Web Services Enhancements 2.0: Security and Policy (VB.NET) - Creating User Accounts and Groups

(Page 2 of 7 )

Note: any user should be allowed to view invoices, but only vendors can submit invoices, only managers can approve invoices, and only accounting personnel can pay invoices.

Your job in this exercise is to implement these features using the WSE 2.0 security APIs.

You need to setup up some local user accounts and groups to use in this part of the lab. You're going to create one group for each of the user types described above (e.g., User, Vendor, Manager, and Accounting) along with some user accounts assigned to the different groups.

1. Click Start | Control Panel | Administrative Tools | Computer Management.
   
2. Navigate to System Tools | Local Users and Groups | Users.
   
3. Create four new user accounts named admin, vick, mike, and aaron. You can use the same password for all of them to make things easier. Follow these steps for creating each account:
   
4. Click Action | New User.
   
5. Enter the user name (e.g., admin) and password (e.g., password)
   
6. Deselect User must change password at next logon and select Password never expires.
   
7. Click Create. 
   
8. Repeat steps e – g for the names vick, mike, and aaron. 
   
9. Close the New User window. 
   
10. Navigate to System Tools | Local Users and Groups | Groups. You're going to create the following new groups with the corresponding members:
    
    Group             Members
    
    User               admin, vick, mike, aaron
    
    Vendor           admin, vick
    
    Manager        admin, mike
    
    Accounting    admin, aaron
    
    Create four new groups named User, Vendor, Manager, and Accounting. Follow these steps for creating each group:
    
    
11. Select Action | New Group.
    
12. Type in the group name (e.g, User). 
    
13. Click Add to select the group members. Simply type the name of the user (e.g., admin) and press OK. 
    
14. Repeat this for each member of the group. 
    
15. Click Create.
    
16. Repeat steps l - o with the appropriate users for the groups Vendor, Manager, and Accounting. 
    
17. Close the New Group window.
    
18. Close Computer Management.
    
    Now you're ready to start writing code that takes advantage of these user accounts and groups using WSE 2.0.

Enabling WSE 2.0

In this task, you're going to enhance your WebMethod implementation and the corresponding client application with the Web Services Enhancements (WSE) 2.0. We've already installed WSE 2.0 on your machines. Your task will be to configure things so you take advantage of WSE 2.0 security features.

1. Return to Visual Studio .NET 2003. 
   
2. Right click on the SecureInvoiceServiceA project icon in Solution Explorer, and select WSE Settings 2.0... 
   
3. On the General tab, check Enable this project for Web Services Enhancements and Enable Web Services Enhancements Soap Extensions.
   
   Note: the first option adds a reference to the Microsoft.Web.Services2 assembly while the second option registers a SoapExtension class in your project's web.config file.
   
   
4. On the Diagnostics tab, check Enable Message Trace.
   
   
5. Press OK to apply the settings and close the tool.
   
   Note: The OK button is on the bottom of the dialog, and may be hidden by the size of the screen.
   
   
6. Verify that your project now contains a reference to the Microsoft.Web.Services2 assembly. 
   
   
7. Verify that the web.config file now contains the following sections:
   
   ...
   <system.web>
      <webServices> 
         <soapExtensionTypes> 
            <add type= "Microsoft.Web.Services2. WebServicesExtension, Microsoft.Web.Services2, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad 364e35" priority="1" group="0"/>
         </soapExtensionTypes>
      </webServices> </system.web> <microsoft.web.services2>
      <diagnostics>
         <trace enabled="true" input="InputTrace.webinfo" 
   output="OutputTrace.webinfo"
   />
       </diagnostics> 
   </microsoft.web.services2> ... 
   
   
8. Follow the same steps to enable WSE 2.0 and tracing in the SecureInvoiceClient project.
   
   Note: you can't enable the WSE 2.0 SoapExtension since it's not a Web service project.
   
   
9. Update the project Web References by right clicking on each node under Web References in Solution Explorer (localhost, localhost1, localhost2, and localhost3) and selecting Update Web Reference.
   
   Note: you can find the Web References by navigating to the Web References folder in Solution Explorer. The Update Web Reference command may take some time. 
   
   
10. Open the Web reference code (found in Reference.vb under each Web reference node) and notice that there are now two proxy classes: one that uses WSE and one that doesn't.
    
    Note: to do this, select the project in Solution Explorer, and press the Show All Files button on the toolbar (2nd button from left). Then, you'll find the file under Web References | localhost | Reference.map | Reference.vb).
    
    
11. Open InvoiceManagerForm.vb in code view. 
    
    
12. Locate the ViewInvoices() method and change the line
    
    Dim proxy As New ViewInvoices
    
    to
    
    Dim proxy As New ViewInvoicesWse 
    
    
13. Locate the button handler for Approve, and change the code to use the new WSE-based proxy class by changing
    
    Dim proxy As New ApproveInvoice
    
    To
    
    Dim proxy As New ApproveInvoiceWse
    
    
14. Repeat the last step for the button handlers for Pay and Submit. (e.g., change SubmitInvoices to SubmitInvoicesWse, change SubmitInvoice to SubmitInvoiceWse, etc.)
    
    
15. Rebuild the project.

Next: Sending a UsernameToken >>
 

More Visual Basic.NET Articles
More By MSDN Virtual Labs

Comments On: Web Services Enhancements 2.0: Security and Policy (VB.NET)

· This lab is excerpted from a larger document titled "Web Services Enhancement 2.0:...    · I wonder that where I can find SecureInvoiceA.sln you mentioned in Web Services...    · Please check our link to the Microsoft Virtual Labs website, ...    · i havent got the SecureInvoiceA.sln...i checked in the link u provided...can u...    · Microsoft must have moved a few things around -- try this:...    · Web Services Enhancements 2.0: Security and Policy (VB.NET), The reason for going...    · Can you specify the location of SecureInvoiceClient project.Urgent reply soon   >>> Post your comment now!