Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / ServiceAuthorizationManager.cs / 1 / ServiceAuthorizationManager.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel
{
using System.Collections.Generic;
using System.ServiceModel.Channels;
using System.ServiceModel.Description;
using System.Collections.ObjectModel;
using System.Diagnostics;
using System.IdentityModel.Policy;
using System.ServiceModel.Diagnostics;
using System.ServiceModel.Security;
public class ServiceAuthorizationManager
{
// This is the API called by framework to perform CheckAccess.
// The API is responsible for ...
// 1) Evaluate all policies (Forward\Backward)
// 2) Optionally wire up the resulting AuthorizationContext
// to ServiceSecurityContext.
// 3) An availability of message content to make an authoritive decision.
// 4) Return the authoritive decision true/false (allow/deny).
public virtual bool CheckAccess(OperationContext operationContext, ref Message message)
{
return CheckAccess(operationContext);
}
public virtual bool CheckAccess(OperationContext operationContext)
{
if (operationContext == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("operationContext");
}
// default to forward-chaining implementation
// 1) Get policies that will participate in chain process.
// We provide a safe default policies set below.
ReadOnlyCollection authorizationPolicies = GetAuthorizationPolicies(operationContext);
// 2) Do forward chaining and wire the new ServiceSecurityContext
operationContext.IncomingMessageProperties.Security.ServiceSecurityContext =
new ServiceSecurityContext(authorizationPolicies ?? EmptyReadOnlyCollection.Instance);
// 3) Call the CheckAccessCore
return CheckAccessCore(operationContext);
}
// Define the set of policies taking part in chaining. We will provide
// the safe default set (primary token + all supporting tokens except token with
// with SecurityTokenAttachmentMode.Signed + transport token). Implementor
// can override and provide different selection of policies set.
protected virtual ReadOnlyCollection GetAuthorizationPolicies(OperationContext operationContext)
{
SecurityMessageProperty security = operationContext.IncomingMessageProperties.Security;
if (security == null)
{
return EmptyReadOnlyCollection.Instance;
}
ReadOnlyCollection externalPolicies = security.ExternalAuthorizationPolicies;
if (security.ServiceSecurityContext == null)
{
return externalPolicies ?? EmptyReadOnlyCollection.Instance;
}
ReadOnlyCollection authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies;
if (externalPolicies == null || externalPolicies.Count <= 0)
{
return authorizationPolicies;
}
// Combine
List policies = new List(authorizationPolicies);
policies.AddRange(externalPolicies);
return policies.AsReadOnly();
}
// Implementor overrides this API to make authoritive decision.
// The AuthorizationContext in opContext is generally the result from forward chain.
protected virtual bool CheckAccessCore(OperationContext operationContext)
{
return true;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ExpressionWriter.cs
- X509ScopedServiceCertificateElement.cs
- DocumentPageView.cs
- CancellationTokenRegistration.cs
- SHA1.cs
- XsltCompileContext.cs
- bindurihelper.cs
- Label.cs
- SmtpLoginAuthenticationModule.cs
- TdsEnums.cs
- BooleanConverter.cs
- DataColumnPropertyDescriptor.cs
- NativeMethods.cs
- IsolatedStorageFilePermission.cs
- DynamicQueryableWrapper.cs
- DesignerVerbCollection.cs
- ToolStrip.cs
- NodeLabelEditEvent.cs
- _MultipleConnectAsync.cs
- HierarchicalDataSourceControl.cs
- ipaddressinformationcollection.cs
- TransformerInfo.cs
- VisualStyleRenderer.cs
- AsymmetricKeyExchangeDeformatter.cs
- oledbmetadatacolumnnames.cs
- Control.cs
- AliasGenerator.cs
- DelegateSerializationHolder.cs
- RoleServiceManager.cs
- ProjectionPruner.cs
- InvokeSchedule.cs
- StateChangeEvent.cs
- GetPageCompletedEventArgs.cs
- URLString.cs
- TreeNodeBindingCollection.cs
- UnsafeNativeMethods.cs
- DataSourceExpression.cs
- DelegateSerializationHolder.cs
- Rect.cs
- HttpListenerRequest.cs
- StylusPointDescription.cs
- TileBrush.cs
- ValidationEventArgs.cs
- ArrayElementGridEntry.cs
- XamlUtilities.cs
- codemethodreferenceexpression.cs
- WebScriptMetadataMessageEncodingBindingElement.cs
- NetworkCredential.cs
- ThousandthOfEmRealDoubles.cs
- Parallel.cs
- NodeLabelEditEvent.cs
- MarkupProperty.cs
- XhtmlTextWriter.cs
- ContainerUIElement3D.cs
- isolationinterop.cs
- PersonalizationProvider.cs
- TypeToTreeConverter.cs
- DataGridViewAutoSizeModeEventArgs.cs
- ButtonStandardAdapter.cs
- DataGridViewComboBoxColumn.cs
- HealthMonitoringSection.cs
- ImageButton.cs
- XmlDictionary.cs
- AuthorizationRuleCollection.cs
- Mappings.cs
- ValueProviderWrapper.cs
- XmlNamespaceDeclarationsAttribute.cs
- ListViewDataItem.cs
- RichTextBoxAutomationPeer.cs
- ExpandableObjectConverter.cs
- WindowPattern.cs
- PageCache.cs
- EntityCollection.cs
- SvcMapFileLoader.cs
- GeometryCombineModeValidation.cs
- WebReferenceCollection.cs
- RequestSecurityTokenForGetBrowserToken.cs
- ActivityContext.cs
- MsmqPoisonMessageException.cs
- ThicknessAnimation.cs
- RoleManagerModule.cs
- DBProviderConfigurationHandler.cs
- TransactionContext.cs
- ConnectionStringSettings.cs
- TemplatePropertyEntry.cs
- GPPOINTF.cs
- BitmapEffectGroup.cs
- CheckBoxFlatAdapter.cs
- TreeBuilderBamlTranslator.cs
- ReturnType.cs
- Substitution.cs
- ClientSession.cs
- XmlSchemaAnnotated.cs
- TransactionBridgeSection.cs
- TogglePattern.cs
- PathSegment.cs
- PasswordPropertyTextAttribute.cs
- OleServicesContext.cs
- CheckBoxField.cs
- WorkflowWebHostingModule.cs