Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / ServiceAuthorizationManager.cs / 1 / ServiceAuthorizationManager.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel
{
using System.Collections.Generic;
using System.ServiceModel.Channels;
using System.ServiceModel.Description;
using System.Collections.ObjectModel;
using System.Diagnostics;
using System.IdentityModel.Policy;
using System.ServiceModel.Diagnostics;
using System.ServiceModel.Security;
public class ServiceAuthorizationManager
{
// This is the API called by framework to perform CheckAccess.
// The API is responsible for ...
// 1) Evaluate all policies (Forward\Backward)
// 2) Optionally wire up the resulting AuthorizationContext
// to ServiceSecurityContext.
// 3) An availability of message content to make an authoritive decision.
// 4) Return the authoritive decision true/false (allow/deny).
public virtual bool CheckAccess(OperationContext operationContext, ref Message message)
{
return CheckAccess(operationContext);
}
public virtual bool CheckAccess(OperationContext operationContext)
{
if (operationContext == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("operationContext");
}
// default to forward-chaining implementation
// 1) Get policies that will participate in chain process.
// We provide a safe default policies set below.
ReadOnlyCollection authorizationPolicies = GetAuthorizationPolicies(operationContext);
// 2) Do forward chaining and wire the new ServiceSecurityContext
operationContext.IncomingMessageProperties.Security.ServiceSecurityContext =
new ServiceSecurityContext(authorizationPolicies ?? EmptyReadOnlyCollection.Instance);
// 3) Call the CheckAccessCore
return CheckAccessCore(operationContext);
}
// Define the set of policies taking part in chaining. We will provide
// the safe default set (primary token + all supporting tokens except token with
// with SecurityTokenAttachmentMode.Signed + transport token). Implementor
// can override and provide different selection of policies set.
protected virtual ReadOnlyCollection GetAuthorizationPolicies(OperationContext operationContext)
{
SecurityMessageProperty security = operationContext.IncomingMessageProperties.Security;
if (security == null)
{
return EmptyReadOnlyCollection.Instance;
}
ReadOnlyCollection externalPolicies = security.ExternalAuthorizationPolicies;
if (security.ServiceSecurityContext == null)
{
return externalPolicies ?? EmptyReadOnlyCollection.Instance;
}
ReadOnlyCollection authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies;
if (externalPolicies == null || externalPolicies.Count <= 0)
{
return authorizationPolicies;
}
// Combine
List policies = new List(authorizationPolicies);
policies.AddRange(externalPolicies);
return policies.AsReadOnly();
}
// Implementor overrides this API to make authoritive decision.
// The AuthorizationContext in opContext is generally the result from forward chain.
protected virtual bool CheckAccessCore(OperationContext operationContext)
{
return true;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TablePattern.cs
- MergeFilterQuery.cs
- ImageBrush.cs
- Span.cs
- PenLineJoinValidation.cs
- CompleteWizardStep.cs
- SqlConnection.cs
- LoaderAllocator.cs
- WebPartMinimizeVerb.cs
- DataGridViewSelectedCellCollection.cs
- ProxyFragment.cs
- SmtpReplyReader.cs
- SessionIDManager.cs
- MembershipValidatePasswordEventArgs.cs
- FormsAuthentication.cs
- Evidence.cs
- ExpressionConverter.cs
- ListBindableAttribute.cs
- DeadCharTextComposition.cs
- SerializerWriterEventHandlers.cs
- StylusDevice.cs
- ConfigXmlWhitespace.cs
- TemplateControlCodeDomTreeGenerator.cs
- XmlExpressionDumper.cs
- GlobalProxySelection.cs
- DataGridBoolColumn.cs
- XPathDocumentNavigator.cs
- HostProtectionException.cs
- ProcessHostMapPath.cs
- MouseDevice.cs
- SoapSchemaMember.cs
- ConnectionPoint.cs
- ThreadSafeList.cs
- TextTreeTextNode.cs
- PeerConnector.cs
- TypeSystemHelpers.cs
- StorageMappingFragment.cs
- RequestQueryParser.cs
- DataGridParentRows.cs
- Drawing.cs
- BrowsableAttribute.cs
- RootProfilePropertySettingsCollection.cs
- ZoneButton.cs
- ToolStripDesignerUtils.cs
- MiniLockedBorderGlyph.cs
- SafeHandle.cs
- SettingsPropertyWrongTypeException.cs
- ListItemConverter.cs
- AsnEncodedData.cs
- CompModSwitches.cs
- RadialGradientBrush.cs
- DesignerTransactionCloseEvent.cs
- WebPartDeleteVerb.cs
- ResolveDuplexAsyncResult.cs
- ThicknessAnimation.cs
- Vertex.cs
- ClearTypeHintValidation.cs
- TypeValidationEventArgs.cs
- BamlMapTable.cs
- FormatPage.cs
- PermissionSet.cs
- NativeMethods.cs
- SID.cs
- ChtmlImageAdapter.cs
- OdbcReferenceCollection.cs
- EditCommandColumn.cs
- CustomCategoryAttribute.cs
- DataChangedEventManager.cs
- WindowsFormsSectionHandler.cs
- WindowsListBox.cs
- GridEntryCollection.cs
- ObjectDataSourceSelectingEventArgs.cs
- TextSpan.cs
- TreeViewItemAutomationPeer.cs
- SubpageParagraph.cs
- SQLString.cs
- PolyBezierSegmentFigureLogic.cs
- PrintDialogException.cs
- BinaryHeap.cs
- StructuralCache.cs
- DataGridViewImageColumn.cs
- ControlTemplate.cs
- ChameleonKey.cs
- SqlNodeAnnotations.cs
- GeneralTransformGroup.cs
- SurrogateSelector.cs
- TemplateModeChangedEventArgs.cs
- PanelDesigner.cs
- NotSupportedException.cs
- ScriptingProfileServiceSection.cs
- NamedPipeAppDomainProtocolHandler.cs
- DrawingContextDrawingContextWalker.cs
- DefaultProxySection.cs
- ExpressionEditorAttribute.cs
- IntranetCredentialPolicy.cs
- FileCodeGroup.cs
- IBuiltInEvidence.cs
- ApplicationSettingsBase.cs
- MruCache.cs
- SQLMoneyStorage.cs