Basic auth on ASP.NET web service (asmx)

A basic example about how to implement http basic access authentification on asp.net classic webservice. See commits for a step by step guide.

Prior notice

• SSL must be configured in order to be 'secure'.
• Microsoft considers asmx as legacy technology. XML Web services and XML Web service clients should now be created using Windows Communication Foundation (WCF) but fortunately, this already works with WCF!

Steps on the service.

1. Create your own authentification module by implementing IHttpModule
2. Add auth module to app.config file
3. That's it!

Example of client code

var client = new ServiceReference1.ServiceSoapClient();
client.ClientCredentials.UserName.UserName = "root";
client.ClientCredentials.UserName.Password = "secret12345";
try
{
  var res = client.Add(3, 4);
  Console.WriteLine(res);
}
catch (Exception ex)
{
  Console.WriteLine(ex.Message);
}

You must edit your client app.config file and add.

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="ServiceSoap">
          <security mode="TransportCredentialOnly"> <!-- Set Http basic auth!-->
            <transport clientCredentialType="Basic" />
          </security>
          </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost:5838/Service.asmx" binding="basicHttpBinding"
      bindingConfiguration="ServiceSoap" contract="ServiceReference1.ServiceSoap"
      name="ServiceSoap" />
    </client>
  </system.serviceModel>
</configuration>