Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Channels / TransportSecurityBindingElement.cs / 1 / TransportSecurityBindingElement.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel.Channels { using System; using System.ServiceModel.Description; using System.Xml; using System.Collections.Generic; using System.Runtime.Serialization; using System.ServiceModel; using System.ServiceModel.Security; using System.ServiceModel.Security.Tokens; using System.Net.Security; public sealed class TransportSecurityBindingElement : SecurityBindingElement, IPolicyExportExtension { public TransportSecurityBindingElement() : base() { this.LocalClientSettings.DetectReplays = this.LocalServiceSettings.DetectReplays = false; } TransportSecurityBindingElement(TransportSecurityBindingElement elementToBeCloned) : base(elementToBeCloned) { // empty } internal override ISecurityCapabilities GetIndividualISecurityCapabilities() { bool supportsClientAuthentication; bool supportsClientWindowsIdentity; GetSupportingTokensCapabilities(out supportsClientAuthentication, out supportsClientWindowsIdentity); return new SecurityCapabilities(supportsClientAuthentication, false, supportsClientWindowsIdentity, ProtectionLevel.None, ProtectionLevel.None); } internal override bool SessionMode { get { SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; if (scParameters != null) return scParameters.RequireCancellation; else return false; } } internal override bool SupportsDuplex { get { return true; } } internal override bool SupportsRequestReply { get { return true; } } internal override SecurityProtocolFactory CreateSecurityProtocolFactory(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext) { if (context == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); if (credentialsManager == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("credentialsManager"); TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); if (isForService) base.ApplyAuditBehaviorSettings(context, protocolFactory); base.ConfigureProtocolFactory(protocolFactory, credentialsManager, isForService, issuerBindingContext, context.Binding); protocolFactory.DetectReplays = false; return protocolFactory; } protected override IChannelFactory BuildChannelFactoryCore (BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty (context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find (); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) { scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } // This adds the demuxer element to the context ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer()); BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory channelFactory; if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); scParameters.IssuerBindingContext = issuerBindingContext; if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } SecuritySessionClientSettings sessionClientSettings = new SecuritySessionClientSettings (); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory (securityCapabilities, context, sessionClientSettings); } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelFactory = new SecurityChannelFactory (securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory ( context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory (securityCapabilities, context, channelBuilder, protocolFactory); } return channelFactory; } protected override IChannelListener BuildChannelListenerCore (BindingContext context) { SecurityChannelListener channelListener = new SecurityChannelListener (this, context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find (); if (credentialsManager == null) credentialsManager = ServiceCredentials.CreateDefaultCredentials(); SecureConversationSecurityTokenParameters scParameters; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; else scParameters = null; ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer()); BindingContext issuerBindingContext = context.Clone(); if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); AddDemuxerForSecureConversation(channelBuilder, issuerBindingContext); if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); base.ApplyAuditBehaviorSettings(context, sessionFactory); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, true, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelListener.SessionMode = true; channelListener.SessionServerSettings.InactivityTimeout = this.LocalServiceSettings.InactivityTimeout; channelListener.SessionServerSettings.KeyRolloverInterval = this.LocalServiceSettings.SessionKeyRolloverInterval; channelListener.SessionServerSettings.MaximumPendingSessions = this.LocalServiceSettings.MaxPendingSessions; channelListener.SessionServerSettings.MaximumKeyRenewalInterval = this.LocalServiceSettings.SessionKeyRenewalInterval; channelListener.SessionServerSettings.TolerateTransportFailures = this.LocalServiceSettings.ReconnectTransportOnFailure; channelListener.SessionServerSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)channelListener.SessionServerSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; channelListener.SessionServerSettings.SecurityStandardsManager = sessionFactory.StandardsManager; channelListener.SessionServerSettings.SessionProtocolFactory = sessionFactory; // pass in the error handler for handling unknown security sessions - dont do this if the underlying channel is duplex since sending // back faults in response to badly secured requests over duplex can result in DoS. if (context.BindingParameters != null && context.BindingParameters.Find () == null && !IsUnderlyingListenerDuplex (context)) { context.BindingParameters.Add(new SecuritySessionServerSettings.SecuritySessionDemuxFailureHandler(sessionFactory.StandardsManager)); } } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); base.ApplyAuditBehaviorSettings(context, protocolFactory); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, true, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelListener.SecurityProtocolFactory = protocolFactory; } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory (context, credentialsManager, true, issuerBindingContext); channelListener.SecurityProtocolFactory = protocolFactory; } channelListener.InitializeListener(channelBuilder); return channelListener; } public override T GetProperty (BindingContext context) { if (context == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); if (typeof(T) == typeof(ChannelProtectionRequirements)) { AddressingVersion addressing = MessageVersion.Default.Addressing; #pragma warning suppress 56506 MessageEncodingBindingElement encoding = context.Binding.Elements.Find (); if (encoding != null) { addressing = encoding.MessageVersion.Addressing; } ChannelProtectionRequirements myRequirements = base.GetProtectionRequirements(addressing, ProtectionLevel.EncryptAndSign); myRequirements.Add(context.GetInnerProperty ()??new ChannelProtectionRequirements()); return (T)(object)myRequirements; } else { return base.GetProperty (context); } } public override BindingElement Clone() { return new TransportSecurityBindingElement(this); } void IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext policyContext) { if (exporter == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("exporter"); if (policyContext == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("policyContext"); if (policyContext.BindingElements.Find () == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ExportOfBindingWithTransportSecurityBindingElementAndNoTransportSecurityNotSupported))); // the ITransportTokenAssertionProvider will perform the acutal export steps. } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- PropertyGridEditorPart.cs
- AssemblyBuilderData.cs
- SortExpressionBuilder.cs
- BitmapCodecInfoInternal.cs
- TransactionTable.cs
- MgmtConfigurationRecord.cs
- MexNamedPipeBindingElement.cs
- PropertyGrid.cs
- ImpersonationContext.cs
- AggregateNode.cs
- WpfKnownType.cs
- HttpServerUtilityWrapper.cs
- FontFamilyIdentifier.cs
- OpCopier.cs
- ReachDocumentPageSerializer.cs
- HttpDictionary.cs
- DbProviderFactories.cs
- SuppressIldasmAttribute.cs
- MsmqInputChannelListener.cs
- COM2TypeInfoProcessor.cs
- FixedHyperLink.cs
- NamespaceInfo.cs
- RangeBase.cs
- InputLanguageCollection.cs
- XmlQueryStaticData.cs
- ClickablePoint.cs
- PermissionToken.cs
- TextTreeTextBlock.cs
- RuntimeEnvironment.cs
- TableProviderWrapper.cs
- WebBrowserPermission.cs
- QuestionEventArgs.cs
- FontDialog.cs
- Certificate.cs
- InvalidOleVariantTypeException.cs
- RadioButton.cs
- ColumnTypeConverter.cs
- ChangePasswordAutoFormat.cs
- MultipleViewProviderWrapper.cs
- FileInfo.cs
- followingsibling.cs
- TrustManagerPromptUI.cs
- BindingContext.cs
- ObjectAssociationEndMapping.cs
- BaseResourcesBuildProvider.cs
- MailBnfHelper.cs
- ProfileModule.cs
- WizardSideBarListControlItemEventArgs.cs
- ConditionCollection.cs
- SingleConverter.cs
- ObjectCloneHelper.cs
- LinearKeyFrames.cs
- EdmTypeAttribute.cs
- ProfilePropertySettings.cs
- ResourcePermissionBase.cs
- BuildManager.cs
- StringExpressionSet.cs
- ValidationRuleCollection.cs
- CompilerLocalReference.cs
- DataMisalignedException.cs
- diagnosticsswitches.cs
- TransformerTypeCollection.cs
- SortKey.cs
- ComplexPropertyEntry.cs
- EntityDataSourceDesignerHelper.cs
- SerializableAttribute.cs
- NamedPipeTransportElement.cs
- XmlStreamStore.cs
- DateTimePicker.cs
- GridViewColumnCollectionChangedEventArgs.cs
- MediaPlayer.cs
- StrokeNodeOperations2.cs
- StopStoryboard.cs
- OdbcEnvironmentHandle.cs
- X509Chain.cs
- ApplicationActivator.cs
- TransportReplyChannelAcceptor.cs
- DiscoveryClientDuplexChannel.cs
- PlaceHolder.cs
- NonDualMessageSecurityOverHttp.cs
- Cursors.cs
- PasswordDeriveBytes.cs
- FileUtil.cs
- ProfileSection.cs
- SwitchLevelAttribute.cs
- MemberListBinding.cs
- lengthconverter.cs
- WebPartVerb.cs
- OdbcRowUpdatingEvent.cs
- HandleValueEditor.cs
- ProcessModelSection.cs
- HtmlControlAdapter.cs
- LinqDataSource.cs
- Repeater.cs
- RelationshipSet.cs
- DataBindingValueUIHandler.cs
- AsymmetricKeyExchangeFormatter.cs
- WindowsStatusBar.cs
- DoubleKeyFrameCollection.cs
- DataGridCommandEventArgs.cs