// Listing A: Defining and using an authentication header


 // class specifically to represent a SOAP Header element.

 public class AuthenticationHeader : System.Web.Services.Protocols.SoapHeader

 {
       // only public members will end up in the SOAP
       public string UserID;
       public string Password;

 }



 // public instance, within main web service class,

 // of the special Header class

 public AuthenticationHeader auth;



 // a method that becomes a SOAP message which requires the Header

 [WebMethod]

 [SoapHeader("auth",Direction=SoapHeaderDirection.In,Required=true)]

 public EmployeeInfoStruct GetEmployeeInfo(int nEmployeeID)

 {
       if (!validateUser(auth)) // use the auth header
              throw new Exception("Invalid user");
       // ....

 }


 /* Makes use of the instance of the
   AuthenticationHeader class, instantiated
   automatically by ASP.NET and populated with
   the contents of the request message's matching
   Header element. */

 private bool validateUser(AuthenticationHeader auth)

 {
       if (auth.UserID == "bill" && auth.Password == "pwd")
              return true;
       else
              return false;

 }