AuthorizationBehavior.cs source code in C# .NET

                        
Code:
                         / WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Dispatcher / AuthorizationBehavior.cs / 1 / AuthorizationBehavior.cs
                        

                        
                            //------------------------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------------------------

namespace System.ServiceModel.Dispatcher 
{
    using System.Diagnostics; 
    using System.Collections.Generic; 
    using System.ServiceModel.Channels;
    using System.ServiceModel; 
    using System.ServiceModel.Description;
    using System.Collections.ObjectModel;
    using System.Globalization;
    using System.ServiceModel.Diagnostics; 
    using System.ServiceModel.Security;
    using System.ServiceModel.Security.Tokens; 
    using System.IdentityModel.Claims; 
    using System.IdentityModel.Policy;
    using System.Security.Principal; 
    using System.Runtime.CompilerServices;

    sealed class AuthorizationBehavior
    { 
        static ServiceAuthorizationManager DefaultServiceAuthorizationManager = new ServiceAuthorizationManager();
 
        ReadOnlyCollection externalAuthorizationPolicies; 
        ServiceAuthorizationManager serviceAuthorizationManager;
        AuditLogLocation auditLogLocation; 
        bool suppressAuditFailure;
        AuditLevel serviceAuthorizationAuditLevel;

        AuthorizationBehavior() { } 

        public void Authorize(ref MessageRpc rpc) 
        { 
            SecurityMessageProperty security = SecurityMessageProperty.GetOrCreate(rpc.Request);
            security.ExternalAuthorizationPolicies = this.externalAuthorizationPolicies; 

            ServiceAuthorizationManager serviceAuthorizationManager = this.serviceAuthorizationManager ?? DefaultServiceAuthorizationManager;
            try
            { 
                if (!serviceAuthorizationManager.CheckAccess(rpc.OperationContext, ref rpc.Request))
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateAccessDeniedFaultException()); 
                }
            } 
            catch (Exception ex)
            {
                if (DiagnosticUtility.IsFatal(ex))
                { 
                    throw;
                } 
                if (PerformanceCounters.PerformanceCountersEnabled) 
                {
                    PerformanceCounters.AuthorizationFailed(rpc.Operation.Name); 
                }
                if (AuditLevel.Failure == (this.serviceAuthorizationAuditLevel & AuditLevel.Failure))
                {
                    try 
                    {
                        string primaryIdentity; 
                        string authContextId = null; 
                        AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext;
                        if (authContext != null) 
                        {
                            primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext);
                            authContextId = authContext.Id;
                        } 
                        else
                        { 
                            primaryIdentity = SecurityUtils.AnonymousIdentity.Name; 
                            authContextId = "";
                        } 

                        SecurityAuditHelper.WriteServiceAuthorizationFailureEvent(this.auditLogLocation,
                            this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
                            primaryIdentity, authContextId, 
                            serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name,
                            ex); 
                    } 
#pragma warning suppress 56500
                    catch (Exception auditException) 
                    {
                        if (DiagnosticUtility.IsFatal(auditException))
                            throw;
 
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(auditException, TraceEventType.Error);
                    } 
                } 
                throw;
            } 

            if (AuditLevel.Success == (this.serviceAuthorizationAuditLevel & AuditLevel.Success))
            {
                string primaryIdentity; 
                string authContextId;
                AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; 
                if (authContext != null) 
                {
                    primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); 
                    authContextId = authContext.Id;
                }
                else
                { 
                    primaryIdentity = SecurityUtils.AnonymousIdentity.Name;
                    authContextId = ""; 
                } 

                SecurityAuditHelper.WriteServiceAuthorizationSuccessEvent(this.auditLogLocation, 
                    this.suppressAuditFailure, rpc.Request, rpc.Request.Headers.To, rpc.Request.Headers.Action,
                    primaryIdentity, authContextId,
                    serviceAuthorizationManager == DefaultServiceAuthorizationManager ? "" : serviceAuthorizationManager.GetType().Name);
            } 
        }
 
        [MethodImpl(MethodImplOptions.NoInlining)] 
        static AuthorizationBehavior CreateAuthorizationBehavior(DispatchRuntime dispatch)
        { 
            AuthorizationBehavior behavior = new AuthorizationBehavior();
            behavior.externalAuthorizationPolicies = dispatch.ExternalAuthorizationPolicies;
            behavior.serviceAuthorizationManager = dispatch.ServiceAuthorizationManager;
            behavior.auditLogLocation = dispatch.SecurityAuditLogLocation; 
            behavior.suppressAuditFailure = dispatch.SuppressAuditFailure;
            behavior.serviceAuthorizationAuditLevel = dispatch.ServiceAuthorizationAuditLevel; 
            return behavior; 
        }
 
        public static AuthorizationBehavior TryCreate(DispatchRuntime dispatch)
        {
            if (dispatch == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("dispatch")); 

            if (!dispatch.RequiresAuthorization) 
                return null; 

            return CreateAuthorizationBehavior(dispatch); 
        }

        internal static Exception CreateAccessDeniedFaultException()
        { 
            // always use default version?
            SecurityVersion wss = SecurityVersion.Default; 
            FaultCode faultCode = FaultCode.CreateSenderFaultCode(wss.FailedAuthenticationFaultCode.Value, wss.HeaderNamespace.Value); 
            FaultReason faultReason = new FaultReason(SR.GetString(SR.AccessDenied), CultureInfo.CurrentCulture);
            return new FaultException(faultReason, faultCode); 
        }
    }
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

                        

                        
                        

Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK

• NetSectionGroup.cs
• HostProtectionException.cs
• PropertyChangedEventManager.cs
• BookmarkEventArgs.cs
• XsltLoader.cs
• XmlLoader.cs
• CachedPathData.cs
• TextWriter.cs
• DetailsViewRow.cs
• WebPartPersonalization.cs
• DefaultTraceListener.cs
• ReferencedType.cs
• AnimationClockResource.cs
• HelpKeywordAttribute.cs
• SqlDataSourceTableQuery.cs
• PropertyIDSet.cs
• NativeMethods.cs
• CodePageEncoding.cs
• ComponentSerializationService.cs
• ReadWriteSpinLock.cs
• SynchronizationLockException.cs
• BeginEvent.cs
• SqlCacheDependencyDatabase.cs
• HttpModulesSection.cs
• ManagementScope.cs
• __FastResourceComparer.cs
• XslAstAnalyzer.cs
• AssociationSet.cs
• EntityStoreSchemaGenerator.cs
• DataSpaceManager.cs
• TrackingStringDictionary.cs
• OracleMonthSpan.cs
• EdmScalarPropertyAttribute.cs
• CacheVirtualItemsEvent.cs
• ErrorFormatterPage.cs
• HasCopySemanticsAttribute.cs
• EventDrivenDesigner.cs
• Floater.cs
• CharacterBuffer.cs
• CodeGotoStatement.cs
• OleDbError.cs
• InstanceNameConverter.cs
• PropertyMetadata.cs
• StandardCommands.cs
• _NTAuthentication.cs
• GeneralTransform3DTo2D.cs
• TransformDescriptor.cs
• UIElementParaClient.cs
• DirectoryNotFoundException.cs
• CompilerErrorCollection.cs
• UInt16Storage.cs
• TimeoutStream.cs
• TableLayoutPanel.cs
• SHA384Managed.cs
• IFlowDocumentViewer.cs
• ApplicationServicesHostFactory.cs
• IInstanceTable.cs
• ellipse.cs
• PrintDialog.cs
• ValueExpressions.cs
• NullableBoolConverter.cs
• RightsManagementEncryptionTransform.cs
• TextServicesManager.cs
• HandoffBehavior.cs
• ObjectListCommandEventArgs.cs
• OrthographicCamera.cs
• ListInitExpression.cs
• FixedSOMTable.cs
• ExchangeUtilities.cs
• LockCookie.cs
• DataStreams.cs
• XamlToRtfParser.cs
• Hashtable.cs
• LinqDataView.cs
• PageVisual.cs
• TdsParserSafeHandles.cs
• ProcessModuleCollection.cs
• AssociationSet.cs
• wgx_exports.cs
• SmiXetterAccessMap.cs
• ZipIOExtraField.cs
• Rules.cs
• DataGridViewRowHeightInfoPushedEventArgs.cs
• RequestSecurityTokenResponse.cs
• InsufficientExecutionStackException.cs
• CodeDirectiveCollection.cs
• ReadOnlyAttribute.cs
• HtmlFormParameterWriter.cs
• XsdDuration.cs
• DataFormats.cs
• WebConfigurationFileMap.cs
• UriSchemeKeyedCollection.cs
• ConfigurationManagerHelper.cs
• ControllableStoryboardAction.cs
• EncoderParameters.cs
• XmlNodeReader.cs
• DesignerSerializationVisibilityAttribute.cs
• HtmlTableCellCollection.cs
• WebPartDisplayModeCancelEventArgs.cs
• CancellationHandler.cs