Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Dispatcher / AuthorizationBehavior.cs / 1 / AuthorizationBehavior.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Dispatcher
{
using System.Diagnostics;
using System.Collections.Generic;
using System.ServiceModel.Channels;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Collections.ObjectModel;
using System.Globalization;
using System.ServiceModel.Diagnostics;
using System.ServiceModel.Security;
using System.ServiceModel.Security.Tokens;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.Security.Principal;
using System.Runtime.CompilerServices;
sealed class AuthorizationBehavior
{
static ServiceAuthorizationManager DefaultServiceAuthorizationManager = new ServiceAuthorizationManager();
ReadOnlyCollection externalAuthorizationPolicies;
ServiceAuthorizationManager serviceAuthorizationManager;
AuditLogLocation auditLogLocation;
bool suppressAuditFailure;
AuditLevel serviceAuthorizationAuditLevel;
AuthorizationBehavior() { }
public void Authorize(ref MessageRpc rpc)
{
SecurityMessageProperty security = SecurityMessageProperty.GetOrCreate(rpc.Request);
security.ExternalAuthorizationPolicies = this.externalAuthorizationPolicies;
ServiceAuthorizationManager serviceAuthorizationManager = this.serviceAuthorizationManager ?? DefaultServiceAuthorizationManager;
try
{
if (!serviceAuthorizationManager.CheckAccess(rpc.OperationContext, ref rpc.Request))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateAccessDeniedFaultException());
}
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
if (PerformanceCounters.PerformanceCountersEnabled)
{
PerformanceCounters.AuthorizationFailed(rpc.Operation.Name);
}
if (AuditLevel.Failure == (this.serviceAuthorizationAuditLevel & AuditLevel.Failure))
{
try
{
string primaryIdentity;
string authContextId = null;
AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext;
if (authContext != null)
{
primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext);
authContextId = authContext.Id;
}
else
{
primaryIdentity = SecurityUtils.AnonymousIdentity.Name;
authContextId = "";
}
SecurityAuditHelper.WriteServiceAuthorizationFailureEvent(this.auditLogLocation,
this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
primaryIdentity, authContextId,
serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name,
ex);
}
#pragma warning suppress 56500
catch (Exception auditException)
{
if (DiagnosticUtility.IsFatal(auditException))
throw;
DiagnosticUtility.ExceptionUtility.TraceHandledException(auditException, TraceEventType.Error);
}
}
throw;
}
if (AuditLevel.Success == (this.serviceAuthorizationAuditLevel & AuditLevel.Success))
{
string primaryIdentity;
string authContextId;
AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext;
if (authContext != null)
{
primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext);
authContextId = authContext.Id;
}
else
{
primaryIdentity = SecurityUtils.AnonymousIdentity.Name;
authContextId = "";
}
SecurityAuditHelper.WriteServiceAuthorizationSuccessEvent(this.auditLogLocation,
this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
primaryIdentity, authContextId,
serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name);
}
}
[MethodImpl(MethodImplOptions.NoInlining)]
static AuthorizationBehavior CreateAuthorizationBehavior(DispatchRuntime dispatch)
{
AuthorizationBehavior behavior = new AuthorizationBehavior();
behavior.externalAuthorizationPolicies = dispatch.ExternalAuthorizationPolicies;
behavior.serviceAuthorizationManager = dispatch.ServiceAuthorizationManager;
behavior.auditLogLocation = dispatch.SecurityAuditLogLocation;
behavior.suppressAuditFailure = dispatch.SuppressAuditFailure;
behavior.serviceAuthorizationAuditLevel = dispatch.ServiceAuthorizationAuditLevel;
return behavior;
}
public static AuthorizationBehavior TryCreate(DispatchRuntime dispatch)
{
if (dispatch == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("dispatch"));
if (!dispatch.RequiresAuthorization)
return null;
return CreateAuthorizationBehavior(dispatch);
}
internal static Exception CreateAccessDeniedFaultException()
{
// always use default version?
SecurityVersion wss = SecurityVersion.Default;
FaultCode faultCode = FaultCode.CreateSenderFaultCode(wss.FailedAuthenticationFaultCode.Value, wss.HeaderNamespace.Value);
FaultReason faultReason = new FaultReason(SR.GetString(SR.AccessDenied), CultureInfo.CurrentCulture);
return new FaultException(faultReason, faultCode);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- HtmlInputSubmit.cs
- oledbconnectionstring.cs
- COAUTHINFO.cs
- ActionFrame.cs
- NamespaceQuery.cs
- DbConnectionStringBuilder.cs
- XmlParserContext.cs
- PrintPreviewControl.cs
- PenCursorManager.cs
- TextEditorCharacters.cs
- BindValidationContext.cs
- DependencyObjectCodeDomSerializer.cs
- RawStylusSystemGestureInputReport.cs
- JsonFormatGeneratorStatics.cs
- XPathSelfQuery.cs
- DrawToolTipEventArgs.cs
- HttpCookieCollection.cs
- GroupQuery.cs
- MimeXmlReflector.cs
- TextElementAutomationPeer.cs
- _ProxyRegBlob.cs
- PageRequestManager.cs
- DataPagerField.cs
- Expressions.cs
- EntityStoreSchemaGenerator.cs
- IDReferencePropertyAttribute.cs
- DLinqDataModelProvider.cs
- IList.cs
- FloatUtil.cs
- AuthenticatedStream.cs
- XmlUtf8RawTextWriter.cs
- SharedUtils.cs
- StreamReader.cs
- ReverseInheritProperty.cs
- EntityDataSourceContainerNameConverter.cs
- WebServiceResponse.cs
- FontEmbeddingManager.cs
- MasterPageCodeDomTreeGenerator.cs
- OleDbException.cs
- EventProviderBase.cs
- BaseCodeDomTreeGenerator.cs
- SQLBinary.cs
- ToolStripRenderEventArgs.cs
- HttpWebResponse.cs
- ProviderCollection.cs
- BindingNavigator.cs
- ReflectTypeDescriptionProvider.cs
- DataTableCollection.cs
- LoginAutoFormat.cs
- NameObjectCollectionBase.cs
- ExpressionVisitor.cs
- WebConfigurationManager.cs
- LassoSelectionBehavior.cs
- XmlUrlResolver.cs
- CanonicalFormWriter.cs
- GuidelineCollection.cs
- RIPEMD160.cs
- CodeSnippetCompileUnit.cs
- DescendantBaseQuery.cs
- RegexBoyerMoore.cs
- DataView.cs
- DateTimeValueSerializer.cs
- Native.cs
- MemberExpression.cs
- Pkcs7Signer.cs
- SHA384Cng.cs
- TimeoutConverter.cs
- GenericEnumConverter.cs
- ReadOnlyHierarchicalDataSourceView.cs
- WindowsRichEdit.cs
- ConfigurationValues.cs
- ParameterCollection.cs
- QueryComponents.cs
- SignatureDescription.cs
- PagesChangedEventArgs.cs
- PersonalizationProviderHelper.cs
- LongValidator.cs
- DynamicRendererThreadManager.cs
- SctClaimSerializer.cs
- UnauthorizedWebPart.cs
- NotifyCollectionChangedEventArgs.cs
- InkCanvasSelectionAdorner.cs
- AuthenticateEventArgs.cs
- XmlSchemaAnnotation.cs
- RuntimeConfigurationRecord.cs
- _LazyAsyncResult.cs
- TreeNodeConverter.cs
- PauseStoryboard.cs
- BinaryMethodMessage.cs
- ComponentDesigner.cs
- UIElement.cs
- BitmapEffectInput.cs
- StringValidator.cs
- DataGridCell.cs
- DataGridViewDataErrorEventArgs.cs
- AddInToken.cs
- VectorAnimationUsingKeyFrames.cs
- ImageSourceValueSerializer.cs
- ComplexType.cs
- DataListItemEventArgs.cs