'############################################################################## ' Author: Kevin Koch ' Description: This class represents a web service providing functionality ' regarding Books. The web service is locked down and secured ' through its Web.config file residing in the /ws/ directory. ' Authentication is provided via a custom soap header which must ' be present in each method invocation '############################################################################## Imports System.Web.Services Imports System.Web.Security Imports System.Web.Services.Protocols ' Class defining the SOAP Header security context for this Web Service Public Class BookSecurityContext Inherits SoapHeader Public ClientId As Int32 Public WSToken As String End Class <WebService(Namespace:="http://tempuri.org/")> _ Public Class BookWS Inherits System.Web.Services.WebService #Region " Web Services Designer Generated Code " Public Sub New() MyBase.New() 'This call is required by the Web Services Designer. InitializeComponent() 'Add your own initialization code after the InitializeComponent() call End Sub 'Required by the Web Services Designer Private components As System.ComponentModel.IContainer 'NOTE: The following procedure is required by the Web Services Designer 'It can be modified using the Web Services Designer. 'Do not modify it using the code editor. <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent() components = New System.ComponentModel.Container() End Sub Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean) 'CODEGEN: This procedure is required by the Web Services Designer 'Do not modify it using the code editor. If disposing Then If Not (components Is Nothing) Then components.Dispose() End If End If MyBase.Dispose(disposing) End Sub #End Region Public BookSecurityCtx As BookSecurityContext Private Const CLASS_NAME As String = "BookWS" Private WebUtil As New WSUtil() '================================================================================================================================ ' This method uses the SOAP Header parameters to determine the web service consumer ' If authenticated, the method searches the books in the Db based on the parameters '================================================================================================================================ <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _ Public Function SearchBooks(ByVal BookId As Int32, ByVal AuthorName As String, ByVal BookName As String, ByVal AvailabilityId As Int32) As DataSet Const METHOD_NAME As String = "SearchBooks" Try If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access") Dim BookObj As New BookServices() Return BookObj.GetBooks(BookId, AuthorName, BookName, AvailabilityId) Catch BizEx As BizTierException 'Exception has already been logged, just throw it to the consumer Throw BizEx Catch DbEx As DbTierException 'Exception has already been logged, just throw it to the consumer Throw DbEx Catch ex As Exception Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME) Throw New WSException(ex.Message, ex) End Try End Function '================================================================================================================================ ' This method uses the SOAP Header parameters to determine the web service consumer ' If authenticated, the method returns a dataset of all the books in the array list '================================================================================================================================ <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _ Public Function GetBooksByIds(ByVal BookIds As ArrayList) As DataSet Const METHOD_NAME As String = "GetBooksByIds" Try If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access") Dim BookObj As New BookServices() Return BookObj.GetBooksByIds(BookIds) Catch BizEx As BizTierException 'Exception has already been logged, just throw it to the consumer Throw BizEx Catch DbEx As DbTierException 'Exception has already been logged, just throw it to the consumer Throw DbEx Catch ex As Exception Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME) Throw New WSException(ex.Message, ex) End Try End Function '================================================================================================================================ ' This method uses the SOAP Header parameters to determine the web service consumer ' If authenticated, the method returns all of the possible availabilities '================================================================================================================================ <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _ Public Function GetAvailabilityDs() As DataSet Const METHOD_NAME As String = "GetAvailabilityDs" Try If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access") Dim AvailObj As New AvailabilityServices() Return AvailObj.GetAllAvailability() Catch BizEx As BizTierException 'Exception has already been logged, just throw it to the consumer Throw BizEx Catch DbEx As DbTierException 'Exception has already been logged, just throw it to the consumer Throw DbEx Catch ex As Exception Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME) Throw New WSException(ex.Message, ex) End Try End Function End Class | 