Click here to Skip to main content
15,878,852 members
Search within:


Articles / Web Development / ASP.NET
 

Web Service Authentication

Rate me:
Please Sign up or sign in to vote.
4.35/5 (41 votes)
25 Nov 2009CPOL3 min read 465K   8.3K   197  
A simple mechanism to authenticate users to a WebService
 
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Text;

namespace WebServiceAuthentication
{
    public partial class TestAuth : System.Web.UI.Page
    {

        protected void Page_Load(object sender, System.EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                //JUST FOR TEST: set the correct UserName & Password
                this.TextBoxUserName.Text = "MyUserName";
                this.TextBoxPwd.Text = "SeCrEt";
            }
        }

        #region Web Form Designer generated code
        override protected void OnInit(EventArgs e)
        {
            //
            // CODEGEN: This call is required by the ASP.NET Web Form Designer.
            //
            InitializeComponent();
            base.OnInit(e);
        }

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
        {

        }
        #endregion

        protected void ButtonAuth_Click(object sender, System.EventArgs e)
        {
            string ret;
            string UserName, Password, Key, ToHash;

            UserName = this.TextBoxUserName.Text;
            Password = this.TextBoxPwd.Text;
            DateTime dt = DateTime.Now;
            ToHash = UserName.ToUpper() + "|" + Password + "|" + dt.ToString("yyyyMMdd") + "|" + dt.ToString("HHmm");
            Key = Hash(ToHash) + "|" + UserName + "|I would like to log this string in a DB";

            ServicePointReference.ServicePoint Authenticate = new ServicePointReference.ServicePoint();
            ret = Authenticate.Authenticate(Key);
            if (ret == null)
                this.ServResponse.Text = "NULL RECEIVED!!"; //never!
            else
            {
                this.ServResponse.Text = "RECEIVED DATA: " + ret;
            }
        }

        protected void ButtonGetToken_Click(object sender, System.EventArgs e)
        {
            string ret;

            ServicePointReference.ServicePoint Authenticate = new ServicePointReference.ServicePoint();
            ret = Authenticate.GetToken();
            this.TextBoxToken.Text = ret;
        }

        protected void ButtonService_Click(object sender, System.EventArgs e)
        {
            string ret;
            string UserName, Password, ServiceName;
            string Key, ToHash;

            UserName = this.TextBoxUserName.Text;
            Password = this.TextBoxPwd.Text;
            ServiceName = this.TextBoxService.Text;
            DateTime dt = DateTime.Now;
            ToHash = UserName.ToUpper() + "|" + Password + "|" + dt.ToString("yyyyMMdd") + "|" + dt.ToString("HHmm");
            Key = Hash(ToHash) + "|" + UserName + "|I would like to log this string in a DB";

            ServicePointReference.ServicePoint Authenticate = new ServicePointReference.ServicePoint();
            ret = Authenticate.UseService(Key, ServiceName);
            this.ServResponse.Text = ret;
        }

        protected void ButtonUseToken_Click(object sender, System.EventArgs e)
        {
            string ret;
            string UserName, Password, ServiceName, Token;
            string Key, ToHash;

            UserName = this.TextBoxUserName.Text;
            Password = this.TextBoxPwd.Text;
            ServiceName = this.TextBoxService.Text;
            Token = this.TextBoxToken.Text;
            ToHash = UserName.ToUpper() + "|" + Password + "|" + Token;
            Key = Hash(ToHash) + "|" + UserName + "|I would like to log this string in a DB";

            ServicePointReference.ServicePoint Authenticate = new ServicePointReference.ServicePoint();
            ret = Authenticate.UseService(Key, ServiceName);
            this.ServResponse.Text = ret;
        }

        private string Hash(string ToHash)
        {
            // First we need to convert the string into bytes, which means using a text encoder.
            Encoder enc = System.Text.Encoding.ASCII.GetEncoder();

            // Create a buffer large enough to hold the string
            byte[] data = new byte[ToHash.Length];
            enc.GetBytes(ToHash.ToCharArray(), 0, ToHash.Length, data, 0, true);

            // This is one implementation of the abstract class MD5.
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] result = md5.ComputeHash(data);

            return BitConverter.ToString(result).Replace("-", "").ToLower();
        }

    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
faina
Web Developer
Italy Italy
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 19 Jan 2005

Article Copyright 2005 by faina
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-04-02:1