Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Dispatcher / AuthorizationBehavior.cs / 1 / AuthorizationBehavior.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel.Dispatcher { using System.Diagnostics; using System.Collections.Generic; using System.ServiceModel.Channels; using System.ServiceModel; using System.ServiceModel.Description; using System.Collections.ObjectModel; using System.Globalization; using System.ServiceModel.Diagnostics; using System.ServiceModel.Security; using System.ServiceModel.Security.Tokens; using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.Security.Principal; using System.Runtime.CompilerServices; sealed class AuthorizationBehavior { static ServiceAuthorizationManager DefaultServiceAuthorizationManager = new ServiceAuthorizationManager(); ReadOnlyCollectionexternalAuthorizationPolicies; ServiceAuthorizationManager serviceAuthorizationManager; AuditLogLocation auditLogLocation; bool suppressAuditFailure; AuditLevel serviceAuthorizationAuditLevel; AuthorizationBehavior() { } public void Authorize(ref MessageRpc rpc) { SecurityMessageProperty security = SecurityMessageProperty.GetOrCreate(rpc.Request); security.ExternalAuthorizationPolicies = this.externalAuthorizationPolicies; ServiceAuthorizationManager serviceAuthorizationManager = this.serviceAuthorizationManager ?? DefaultServiceAuthorizationManager; try { if (!serviceAuthorizationManager.CheckAccess(rpc.OperationContext, ref rpc.Request)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateAccessDeniedFaultException()); } } catch (Exception ex) { if (DiagnosticUtility.IsFatal(ex)) { throw; } if (PerformanceCounters.PerformanceCountersEnabled) { PerformanceCounters.AuthorizationFailed(rpc.Operation.Name); } if (AuditLevel.Failure == (this.serviceAuthorizationAuditLevel & AuditLevel.Failure)) { try { string primaryIdentity; string authContextId = null; AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; if (authContext != null) { primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); authContextId = authContext.Id; } else { primaryIdentity = SecurityUtils.AnonymousIdentity.Name; authContextId = " "; } SecurityAuditHelper.WriteServiceAuthorizationFailureEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action, primaryIdentity, authContextId, serviceAuthorizationManager == DefaultServiceAuthorizationManager ? " " : serviceAuthorizationManager.GetType().Name, ex); } #pragma warning suppress 56500 catch (Exception auditException) { if (DiagnosticUtility.IsFatal(auditException)) throw; DiagnosticUtility.ExceptionUtility.TraceHandledException(auditException, TraceEventType.Error); } } throw; } if (AuditLevel.Success == (this.serviceAuthorizationAuditLevel & AuditLevel.Success)) { string primaryIdentity; string authContextId; AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; if (authContext != null) { primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); authContextId = authContext.Id; } else { primaryIdentity = SecurityUtils.AnonymousIdentity.Name; authContextId = " "; } SecurityAuditHelper.WriteServiceAuthorizationSuccessEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action, primaryIdentity, authContextId, serviceAuthorizationManager == DefaultServiceAuthorizationManager ? " " : serviceAuthorizationManager.GetType().Name); } } [MethodImpl(MethodImplOptions.NoInlining)] static AuthorizationBehavior CreateAuthorizationBehavior(DispatchRuntime dispatch) { AuthorizationBehavior behavior = new AuthorizationBehavior(); behavior.externalAuthorizationPolicies = dispatch.ExternalAuthorizationPolicies; behavior.serviceAuthorizationManager = dispatch.ServiceAuthorizationManager; behavior.auditLogLocation = dispatch.SecurityAuditLogLocation; behavior.suppressAuditFailure = dispatch.SuppressAuditFailure; behavior.serviceAuthorizationAuditLevel = dispatch.ServiceAuthorizationAuditLevel; return behavior; } public static AuthorizationBehavior TryCreate(DispatchRuntime dispatch) { if (dispatch == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("dispatch")); if (!dispatch.RequiresAuthorization) return null; return CreateAuthorizationBehavior(dispatch); } internal static Exception CreateAccessDeniedFaultException() { // always use default version? SecurityVersion wss = SecurityVersion.Default; FaultCode faultCode = FaultCode.CreateSenderFaultCode(wss.FailedAuthenticationFaultCode.Value, wss.HeaderNamespace.Value); FaultReason faultReason = new FaultReason(SR.GetString(SR.AccessDenied), CultureInfo.CurrentCulture); return new FaultException(faultReason, faultCode); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- PromptEventArgs.cs
- TagPrefixInfo.cs
- DataTableExtensions.cs
- regiisutil.cs
- DialogResultConverter.cs
- SiteMapNodeCollection.cs
- XappLauncher.cs
- DeviceContexts.cs
- CodeCastExpression.cs
- Condition.cs
- JsonSerializer.cs
- OutOfProcStateClientManager.cs
- GridViewUpdateEventArgs.cs
- DocumentSequenceHighlightLayer.cs
- ConfigXmlDocument.cs
- GridViewItemAutomationPeer.cs
- XmlSchemaProviderAttribute.cs
- SearchForVirtualItemEventArgs.cs
- AttributeCollection.cs
- EmptyElement.cs
- SqlErrorCollection.cs
- PartitionResolver.cs
- TrackingStringDictionary.cs
- SqlInternalConnection.cs
- HttpHandlerActionCollection.cs
- HtmlDocument.cs
- TreeNodeCollection.cs
- StreamSecurityUpgradeAcceptorAsyncResult.cs
- PixelFormat.cs
- NotifyParentPropertyAttribute.cs
- ParsedAttributeCollection.cs
- UpdateTracker.cs
- UpdateProgress.cs
- CodeDOMUtility.cs
- AgileSafeNativeMemoryHandle.cs
- StreamGeometry.cs
- XsdBuildProvider.cs
- Decimal.cs
- EncoderFallback.cs
- TimestampInformation.cs
- GreenMethods.cs
- EntitySqlQueryCacheEntry.cs
- DataContractAttribute.cs
- ThreadStaticAttribute.cs
- FilterableAttribute.cs
- AssemblySettingAttributes.cs
- SuppressIldasmAttribute.cs
- CachedBitmap.cs
- DataRowExtensions.cs
- SchemaTableColumn.cs
- ObjectTypeMapping.cs
- Pkcs7Signer.cs
- ScrollViewer.cs
- D3DImage.cs
- TableNameAttribute.cs
- SoapIgnoreAttribute.cs
- CollectionChange.cs
- PreservationFileWriter.cs
- KeyValuePairs.cs
- AssemblyBuilderData.cs
- ButtonField.cs
- Substitution.cs
- URL.cs
- EventWaitHandleSecurity.cs
- Lasso.cs
- VirtualPathUtility.cs
- EntityContainerEmitter.cs
- LocatorPart.cs
- CriticalExceptions.cs
- WebPartMenuStyle.cs
- CommonRemoteMemoryBlock.cs
- ICspAsymmetricAlgorithm.cs
- ListItemCollection.cs
- AdjustableArrowCap.cs
- CurrencyWrapper.cs
- LabelLiteral.cs
- MetadataFile.cs
- DataFieldCollectionEditor.cs
- UserMapPath.cs
- ActivationArguments.cs
- FixedDocument.cs
- InternalRelationshipCollection.cs
- XmlDomTextWriter.cs
- FilteredDataSetHelper.cs
- TextParentUndoUnit.cs
- ActivityExecutionContext.cs
- SqlTriggerAttribute.cs
- Collection.cs
- GroupLabel.cs
- NumberEdit.cs
- SoapElementAttribute.cs
- TableLayout.cs
- AssemblyFilter.cs
- Oid.cs
- DbProviderServices.cs
- AnnotationDocumentPaginator.cs
- ReadOnlyObservableCollection.cs
- NamespaceQuery.cs
- PDBReader.cs
- HtmlGenericControl.cs