我是Web服务和.NET的新手。 我必须验证使用http post访问的Web服务。
我尝试使用自定义soap标头并将其发送到服务并检查服务中的标头但是服务中的标头对象始终为null。
如果我将用户和密码选项放在http标头中,我如何在服务器上验证它们?
提前致谢
客户代码:
private void button1_Click(object sender, EventArgs e)
{
HttpWebRequest request;
string strSOAPRequestBody = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">"+
"<soap:Header>"+
"<AuthHeader xmlns=\"http://tempuri.org/\">" +
"<Username>apple</Username>"+
"<Password>apple</Password>"+
"</AuthHeader>"+
"</soap:Header>"+
"<soap:Body xmlns=\"http://tempuri.org/\">"+
"<HelloWorld>"+
"</soap:Body>"+
"</soap:Envelope>";
request = (HttpWebRequest)WebRequest.Create("http://localhost:1494/Service1.asmx/HelloWorld");
request.Accept = "text/xml";
request.Method = "POST";
request.ContentType = "application/soap+xml; charset=utf-8";
request.ContentLength = strSOAPRequestBody.Length;
using (Stream stream = request.GetRequestStream())
{
using (StreamWriter sw = new StreamWriter(stream))
{
sw.Write(strSOAPRequestBody);
sw.Flush();
}
}
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
using (StreamReader responseStream = new StreamReader(response.GetResponseStream()))
{
txtResponse.Text = System.Web.HttpUtility.HtmlDecode(responseStream.ReadToEnd());
}
}
}
服务
public class Service1 : System.Web.Services.WebService
{
public AuthHeader Authentication;
[WebMethod]
[SoapHeader("Authentication", Direction = SoapHeaderDirection.In)]
public XmlDocument HelloWorld()
{
XmlDocument response = new XmlDocument();
try
{
//Boolean validateUser = Membership.ValidateUser(Authentication.Username, Authentication.Password);
if (Authentication != null)
{
response.LoadXml(String.Format("{0}{1}{2}", "<BOM>", "Hurray", "</BOM>"));
}
}
catch( Exception ex)
{
response.LoadXml(String.Format("{0}{1}{2}", "<Error>", ex.Message, "</Error>"));
}
return response;
}
}
答案 0 :(得分:2)
问题在于客户端代码:
试试这个:
HttpWebRequest request;
string strSOAPRequestBody = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">" +
" <soap:Header>" +
" <AuthHeader xmlns=\"http://tempuri.org/\">" +
" <Username>string</Username>" +
" <Password>string</Password>" +
" </AuthHeader>" +
" </soap:Header>" +
" <soap:Body>" +
" <HelloWorld xmlns=\"http://tempuri.org/\" />" +
" </soap:Body>" +
"</soap:Envelope>";
request = (HttpWebRequest)WebRequest.Create("http://localhost:1494/Service1.asmx");
request.Accept = "text/xml";
request.Method = "POST";
request.ContentType = "text/xml;charset=\"utf-8\"";
request.Headers.Add("SOAPAction", "\"http://tempuri.org/HelloWorld\"");
request.ContentLength = strSOAPRequestBody.Length;
using (Stream stream = request.GetRequestStream())
{
using (StreamWriter sw = new StreamWriter(stream))
{
sw.Write(strSOAPRequestBody);
sw.Flush();
}
}
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
using (StreamReader responseStream = new StreamReader(response.GetResponseStream()))
{
Console.WriteLine((responseStream.ReadToEnd()));
}
}
如果你这样做,你应该收到回复:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3
.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body><HelloWorldResponse xmlns="http://tempuri.org/">
<HelloWorldResult>
<BOM xmlns="">Hurray</BOM>
</HelloWorldResult>
</HelloWorldResponse>
</soap:Body>
</soap:Envelope>
验证用户名和密码取决于您的实现 - 如果您有asp.net成员资格,那么您应该能够使用ValidateUser方法。另请注意,如果您不使用SSL,则通过网络发送时,用户名和密码将可见。
另一个注意事项是,手工制作XML作为字符串几乎总是一个坏主意,所以(至少)使用XML框架类来生成适当的XML。更好的是使用Web服务工具包。