Skip to main content

ASP.Net Services - Custom SOAP Headers


ASP.Net Services With Custom SOAP Headers 
Beginning here, I’ll not be discussing what web services are, WSDL, Disco Files etc, anyone can  easily get tons of data on these, from internet.

I am more concerned here about the Security aspect of Webservices.
If you are interested in exploring all the aspects of ASP.Net service security, here is the link

http://msdn.microsoft.com/en-us/library/w67h0dw7%28VS.80%29.aspx

Having said all this time, let’s start the real story.

SOAP: Simple Object Access Protocol (uses XML and HTTP)

The protocol contains SOAP packets that have following three components.
  1. SOAP Envelope: the container in which the actual data will be packaged.
  2. SOAP Header (Optional).
  3. SOAP Body (generally used for returning results)

A typical SOAP message looks like this 

 version="1.0" encoding="utf-8"?>
<soap: Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <Soap: Header>
  soap: Header>
  <Soap: Body>
   soap: Body>
soap:Envelope>


Steps to be followed:

1.Create a Custom SOAP Header
2.Tell Webservice method to use this header
3. Pass the Credentials to the Service proxy and invoke the methods

Create Custom SOAP Header:
Following are the steps needed to create the custom header
  1. Add  using System.Web.Services.Protocols(in case it is still not added)
  2. Create a Class, deriving it from SoapHeader Class
  3. Create logic in the file

    public class MyHeader : SoapHeader
    {
        //Add logic/code here
    }

This is all that is required for creating a custom  SOAP header.
 
Now let’s create a Service that’ll use this header .The Code itself is o documented that it conforms to the article.


using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Services;
//Included for SOAPHeader
using System.Web.Services.Protocols;
using System.Xml.Linq;
using config = System.Configuration.ConfigurationManager;

namespace SoapWebServices
{
 

    ///
    /// This is SOAP Header Based Service requiring Username and Password
    ///
    [WebService(Namespace = "http://tempuri.org/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [ToolboxItem(false)]
   [System.Web.Script.Services.ScriptService]
    public class Service1 : System.Web.Services.WebService
    {
       
        //Create Refrence toCustomer SOAP Header
        public MyHeader header;

        [WebMethod]
        //Tell the method to use custom header
        [SoapHeader("header", Required = true, Direction = SoapHeaderDirection.InOut)]
        public string Authenticate()
        {
           
                //Extract the information from SOAP Header and perform Authentication
            if (string.Compare(header.UserName, config.AppSettings["uname"]) == 0) //enter into it only if uname matches the stored value
            {
                if (string.Compare(header.Password, config.AppSettings["pwd"]) == 0) { }
                return "Log-in SuccessFul";
            }
            else return "Enter Valid CredentialsSupplied Credentials are InCorrect!!";
          
        }

       
    }
    //Custom Soap Header
    public class MyHeader : SoapHeader
    {
        public string UserName;
        public string Password;
    }
}



Let’s Create a Web App, Add reference to the service  and call it  as follows:

public partial class _Default : System.Web.UI.Page
    {
        //Create Proxy
        localhost.Service1 proxy = new SoapServiceClient.localhost.Service1();

        protected void Page_Load(object sender, EventArgs e)
        {
            //Check if the Custom SOAPHeader object is NULL
            if (proxy.MyHeaderValue == null)
            {
                proxy.MyHeaderValue = new SoapServiceClient.localhost.MyHeader();

            }
            callService();
        }

        private void callService()
        {
            //PAss the Credetials to SOAPHeader
            proxy.MyHeaderValue.UserName = "pradeep1";
            proxy.MyHeaderValue.Password = "pa55w0rd";
            //Call the  Service Method
            Response.Write(proxy.Authenticate());
        }

       
    }


This was a quick overview of implementing security in WebServices.

Hope this was Helpful.

Til Next Time…Happy Coding.

Comments

Post a Comment

Popular posts from this blog

Asp.Net 4.0: An Overview-Part-III

This is the last post in the series which will explore the following new features of ASP.Net 4.0  Performance Monitoring for Individual Applications in a Single Worker Process Web.config File Refactoring Permanently Redirecting a Page Expanding the Range of Allowable URLs Performance Monitoring for Individual Applications in a Single Worker Process It is a common practice to host multiple ASP.NET applications in a single worker process, In order to increase the number of Web sites that can be hosted on a single server. This practice results in difficulties for server administrators to identify an individual application that is experiencing problems. ASP.NET 4 introduces new resource-monitoring functionality introduced by the CLR. To enable this functionality, following XML configuration snippet is added to the aspnet.config configuration file.(This file is located in the directory where the .NET Framework is installed ) <?xml version="1.0" encoding="UTF-8...
Post a Comment
Read more

WCF-REST Services-Part-II

HOW REST is implemented in WCF Part-I of the series explored the REST conceptually and this post will explore how REST is implemented in WCF. For REST implementation in WCF, 2 new attributes namely WebGetAttribute and WebInvokeAttribute are introduced in WCF along with a URI template mechanism that enables you to declare the URI and verb to which each method is going to respond. The infrastructure comes in the form of a binding ( WebHttpBinding ) and a behavior ( WebHttpBehavior ) that provide the correct networking stack for using REST. Also, there is some hosting infrastructure help from a custom Service¬Host ( WebServiceHost ) and a ServiceHostFactory ( WebServiceHostFactory ). How WCF Routes messages WCF routes network messages to methods on instances of the classes defined as implementations of the service. Default behavior ( Dispatching ) for WCF is to do this routing based on the concept of action. For this dispatching to work, an action needs to be present in ev...
Post a Comment
Read more

WPF –ElementHost

In response to WPF overview-Part-I , one of my friends and a .Net enthusiast herself, requested for details on ElementHost Class of WPF (this class gave her nightmares in not getting the Children attached to it). This might be true for many other developers who are specialized in Web Applications and  have lesser exposure to windows development. As a breather to all those folks, I am here exploring this class with sincere hopes that it will provide a good insight to the class.   ElementHost as described in MSDN is “a Windows Forms control that can be used to host a Windows Presentation Foundation (WPF) element” is located under System.Windows.Forms.Integration namespace . The members of this class have details available at this location . Why is this Class used? ElementHost control is used to place a WPF UIElement on to the Windows Forms control or form. In simple words, if a developer is using the traditional Windows forms and intends to use WPF controls, this control (class) is used...
Post a Comment
Read more