A
Arpan
A class file named "SecureDBWS.vb" exsting in
C:\Inetpub\wwwroot\ASPX\Business folder has the following code:
Imports System
Imports System.Data
Imports System.Data.SqlClient
Imports System.Web.Services
Imports System.Web.Services.Protocols
Namespace DBSecuritySettingsWS
Public Class Authenticator : Inherits SoapHeader
Public UserName As String
Public Password As String
End Class
Public Class SecureDB : Inherits WebService
Private sqlCmd As SqlCommand
Private sqlConn As SqlConnection
Public sHeader As Authenticator
<WebMethod(), SoapHeader("sHeader")> Public Function
QueryDB(ByVal Query As String) As DataSet
If (sHeader Is Nothing) Then
Throw New Exception("Invalid Login")
End If
sqlConn = New SqlConnection("Data Source=......")
Dim dSet As DataSet
Dim sqlDapter As SqlDataAdapter
sqlDapter = New SqlDataAdapter(Query, sqlConn)
dSet = New DataSet
sqlDapter.Fill(dSet, "tblName")
Return dSet
End Function
<WebMethod()> Public Function Authenticate(ByVal strUName As
String, ByVal strPwd As String) As Boolean
Dim iID As Integer
Dim strSQL As String
Dim sqlReader As SqlDataReader
sqlConn = New SqlConnection("Data Source=......")
strSQL = "SELECT * FROM Users WHERE UserName='" & strUName
& "' AND Password='" & strPwd & "'"
sqlCmd = New SqlCommand(strSQL, sqlConn)
sqlConn.Open()
sqlReader = sqlCmd.ExecuteReader
Do While (sqlReader.Read)
iID = sqlReader.GetInt32(0)
Loop
sqlReader.Close()
sqlConn.Close()
If (iID <> 0) Then
Return True
Else
Return False
End If
End Function
End Class
End Namespace
I successfully compiled the above class code to a DLL (in
C:\Inetpub\wwwroot\ASPX\bin).
This is the ASMX file (named SecureDB.asmx) which uses the above class
(this ASMX file exists in C:\Inetpub\wwwroot\ASPX\WebServices folder):
<%@ WebService Language="VB" Class="DBSecuritySettingsWS.SecureDB" %>
Next I executed the following command in a command prompt window (at
the C:\Inetpub\wwwroot\ASPX\WebServices prompt) to generate the proxy
class:
wsdl /l:VB http://localhost/aspx/webservices/SecureDB.vb
The proxy class named SecureDB.vb was successfully created in
C:\Inetpub\wwwroot\ASPX\WebServices folder. Now when I opened this
proxy class file, i found that the class named SecureDB has a public
property named AuthenticatorValue. This is the code in the
AuthenticatorValue property:
Partial Public Class SecureDB
................
................
Public Property AuthenticatorValue() As Authenticator
Get
Return Me.authenticatorValueField
End Get
Set
Me.authenticatorValueField = value
End Set
End Property
................
................
End Class
What I would like to know is where from or how is the property named
AuthenticatorValue getting created here? Also what does the word "Me"
mean?
Using the above generated proxy class SecureDB.vb (after compiling the
proxy class to a DLL), this is the ASPX code that first validates a
user & then retrieves records from a database table & displays them in
a DataGrid:
Sub CheckLogin(ByVal obj As Object, ByVal ea As EventArgs)
Dim blnValid As Boolean
Dim wsSecureDB As SecureDB
wsSecureDB = New SecureDB
blnValid = wsSecureDB.Authenticate(txtUserName.Text,
txtPassword.Text)
If Not (blnValid) Then
lblMessage.Text = "INVALID LOGIN"
pnlLogin.Visible = True
pnlQuery.Visible = False
Else
pnlLogin.Visible = False
pnlQuery.Visible = True
End If
End Sub
Sub GetRecords(ByVal obj As Object, ByVal ea As EventArgs)
Dim dSet As DataSet
Dim wsSecureDB As SecureDB
Dim wsAuthenticate As Authenticator
dSet = New DataSet
wsSecureDB = New SecureDB
wsAuthenticate = New Authenticator
wsSecureDB.AuthenticatorValue = wsAuthenticate
dSet = wsSecureDB.QueryDB(txtQuery.Text)
dgQuery.DataSource = dSet
dgQuery.DataMember = "tblName"
dgQuery.DataBind()
End Sub
The ASPX page does two things:
1. It validates whether the user is a valid user or not using the sub
named "CheckLogin" &
2. After validating the user, the ASPX page retrieves the records based
on the SQL query a valid user enters in a TextBox whose ID is
"txtQuery" using the sub "GetRecords".
As such, the above code works perfectly but if I comment out the line
wsSecureDB.AuthenticatorValue = wsAuthenticate
in the "GetRecords" sub, then when a user tries to retrieve records
from a DB table (using any SELECT query), the ASPX page generates an
error. First of all, what does the above line do & secondly, what is
the value of wsSecureDB.AuthenticatorValue? Lastly, suppose I pass the
username & password as "john" (without the quotes) who is a valid user.
Now what is the value of the variable "sHeader" in the "QueryDB"
function declaration code line (shown in the very first code snippet)
which is the following line
<WebMethod(), SoapHeader("sHeader")> Public Function QueryDB(ByVal
Query As String) As DataSet
Thanks,
Arpan
C:\Inetpub\wwwroot\ASPX\Business folder has the following code:
Imports System
Imports System.Data
Imports System.Data.SqlClient
Imports System.Web.Services
Imports System.Web.Services.Protocols
Namespace DBSecuritySettingsWS
Public Class Authenticator : Inherits SoapHeader
Public UserName As String
Public Password As String
End Class
Public Class SecureDB : Inherits WebService
Private sqlCmd As SqlCommand
Private sqlConn As SqlConnection
Public sHeader As Authenticator
<WebMethod(), SoapHeader("sHeader")> Public Function
QueryDB(ByVal Query As String) As DataSet
If (sHeader Is Nothing) Then
Throw New Exception("Invalid Login")
End If
sqlConn = New SqlConnection("Data Source=......")
Dim dSet As DataSet
Dim sqlDapter As SqlDataAdapter
sqlDapter = New SqlDataAdapter(Query, sqlConn)
dSet = New DataSet
sqlDapter.Fill(dSet, "tblName")
Return dSet
End Function
<WebMethod()> Public Function Authenticate(ByVal strUName As
String, ByVal strPwd As String) As Boolean
Dim iID As Integer
Dim strSQL As String
Dim sqlReader As SqlDataReader
sqlConn = New SqlConnection("Data Source=......")
strSQL = "SELECT * FROM Users WHERE UserName='" & strUName
& "' AND Password='" & strPwd & "'"
sqlCmd = New SqlCommand(strSQL, sqlConn)
sqlConn.Open()
sqlReader = sqlCmd.ExecuteReader
Do While (sqlReader.Read)
iID = sqlReader.GetInt32(0)
Loop
sqlReader.Close()
sqlConn.Close()
If (iID <> 0) Then
Return True
Else
Return False
End If
End Function
End Class
End Namespace
I successfully compiled the above class code to a DLL (in
C:\Inetpub\wwwroot\ASPX\bin).
This is the ASMX file (named SecureDB.asmx) which uses the above class
(this ASMX file exists in C:\Inetpub\wwwroot\ASPX\WebServices folder):
<%@ WebService Language="VB" Class="DBSecuritySettingsWS.SecureDB" %>
Next I executed the following command in a command prompt window (at
the C:\Inetpub\wwwroot\ASPX\WebServices prompt) to generate the proxy
class:
wsdl /l:VB http://localhost/aspx/webservices/SecureDB.vb
The proxy class named SecureDB.vb was successfully created in
C:\Inetpub\wwwroot\ASPX\WebServices folder. Now when I opened this
proxy class file, i found that the class named SecureDB has a public
property named AuthenticatorValue. This is the code in the
AuthenticatorValue property:
Partial Public Class SecureDB
................
................
Public Property AuthenticatorValue() As Authenticator
Get
Return Me.authenticatorValueField
End Get
Set
Me.authenticatorValueField = value
End Set
End Property
................
................
End Class
What I would like to know is where from or how is the property named
AuthenticatorValue getting created here? Also what does the word "Me"
mean?
Using the above generated proxy class SecureDB.vb (after compiling the
proxy class to a DLL), this is the ASPX code that first validates a
user & then retrieves records from a database table & displays them in
a DataGrid:
Sub CheckLogin(ByVal obj As Object, ByVal ea As EventArgs)
Dim blnValid As Boolean
Dim wsSecureDB As SecureDB
wsSecureDB = New SecureDB
blnValid = wsSecureDB.Authenticate(txtUserName.Text,
txtPassword.Text)
If Not (blnValid) Then
lblMessage.Text = "INVALID LOGIN"
pnlLogin.Visible = True
pnlQuery.Visible = False
Else
pnlLogin.Visible = False
pnlQuery.Visible = True
End If
End Sub
Sub GetRecords(ByVal obj As Object, ByVal ea As EventArgs)
Dim dSet As DataSet
Dim wsSecureDB As SecureDB
Dim wsAuthenticate As Authenticator
dSet = New DataSet
wsSecureDB = New SecureDB
wsAuthenticate = New Authenticator
wsSecureDB.AuthenticatorValue = wsAuthenticate
dSet = wsSecureDB.QueryDB(txtQuery.Text)
dgQuery.DataSource = dSet
dgQuery.DataMember = "tblName"
dgQuery.DataBind()
End Sub
The ASPX page does two things:
1. It validates whether the user is a valid user or not using the sub
named "CheckLogin" &
2. After validating the user, the ASPX page retrieves the records based
on the SQL query a valid user enters in a TextBox whose ID is
"txtQuery" using the sub "GetRecords".
As such, the above code works perfectly but if I comment out the line
wsSecureDB.AuthenticatorValue = wsAuthenticate
in the "GetRecords" sub, then when a user tries to retrieve records
from a DB table (using any SELECT query), the ASPX page generates an
error. First of all, what does the above line do & secondly, what is
the value of wsSecureDB.AuthenticatorValue? Lastly, suppose I pass the
username & password as "john" (without the quotes) who is a valid user.
Now what is the value of the variable "sHeader" in the "QueryDB"
function declaration code line (shown in the very first code snippet)
which is the following line
<WebMethod(), SoapHeader("sHeader")> Public Function QueryDB(ByVal
Query As String) As DataSet
Thanks,
Arpan