none
What is Basic Authentication in asmx web service RRS feed

  • Question

  • please tell me what is Basic Authentication in asmx web service ?

    when we use soap header attribute for web method and check user id and pwd then is it called Basic Authentication in asmx web service or Basic Authentication is totally different concept ?

    see the below example of soap header usage. code taken from http://www.codeguru.com/csharp/csharp/cs_webservices/security/article.php/c19403/Web-Services-Security-in-The-NET-Framework.htm

    Public class UserCredentials : SoapHeader
    {
    	public string userid;
    	public string password;
    }
     
    [WebMethod]
    	[SoapDocumentMethod(Binding="CAWebservice")]
    	[SoapHeader("CredentialsHeader")]
    	public string CheckCredentials()
    	{
    // Access credentials here and check against your user 
    // database. If user is successfully authenticated, then
    // return some key.
    		
    // Currently we are returning a welcome message.
    	return "Hello " + CredentialsHeader.userid + 
    ", your password is " + CredentialsHeader.password + ".<br>you have been logged in successfully";
    	}

    the above kind of auth is called Basic Authentication in asmx web service or Basic Authentication is totally different concept ? what authentication  it is consider when we use SoapHeader in asmx web service ?

    give me a example of code of basic auth from where i can see how user is validated in basic auth ?

    please guide me. thanks

    Monday, November 28, 2016 12:20 PM

Answers

  • Hi Mou_inn,

    >>the above kind of auth is called Basic Authentication in asmx web service or Basic Authentication is totally different concept ? what authentication  it is consider when we use SoapHeader in asmx web service ?

    SoapHeader is not Basic Authentication, it perform custom Authentication with your own user name and password using SOAP Headers.

    For Basic authentication, IIS implements Basic authentication by using Windows user accounts.

    If you want to achieve user name and password without Active Directory, I think you could try SoapHeader, SoapHeader could achieve custom user name and password validation.

    You could refer the link below for more information about Basic.

    # Basic

    https://msdn.microsoft.com/en-us/library/aa292114%28v=vs.71%29.aspx?f=255&MSPPError=-2147217396

    For implementing Basic Authentication, I think you could set Authentication with Basic Authentication as Enabled in the IIS and call it from client like below:

    CredentialCache credCache = new CredentialCache();
        NetworkCredential netCred = 
            new NetworkCredential( "Example", "Test$123", "sseely2" );
        credCache.Add( new Uri(svc.Url), "Basic", netCred );
        svc.Credentials = credCache;
        Console.WriteLine( svc.WhoAmI() );
    

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, November 29, 2016 5:48 AM