Home > Software engineering >  Unable to use SoapHeader to authenticate Web Service in .NET 4.0
Unable to use SoapHeader to authenticate Web Service in .NET 4.0

Time:03-30

I have the following controller class for my web service. I am trying to add authentication to it using SoapHeader. The system is using .NET 4.0. My code looks like:

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Web;
using System.Web.Script.Services;
using System.Web.Services;
using System.IO;
using System.Web.Services.Protocols;


public class AuthHeader : System.Web.Services.Protocols.SoapHeader
{
    public string username { get; set; }
    public string password { get; set; }

    public bool IsValid()
    { 
        return this.username == "admin" && this.password == "admin";
    }

}

[WebService(Namespace = "http://tempuri.org")]
[WebServiceBinding(ConformsTo = WsiProfiles.None)]
[ScriptService]
public class FormController: System.Web.Services.WebService
{
    public AuthHeader auth;

    
    [WebMethod]
    [SoapHeader ("auth")]
    public string GetFormTypes()
    {
        if (auth != null)
        {
            if (auth.IsValid()) {
                var obj = SQLQueries.ParseQuery(false, "select * from form");
                Debug.WriteLine(obj);
                obj.WriteToResponse();
                return "Successfully authenticated";
            }
                
            else {
                var res = "Invalid credentials";
                return res;
            }
                
        }
        else
        {
            var res = "Error in authentication";
            return res;
        }
    }
}

I am testing it using postman tool. My payload body looks like:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header>
    <AuthHeader xmlns="http://tempuri.org">
      <username>admin</username>
      <password>admin</password>
    </AuthHeader>
  </soap:Header>
  <soap:Body>
    <GetFormTypes xmlns="http://tempuri.org" />
  </soap:Body>
</soap:Envelope>

All examples that I checked online including Microsoft's official docs do it in a similar way yet my code does not work. When I send the request, the value of soap header auth is always null.

What am I doing wrong ?

CodePudding user response:

NOTE: I used your code no change at all in the flow of the application. Run the code in your local machine. click on the web method, copy the url and paste it in postman.

I tried creating the service based on you code and it is working fine in postman below is the screenshot and the code

try passing the below xml request to the body as shown in the diagram in postman. Also, please make sure Content-Type is set to text/XML in Header Section in Postman.

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header>
    <AuthHeader xmlns="http://tempuri.org/">
      <username>admin</username>
      <password>admin</password>
    </AuthHeader>
  </soap:Header>
  <soap:Body>
    <GetFormTypes xmlns="http://tempuri.org/" />
  </soap:Body>
</soap:Envelope>

enter image description here

  • Related