Skip to main content

ASP.Net Services - Custom SOAP Headers


ASP.Net Services With Custom SOAP Headers 
Beginning here, I’ll not be discussing what web services are, WSDL, Disco Files etc, anyone can  easily get tons of data on these, from internet.

I am more concerned here about the Security aspect of Webservices.
If you are interested in exploring all the aspects of ASP.Net service security, here is the link

http://msdn.microsoft.com/en-us/library/w67h0dw7%28VS.80%29.aspx

Having said all this time, let’s start the real story.

SOAP: Simple Object Access Protocol (uses XML and HTTP)

The protocol contains SOAP packets that have following three components.
  1. SOAP Envelope: the container in which the actual data will be packaged.
  2. SOAP Header (Optional).
  3. SOAP Body (generally used for returning results)

A typical SOAP message looks like this 

 version="1.0" encoding="utf-8"?>
<soap: Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <Soap: Header>
  soap: Header>
  <Soap: Body>
   soap: Body>
soap:Envelope>


Steps to be followed:

1.Create a Custom SOAP Header
2.Tell Webservice method to use this header
3. Pass the Credentials to the Service proxy and invoke the methods

Create Custom SOAP Header:
Following are the steps needed to create the custom header
  1. Add  using System.Web.Services.Protocols(in case it is still not added)
  2. Create a Class, deriving it from SoapHeader Class
  3. Create logic in the file

    public class MyHeader : SoapHeader
    {
        //Add logic/code here
    }

This is all that is required for creating a custom  SOAP header.
 
Now let’s create a Service that’ll use this header .The Code itself is o documented that it conforms to the article.


using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Services;
//Included for SOAPHeader
using System.Web.Services.Protocols;
using System.Xml.Linq;
using config = System.Configuration.ConfigurationManager;

namespace SoapWebServices
{
 

    ///
    /// This is SOAP Header Based Service requiring Username and Password
    ///
    [WebService(Namespace = "http://tempuri.org/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [ToolboxItem(false)]
   [System.Web.Script.Services.ScriptService]
    public class Service1 : System.Web.Services.WebService
    {
       
        //Create Refrence toCustomer SOAP Header
        public MyHeader header;

        [WebMethod]
        //Tell the method to use custom header
        [SoapHeader("header", Required = true, Direction = SoapHeaderDirection.InOut)]
        public string Authenticate()
        {
           
                //Extract the information from SOAP Header and perform Authentication
            if (string.Compare(header.UserName, config.AppSettings["uname"]) == 0) //enter into it only if uname matches the stored value
            {
                if (string.Compare(header.Password, config.AppSettings["pwd"]) == 0) { }
                return "Log-in SuccessFul";
            }
            else return "Enter Valid CredentialsSupplied Credentials are InCorrect!!";
          
        }

       
    }
    //Custom Soap Header
    public class MyHeader : SoapHeader
    {
        public string UserName;
        public string Password;
    }
}



Let’s Create a Web App, Add reference to the service  and call it  as follows:

public partial class _Default : System.Web.UI.Page
    {
        //Create Proxy
        localhost.Service1 proxy = new SoapServiceClient.localhost.Service1();

        protected void Page_Load(object sender, EventArgs e)
        {
            //Check if the Custom SOAPHeader object is NULL
            if (proxy.MyHeaderValue == null)
            {
                proxy.MyHeaderValue = new SoapServiceClient.localhost.MyHeader();

            }
            callService();
        }

        private void callService()
        {
            //PAss the Credetials to SOAPHeader
            proxy.MyHeaderValue.UserName = "pradeep1";
            proxy.MyHeaderValue.Password = "pa55w0rd";
            //Call the  Service Method
            Response.Write(proxy.Authenticate());
        }

       
    }


This was a quick overview of implementing security in WebServices.

Hope this was Helpful.

Til Next Time…Happy Coding.

Comments

Post a Comment

Popular posts from this blog

Asp.Net 4.0: An Overview-Part-III

This is the last post in the series which will explore the following new features of ASP.Net 4.0  Performance Monitoring for Individual Applications in a Single Worker Process Web.config File Refactoring Permanently Redirecting a Page Expanding the Range of Allowable URLs Performance Monitoring for Individual Applications in a Single Worker Process It is a common practice to host multiple ASP.NET applications in a single worker process, In order to increase the number of Web sites that can be hosted on a single server. This practice results in difficulties for server administrators to identify an individual application that is experiencing problems. ASP.NET 4 introduces new resource-monitoring functionality introduced by the CLR. To enable this functionality, following XML configuration snippet is added to the aspnet.config configuration file.(This file is located in the directory where the .NET Framework is installed ) <?xml version="1.0" encoding="UTF-8...
Post a Comment
Read more

WCF-REST Services-Part-II

HOW REST is implemented in WCF Part-I of the series explored the REST conceptually and this post will explore how REST is implemented in WCF. For REST implementation in WCF, 2 new attributes namely WebGetAttribute and WebInvokeAttribute are introduced in WCF along with a URI template mechanism that enables you to declare the URI and verb to which each method is going to respond. The infrastructure comes in the form of a binding ( WebHttpBinding ) and a behavior ( WebHttpBehavior ) that provide the correct networking stack for using REST. Also, there is some hosting infrastructure help from a custom Service¬Host ( WebServiceHost ) and a ServiceHostFactory ( WebServiceHostFactory ). How WCF Routes messages WCF routes network messages to methods on instances of the classes defined as implementations of the service. Default behavior ( Dispatching ) for WCF is to do this routing based on the concept of action. For this dispatching to work, an action needs to be present in ev...
Post a Comment
Read more

WPF Routing

WPF (3.5) introduced the concept of Routing that made the event routing easies in the scenarios where it was tedious to handle events. Consider a scenario where there are a number of Hyperlinks in a Panel that direct to separate locations on Click. Now if this is done in normal programming, each hyperlink will have to have code for execution. It would be easier and cleaner if we could handle the hyperlinks in the container (the Panel) that handles the click and redirects to appropriate location. WPF handles the events with the following 3 strategies. Direct events are like ordinary .NET events. They originate in one element and don’t pass to any other. For example, MouseEnter is a direct event. Bubbling events are events that travel up the containment hierarchy. For example, MouseDown is a bubbling event. It is raised first by the element that is clicked. Next, it is raised by that element’s parent, and then by that element’s parent, and so on, until WPF reaches the top of the e...
Post a Comment
Read more