Listing I
'##############################################################################
' Author: Kevin Koch
' Description:  This class represents a web service providing functionality
'              regarding Books. The web service is locked down and secured
'              through its Web.config file residing in the /ws/ directory.
'               Authentication is provided via a custom soap header which must
'               be present in each method invocation
'##############################################################################
 
 
 
 
Imports System.Web.Services
Imports System.Web.Security
Imports System.Web.Services.Protocols
 
 
 
 
' Class defining the SOAP Header security context for this Web Service
Public Class BookSecurityContext
    Inherits SoapHeader
 
 
    Public ClientId As Int32
    Public WSToken As String
 
 
End Class
 
 
<WebService(Namespace:="http://tempuri.org/")> _
Public Class BookWS
    Inherits System.Web.Services.WebService
 
 
#Region " Web Services Designer Generated Code "
 
 
    Public Sub New()
        MyBase.New()
 
 
        'This call is required by the Web Services Designer.
        InitializeComponent()
 
 
        'Add your own initialization code after the InitializeComponent() call
 
 
    End Sub
 
 
    'Required by the Web Services Designer
    Private components As System.ComponentModel.IContainer
 
 
    'NOTE: The following procedure is required by the Web Services Designer
    'It can be modified using the Web Services Designer.  
    'Do not modify it using the code editor.
    <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
        components = New System.ComponentModel.Container()
    End Sub
 
 
    Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean)
        'CODEGEN: This procedure is required by the Web Services Designer
        'Do not modify it using the code editor.
        If disposing Then
            If Not (components Is Nothing) Then
                components.Dispose()
           End If
        End If
        MyBase.Dispose(disposing)
    End Sub
 
 
#End Region
 
 
 
 
    Public BookSecurityCtx As BookSecurityContext
 
 
    Private Const CLASS_NAME As String = "BookWS"
    Private WebUtil As New WSUtil()
 
 
    '================================================================================================================================
    ' This method uses the SOAP Header parameters to determine the web service consumer
    ' If authenticated, the method searches the books in the Db based on the parameters
    '================================================================================================================================
    <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _
    Public Function SearchBooks(ByVal BookId As Int32, ByVal AuthorName As String, ByVal BookName As String, ByVal AvailabilityId As Int32) As DataSet
        Const METHOD_NAME As String = "SearchBooks"
        Try
            If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access")
 
 
            Dim BookObj As New BookServices()
            Return BookObj.GetBooks(BookId, AuthorName, BookName, AvailabilityId)
 
 
        Catch BizEx As BizTierException
            'Exception has already been logged, just throw it to the consumer
            Throw BizEx
        Catch DbEx As DbTierException
            'Exception has already been logged, just throw it to the consumer
            Throw DbEx
        Catch ex As Exception
            Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME)
            Throw New WSException(ex.Message, ex)
        End Try
 
 
    End Function
 
 
 
 
    '================================================================================================================================
    ' This method uses the SOAP Header parameters to determine the web service consumer
    ' If authenticated, the method returns a dataset of all the books in the array list
    '================================================================================================================================
    <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _
    Public Function GetBooksByIds(ByVal BookIds As ArrayList) As DataSet
        Const METHOD_NAME As String = "GetBooksByIds"
        Try
            If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access")
 
 
            Dim BookObj As New BookServices()
            Return BookObj.GetBooksByIds(BookIds)
 
 
        Catch BizEx As BizTierException
            'Exception has already been logged, just throw it to the consumer
            Throw BizEx
        Catch DbEx As DbTierException
            'Exception has already been logged, just throw it to the consumer
            Throw DbEx
        Catch ex As Exception
            Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME)
            Throw New WSException(ex.Message, ex)
        End Try
 
 
    End Function
 
 
 
 
    '================================================================================================================================
    ' This method uses the SOAP Header parameters to determine the web service consumer
    ' If authenticated, the method returns all of the possible availabilities
    '================================================================================================================================
    <WebMethod(), SoapHeader("BookSecurityCtx", Required:=True)> _
    Public Function GetAvailabilityDs() As DataSet
        Const METHOD_NAME As String = "GetAvailabilityDs"
        Try
            If WebUtil.Authenticate(BookSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access")
 
 
           Dim AvailObj As New AvailabilityServices()
            Return AvailObj.GetAllAvailability()
 
 
        Catch BizEx As BizTierException
            'Exception has already been logged, just throw it to the consumer
            Throw BizEx
        Catch DbEx As DbTierException
            'Exception has already been logged, just throw it to the consumer
            Throw DbEx
        Catch ex As Exception
            Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME)
            Throw New WSException(ex.Message, ex)
        End Try
 
 
    End Function
 
 
 
 
 
 
End Class