AuthorizationBehavior.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Dispatcher / AuthorizationBehavior.cs / 1 / AuthorizationBehavior.cs

                            //------------------------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------------------------

namespace System.ServiceModel.Dispatcher 
{
    using System.Diagnostics; 
    using System.Collections.Generic; 
    using System.ServiceModel.Channels;
    using System.ServiceModel; 
    using System.ServiceModel.Description;
    using System.Collections.ObjectModel;
    using System.Globalization;
    using System.ServiceModel.Diagnostics; 
    using System.ServiceModel.Security;
    using System.ServiceModel.Security.Tokens; 
    using System.IdentityModel.Claims; 
    using System.IdentityModel.Policy;
    using System.Security.Principal; 
    using System.Runtime.CompilerServices;

    sealed class AuthorizationBehavior
    { 
        static ServiceAuthorizationManager DefaultServiceAuthorizationManager = new ServiceAuthorizationManager();
 
        ReadOnlyCollection externalAuthorizationPolicies; 
        ServiceAuthorizationManager serviceAuthorizationManager;
        AuditLogLocation auditLogLocation; 
        bool suppressAuditFailure;
        AuditLevel serviceAuthorizationAuditLevel;

        AuthorizationBehavior() { } 

        public void Authorize(ref MessageRpc rpc) 
        { 
            SecurityMessageProperty security = SecurityMessageProperty.GetOrCreate(rpc.Request);
            security.ExternalAuthorizationPolicies = this.externalAuthorizationPolicies; 

            ServiceAuthorizationManager serviceAuthorizationManager = this.serviceAuthorizationManager ?? DefaultServiceAuthorizationManager;
            try
            { 
                if (!serviceAuthorizationManager.CheckAccess(rpc.OperationContext, ref rpc.Request))
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateAccessDeniedFaultException()); 
                }
            } 
            catch (Exception ex)
            {
                if (DiagnosticUtility.IsFatal(ex))
                { 
                    throw;
                } 
                if (PerformanceCounters.PerformanceCountersEnabled) 
                {
                    PerformanceCounters.AuthorizationFailed(rpc.Operation.Name); 
                }
                if (AuditLevel.Failure == (this.serviceAuthorizationAuditLevel & AuditLevel.Failure))
                {
                    try 
                    {
                        string primaryIdentity; 
                        string authContextId = null; 
                        AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext;
                        if (authContext != null) 
                        {
                            primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext);
                            authContextId = authContext.Id;
                        } 
                        else
                        { 
                            primaryIdentity = SecurityUtils.AnonymousIdentity.Name; 
                            authContextId = "";
                        } 

                        SecurityAuditHelper.WriteServiceAuthorizationFailureEvent(this.auditLogLocation,
                            this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
                            primaryIdentity, authContextId, 
                            serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name,
                            ex); 
                    } 
#pragma warning suppress 56500
                    catch (Exception auditException) 
                    {
                        if (DiagnosticUtility.IsFatal(auditException))
                            throw;
 
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(auditException, TraceEventType.Error);
                    } 
                } 
                throw;
            } 

            if (AuditLevel.Success == (this.serviceAuthorizationAuditLevel & AuditLevel.Success))
            {
                string primaryIdentity; 
                string authContextId;
                AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; 
                if (authContext != null) 
                {
                    primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); 
                    authContextId = authContext.Id;
                }
                else
                { 
                    primaryIdentity = SecurityUtils.AnonymousIdentity.Name;
                    authContextId = ""; 
                } 

                SecurityAuditHelper.WriteServiceAuthorizationSuccessEvent(this.auditLogLocation, 
                    this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
                    primaryIdentity, authContextId,
                    serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name);
            } 
        }
 
        [MethodImpl(MethodImplOptions.NoInlining)] 
        static AuthorizationBehavior CreateAuthorizationBehavior(DispatchRuntime dispatch)
        { 
            AuthorizationBehavior behavior = new AuthorizationBehavior();
            behavior.externalAuthorizationPolicies = dispatch.ExternalAuthorizationPolicies;
            behavior.serviceAuthorizationManager = dispatch.ServiceAuthorizationManager;
            behavior.auditLogLocation = dispatch.SecurityAuditLogLocation; 
            behavior.suppressAuditFailure = dispatch.SuppressAuditFailure;
            behavior.serviceAuthorizationAuditLevel = dispatch.ServiceAuthorizationAuditLevel; 
            return behavior; 
        }
 
        public static AuthorizationBehavior TryCreate(DispatchRuntime dispatch)
        {
            if (dispatch == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("dispatch")); 

            if (!dispatch.RequiresAuthorization) 
                return null; 

            return CreateAuthorizationBehavior(dispatch); 
        }

        internal static Exception CreateAccessDeniedFaultException()
        { 
            // always use default version?
            SecurityVersion wss = SecurityVersion.Default; 
            FaultCode faultCode = FaultCode.CreateSenderFaultCode(wss.FailedAuthenticationFaultCode.Value, wss.HeaderNamespace.Value); 
            FaultReason faultReason = new FaultReason(SR.GetString(SR.AccessDenied), CultureInfo.CurrentCulture);
            return new FaultException(faultReason, faultCode); 
        }
    }
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK