performing authorisation/authentication between webservices
Posted
by mary
on Stack Overflow
See other posts from Stack Overflow
or by mary
Published on 2010-05-14T12:11:06Z
Indexed on
2010/05/14
12:14 UTC
Read the original article
Hit count: 358
Hi, i am developing webservices.In that i want to maintain state information so that all WebMethods could be access only after Login. I have tried but getting problem. I am attaching my code. Any other alternative will also be welcomed.
[
WebService(Namespace = "http://amSubfah.org/")]
[
WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
// To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
// [System.Web.Script.Services.ScriptService]
public
class Login : System.Web.Services.WebService {
Message msgObj = new Message();
BaseClass b = new BaseClass();
PasswordEncryptionDecryption pedObj = new PasswordEncryptionDecryption();
public AuthHeader Authentication=new AuthHeader ();
public Login () {
//Uncomment the following line if using designed components
//InitializeComponent();
}
[
SoapHeader("Authentication", Required = true)]
[System.Web.Services.
WebMethod(EnableSession = true)]
public string checkUserLogin(string user, string pwd)
{
DataSet dsLogin = new DataSet();
List sqlParams = new List();
SqlParameter sqlParam1 = new SqlParameter("@UserName", SqlDbType.NVarChar);
sqlParam1.Value = user;
sqlParams.Add(sqlParam1);
SqlParameter sqlParam2 = new SqlParameter("@Password", SqlDbType.NVarChar);
string pass = pedObj.encryptPassword(pwd);
sqlParam2.Value = pass;
sqlParams.Add(sqlParam2);
try
{
b.initializeDBConnection();
dsLogin = b.execSelectLoginQuery(
Query.strSelectLoginData, sqlParams);
}
catch (SqlException sqlEx)
{
string str = msgObj.msgErrorMessage + sqlEx.Message + sqlEx.StackTrace;
}
{if ((dsLogin != null) && (dsLogin.Tables[0].Rows.Count != 0))
{
Session[
"username"] = user;
string sessionId = System.Guid.NewGuid().ToString();
Authentication.sessionId = sessionId;
Authentication.Username = user;
return msgObj.msgLoginSuccess;
}
else
return msgObj .msgLoginFail ;
}
//webmethod for registration
[
SoapHeader("Authentication", Required = true)]
[System .Web .Services .
WebMethod (EnableSession =true )]
public string insertRegistrationDetails(string fName,string lName,string email,string pwd)
{
//string u = Session["username"].ToString();
//if (u == "")
//{
// //checkUserLogin(fName,pwd );
// return "Please login first";
//}
if (Authentication.Username == null || Authentication.sessionId == null)
{
return "Please Login first";
}
List sqlParams = new List();
int insert = 0;
string msg = "" ;
SqlParameter sqlParam = new SqlParameter("@FName", SqlDbType.NVarChar);
sqlParam.Value = fName;
sqlParam.Size = 50;
sqlParams.Add(sqlParam);
SqlParameter sqlParam1 = new SqlParameter("@LName", SqlDbType.NVarChar);
sqlParam1.Value = lName;
sqlParam1.Size = 50;
sqlParams.Add(sqlParam1);
SqlParameter sqlParam5 = new SqlParameter("@Email", SqlDbType.NVarChar);
sqlParam5.Value = email;
sqlParam5.Size = 50;
sqlParams.Add(sqlParam5);
SqlParameter sqlParam7 = new SqlParameter("@Password", SqlDbType.NVarChar);
sqlParam7.Value = pedObj .encryptPassword (pwd);
sqlParam7.Size = 50;
sqlParams.Add(sqlParam7);
try
{
b.initializeDBConnection();
insert = b.execByKeyParams(
Query.strInsertIntoRegistrationTable1, sqlParams);
if (insert !=0)
{
msg = msgObj .msgRecInsertedSuccess ;
}
}
catch (SqlException sqlEx)
{
string str = msgObj.msgErrorMessage + sqlEx.Message + sqlEx.StackTrace;
}
return msg;
}
public class AuthHeader : SoapHeader
{
public string Username;
public string sessionId;
}
}
© Stack Overflow or respective owner