soap头实例
    public MySoapHeader myHeader=new MySoapHeader();
 
    [System.Web.Services.Protocols.SoapHeader("myHeader")]
    [WebMethod]
    public string HelloWord()
    {
        //可以通过存储在数据库中的用户与密码来验证
        if (myHeader.UserName.Equals("houlei")&myHeader.PassWord.Equals("houlei"))
        {
            return "调用服务成功！";
        }
        else
        {
            return "对不起，您没有权限调用此服务！";
        }
    }  
}3.客户端调用，分别使用不设置SoapHeader与设置SoapHeader。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace App
{
    class Program
    {
        static void Main(string[] args)
        {

            localhost.WebService service = new localhost.WebService();

            //没有设置SoapHeader的服务调用
              Console.WriteLine("没有设置SoapHeader:" + service.HelloWord());
            Console.WriteLine();

            //将用户名与密码存入SoapHeader;
            localhost.MySoapHeader header = new localhost.MySoapHeader();
            header.UserName = "houlei";
            header.PassWord = "houlei";
            service.MySoapHeaderValue = header;

            //设置SoapHeader的服务调用
              Console.WriteLine("设置SoapHeader:" + service.HelloWord());
            Console.Read();
        }
    }
}

本文来自: PQ秀秀网(http://www.pqshow.com) 详细出处参考：http://www.pqshow.com/program/aspnet/200909/9924.html