Click here to Skip to main content
14,739,467 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
I have the following situation:

An android app is calling my c# webservice. In the HTTP header there will be a token which I have to check each time my webservice is called in order to validate the identity of the caller.

I would like to stress that my webservice is not a WCF service, its name ends with asmx.

The code for one of my webmethods looks like this:

[WebMethod]
      [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
      public List<Object> GetContact(string clientNr, int clientId = 0)
      {
          var contact = new List<Object>();
           ...code ommited
          

          return contact;
      }


My idea is to make a call like
[WebMethod]
      [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
      public List&lt;Object&gt; GetContact(string clientNr, int clientId = 0)
      {
          If(CheckToken())
          {
           var contact = new List&lt;Object&gt;();
           ...code ommited
           }

          return contact;
      }


The function CheckToken would return True or False. It would be reading the token from the HTTP Header, but how do I do that?

Kind regards

Jeroen
Posted
Updated 23-Jan-13 4:08am
v3
Comments
Herman<T>.Instance 23-Jan-13 9:49am
   
public List<Object> GetContact(string AuthTOKEN, string clientNr, int clientId = 0)

This is what I came up with:
namespace TestServiceHttpAuthentication
{

public class AuthenticateRequestHttpModule : IHttpModule
{

private HttpApplication mHttpApp;



public void Init(HttpApplication httpApp)
{

this.mHttpApp = httpApp;

mHttpApp.AuthenticateRequest += new EventHandler(OnAuthentication);

}


void OnAuthentication(object sender, EventArgs a)
{
HttpApplication application = (HttpApplication)sender;


HttpRequest request = application.Context.Request;

//WindowsIdentity identity = (WindowsIdentity)application.Context.User.Identity;



StreamWriter sw = new StreamWriter(request.MapPath("Test.txt"), true);

sw.WriteLine(application.Context.Request.HttpMethod.ToString());
sw.WriteLine(application.Context.Request.Headers.Count.ToString());
NameValueCollection coll;
coll=application.Context.Request.Headers;
string[] arr1 = coll.AllKeys;
for(int loop1=0;loop1<arr1.length;loop1++)>
{
sw.WriteLine(arr1[loop1].ToString());

string[] arr2=coll.GetValues(arr1[loop1]);
for(int loop2=0;loop2<arr2.length;loop2++)>
{
sw.WriteLine(arr2[loop2].ToString());
}
}

sw.Flush();

sw.Close();





}



public void Dispose()

{ }

}

}

And in the web.config:
<httpModules>
        add name="AuthenticateRequestHttpModule" type="TestServiceHttpAuthentication.AuthenticateRequestHttpModule, TestServiceHttpAuthentication" />
      </httpModules>



Now I can read from the HTTP header, validate the values from specific key/value pairs.

Thanks for those who've thought with me.

Jeroen
   
You will have to create the token derived from soapheader class.
public class TokenHeader : System.Web.Services.Protocols.SoapHeader
{
public string tokenNo;
}

in the web service class use
public TokenHeader token;

[WebMethod]

[SoapHeader("token",Required=true)]
public string GetToken()
{
if (checkToken())
return token.tokenNo;
else
return "Error in authentication";
}

private bool checkToken()
{

if (token!= null)
{
if (token.tokenNo==100)
return true;
else
return false;
}
else
return false;
}
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900