VIKEnut'

Pt

РусскийPolskiDeutschEspañol

Tema escuro

Write

Tema escuro

Pt

РусскийPolskiDeutschEspañol
web-servicesasmxbasic-authentication

Autenticação básica do serviço web Asmx

Eu quero implementar autenticação básica usando a validação de nome de usuário e senha no meuasmx serviço de internet.
Eu não quero usar o WCF e sei que isso não é seguro, mas preciso usar autenticação básica sem usar https.

Meu serviço da web é assim:

[WebService(Namespace = "http://www.mywebsite.com/")]
public class Service1
{
    [WebMethod]
    public string HelloWorld()
    {
        return "Hello world";
    }
}

E eu uso esse HttpModule personalizado:

public class BasicAuthHttpModule : IHttpModule
{
    void IHttpModule.Init(HttpApplication context)
    {
        context.AuthenticateRequest += new EventHandler(OnAuthenticateRequest);
    }

    void OnAuthenticateRequest(object sender, EventArgs e)
    {
        string header = HttpContext.Current.Request.Headers["Authorization"];

        if (header != null && header.StartsWith("Basic"))  //if has header
        {
            string encodedUserPass = header.Substring(6).Trim();  //remove the "Basic"
            Encoding encoding = Encoding.GetEncoding("iso-8859-1");
            string userPass = encoding.GetString(Convert.FromBase64String(encodedUserPass));
            string[] credentials = userPass.Split(':');
            string username = credentials[0];
            string password = credentials[1];

            if(!MyUserValidator.Validate(username, password))
            {
                HttpContext.Current.Response.StatusCode = 401;
                HttpContext.Current.Response.End();
            }
        }
        else
        {
            //send request header for the 1st round
            HttpContext context = HttpContext.Current;
            context.Response.StatusCode = 401;
            context.Response.AddHeader("WWW-Authenticate", String.Format("Basic realm=\"{0}\"", string.Empty));
        }
    }

    void IHttpModule.Dispose()
    {
    }
}

E no web.config eu uso isso:

<?xml version="1.0"?>
<configuration>
    <appSettings/>
    <connectionStrings/>
    <system.web>
        <customErrors mode="Off" />
        <compilation debug="true" targetFramework="4.0"/>
        <authentication mode="None"/>
    </system.web>
    <system.webServer>
        <modules runAllManagedModulesForAllRequests="true">
            <add name="BasicAuthHttpModule"
                 type="AuthService.BasicAuthHttpModule, AuthService" />
        </modules>
    </system.webServer>
</configuration>

O código de chamada é:

static void Main(string[] args)
{
    var proxy = new Service1.Service1()
                    {
                        Credentials = new NetworkCredential("user1", "p@ssw0rd"),
                        PreAuthenticate = true
                    };
    try
    {
        var result = proxy.HelloWorld();
        Console.WriteLine(result);
    }
    catch (Exception e)
    {
        Console.WriteLine(e.Message);
    }
    Console.ReadKey();
}

quando eu uso este serviço da web, o serviço pede autenticação básica, masheader variável noOnAuthenticateRequest método sempre é nulo eMyUserValidator.Validate() Nunca corra.

EDITAR

Os resultados do violinista:

POST http://www.mywebsite.com/Service1.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.4927)
VsDebuggerCausalityData: uIDPo+drc57U77xGu/ZaOdYvw6IAAAAA8AjKQNpkV06FEWDEs2Oja2C+h3kM7dlDvnFfE1VlIIIACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.mywebsite.com/HelloWorld"
Host: www.mywebsite.com
Content-Length: 291
Expect: 100-continue
Connection: Keep-Alive

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><HelloWorld xmlns="http://www.mywebsite.com/" /></soap:Body></soap:Envelope>
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/7.5
WWW-Authenticate: Basic realm=""
X-AspNet-Version: 4.0.30319
WWW-Authenticate: Basic realm="www.mywebsite.com"
X-Powered-By: ASP.NET
Date: Sun, 03 Jun 2012 07:14:40 GMT
Content-Length: 1293
------------------------------------------------------------------

POST http://www.mywebsite.com/Service1.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.4927)
VsDebuggerCausalityData: uIDPo+drc57U77xGu/ZaOdYvw6IAAAAA8AjKQNpkV06FEWDEs2Oja2C+h3kM7dlDvnFfE1VlIIIACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.mywebsite.com/HelloWorld"
Authorization: Basic dXNlcjE6cEBzc3cwcmQ=
Host: www.mywebsite.com
Content-Length: 291
Expect: 100-continue

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><HelloWorld xmlns="http://www.mywebsite.com/" /></soap:Body></soap:Envelope>
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/7.5
WWW-Authenticate: Basic realm="www.mywebsite.com"
X-Powered-By: ASP.NET
Date: Sun, 03 Jun 2012 07:14:41 GMT
Content-Length: 1293
------------------------------------------------------------------

questionAnswers(2)

yourAnswerToTheQuestion

Perguntas populares

0 a resposta

Como adiar a definição de rotas em Angular.js?

0 a resposta

O Visual Studio 2010 SP1 é incompatível com o Windows 8?

0 a resposta

Parsing Resposta JSONP em Javascript quando o código de erro 4xx ou 5xx Http está presente

0 a resposta

Validando senha usando o Regex

0 a resposta

Por que o `Object.prototype.toString` sempre retorna` [object *] `?