Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Channels / TransportSecurityBindingElement.cs / 1 / TransportSecurityBindingElement.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Channels
{
using System;
using System.ServiceModel.Description;
using System.Xml;
using System.Collections.Generic;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.ServiceModel.Security.Tokens;
using System.Net.Security;
public sealed class TransportSecurityBindingElement : SecurityBindingElement, IPolicyExportExtension
{
public TransportSecurityBindingElement()
: base()
{
this.LocalClientSettings.DetectReplays = this.LocalServiceSettings.DetectReplays = false;
}
TransportSecurityBindingElement(TransportSecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
// empty
}
internal override ISecurityCapabilities GetIndividualISecurityCapabilities()
{
bool supportsClientAuthentication;
bool supportsClientWindowsIdentity;
GetSupportingTokensCapabilities(out supportsClientAuthentication, out supportsClientWindowsIdentity);
return new SecurityCapabilities(supportsClientAuthentication, false, supportsClientWindowsIdentity,
ProtectionLevel.None, ProtectionLevel.None);
}
internal override bool SessionMode
{
get
{
SecureConversationSecurityTokenParameters scParameters = null;
if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0)
scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
if (scParameters != null)
return scParameters.RequireCancellation;
else
return false;
}
}
internal override bool SupportsDuplex
{
get { return true; }
}
internal override bool SupportsRequestReply
{
get { return true; }
}
internal override SecurityProtocolFactory CreateSecurityProtocolFactory(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext)
{
if (context == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
if (credentialsManager == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("credentialsManager");
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
if (isForService)
base.ApplyAuditBehaviorSettings(context, protocolFactory);
base.ConfigureProtocolFactory(protocolFactory, credentialsManager, isForService, issuerBindingContext, context.Binding);
protocolFactory.DetectReplays = false;
return protocolFactory;
}
protected override IChannelFactory BuildChannelFactoryCore(BindingContext context)
{
ISecurityCapabilities securityCapabilities = this.GetProperty(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
SecureConversationSecurityTokenParameters scParameters = null;
if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0)
{
scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
}
// This adds the demuxer element to the context
ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer());
BindingContext issuerBindingContext = context.Clone();
SecurityChannelFactory channelFactory;
if (scParameters != null)
{
if (scParameters.BootstrapSecurityBindingElement == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding)));
scParameters.IssuerBindingContext = issuerBindingContext;
if (scParameters.RequireCancellation)
{
SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory();
sessionFactory.SecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
SecuritySessionClientSettings sessionClientSettings = new SecuritySessionClientSettings();
sessionClientSettings.ChannelBuilder = channelBuilder;
sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval;
sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval;
sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure;
sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager;
sessionClientSettings.SessionProtocolFactory = sessionFactory;
channelFactory = new SecurityChannelFactory(securityCapabilities, context, sessionClientSettings);
}
else
{
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding);
SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone();
acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext;
protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
channelFactory = new SecurityChannelFactory(securityCapabilities, context, channelBuilder, protocolFactory);
}
}
else
{
SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory(
context, credentialsManager, false, issuerBindingContext);
channelFactory = new SecurityChannelFactory(securityCapabilities, context, channelBuilder, protocolFactory);
}
return channelFactory;
}
protected override IChannelListener BuildChannelListenerCore(BindingContext context)
{
SecurityChannelListener channelListener = new SecurityChannelListener(this, context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find();
if (credentialsManager == null)
credentialsManager = ServiceCredentials.CreateDefaultCredentials();
SecureConversationSecurityTokenParameters scParameters;
if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0)
scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
else
scParameters = null;
ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer());
BindingContext issuerBindingContext = context.Clone();
if (scParameters != null)
{
if (scParameters.BootstrapSecurityBindingElement == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding)));
AddDemuxerForSecureConversation(channelBuilder, issuerBindingContext);
if (scParameters.RequireCancellation)
{
SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory();
base.ApplyAuditBehaviorSettings(context, sessionFactory);
sessionFactory.SecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(sessionFactory, credentialsManager, true, issuerBindingContext, context.Binding);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
channelListener.SessionMode = true;
channelListener.SessionServerSettings.InactivityTimeout = this.LocalServiceSettings.InactivityTimeout;
channelListener.SessionServerSettings.KeyRolloverInterval = this.LocalServiceSettings.SessionKeyRolloverInterval;
channelListener.SessionServerSettings.MaximumPendingSessions = this.LocalServiceSettings.MaxPendingSessions;
channelListener.SessionServerSettings.MaximumKeyRenewalInterval = this.LocalServiceSettings.SessionKeyRenewalInterval;
channelListener.SessionServerSettings.TolerateTransportFailures = this.LocalServiceSettings.ReconnectTransportOnFailure;
channelListener.SessionServerSettings.IssuedSecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)channelListener.SessionServerSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
channelListener.SessionServerSettings.SecurityStandardsManager = sessionFactory.StandardsManager;
channelListener.SessionServerSettings.SessionProtocolFactory = sessionFactory;
// pass in the error handler for handling unknown security sessions - dont do this if the underlying channel is duplex since sending
// back faults in response to badly secured requests over duplex can result in DoS.
if (context.BindingParameters != null && context.BindingParameters.Find() == null
&& !IsUnderlyingListenerDuplex(context))
{
context.BindingParameters.Add(new SecuritySessionServerSettings.SecuritySessionDemuxFailureHandler(sessionFactory.StandardsManager));
}
}
else
{
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
base.ApplyAuditBehaviorSettings(context, protocolFactory);
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(protocolFactory, credentialsManager, true, issuerBindingContext, context.Binding);
SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone();
acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext;
protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
channelListener.SecurityProtocolFactory = protocolFactory;
}
}
else
{
SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory(context, credentialsManager, true, issuerBindingContext);
channelListener.SecurityProtocolFactory = protocolFactory;
}
channelListener.InitializeListener(channelBuilder);
return channelListener;
}
public override T GetProperty(BindingContext context)
{
if (context == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
if (typeof(T) == typeof(ChannelProtectionRequirements))
{
AddressingVersion addressing = MessageVersion.Default.Addressing;
#pragma warning suppress 56506
MessageEncodingBindingElement encoding = context.Binding.Elements.Find();
if (encoding != null)
{
addressing = encoding.MessageVersion.Addressing;
}
ChannelProtectionRequirements myRequirements = base.GetProtectionRequirements(addressing, ProtectionLevel.EncryptAndSign);
myRequirements.Add(context.GetInnerProperty()??new ChannelProtectionRequirements());
return (T)(object)myRequirements;
}
else
{
return base.GetProperty(context);
}
}
public override BindingElement Clone()
{
return new TransportSecurityBindingElement(this);
}
void IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext policyContext)
{
if (exporter == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("exporter");
if (policyContext == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("policyContext");
if (policyContext.BindingElements.Find() == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ExportOfBindingWithTransportSecurityBindingElementAndNoTransportSecurityNotSupported)));
// the ITransportTokenAssertionProvider will perform the acutal export steps.
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- validationstate.cs
- FixedTextSelectionProcessor.cs
- HttpStreamFormatter.cs
- ComplexBindingPropertiesAttribute.cs
- ListViewCommandEventArgs.cs
- ElementHostAutomationPeer.cs
- EmptyStringExpandableObjectConverter.cs
- DrawingVisualDrawingContext.cs
- IncrementalCompileAnalyzer.cs
- TargetException.cs
- HandlerBase.cs
- ShadowGlyph.cs
- XmlElementList.cs
- BoundingRectTracker.cs
- NumericExpr.cs
- iisPickupDirectory.cs
- followingsibling.cs
- TextBoxBase.cs
- StylusDownEventArgs.cs
- DataTableReader.cs
- XsdValidatingReader.cs
- RenderDataDrawingContext.cs
- DataGridViewTopLeftHeaderCell.cs
- StorageComplexPropertyMapping.cs
- parserscommon.cs
- DataServiceHostFactory.cs
- Privilege.cs
- MonthChangedEventArgs.cs
- VScrollBar.cs
- EdmMember.cs
- AssemblyUtil.cs
- SystemInformation.cs
- SqlParameterCollection.cs
- AtomPub10CategoriesDocumentFormatter.cs
- WindowsComboBox.cs
- BaseUriHelper.cs
- StylusPointPropertyInfo.cs
- WebControlToolBoxItem.cs
- TemplateEditingFrame.cs
- MobileListItemCollection.cs
- MSG.cs
- ApplicationDirectoryMembershipCondition.cs
- EdmRelationshipRoleAttribute.cs
- DBDataPermission.cs
- StatusBarAutomationPeer.cs
- IncrementalReadDecoders.cs
- AstTree.cs
- NoneExcludedImageIndexConverter.cs
- DeploymentSectionCache.cs
- Control.cs
- PrivilegeNotHeldException.cs
- EdmTypeAttribute.cs
- ToolTip.cs
- StackBuilderSink.cs
- CodeMemberProperty.cs
- TdsParserSafeHandles.cs
- DecoderFallback.cs
- ASCIIEncoding.cs
- DesignerSerializationVisibilityAttribute.cs
- EntityDataSourceValidationException.cs
- StringPropertyBuilder.cs
- WebPartMinimizeVerb.cs
- TraceXPathNavigator.cs
- RectangleHotSpot.cs
- DbConnectionOptions.cs
- TemplateControl.cs
- EntityKey.cs
- WMIGenerator.cs
- FileDataSourceCache.cs
- GenericsNotImplementedException.cs
- TypographyProperties.cs
- XmlReflectionMember.cs
- XPathParser.cs
- ComponentGuaranteesAttribute.cs
- ServiceOperation.cs
- MailMessage.cs
- NonDualMessageSecurityOverHttp.cs
- IntPtr.cs
- GlobalProxySelection.cs
- HybridDictionary.cs
- DataGridViewCellStyleContentChangedEventArgs.cs
- RoutingBehavior.cs
- Rfc2898DeriveBytes.cs
- PropertyKey.cs
- RegistryPermission.cs
- HttpContext.cs
- AmbientLight.cs
- UriSection.cs
- FastEncoderWindow.cs
- XmlSchemaObjectTable.cs
- StoreItemCollection.cs
- PropertyEntry.cs
- PartManifestEntry.cs
- Storyboard.cs
- ElapsedEventArgs.cs
- MultipleViewProviderWrapper.cs
- TextDecoration.cs
- AccessibleObject.cs
- Tag.cs
- StaticExtension.cs