Dot Net Sea: October 2012

Tuesday, 30 October 2012

message contract in wcf

using
System;

using
System.Collections.Generic;

using
System.Linq;

using
System.Runtime.Serialization;

using
System.ServiceModel;

using
System.Text;

namespace
Wcfm
{// NOTE: If you change the interface name "IService1" here, you must also update the reference to "IService1" in Web.config.

[serviceContract]
public interface IService1
{
[OperationContract]
EmployeeDetails getEmployeeDetails();
// TODO: Add your service operations here

}}
------------------------------------------------------------------------------------------------------------
now implement interface,

using
System;

using
System.Collections.Generic;

using
System.Linq;

using
System.Runtime.Serialization;

using
System.ServiceModel;

using
System.Text;

namespace
Wcfm

{// NOTE: If you change the class name "Service1" here, you must also update the reference to "Service1" in Web.config and in the associated .svc file.

public class Service1 : IService1
{public EmployeeDetails getEmployeeDetails()
{EmployeeDetails obj = new EmployeeDetails();
obj.Designation = "Manager";
obj.EmpID = 101;
obj.EmpName = "Mukesh";
obj.Location = "Noida";
obj.Salary = 50000;return obj;

}

}
}
----------------------------------------------------------------------------------------------------------------------------------------
now take class1 and do the following code

using
System;

using
System.Collections.Generic;

using
System.Linq;

using
System.Web;

using
System.ServiceModel;

using
System.Runtime.Serialization;

namespace
Wcfm

{

[MessageContract]
public class EmployeeDetails

{
[MessageHeader]
public int EmpID;
[
MessageBodyMember]
public string EmpName;

[MessageBodyMember]
public string Designation;

[MessageBodyMember]
public int Salary;
[MessageBodyMember]
public string Location;

}

}
and now run service and consume it...

wcf security using member ship

using System;

using System.Collections.Generic;

using System.Linq;

using System.Runtime.Serialization;

using System.ServiceModel;

using System.Text;

usingSystem.Data;

namespace membership

{// NOTE: If you change the interface name "IService1" here, you must also update the reference to "IService1" in Web.config.
[ServiceContract]
public interface IService1
{
[OperationContract]
DataTable getDataTable(string userName, string password, string tblName);
}
}
----------------------------------------------------------------------------------
now implement interface

using System;

using System.Collections.Generic;

using System.Linq;

using System.Runtime.Serialization;

using System.ServiceModel;

using System.Text;

using System.Data;

using System.Data.SqlClient;

using System.Configuration;

using System.Web.Security;

namespace membership

{

// NOTE: If you change the class name "Service1" here, you must also update the reference to "Service1" in Web.config and in the associated .svc file.

public class Service1 : IService1

{

public DataTable getDataTable(string userName, string password, string tblName)

{

if (Membership.ValidateUser(userName, password))

{

DataTable dt = new DataTable("emp4");

SqlDataAdapter da = new SqlDataAdapter("select * from " + tblName, ConfigurationManager.ConnectionStrings["constr"].ConnectionString);

DataSet ds = new DataSet();

da.Fill(dt);

return dt;

}

else

{

return null;

}

}

}

}

--------------------------------------------------------------------------------------------------------------------
now do the code in web .config file

<connectionStrings>

<add name="constr" connectionString="database=master;data source=SANJEEV-PC\SANJEEV83;integrated security=true;"/>

</connectionStrings>

<system.web>

<membership defaultProvider="abc">

<providers>

<clear/>

<add name="abc" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="constr" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>

</providers>

</membership>

Monday, 8 October 2012

security in web using dictionary...

take two text box one for userid and and another for password

and do the following code on default.aspx page:

using System;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using SECURE1;

public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}

string tablename = "emp2";
protected void Button1_Click(object sender, EventArgs e)
{
SECURE1.WebAuthentication obj = SECURE1.WebAuthentication.checkLogin(tablename, TextBox1.Text, TextBox2.Text);
if (obj == null)
{
Response.Write("invalid user id and password");

}
else
{
Session["xx"] = Session.SessionID;

SECURE1.webSession.startSession(Session.SessionID, obj);
Response.Redirect("Default2.aspx");
}

}
}

-----------------------------
and add a class

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
namespace SECURE1
{

public class WebAuthentication
{

string _UserName, _Role;

public string Role
{
get { return _Role; }

}

public string UserName
{
get { return _UserName; }

}
public WebAuthentication(string userName, string role)
{
_UserName = userName;
_Role = role;
}

public static WebAuthentication checkLogin(string tableName, string userName, string password)
{
SqlConnection con = new SqlConnection("database=master;data source=ANONYMOUS\\SQLEXPRESS;integrated security=true;");
con.Open();
SqlCommand cmd = new SqlCommand("select * from " + tableName + " where Name='" + userName + "' and Password='" + password + "'", con);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
return new WebAuthentication(userName, dr[3].ToString());

}
else
{
return null;

}
}
}
public class webSession
{
static Dictionary<string, WebAuthentication> _Users = new Dictionary<string, WebAuthentication>();
public static void startSession(string sessionId, WebAuthentication user)
{
if (!_Users.ContainsKey(sessionId))
{
_Users.Add(sessionId, user);
}
}
public static WebAuthentication validateSession(string sessionId)
{
if (_Users.ContainsKey(sessionId))
{
return _Users[sessionId];
}
else
{
return null;
}
}
public static void endSession(string sessionId)
{
if (_Users.ContainsKey(sessionId))
{
_Users.Remove(sessionId);
}
}
}
}

--------------------------------

take default2.aspx

and take one button for sign out..

and do following code..........

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Xml.Linq;

using SECURE1;

public partial class Default2 : System.Web.UI.Page

{

protected void Page_Load(object sender, EventArgs e)

{

if (SECURE1.webSession.validateSession(Session["xx"].ToString()) == null)

{

Response.Redirect("Default.aspx");

}

protected void Button1_Click(object sender, EventArgs e)

{

Response.Redirect("default3.aspx");

}

---------------------------

and take user control for sign out from every page...

and do the following code...

public partial class WebUserControl : System.Web.UI.UserControl

{

protected void Page_Load(object sender, EventArgs e)

{

}

protected void Button1_Click(object sender, EventArgs e)

{

SECURE1.webSession.endSession(Session.SessionID);

Response.Redirect("Default.aspx");

}