'############################################################################## ' Author: Kevin Koch ' Description: This class represents a web service providing functionality ' regarding Orders. The Web service is locked down and secured ' through its Web.config file residing in the /ws/ directory. ' Authentication is provided via a custom soap header, which must ' be present in each method invocation. '############################################################################## Imports System.Web.Services Imports System.Web.Security Imports System.Web.Services.Protocols Imports System.Threading ' Class defining the SOAP Header security context for this Web Service Public Class OrderSecurityContext Inherits SoapHeader Public WSToken As String End Class <WebService(Namespace:="http://tempuri.org/")> _ Public Class OrderWS Inherits System.Web.Services.WebService #Region " Web Services Designer Generated Code " Public Sub New() MyBase.New() 'This call is required by the Web Services Designer. InitializeComponent() 'Add your own initialization code after the InitializeComponent() call End Sub 'Required by the Web Services Designer Private components As System.ComponentModel.IContainer 'NOTE: The following procedure is required by the Web Services Designer 'It can be modified using the Web Services Designer. 'Do not modify it using the code editor. <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent() components = New System.ComponentModel.Container() End Sub Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean) 'CODEGEN: This procedure is required by the Web Services Designer 'Do not modify it using the code editor. If disposing Then If Not (components Is Nothing) Then components.Dispose() End If End If MyBase.Dispose(disposing) End Sub #End Region Public OrderSecurityCtx As OrderSecurityContext Private Const CLASS_NAME As String = "OrderWS" Private WebUtil As New WSUtil() '================================================================================================================================ ' This method uses the SOAP Header parameters to determine the Web service consumer. ' If authenticated, the method creates a new customer order. ' The information regarding the order and the books contained in the order as passed to us from John's app in the OrderDs parameter '================================================================================================================================ <WebMethod(), SoapHeader("OrderSecurityCtx", Required:=True)> _ Public Function ConfirmOrder(ByVal OrderId As Int32, ByVal OrderDs As DataSet) As Int32 Const METHOD_NAME As String = "ConfirmOrder" Try If WebUtil.Authenticate(OrderSecurityCtx) = False Then Throw New System.Security.SecurityException("Unauthorized access") ' Ensure the Id is valid Utils.Assert(OrderId) Dim OrderObj As New OrderServices() ' Complete the order and retrieve the customer Id who placed the order Dim CustIdDs As DataSet = OrderObj.ConfirmOrder(OrderId) ' Retrieve the full profile of the customer who placed this order and email them confirmation Dim CustObj As New CustomerServices() Dim CustDs As DataSet = CustObj.GetCustomerById(Convert.ToInt32(CustIdDs.Tables(0).Rows(0).Item(CustomerDb.FIELD_CUSTOMER_ID))) With CustDs.Tables(0).Rows(0) Dim EmailObj As New EmailUtil(OrderDs, .Item(CustomerDb.FIELD_EMAIL), .Item(CustomerDb.FIELD_FIRST_NAME) + " " + .Item(CustomerDb.FIELD_LAST_NAME)) Dim asyncOpIsDone As New AutoResetEvent(False) ThreadPool.QueueUserWorkItem(New WaitCallback(AddressOf EmailObj.SendCompletedOrderConfirmation), asyncOpIsDone) End With Return OrderId Catch BizEx As BizTierException 'Exception has already been logged, just throw it to the consumer Throw BizEx Catch DbEx As DbTierException 'Exception has already been logged, just throw it to the consumer Throw DbEx Catch ex As Exception Log.WriteLogEntry(ex, Me.CLASS_NAME, METHOD_NAME) Throw New WSException(ex.Message, ex) End Try End Function End Class | 