Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / MessageSecurityOverTcp.cs / 1 / MessageSecurityOverTcp.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System; using System.ServiceModel.Channels; using System.ServiceModel.Security; using System.ServiceModel.Security.Tokens; using System.Net.Security; using System.Security.Principal; using System.Runtime.CompilerServices; public sealed class MessageSecurityOverTcp { internal const MessageCredentialType DefaultClientCredentialType = MessageCredentialType.Windows; MessageCredentialType clientCredentialType; SecurityAlgorithmSuite algorithmSuite; bool wasAlgorithmSuiteSet; internal MessageSecurityOverTcp() { clientCredentialType = DefaultClientCredentialType; algorithmSuite = SecurityAlgorithmSuite.Default; } public MessageCredentialType ClientCredentialType { get { return this.clientCredentialType; } set { if (!MessageCredentialTypeHelper.IsDefined(value)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value")); } this.clientCredentialType = value; } } public SecurityAlgorithmSuite AlgorithmSuite { get { return this.algorithmSuite; } set { if (value == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value"); } this.algorithmSuite = value; wasAlgorithmSuiteSet = true; } } internal bool WasAlgorithmSuiteSet { get { return this.wasAlgorithmSuiteSet; } } [MethodImpl(MethodImplOptions.NoInlining)] internal SecurityBindingElement CreateSecurityBindingElement(bool isSecureTransportMode, bool isReliableSession, BindingElement transportBindingElement) { SecurityBindingElement result; SecurityBindingElement oneShotSecurity; if (isSecureTransportMode) { switch (this.clientCredentialType) { case MessageCredentialType.None: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ClientCredentialTypeMustBeSpecifiedForMixedMode))); case MessageCredentialType.UserName: oneShotSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); break; case MessageCredentialType.Certificate: oneShotSecurity = SecurityBindingElement.CreateCertificateOverTransportBindingElement(); break; case MessageCredentialType.Windows: oneShotSecurity = SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement(true); break; case MessageCredentialType.IssuedToken: oneShotSecurity = SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(IssuedSecurityTokenParameters.CreateInfoCardParameters(new SecurityStandardsManager(), this.algorithmSuite)); break; default: DiagnosticUtility.DebugAssert("unknown ClientCredentialType"); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } result = SecurityBindingElement.CreateSecureConversationBindingElement(oneShotSecurity); } else { switch (this.clientCredentialType) { case MessageCredentialType.None: oneShotSecurity = SecurityBindingElement.CreateSslNegotiationBindingElement(false, true); break; case MessageCredentialType.UserName: // require cancellation so that impersonation is possible oneShotSecurity = SecurityBindingElement.CreateUserNameForSslBindingElement(true); break; case MessageCredentialType.Certificate: oneShotSecurity = SecurityBindingElement.CreateSslNegotiationBindingElement(true, true); break; case MessageCredentialType.Windows: // require cancellation so that impersonation is possible oneShotSecurity = SecurityBindingElement.CreateSspiNegotiationBindingElement(true); break; case MessageCredentialType.IssuedToken: oneShotSecurity = SecurityBindingElement.CreateIssuedTokenForSslBindingElement(IssuedSecurityTokenParameters.CreateInfoCardParameters(new SecurityStandardsManager(), this.algorithmSuite), true); break; default: DiagnosticUtility.DebugAssert("unknown ClientCredentialType"); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } result = SecurityBindingElement.CreateSecureConversationBindingElement(oneShotSecurity, true); } // set the algorithm suite and issued token params if required result.DefaultAlgorithmSuite = oneShotSecurity.DefaultAlgorithmSuite = this.AlgorithmSuite; result.IncludeTimestamp = true; if (!isReliableSession) { result.LocalServiceSettings.ReconnectTransportOnFailure = false; result.LocalClientSettings.ReconnectTransportOnFailure = false; } else { result.LocalServiceSettings.ReconnectTransportOnFailure = true; result.LocalClientSettings.ReconnectTransportOnFailure = true; } // since a session is always bootstrapped, configure the transition sct to live for a short time only oneShotSecurity.LocalServiceSettings.IssuedCookieLifetime = SpnegoTokenAuthenticator.defaultServerIssuedTransitionTokenLifetime; result.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11; oneShotSecurity.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11; return result; } internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity) { messageSecurity = null; if (sbe == null) return false; // do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings if (!sbe.IncludeTimestamp) return false; if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11 && sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10) { return false; } if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout) return false; MessageCredentialType clientCredentialType; SecurityBindingElement bootstrapSecurity; if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity)) return false; bool isSecureTransportMode = bootstrapSecurity is TransportSecurityBindingElement; IssuedSecurityTokenParameters infocardParameters; if (isSecureTransportMode) { if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity)) clientCredentialType = MessageCredentialType.UserName; else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity)) clientCredentialType = MessageCredentialType.Certificate; else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.Windows; else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters)) { if (!IssuedSecurityTokenParameters.IsInfoCardParameters(infocardParameters)) return false; clientCredentialType = MessageCredentialType.IssuedToken; } else { // the standard binding does not support None client credential type in mixed mode return false; } } else { if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.UserName; else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true)) clientCredentialType = MessageCredentialType.Certificate; else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.Windows; else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters)) { if (!IssuedSecurityTokenParameters.IsInfoCardParameters(infocardParameters)) return false; clientCredentialType = MessageCredentialType.IssuedToken; } else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true)) clientCredentialType = MessageCredentialType.None; else return false; } messageSecurity = new MessageSecurityOverTcp(); messageSecurity.ClientCredentialType = clientCredentialType; // set the algorithm suite and issued token params if required if (clientCredentialType != MessageCredentialType.IssuedToken) { messageSecurity.algorithmSuite = bootstrapSecurity.DefaultAlgorithmSuite; } return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- CodeGroup.cs
- TextElement.cs
- TrustSection.cs
- HwndStylusInputProvider.cs
- SelectionItemPattern.cs
- DataSetViewSchema.cs
- VisualStateManager.cs
- ColumnCollection.cs
- TypeFieldSchema.cs
- DataTableMappingCollection.cs
- ListGeneralPage.cs
- LogStore.cs
- CacheEntry.cs
- PropertyPathConverter.cs
- controlskin.cs
- DocumentEventArgs.cs
- HMACRIPEMD160.cs
- MenuStrip.cs
- SqlNotificationRequest.cs
- GridViewUpdateEventArgs.cs
- IPGlobalProperties.cs
- PagePropertiesChangingEventArgs.cs
- SessionStateContainer.cs
- ChannelServices.cs
- SqlEnums.cs
- Vector3DKeyFrameCollection.cs
- PanelStyle.cs
- EventProviderWriter.cs
- StandardBindingElementCollection.cs
- DbConnectionPoolGroup.cs
- CryptoHelper.cs
- CryptoApi.cs
- ToolboxDataAttribute.cs
- IsolatedStoragePermission.cs
- DoubleAnimationBase.cs
- StreamAsIStream.cs
- ConfigurationValidatorAttribute.cs
- EtwTrace.cs
- ActiveXSite.cs
- Walker.cs
- Condition.cs
- RouteParser.cs
- GlobalAllocSafeHandle.cs
- CompilerTypeWithParams.cs
- SerializationObjectManager.cs
- GridViewColumnCollectionChangedEventArgs.cs
- RawKeyboardInputReport.cs
- CFStream.cs
- MemoryMappedView.cs
- PrintingPermissionAttribute.cs
- SystemIPInterfaceProperties.cs
- CompositeScriptReference.cs
- GrabHandleGlyph.cs
- SqlConnectionHelper.cs
- ThreadStaticAttribute.cs
- DecoderFallbackWithFailureFlag.cs
- ContextMarshalException.cs
- SqlNotificationEventArgs.cs
- base64Transforms.cs
- FontStyles.cs
- Adorner.cs
- OleDbStruct.cs
- RTLAwareMessageBox.cs
- PassportAuthentication.cs
- ToolbarAUtomationPeer.cs
- MinMaxParagraphWidth.cs
- CodeBinaryOperatorExpression.cs
- SchemaEntity.cs
- QueryBranchOp.cs
- PrintPreviewControl.cs
- GPRECT.cs
- FunctionGenerator.cs
- SqlErrorCollection.cs
- ValidationResult.cs
- WindowsEditBoxRange.cs
- ApplicationServiceHelper.cs
- PointConverter.cs
- MethodBuilderInstantiation.cs
- WebServicesSection.cs
- ObjectListCommandCollection.cs
- MediaScriptCommandRoutedEventArgs.cs
- Geometry.cs
- CFStream.cs
- SimpleColumnProvider.cs
- TextBox.cs
- DoubleConverter.cs
- PageStatePersister.cs
- CustomTokenProvider.cs
- DataGridViewColumnCollection.cs
- EntityClassGenerator.cs
- DataGridViewCellParsingEventArgs.cs
- FilteredAttributeCollection.cs
- XslNumber.cs
- SqlNodeAnnotation.cs
- IResourceProvider.cs
- connectionpool.cs
- NaturalLanguageHyphenator.cs
- DependencyPropertyChangedEventArgs.cs
- SlipBehavior.cs
- XmlObjectSerializerWriteContextComplexJson.cs