Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / ServiceAuthorizationManager.cs / 1 / ServiceAuthorizationManager.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel { using System.Collections.Generic; using System.ServiceModel.Channels; using System.ServiceModel.Description; using System.Collections.ObjectModel; using System.Diagnostics; using System.IdentityModel.Policy; using System.ServiceModel.Diagnostics; using System.ServiceModel.Security; public class ServiceAuthorizationManager { // This is the API called by framework to perform CheckAccess. // The API is responsible for ... // 1) Evaluate all policies (Forward\Backward) // 2) Optionally wire up the resulting AuthorizationContext // to ServiceSecurityContext. // 3) An availability of message content to make an authoritive decision. // 4) Return the authoritive decision true/false (allow/deny). public virtual bool CheckAccess(OperationContext operationContext, ref Message message) { return CheckAccess(operationContext); } public virtual bool CheckAccess(OperationContext operationContext) { if (operationContext == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("operationContext"); } // default to forward-chaining implementation // 1) Get policies that will participate in chain process. // We provide a safe default policies set below. ReadOnlyCollectionauthorizationPolicies = GetAuthorizationPolicies(operationContext); // 2) Do forward chaining and wire the new ServiceSecurityContext operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = new ServiceSecurityContext(authorizationPolicies ?? EmptyReadOnlyCollection .Instance); // 3) Call the CheckAccessCore return CheckAccessCore(operationContext); } // Define the set of policies taking part in chaining. We will provide // the safe default set (primary token + all supporting tokens except token with // with SecurityTokenAttachmentMode.Signed + transport token). Implementor // can override and provide different selection of policies set. protected virtual ReadOnlyCollection GetAuthorizationPolicies(OperationContext operationContext) { SecurityMessageProperty security = operationContext.IncomingMessageProperties.Security; if (security == null) { return EmptyReadOnlyCollection .Instance; } ReadOnlyCollection externalPolicies = security.ExternalAuthorizationPolicies; if (security.ServiceSecurityContext == null) { return externalPolicies ?? EmptyReadOnlyCollection .Instance; } ReadOnlyCollection authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies; if (externalPolicies == null || externalPolicies.Count <= 0) { return authorizationPolicies; } // Combine List policies = new List (authorizationPolicies); policies.AddRange(externalPolicies); return policies.AsReadOnly(); } // Implementor overrides this API to make authoritive decision. // The AuthorizationContext in opContext is generally the result from forward chain. protected virtual bool CheckAccessCore(OperationContext operationContext) { return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- NativeMethods.cs
- ContentHostHelper.cs
- ConstructorBuilder.cs
- SqlCaseSimplifier.cs
- ClientFormsAuthenticationCredentials.cs
- unsafenativemethodstextservices.cs
- MaxMessageSizeStream.cs
- BaseTemplateParser.cs
- PreservationFileReader.cs
- CodeTypeDeclarationCollection.cs
- EventListenerClientSide.cs
- TextHidden.cs
- RichTextBoxAutomationPeer.cs
- MDIClient.cs
- HttpConfigurationSystem.cs
- KeyPressEvent.cs
- _Events.cs
- SqlMethods.cs
- TriggerActionCollection.cs
- GregorianCalendar.cs
- DesignerActionUIStateChangeEventArgs.cs
- XmlKeywords.cs
- CaseInsensitiveOrdinalStringComparer.cs
- TargetException.cs
- Array.cs
- ExtendedProperty.cs
- HttpRequestMessageProperty.cs
- MarkupObject.cs
- SlipBehavior.cs
- SafeArrayRankMismatchException.cs
- BulletedListEventArgs.cs
- DefaultValueConverter.cs
- unsafenativemethodsother.cs
- ValidatingReaderNodeData.cs
- JpegBitmapDecoder.cs
- ControlPager.cs
- ProxyHelper.cs
- AsymmetricAlgorithm.cs
- FormViewPageEventArgs.cs
- AppearanceEditorPart.cs
- Semaphore.cs
- ConfigurationManagerHelperFactory.cs
- BindingGroup.cs
- DbProviderSpecificTypePropertyAttribute.cs
- InternalConfigEventArgs.cs
- cookiecollection.cs
- SymbolMethod.cs
- DesignBindingValueUIHandler.cs
- Set.cs
- WebPartCancelEventArgs.cs
- WSSecurityPolicy12.cs
- BinaryParser.cs
- StackSpiller.cs
- ObjectViewQueryResultData.cs
- WsdlBuildProvider.cs
- HttpCacheVaryByContentEncodings.cs
- DataRowView.cs
- Adorner.cs
- GetPageCompletedEventArgs.cs
- CollectionView.cs
- PtsHost.cs
- AsymmetricKeyExchangeFormatter.cs
- ColumnMapProcessor.cs
- Permission.cs
- ListViewGroup.cs
- RtfControls.cs
- ConfigXmlAttribute.cs
- IntPtr.cs
- C14NUtil.cs
- TemplateControl.cs
- Rect3D.cs
- safelink.cs
- assemblycache.cs
- SoapEnumAttribute.cs
- BinaryExpression.cs
- TextPatternIdentifiers.cs
- FilterEventArgs.cs
- RemoteDebugger.cs
- GroupBoxRenderer.cs
- CFStream.cs
- SqlFunctionAttribute.cs
- XmlObjectSerializerReadContextComplex.cs
- ListViewEditEventArgs.cs
- MarkupExtensionParser.cs
- TypedAsyncResult.cs
- UnmanagedMarshal.cs
- UIHelper.cs
- StateDesigner.LayoutSelectionGlyph.cs
- GregorianCalendar.cs
- PassportAuthentication.cs
- PropertyGeneratedEventArgs.cs
- RightsManagementPermission.cs
- MobileControlsSectionHandler.cs
- TransformDescriptor.cs
- CompleteWizardStep.cs
- ConnectionStringSettingsCollection.cs
- LogicalExpr.cs
- KeyEventArgs.cs
- FastPropertyAccessor.cs
- CountdownEvent.cs