Click here to Skip to main content
14,693,856 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
I have the following situation:

An android app is calling my c# webservice. In the HTTP header there will be a token which I have to check each time my webservice is called in order to validate the identity of the caller.

I would like to stress that my webservice is not a WCF service, its name ends with asmx.

The code for one of my webmethods looks like this:

[WebMethod]
      [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
      public List<Object> GetContact(string clientNr, int clientId = 0)
      {
          var contact = new List<Object>();
           ...code ommited
          

          return contact;
      }


My idea is to make a call like
[WebMethod]
      [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
      public List&lt;Object&gt; GetContact(string clientNr, int clientId = 0)
      {
          If(CheckToken())
          {
           var contact = new List&lt;Object&gt;();
           ...code ommited
           }

          return contact;
      }


The function CheckToken would return True or False. It would be reading the token from the HTTP Header, but how do I do that?

Kind regards

Jeroen
Posted
Updated 23-Jan-13 4:08am
v3
Comments
Herman<T>.Instance 23-Jan-13 9:49am
   
public List<Object> GetContact(string AuthTOKEN, string clientNr, int clientId = 0)

You will have to create the token derived from soapheader class.
public class TokenHeader : System.Web.Services.Protocols.SoapHeader
{
public string tokenNo;
}

in the web service class use
public TokenHeader token;

[WebMethod]

[SoapHeader("token",Required=true)]
public string GetToken()
{
if (checkToken())
return token.tokenNo;
else
return "Error in authentication";
}

private bool checkToken()
{

if (token!= null)
{
if (token.tokenNo==100)
return true;
else
return false;
}
else
return false;
}
   
This is what I came up with:
namespace TestServiceHttpAuthentication
{

public class AuthenticateRequestHttpModule : IHttpModule
{

private HttpApplication mHttpApp;



public void Init(HttpApplication httpApp)
{

this.mHttpApp = httpApp;

mHttpApp.AuthenticateRequest += new EventHandler(OnAuthentication);

}


void OnAuthentication(object sender, EventArgs a)
{
HttpApplication application = (HttpApplication)sender;


HttpRequest request = application.Context.Request;

//WindowsIdentity identity = (WindowsIdentity)application.Context.User.Identity;



StreamWriter sw = new StreamWriter(request.MapPath("Test.txt"), true);

sw.WriteLine(application.Context.Request.HttpMethod.ToString());
sw.WriteLine(application.Context.Request.Headers.Count.ToString());
NameValueCollection coll;
coll=application.Context.Request.Headers;
string[] arr1 = coll.AllKeys;
for(int loop1=0;loop1<arr1.length;loop1++)>
{
sw.WriteLine(arr1[loop1].ToString());

string[] arr2=coll.GetValues(arr1[loop1]);
for(int loop2=0;loop2<arr2.length;loop2++)>
{
sw.WriteLine(arr2[loop2].ToString());
}
}

sw.Flush();

sw.Close();





}



public void Dispose()

{ }

}

}

And in the web.config:
<httpModules>
        add name="AuthenticateRequestHttpModule" type="TestServiceHttpAuthentication.AuthenticateRequestHttpModule, TestServiceHttpAuthentication" />
      </httpModules>



Now I can read from the HTTP header, validate the values from specific key/value pairs.

Thanks for those who've thought with me.

Jeroen
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900