SecurityBindingElementImporter.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Channels / SecurityBindingElementImporter.cs / 1 / SecurityBindingElementImporter.cs

                            //------------------------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------------------------

using System.ServiceModel.Diagnostics; 
using System.ServiceModel.Dispatcher;
using System.ServiceModel.Description; 
using System.ServiceModel.Security; 
using System.ServiceModel.Configuration;
using System.Collections.ObjectModel; 
using System.Net.Security;

namespace System.ServiceModel.Channels
{ 
    using System.Xml;
    using System.ServiceModel.Security.Tokens; 
    using System.ServiceModel.Security; 
    using System.ServiceModel;
    using System.IO; 
    using System.Collections.ObjectModel;
    using System.Collections.Generic;
    using System.Runtime.InteropServices;
 
    public class SecurityBindingElementImporter : IPolicyImportExtension
    { 
        internal const string MaxPolicyRedirectionsKey = "MaxPolicyRedirections"; 
        internal const string SecureConversationBootstrapEncryptionRequirements = "SecureConversationBootstrapEncryptionRequirements";
        internal const string SecureConversationBootstrapSignatureRequirements = "SecureConversationBootstrapSignatureRequirements"; 
        internal const string InSecureConversationBootstrapBindingImportMode = "InSecureConversationBootstrapBindingImportMode";
        internal const string ContractProtectionLevelKey = "ContractProtectionLevelKey";

        int maxPolicyRedirections; 

        public SecurityBindingElementImporter() 
        { 
            this.maxPolicyRedirections = 10;
        } 

        public int MaxPolicyRedirections
        {
            get 
            {
                return this.maxPolicyRedirections; 
            } 
        }
 
        void ImportOperationScopeSupportingTokensPolicy(MetadataImporter importer, PolicyConversionContext policyContext, SecurityBindingElement binding)
        {
            foreach (OperationDescription operation in policyContext.Contract.Operations)
            { 
                string requestAction = null;
                foreach (MessageDescription message in operation.Messages) 
                { 
                    if (message.Direction == MessageDirection.Input)
                    { 
                        requestAction = message.Action;
                        break;
                    }
                } 

                SupportingTokenParameters requirements = new SupportingTokenParameters(); 
                SupportingTokenParameters optionalRequirements = new SupportingTokenParameters(); 
                ICollection operationBindingAssertions = policyContext.GetOperationBindingAssertions(operation);
                this.ImportSupportingTokenAssertions(importer, policyContext, operationBindingAssertions, requirements, optionalRequirements); 
                if (requirements.Endorsing.Count > 0
                    || requirements.Signed.Count > 0
                    || requirements.SignedEncrypted.Count > 0
                    || requirements.SignedEndorsing.Count > 0) 
                {
                    if (requestAction != null) 
                    { 
                        binding.OperationSupportingTokenParameters[requestAction] = requirements;
                    } 
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.CannotImportSupportingTokensForOperationWithoutRequestAction)));
                    } 
                }
                if (optionalRequirements.Endorsing.Count > 0 
                    || optionalRequirements.Signed.Count > 0 
                    || optionalRequirements.SignedEncrypted.Count > 0
                    || optionalRequirements.SignedEndorsing.Count > 0) 
                {
                    if (requestAction != null)
                    {
                        binding.OptionalOperationSupportingTokenParameters[requestAction] = optionalRequirements; 
                    }
                    else 
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.CannotImportSupportingTokensForOperationWithoutRequestAction)));
                    } 
                }
            }
        }
 
        void ImportProtectionAssertions(ICollection assertions, out MessagePartSpecification signedParts, out MessagePartSpecification encryptedParts)
        { 
            XmlElement assertion; 

            signedParts = null; 
            encryptedParts = null;

            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(assertions, out securityPolicy)) 
            {
                if (!securityPolicy.TryImportWsspEncryptedPartsAssertion(assertions, out encryptedParts, out assertion) 
                    && assertion != null) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml))); 
                }

                if (!securityPolicy.TryImportWsspSignedPartsAssertion(assertions, out signedParts, out assertion)
                    && assertion != null) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml))); 
                } 
            }
 
            if (encryptedParts == null)
            {
                encryptedParts = MessagePartSpecification.NoParts;
            } 
            if (signedParts == null)
            { 
                signedParts = MessagePartSpecification.NoParts; 
            }
        } 

        void ValidateExistingOrSetNewProtectionLevel(MessagePartDescription part, MessageDescription message, OperationDescription operation, ContractDescription contract, ProtectionLevel newProtectionLevel)
        {
            ProtectionLevel existingProtectionLevel; 

            if (part != null && part.HasProtectionLevel) 
            { 
                existingProtectionLevel = part.ProtectionLevel;
            } 
            else if (message.HasProtectionLevel)
            {
                existingProtectionLevel = message.ProtectionLevel;
            } 
            else if (operation.HasProtectionLevel)
            { 
                existingProtectionLevel = operation.ProtectionLevel; 
            }
            else 
            {
                if (part != null)
                {
                    part.ProtectionLevel = newProtectionLevel; 
                }
                else 
                { 
                    message.ProtectionLevel = newProtectionLevel;
                } 
                existingProtectionLevel = newProtectionLevel;
            }

            if (existingProtectionLevel != newProtectionLevel) 
            {
                if (part != null && !part.HasProtectionLevel) 
                { 
                    part.ProtectionLevel = newProtectionLevel;
                } 
                else if (part == null && !message.HasProtectionLevel)
                {
                    message.ProtectionLevel = newProtectionLevel;
                } 
                else
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.CannotImportProtectionLevelForContract, contract.Name, contract.Namespace))); 
                }
            } 
        }

        void AddParts(ref MessagePartSpecification parts1, MessagePartSpecification parts2)
        { 
            if (parts1 == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("parts1")); 
            if (parts2 == null) 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("parts2"));
 
            if (!parts2.IsEmpty())
            {
                if (parts1.IsReadOnly)
                { 
                    MessagePartSpecification p = new MessagePartSpecification();
                    p.Union(parts1); 
                    p.Union(parts2); 
                    parts1 = p;
                } 
                else
                {
                    parts1.Union(parts2);
                } 
            }
        } 
 
        class ContractProtectionLevel
        { 
            bool hasProtectionRequirements;
            bool hasUniformProtectionLevel;
            ProtectionLevel uniformProtectionLevel;
 
            public ContractProtectionLevel(bool hasProtectionRequirements, bool hasUniformProtectionLevel, ProtectionLevel uniformProtectionLevel)
            { 
                this.hasProtectionRequirements = hasProtectionRequirements; 
                this.hasUniformProtectionLevel = hasUniformProtectionLevel;
                this.uniformProtectionLevel = uniformProtectionLevel; 
            }

            public bool HasProtectionRequirements { get { return this.hasProtectionRequirements; } }
            public bool HasUniformProtectionLevel { get { return this.hasUniformProtectionLevel; } } 
            public ProtectionLevel UniformProtectionLevel { get { return this.uniformProtectionLevel; } }
        } 
 
        void ImportMessageScopeProtectionPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
        { 
            MessagePartSpecification endpointSignedParts;
            MessagePartSpecification endpointEncryptedParts;
            bool isContractAssociatedWithAtLeastOneOtherBinding;
            ContractProtectionLevel otherBindingProtectionLevel = null; 
            bool hasContractProtectionLevel = false;
            bool isContractProtectionLevelUniform = true; 
            ProtectionLevel contractProtectionLevel = ProtectionLevel.None; 

            string contractAssociationName = String.Format("{0}:{1}:{2}", ContractProtectionLevelKey, policyContext.Contract.Name, policyContext.Contract.Namespace); 
            if (importer.State.ContainsKey(contractAssociationName))
            {
                isContractAssociatedWithAtLeastOneOtherBinding = true;
                otherBindingProtectionLevel = (ContractProtectionLevel)importer.State[contractAssociationName]; 
            }
            else 
            { 
                isContractAssociatedWithAtLeastOneOtherBinding = false;
            } 

            ICollection endpointBindingAssertions = policyContext.GetBindingAssertions();
            this.ImportProtectionAssertions(endpointBindingAssertions, out endpointSignedParts, out endpointEncryptedParts);
 
            if (importer.State.ContainsKey(InSecureConversationBootstrapBindingImportMode))
            { 
                // when importing secure conversation boostrap binding, add the endpoint scope protection requirements 
                // to the importer state to be consumed in SecurityPolicy11.TryImportWsspBootrstapPolicyAssertion
                if (endpointEncryptedParts != null) 
                    importer.State[SecureConversationBootstrapEncryptionRequirements] = endpointEncryptedParts;
                if (endpointSignedParts != null)
                    importer.State[SecureConversationBootstrapSignatureRequirements] = endpointSignedParts;
            } 

            foreach (OperationDescription operation in policyContext.Contract.Operations) 
            { 
                MessagePartSpecification operationSignedParts;
                MessagePartSpecification operationEncryptedParts; 

                ICollection operationBindingAssertions = policyContext.GetOperationBindingAssertions(operation);
                this.ImportProtectionAssertions(operationBindingAssertions, out operationSignedParts, out operationEncryptedParts);
                this.AddParts(ref operationSignedParts, endpointSignedParts); 
                this.AddParts(ref operationEncryptedParts, endpointEncryptedParts);
 
                MessagePartSpecification messageSignedParts; 
                MessagePartSpecification messageEncryptedParts;
                bool hasProtectionLevel = false; 
                bool isProtectionLevelUniform = true;
                ProtectionLevel protectionLevel = ProtectionLevel.None;

                // import application message protection requirements 
                foreach (MessageDescription message in operation.Messages)
                { 
                    ICollection messageBindingAssertions = policyContext.GetMessageBindingAssertions(message); 
                    this.ImportProtectionAssertions(messageBindingAssertions, out messageSignedParts, out messageEncryptedParts);
                    this.AddParts(ref messageSignedParts, operationSignedParts); 
                    this.AddParts(ref messageEncryptedParts, operationEncryptedParts);

                    // validate or set body protection level
                    ProtectionLevel newProtectionLevel = GetProtectionLevel(messageSignedParts.IsBodyIncluded, messageEncryptedParts.IsBodyIncluded, message.Action); 
                    if (OperationFormatter.IsValidReturnValue(message.Body.ReturnValue))
                    { 
                        ValidateExistingOrSetNewProtectionLevel(message.Body.ReturnValue, message, operation, policyContext.Contract, newProtectionLevel); 
                    }
                    foreach (MessagePartDescription body in message.Body.Parts) 
                    {
                        ValidateExistingOrSetNewProtectionLevel(body, message, operation, policyContext.Contract, newProtectionLevel);
                    }
                    if (!OperationFormatter.IsValidReturnValue(message.Body.ReturnValue) || message.Body.Parts.Count == 0) 
                    {
                        ValidateExistingOrSetNewProtectionLevel(null, message, operation, policyContext.Contract, newProtectionLevel); 
                    } 

                    if (hasProtectionLevel) 
                    {
                        if (protectionLevel != newProtectionLevel)
                        {
                            isProtectionLevelUniform = false; 
                        }
                    } 
                    else 
                    {
                        protectionLevel = newProtectionLevel; 
                        hasProtectionLevel = true;
                    }
                    if (hasContractProtectionLevel)
                    { 
                        if (contractProtectionLevel != newProtectionLevel)
                        { 
                            isContractProtectionLevelUniform = false; 
                        }
                    } 
                    else
                    {
                        contractProtectionLevel = newProtectionLevel;
                        hasContractProtectionLevel = true; 
                    }
 
                    // validate o set header protection level 
                    foreach (MessageHeaderDescription header in message.Headers)
                    { 
                        bool signed = messageSignedParts.IsHeaderIncluded(header.Name, header.Namespace);
                        bool encrypted = messageEncryptedParts.IsHeaderIncluded(header.Name, header.Namespace);
                        newProtectionLevel = GetProtectionLevel(signed, encrypted, message.Action);
                        ValidateExistingOrSetNewProtectionLevel(header, message, operation, policyContext.Contract, newProtectionLevel); 

                        if (hasProtectionLevel) 
                        { 
                            if (protectionLevel != newProtectionLevel)
                            { 
                                isProtectionLevelUniform = false;
                            }
                        }
                        else 
                        {
                            protectionLevel = newProtectionLevel; 
                            hasProtectionLevel = true; 
                        }
                        if (hasContractProtectionLevel) 
                        {
                            if (contractProtectionLevel != newProtectionLevel)
                            {
                                isContractProtectionLevelUniform = false; 
                            }
                        } 
                        else 
                        {
                            contractProtectionLevel = newProtectionLevel; 
                            hasContractProtectionLevel = true;
                        }
                    }
                } 

                // normalize protection level settings at the operation scope if possible to help avoid typed message generation 
                if (hasProtectionLevel && isProtectionLevelUniform) 
                {
                    // ([....]) remove the foreach message here 
                    //	 foreach (MessageDescription message in operation.Messages)

                    this.ResetProtectionLevelForMessages(operation);
 
                    operation.ProtectionLevel = protectionLevel;
                } 
 
                // import fault protection requirements
                foreach (FaultDescription fault in operation.Faults) 
                {
                    ICollection faultBindingAssertions = policyContext.GetFaultBindingAssertions(fault);
                    this.ImportProtectionAssertions(faultBindingAssertions, out messageSignedParts, out messageEncryptedParts);
                    this.AddParts(ref messageSignedParts, operationSignedParts); 
                    this.AddParts(ref messageEncryptedParts, operationEncryptedParts);
 
                    // validate or set fault protection level 
                    ProtectionLevel newProtectionLevel = GetProtectionLevel(messageSignedParts.IsBodyIncluded, messageEncryptedParts.IsBodyIncluded, fault.Action);
                    if (fault.HasProtectionLevel) 
                    {
                        if (fault.ProtectionLevel != newProtectionLevel)
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.CannotImportProtectionLevelForContract, policyContext.Contract.Name, policyContext.Contract.Namespace))); 
                        }
                    } 
                    else 
                    {
                        fault.ProtectionLevel = newProtectionLevel; 
                    }
                    if (hasContractProtectionLevel)
                    {
                        if (contractProtectionLevel != newProtectionLevel) 
                        {
                            isContractProtectionLevelUniform = false; 
                        } 
                    }
                    else 
                    {
                        contractProtectionLevel = newProtectionLevel;
                        hasContractProtectionLevel = true;
                    } 
                }
            } 
 
            if (isContractAssociatedWithAtLeastOneOtherBinding)
            { 
                if (hasContractProtectionLevel != otherBindingProtectionLevel.HasProtectionRequirements
                    || isContractProtectionLevelUniform != otherBindingProtectionLevel.HasUniformProtectionLevel
                    || contractProtectionLevel != otherBindingProtectionLevel.UniformProtectionLevel)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.CannotImportProtectionLevelForContract, policyContext.Contract.Name, policyContext.Contract.Namespace)));
                } 
            } 
            else
            { 
                if (hasContractProtectionLevel && isContractProtectionLevelUniform && contractProtectionLevel == ProtectionLevel.EncryptAndSign)
                {
                    // remove all explicitly set protection levels on the contract description, since they are uniform across the contract
                    // and match our binding's default of EncryptAndSign 
                    foreach (OperationDescription operation in policyContext.Contract.Operations)
                    { 
                        this.ResetProtectionLevelForMessages(operation); 
                        foreach (FaultDescription fault in operation.Faults)
                        { 
                            fault.ResetProtectionLevel();
                        }
                        operation.ResetProtectionLevel();
                    } 
                }
                importer.State[contractAssociationName] = new ContractProtectionLevel(hasContractProtectionLevel, isContractProtectionLevelUniform, contractProtectionLevel); 
            } 
        }
 
        void ResetProtectionLevelForMessages(OperationDescription operation)
        {
            foreach (MessageDescription message in operation.Messages)
            { 
                if (OperationFormatter.IsValidReturnValue(message.Body.ReturnValue))
                { 
                    message.Body.ReturnValue.ResetProtectionLevel(); 
                }
                foreach (MessagePartDescription body in message.Body.Parts) 
                {
                    body.ResetProtectionLevel();
                }
                foreach (MessageHeaderDescription header in message.Headers) 
                {
                    header.ResetProtectionLevel(); 
                } 
                message.ResetProtectionLevel();
            } 
        }

        static ProtectionLevel GetProtectionLevel(bool signed, bool encrypted, string action)
        { 
            ProtectionLevel result;
 
            if (encrypted) 
            {
                if (signed) 
                {
                    result = ProtectionLevel.EncryptAndSign;
                }
                else 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidChannelBindingException(SR.GetString(SR.PolicyRequiresConfidentialityWithoutIntegrity, action))); 
                } 
            }
            else if (signed) 
            {
                result = ProtectionLevel.Sign;
            }
            else 
            {
                result = ProtectionLevel.None; 
            } 

            return result; 
        }

        void ImportSupportingTokenAssertions(MetadataImporter importer, PolicyConversionContext policyContext, ICollection assertions, SupportingTokenParameters requirements, SupportingTokenParameters optionalRequirements)
        { 
            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(assertions, out securityPolicy)) 
            { 
                securityPolicy.TryImportWsspSupportingTokensAssertion(
                importer, 
                policyContext,
                assertions,
                requirements.Signed,
                requirements.SignedEncrypted, 
                requirements.Endorsing,
                requirements.SignedEndorsing, 
                optionalRequirements.Signed, 
                optionalRequirements.SignedEncrypted,
                optionalRequirements.Endorsing, 
                optionalRequirements.SignedEndorsing);
            }
        }
 
        void ImportEndpointScopeMessageBindingAssertions(MetadataImporter importer, PolicyConversionContext policyContext, SecurityBindingElement binding)
        { 
            XmlElement assertion = null; 

            this.ImportSupportingTokenAssertions(importer, policyContext, policyContext.GetBindingAssertions(), binding.EndpointSupportingTokenParameters, binding.OptionalEndpointSupportingTokenParameters); 

            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out securityPolicy))
            { 
                if (!securityPolicy.TryImportWsspWssAssertion(importer, policyContext.GetBindingAssertions(), binding, out assertion)
                    && assertion != null) 
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml)));
                } 

                if (!securityPolicy.TryImportWsspTrustAssertion(importer, policyContext.GetBindingAssertions(), binding, out assertion)
                    && assertion != null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml)));
                } 
            } 

            // 
            // We don't have WSTrust assertion => it is possible we are a BasicHttpBinding
            // Set the flag here so that later when we tried to compare binding element with basic http binding
            // we can have an exact match.
            // 
            if (assertion == null)
                binding.DoNotEmitTrust = true; 
        } 

 
        bool TryImportSymmetricSecurityBindingElement(MetadataImporter importer, PolicyConversionContext policyContext, out SecurityBindingElement sbe)
        {
            SymmetricSecurityBindingElement binding = null;
            XmlElement assertion; 
            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out securityPolicy)) 
            { 
                if (securityPolicy.TryImportWsspSymmetricBindingAssertion(importer, policyContext, policyContext.GetBindingAssertions(), out binding, out assertion))
                { 
                    this.ImportEndpointScopeMessageBindingAssertions(importer, policyContext, binding);
                    this.ImportOperationScopeSupportingTokensPolicy(importer, policyContext, binding);
                    this.ImportMessageScopeProtectionPolicy(importer, policyContext);
                    policyContext.BindingElements.Add(binding); 
                }
                else if (assertion != null) 
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml)));
                } 
            }

            sbe = binding;
            return binding != null; 
        }
 
        bool TryImportAsymmetricSecurityBindingElement(MetadataImporter importer, PolicyConversionContext policyContext, out SecurityBindingElement sbe) 
        {
            AsymmetricSecurityBindingElement binding = null; 
            XmlElement assertion;
            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out securityPolicy))
            { 
                if (securityPolicy.TryImportWsspAsymmetricBindingAssertion(importer, policyContext, policyContext.GetBindingAssertions(), out binding, out assertion))
                { 
                    this.ImportEndpointScopeMessageBindingAssertions(importer, policyContext, binding); 
                    this.ImportOperationScopeSupportingTokensPolicy(importer, policyContext, binding);
                    this.ImportMessageScopeProtectionPolicy(importer, policyContext); 
                    policyContext.BindingElements.Add(binding);
                }
                else if (assertion != null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml)));
                } 
            } 

            sbe = binding; 
            return binding != null;
        }

        bool TryImportTransportSecurityBindingElement(MetadataImporter importer, PolicyConversionContext policyContext, out SecurityBindingElement sbe) 
        {
            TransportSecurityBindingElement binding = null; 
            XmlElement assertion; 
            sbe = null;
 
            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out securityPolicy))
            {
                if (securityPolicy.TryImportWsspTransportBindingAssertion(importer, policyContext.GetBindingAssertions(), out binding, out assertion)) 
                {
                    this.ImportEndpointScopeMessageBindingAssertions(importer, policyContext, binding); 
                    this.ImportOperationScopeSupportingTokensPolicy(importer, policyContext, binding); 
                    if (importer.State.ContainsKey(InSecureConversationBootstrapBindingImportMode))
                    { 
                        this.ImportMessageScopeProtectionPolicy(importer, policyContext);
                    }

                    if (HasSupportingTokens(binding) || binding.IncludeTimestamp) 
                    {
                        sbe = binding; 
                        policyContext.BindingElements.Add(binding); 
                    }
                } 
                else if (assertion != null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnsupportedSecurityPolicyAssertion, assertion.OuterXml)));
                } 
            }
 
            return binding != null; 
        }
 
        static bool HasSupportingTokens(SecurityBindingElement binding)
        {
            if (binding.EndpointSupportingTokenParameters.Endorsing.Count > 0
                    || binding.EndpointSupportingTokenParameters.SignedEndorsing.Count > 0 
                    || binding.EndpointSupportingTokenParameters.SignedEncrypted.Count > 0
                    || binding.EndpointSupportingTokenParameters.Signed.Count > 0) 
            { 
                return true;
            } 

            foreach (SupportingTokenParameters r in binding.OperationSupportingTokenParameters.Values)
            {
                if (r.Endorsing.Count > 0 
                        || r.SignedEndorsing.Count > 0
                        || r.SignedEncrypted.Count > 0 
                        || r.Signed.Count > 0) 
                {
                    return true; 
                }
            }

            return false; 
        }
 
        void IPolicyImportExtension.ImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext) 
        {
            if (importer == null) 
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("importer");
            }
            if (policyContext == null) 
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("policyContext"); 
            } 
            WSSecurityPolicy securityPolicy;
            if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out securityPolicy)) 
            {
                if ((importer.State != null) && (!importer.State.ContainsKey(MaxPolicyRedirectionsKey)))
                {
                    importer.State.Add(MaxPolicyRedirectionsKey, this.MaxPolicyRedirections); 
                }
 
                SecurityBindingElement sbe = null; 
                bool success = this.TryImportTransportSecurityBindingElement(importer, policyContext, out sbe);
                if (!success) 
                {
                    success = this.TryImportSymmetricSecurityBindingElement(importer, policyContext, out sbe);
                }
                if (!success) 
                {
                    this.TryImportAsymmetricSecurityBindingElement(importer, policyContext, out sbe); 
                } 

                if (sbe != null) 
                {
                    SecurityElement config = new SecurityElement();
                    config.InitializeFrom(sbe, false);
                    if (config.HasImportFailed) 
                    {
#pragma warning suppress 56506 
                        importer.Errors.Add(new MetadataConversionError(SR.GetString(SR.SecurityBindingElementCannotBeExpressedInConfig), true)); 
                    }
                } 
            }
        }
    }
} 

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.


                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK