Can you use AuthorizeAttribute in webservice asmx, soap or rest? And custom attributes, like the one below (example only)?
[System.AttributeUsage(System.AttributeTargets.Class |
System.AttributeTargets.Struct)
]
public class Author : System.Attribute
{
private string name;
public double version;
public Author(string name)
{
this.name = name;
version = 1.0;
}
}
For Web Services, the correct one is to define an HTTP module that handles headers SOAP .
Next, you need to define a web method that does this handling of the header, there using the attributes already known.
A priori serves both ASMX and WCF.
Below is an example use with a RoleProvider ( teaching to implement here ):
public class SecureWebService : WebService{
public Authentication authentication;
[WebMethod]
[SoapHeader("authentication")]
public string UsuarioValido() {
if (User.IsInRole("Cliente"))
return "Usuário é um cliente";
if (User.Identity.IsAuthenticated)
return "Usuário validado";
return "Não autenticado";
}
}