Published Wednesday, May 31, 2006 1:03 PM by Aleph

[AlephFS] Custom Soap Header Authentication

If you are looking at IFileServer interface you will notice that I use two types of security in AlephFS web service. The custom authentication is used when you don’t want to relay on the windows security like active directory. This scenario will need a user database or an XML file that the service can use to make decision based on the user role or group. For this scenario I created a SoapHeader that looks like this:

using System.Web.Services.Protocols;

/// <summary>
/// Authentication Custom Soap Header
/// </summary>
public class AuthHeader : SoapHeader
{
    public string UserName;
    public string Password;
}

The clients that access the web service must use the custom header for authentication every time a method is called. In the web service the methods that use custom security must use the soap header. Here is an example: 

public class Service : WebService, IFileServer
{
    public AuthHeader Credentials;
	
[WebMethod, SoapHeader("Credentials", Direction=SoapHeaderDirection.In)]
    public void CreateDir(string dirName)
    {
        ValidateUser(Credentials);
        try
        {
            Directory.CreateDirectory(dirName);
        }
        catch (IOException iox)
        {
		//log error
        }
    }
}

Every time a method is called we must make sure that the client is authorized. To validate the client credential before executing the body of the method we must call ValidateUser.Inside ValidateUser method we can connect to the database for user name and password validation, maybe get the rolls of the user and so on. 

private void ValidateUser(AuthHeader Credentials)
{
	if (Credentials.UserName.Length < 1 ||
		Credentials.Password.Length < 1)
	{
		throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
	}
	try
	{
		//TODO: Validate user & pass using database or xml
		if (Credentials.Password != "password")
		{
			throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
		}
	}
	catch
	{
		throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
	}
}

Now that we have implemented the custom authentication on the web server side let’s see how the client can communicate with AlephFS. I am using for testing a windows application. Here comes the client code: 

private void CallWs()
{
	//proxy
	AlephFS.AlephFileServerWse ws;
	ws = new Client.AlephFS.AlephFileServerWse();

	//custom header
	AlephFS.AuthHeader authHeader = new Client.AlephFS.AuthHeader();
	authHeader.UserName = "user_name";
	authHeader.Password = "password";
	ws.AuthHeaderValue = authHeader;

	//call method
	try
	{
		ws.CreateDir("MyDocs");
	}
	catch (SoapException ex)
	{
		//log error
	}
}



Filed under

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

No Comments

Leave a Comment

Name  

Comments 
Type the characters you see in the picture on the left.
    



Note: HTML tags in comment messages are not supported.


About Aleph

VB.NET programmer '02
C# programmer '03
Software Analyst '05
Software Architect '06