我需要一些帮助。首先我编写了一个带有基本身份验证的soap Web服务。但是我必须在soap中使用wssecurity进行更改。如何使用即将到来的ws安全标头我必须读取用户名和密码,并且我必须比较我的用户名和密码在我的 webconfig 文件里面的服务。我写了这段代码,但我不确定:我是这样做的。但是如何在 webconfig.file 中配置
public class QuantityService : Microsoft.Web.Services3.WebServicesClientProtocol, IQuantityService
{
private OperationResult AuthCheck()
{
OperationResult retVal = new OperationResult()
{
ReturnCode = 0,
ReturnMessage = "OK"
};
string userName = ConfigurationManager.AppSettings["username"].ToString();
string password = ConfigurationManager.AppSettings["password"].ToString();
//UsernameToken token = new UsernameToken(userName,password,PasswordOption.SendPlainText);
QuantityService serviceProxy = new QuantityService();
SoapContext requestContext = serviceProxy.RequestSoapContext;
//requestContext.Security.Tokens.Add(token);
if (requestContext == null)
{
throw new ApplicationException("Non-SOAP request.");
}
foreach (SecurityToken tok in requestContext.Security.Tokens)
{
if (tok is UsernameToken)
{
if (userName == ((UsernameToken)tok).Username && password == ((UsernameToken)tok).Password)
{
retVal.ReturnCode = 0;
retVal.ReturnMessage = "OK";
}
else
{
retVal.ReturnCode = -2;
retVal.ReturnMessage = "Unauthorized.";
}
}
}
return retVal;
}