Question : Securing a web service call

I am trying to set up the methods in my webservice so that for them to be called, I need to authenticate the user name and password, before the call can proceed.

Seems pretty straightforward to do and I got it to work on one of my methods, but for whatever reason, I cannot get it to work on my other method and I have them set up the same way.

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:

           
           
          Public Class AuthHeader
    Inherits SoapHeader
    Public UserName As String = String.Empty
    Public Password As String = String.Empty
End Class

create a new object called Credentials
    'Set the public credentials
    Public Credentials As New AuthHeader

I then added the following to my methods
    <SoapHeader("Credentials", required:=True)> _

When I call method 1

 Dim x As New shippingservice.shipping

        Dim ah As New shippingservice.AuthHeader
        With ah
            .UserName = "user"
            .Password = "password"
        End With


        With x
            .AuthHeaderValue = ah
.method1

.method2 'fails authentication
end with

This is the soap headers for each method

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header>
    <AuthHeader xmlns="WSV">
      <UserName>string</UserName>
      <Password>string</Password>
    </AuthHeader>
  </soap:Header>
  <soap:Body>
    <Method1 xmlns="WSV">
      <OrderInfo>string</OrderInfo>
    </Method1>
  </soap:Body>
</soap:Envelope>

and method 2 is

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header>
    <AuthHeader xmlns="WSV">
      <UserName>string</UserName>
      <Password>string</Password>
    </AuthHeader>
  </soap:Header>
  <soap:Body>
    <method2 xmlns="WSV">
      <OrdHdrId>long</OrdHdrId>
      <Zipcode>string</Zipcode>
      <Country>string</Country>
    </method2>
  </soap:Body>
</soap:Envelope>

           
         

Answer : Securing a web service call

You said you turned offline files off first and then added the reg key. It could well be that it's the offline file service that reads the key and acts upon it and that because you've turned offline files off it's not performing this action. Try turning it back on, re-apply the regkey then turn it back off.

Having said that I've just re-read your post and you mentioned that the key is being deleted which would suggest it's being read. Worth a try though.

With regards to manually clearing the CSC folder this shouldn't cause any issues i've done this before with no adverse effects.