AcceptorSessionSymmetricTransportSecurityProtocol.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Security / AcceptorSessionSymmetricTransportSecurityProtocol.cs / 1 / AcceptorSessionSymmetricTransportSecurityProtocol.cs

                            //---------------------------------------------------------- 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------

namespace System.ServiceModel.Security 
{
    using System.Collections.Generic; 
    using System.ServiceModel; 
    using System.ServiceModel.Description;
    using System.Collections.ObjectModel; 
    using System.IO;
    using System.IdentityModel.Tokens;
    using System.IdentityModel.Selectors;
    using System.IdentityModel.Claims; 
    using System.IdentityModel.Policy;
    using System.Security.Cryptography; 
    using System.ServiceModel.Security.Tokens; 
    using System.ServiceModel.Channels;
    using System.Runtime.InteropServices; 
    using System.Text;
    using System.Xml;
    using System.Xml.Serialization;
 
    sealed class AcceptorSessionSymmetricTransportSecurityProtocol : TransportSecurityProtocol, IAcceptorSecuritySessionProtocol
    { 
        SecurityToken outgoingSessionToken; 
        SecurityTokenAuthenticator sessionTokenAuthenticator;
        SecurityTokenResolver sessionTokenResolver; 
        ReadOnlyCollection sessionTokenResolverList;
        UniqueId sessionId;
        Collection sessionTokenAuthenticatorSpecificationList;
        bool requireDerivedKeys; 

        public AcceptorSessionSymmetricTransportSecurityProtocol(SessionSymmetricTransportSecurityProtocolFactory factory) : base(factory, null, null) 
        { 
            if (factory.ActAsInitiator == true)
            { 
                DiagnosticUtility.DebugAssert("This protocol can only be used at the recipient.");
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ProtocolMustBeRecipient, this.GetType().ToString())));
            }
            this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys; 
        }
 
        SessionSymmetricTransportSecurityProtocolFactory Factory 
        {
            get { return (SessionSymmetricTransportSecurityProtocolFactory)this.SecurityProtocolFactory; } 
        }

        public bool ReturnCorrelationState
        { 
            get
            { 
                return false; 
            }
            set 
            {
            }
        }
 
        public void SetSessionTokenAuthenticator(UniqueId sessionId, SecurityTokenAuthenticator sessionTokenAuthenticator, SecurityTokenResolver sessionTokenResolver)
        { 
            this.CommunicationObject.ThrowIfDisposedOrImmutable(); 
            this.sessionId = sessionId;
            this.sessionTokenResolver = sessionTokenResolver; 
            Collection tmp = new Collection();
            tmp.Add(this.sessionTokenResolver);
            this.sessionTokenResolverList = new ReadOnlyCollection(tmp);
            this.sessionTokenAuthenticator = sessionTokenAuthenticator; 
            SupportingTokenAuthenticatorSpecification spec = new SupportingTokenAuthenticatorSpecification(this.sessionTokenAuthenticator, this.sessionTokenResolver, SecurityTokenAttachmentMode.Endorsing, this.Factory.SecurityTokenParameters);
            this.sessionTokenAuthenticatorSpecificationList = new Collection(); 
            this.sessionTokenAuthenticatorSpecificationList.Add(spec); 
        }
 
        public SecurityToken GetOutgoingSessionToken()
        {
            return this.outgoingSessionToken;
        } 

        public void SetOutgoingSessionToken(SecurityToken token) 
        { 
            if (token == null)
            { 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
            }
            this.outgoingSessionToken = token;
        } 

        protected override void VerifyIncomingMessageCore(ref Message message, TimeSpan timeout) 
        { 
            string actor = string.Empty; // message.Version.Envelope.UltimateDestinationActor;
            ReceiveSecurityHeader securityHeader = this.Factory.StandardsManager.CreateReceiveSecurityHeader(message, actor, 
                this.Factory.IncomingAlgorithmSuite, MessageDirection.Input);
            securityHeader.RequireMessageProtection = false;
            securityHeader.ReaderQuotas = this.Factory.SecurityBindingElement.ReaderQuotas;
            IList supportingAuthenticators = GetSupportingTokenAuthenticatorsAndSetExpectationFlags(this.Factory, message, securityHeader); 
            ReadOnlyCollection mergedTokenResolvers = MergeOutOfBandResolvers(supportingAuthenticators, this.sessionTokenResolverList);
            if (supportingAuthenticators != null && supportingAuthenticators.Count > 0) 
            { 
                supportingAuthenticators = new List(supportingAuthenticators);
                supportingAuthenticators.Insert(0, this.sessionTokenAuthenticatorSpecificationList[0]); 
            }
            else
            {
                supportingAuthenticators = this.sessionTokenAuthenticatorSpecificationList; 
            }
            securityHeader.ConfigureTransportBindingServerReceiveHeader(supportingAuthenticators); 
            securityHeader.ConfigureOutOfBandTokenResolver(mergedTokenResolvers); 
            securityHeader.ExpectEndorsingTokens = true;
            TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); 
            securityHeader.SetTimeParameters(this.Factory.NonceCache, this.Factory.ReplayWindow, this.Factory.MaxClockSkew);
            // do not enforce key derivation requirement for Cancel messages due to WSE interop
            securityHeader.EnforceDerivedKeyRequirement = (message.Headers.Action != this.Factory.StandardsManager.SecureConversationDriver.CloseAction.Value);
            securityHeader.Process(timeoutHelper.RemainingTime()); 
            if (securityHeader.Timestamp == null)
            { 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.RequiredTimestampMissingInSecurityHeader))); 
            }
            bool didSessionSctEndorse = false; 
            if (securityHeader.EndorsingSupportingTokens != null)
            {
                for (int i = 0; i < securityHeader.EndorsingSupportingTokens.Count; ++i)
                { 
                    SecurityContextSecurityToken signingSct = (securityHeader.EndorsingSupportingTokens[i] as SecurityContextSecurityToken);
                    if (signingSct != null && signingSct.ContextId == this.sessionId) 
                    { 
                        didSessionSctEndorse = true;
                        break; 
                    }
                }
            }
            if (!didSessionSctEndorse) 
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.NoSessionTokenPresentInMessage))); 
            } 
            message = securityHeader.ProcessedMessage;
            AttachRecipientSecurityProperty(message, securityHeader.BasicSupportingTokens, securityHeader.EndorsingSupportingTokens, 
                securityHeader.SignedEndorsingSupportingTokens, securityHeader.SignedSupportingTokens, securityHeader.SecurityTokenAuthorizationPoliciesMapping);
            base.OnIncomingMessageVerified(message);
        }
    } 
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK