Total Pageviews

Monday, April 22, 2013

Soap Header Authentication for Web Services in ASP.NET


Hi All,

I will be discussing web service authentication in this article, where you can host your web service publically but it can only be accessed by passing pre-assigned username, password and secure parameter. 

So speaking simple SOAP web services, following are the steps that will make your publically available web service, a secured web service.

When you choose to create a new web service(for .NET 2.0/3.0/3.5), you will see the following Service1.asmx code-behind. (Note: I've added "System.Web.Services.Protocols" namespace and "#region" tag in the default code.



This is an example of default web service code which will let HelloWorld() method to be consumed without any authentication, once this web service is published over the App Server(local IIS or over Internet).

By adding couple of lines of code we can make the existing web service to be secure(i.e.by enforcing username and password via SOAP Header).

So let's pick some username and password for the web service and place it within <appSettings> tag in Web.config file. 

  <appSettings>
    <add key="ff_username" value="user1"/>
    <add key="ff_password" value="User!123"/>
  </appSettings>

Now to implement this username and password, we need to modify the current web service code as shown in highlighted boxes below:


Now this web service is secured with customer username and password. After a successful build you can deploy/publish this web service on your IIS(local or Internet).

HOW TO TEST IF THE ABOVE WEBSERVICE IS WORKING WITH USERNAME & PASSWORD AUTHENTICATION

You can create a "Test Project" where you can add the service reference by right clicking on "Web Reference"--> choosing "Add Web Reference" and providing the URL of your currently deployed web service.

Assuming that you have given the web reference name of your web service(under Test Project) as "prod", it should look something as shown below.


Now in the code-behind of your "Default.aspx.cs", create the web service instance and consume the HelloWorld() and display it in Label.Text as shown below:

As stated in commented text, if your web service fails the authentication it will display "Authentication Failed" otherwise it will display "Hello World".


Cheers :-)

53 comments:

  1. Hi,
    Thank yo very much for the detailed information. Your information was very very very very helpful.

    Thank you so much.


    Apostille Certificate

    ReplyDelete
  2. Where is the validateLogin type defined?

    ReplyDelete
    Replies
    1. Hi driftwood,

      validateLogin class is defined inside Service1 class.
      This will come after Authentication region #end tag.

      The code snippet is :

      ///
      /// To Validate the user against the user/password provided in web.config
      ///
      public class validateLogin : SoapHeader
      {
      public string Username;
      public string Password;
      }

      Cheers

      Delete
    2. Hi,

      HOw can you write the fuelFinder Method where is the declaration part where should give the detailes

      Delete
    3. FuelFinder is the web service which contains .asmx file written up with various methods that you would call to communicate with your database tables or objects.
      FuelFinder isn't a method but the web service that contains all the methods defined.

      Cheers

      Delete
  3. can you suggest me how to add a custom SOAP header in request?

    ReplyDelete
  4. Thanks for sharing fabulous information. It' s my pleasure to read it.I have also bookmarked you for checking out new posts. by HRM 531 Week 1

    ReplyDelete
  5. Hi,
    Great article! Thanks for the information, I think others will find this useful.
    Authentication Services

    ReplyDelete
  6. Hi,
    what can I do if validLoginValue member is not exist?
    I am working on vb.net and Required field seems to be depricated..
    Dim sa As New ServiceReference1.Authentication
    sa.User = "dd"
    sa.Password = "dd"

    Dim srv As New ServiceReference1.MEWSSoapClient
    srv. //authenticationValue is not a member?

    ReplyDelete
    Replies
    1. Hi,
      I am also getting same issue, please let me know you find any solution

      Delete
    2. What is the Inner Exception message that you have encountered?

      Delete
  7. This blog is having the general information. Got a creative work and this is very different one.We have to develop our creativity mind.This blog helps for this. Thank you for this blog. This is very interesting and useful.
    Dot Net Training in Chennai

    ReplyDelete
  8. I really like your blog. You make it interesting to read and entertaining at the same time. I cant wait to read more from you.
    java training in chennai | java training in bangalore

    java online training | java training in pune

    ReplyDelete
  9. Greetings. I know this is somewhat off-topic, but I was wondering if you knew where I could get a captcha plugin for my comment form? I’m using the same blog platform like yours, and I’m having difficulty finding one? Thanks a lot.

    AWS Training in Bangalore | Amazon Web Services Training in Bangalore

    Amazon Web Services Training in Pune | Best AWS Training in Pune

    AWS Online Training | Online AWS Certification Course - Gangboard

    ReplyDelete
  10. A universal message I suppose, not giving up is the formula for success I think. Some things take longer than others to accomplish, so people must understand that they should have their eyes on the goal, and that should keep them motivated to see it out til the end.
    Python training in pune
    AWS Training in chennai
    Python course in chennai

    ReplyDelete
  11. Really very nice blog information for this one and more technical skills are improve,i like that kind of post.
    DevOps online Training

    ReplyDelete

  12. Hmm, it seems like your site ate my first comment (it was extremely long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I as well as an aspiring blog writer, but I’m still new to the whole thing. Do you have any recommendations for newbie blog writers? I’d appreciate it.

    AWS Interview Questions And Answers

    AWS Training in Bangalore | Amazon Web Services Training in Bangalore

    AWS Training in Pune | Best Amazon Web Services Training in Pune

    Amazon Web Services Training in Pune | Best AWS Training in Pune

    AWS Online Training | Online AWS Certification Course - Gangboard

    ReplyDelete
  13. Thank you for your information, Please update such posts.
    python training in kalyan nagar

    ReplyDelete
  14. Excellent information with unique content and it is very useful to know about the information based on blogs.

    salesforce Training in Bangalore
    uipath Training in Bangalore
    blueprism Training in Bangalore

    ReplyDelete
  15. Good post!Thank you so much for sharing this lovely article.It was so good to read and useful to upgrade my understanding...
    salesforce Training in Bangalore
    uipath Training in Bangalore
    blueprism Training in Bangalore

    ReplyDelete
  16. Thank you for sharing such a nice and interesting blog with us. Hope it might be much useful for us. keep on updating...!!
    salesforce Training in Bangalore
    uipath Training in Bangalore
    blueprism Training in Bangalore

    ReplyDelete
  17. Nice blog..! I really loved reading through this article. Thanks for sharing such a amazing post with us and keep blogging...Well written article
    aws Training in Bangalore
    python Training in Bangalore
    hadoop Training in Bangalore
    angular js Training in Bangalore
    bigdata analytics Training in Bangalore

    ReplyDelete
  18. Learn Amazon Web Services for making your career as a shining sun with Infycle Technologies. Infycle Technologies is the best AWS training centre in Chennai, providing complete hands-on practical training of professional specialists in the field. In addition to that, it also offers numerous programming language tutors in the software industry such as Python, AWS, Hadoop, etc. Once after the training, interviews will be arranged for the candidates, so that, they can set their career without any struggle. Of all that, 200% placement assurance will be given here. To have the best career, call 7502633633 to Infycle Technologies and grab a free demo to know more.
    Best AWS Training in Chennai

    ReplyDelete
  19. Thank you for posting informative insights, I think we have got some more information to share with! Do check out
    oracle dba training in chennai and let us know your thoughts. Let’s have great learning!

    ReplyDelete
  20. Learn Oracle Database Administration for making your career towards a sky-high with Infycle Technologies. Infycle Technologies gives the top Oracle DBA Training in Chennai, in the 200% hands-on practical training with professional specialists in the field. In addition to that, the placement interviews will be arranged for the candidates, so that, they can set their career towards Oracle without any struggle. The specialty of Infycle is 100% placement assurance will be given here in the top MNC's. To have the best career, call 7502633633 and grab a free demo to know more.
    BEST ORACLE TRAINING IN cHENNAI

    ReplyDelete
  21. No.1 AWS Training Institute in Chennai | Infycle Technologies

    Description:
    Study Amazon Web Services for making your career as a shining sun with Infycle Technologies. Infycle Technologies is the best AWS training institute in Chennai, providing complete hands-on practical training of professional specialists in the field. In addition to that, it also offers numerous programming language tutors in the software industry such as Oracle, Python, Big Dat, Hadoop, etc. Once after the training, interviews will be arranged for the candidates, so that, they can set their career without any struggle. Of all that, 200% placement assurance will be given here. To have the best career, call 7502633633 to Infycle Technologies and grab a free demo to know more.
    AWS training with placement

    ReplyDelete
  22. Big Data training in Chennai is nowadays not easy for many students. They don’t know how to start this?? Here, is the secured and Certified placewhich is INFYCLE who were all offering good courses with training and with top salary package placement. HURRY UP!!!

    ReplyDelete
  23. I simply wanted to thank you so much again. I am not sure the things
    that I might have gone through without the type of hints revealed by
    you regarding that situation.
    best software testing training institute in Chennai
    javascript course in Chennai

    ReplyDelete