.net写的webservice中，使用soapheader来保证安全性

首先，需要从SoapHeader派生一个类，全部代码如下：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services.Protocols;

namespace wolame
{
public class MySoapHeader: SoapHeader
{
public string _UserID;
public string _Password;
public string _InParam;

public MySoapHeader()
{

}


public string UserID
{
get { return _UserID; }
set { _UserID = value; }
}

public string Password
{
get { return _Password; }
set { _Password = value; }
}


public string InParam
{
get { return _InParam; }
set { _Password = value; }
}


private bool IsValid(string sUserID, string sPasswd, out string sMsg)
{
sMsg = "";
try
{
if(sUserID == "wolame" && sPasswd == "facai_888")
{
sMsg = _InParam;
return true;
}
else
{
sMsg = "fuck your ass!";
return false;
}

}
catch
{
sMsg = "error";
return false;
}
}

public bool IsValid(out string sMsg)
{
return IsValid(_UserID, _Password, out sMsg);
}
}
}

然后在接口处增加判断：

public class wolameservice : System.Web.Services.WebService
{
public MySoapHeader myHeader;


//用户通过短信验证码登录
[SoapHeader("myHeader")]
[WebMethod]
public string login_by_code()
{
string sMsg = "";
if (myHeader == null)
{
return "error";
}

if (!myHeader.IsValid(out sMsg))
{
return sMsg;
}

UserManage user = new UserManage();
return user.login_by_code(sMsg);
}
}
.net客户端调用方式：

public string GetSystemParam()
{
ClientService.ClientService cs = new ClientService.ClientService();

//for safty
ClientService.MySoapHeader header = new ClientService.MySoapHeader();
header._UserID = "ghzx2017";
header._Password = "godgivemehope";
cs.MySoapHeaderValue = header;
//


string sMsg = cs.GetSystemParam();
return sMsg;
}
安卓客户端调用：

private void login(){
String sToken = "";

Message msg = new Message();
try
{
String nameSpace = getResources().getString(R.string.namespace);
String endPoint = getResources().getString(R.string.endpoint);
String methodName = "login";
String soapAction = nameSpace + methodName;

Element[] header = new Element[1];
header[0] = new Element().createElement(nameSpace, "MySoapHeader");

Element uname = new Element().createElement(nameSpace, "_UserID");
uname.addChild(Node.TEXT, "ghzx2017");
header[0].addChild(Node.ELEMENT, uname);

Element pass = new Element().createElement(nameSpace, "_Password");
pass.addChild(Node.TEXT, "godgivemehope");
header[0].addChild(Node.ELEMENT, pass);

Element content = new Element().createElement(nameSpace, "_InParam");
String sParam = buildParam();
content.addChild(Node.TEXT, sParam);
header[0].addChild(Node.ELEMENT, content);


SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER12);

SoapObject so = new SoapObject(nameSpace, methodName);

envelope.headerOut = header;
envelope.bodyOut = so;
envelope.dotNet = true;
envelope.setOutputSoapObject(so);

HttpTransportSE transportSE = new HttpTransportSE(endPoint);
transportSE.call(soapAction, envelope);

SoapObject object = (SoapObject)envelope.bodyIn;
SoapPrimitive detail = (SoapPrimitive)envelope.getResponse();
sToken = detail.toString();

msg.obj = sToken;
msg.what = 1;

}
catch (Exception ex)
{
msg.obj = ex.getMessage();
msg.what = -1;
dialog.dismiss();
}

finally {
handler.sendMessage(msg);
}
}
————————————————
版权声明：本文为CSDN博主「周胖子」的原创文章，遵循CC 4.0 BY-SA版权协议，转载请附上原文出处链接及本声明。
原文链接：https://blog.csdn.net/qq_17331291/article/details/79819835