Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Channels / TransportSecurityBindingElement.cs / 1 / TransportSecurityBindingElement.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel.Channels { using System; using System.ServiceModel.Description; using System.Xml; using System.Collections.Generic; using System.Runtime.Serialization; using System.ServiceModel; using System.ServiceModel.Security; using System.ServiceModel.Security.Tokens; using System.Net.Security; public sealed class TransportSecurityBindingElement : SecurityBindingElement, IPolicyExportExtension { public TransportSecurityBindingElement() : base() { this.LocalClientSettings.DetectReplays = this.LocalServiceSettings.DetectReplays = false; } TransportSecurityBindingElement(TransportSecurityBindingElement elementToBeCloned) : base(elementToBeCloned) { // empty } internal override ISecurityCapabilities GetIndividualISecurityCapabilities() { bool supportsClientAuthentication; bool supportsClientWindowsIdentity; GetSupportingTokensCapabilities(out supportsClientAuthentication, out supportsClientWindowsIdentity); return new SecurityCapabilities(supportsClientAuthentication, false, supportsClientWindowsIdentity, ProtectionLevel.None, ProtectionLevel.None); } internal override bool SessionMode { get { SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; if (scParameters != null) return scParameters.RequireCancellation; else return false; } } internal override bool SupportsDuplex { get { return true; } } internal override bool SupportsRequestReply { get { return true; } } internal override SecurityProtocolFactory CreateSecurityProtocolFactory(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext) { if (context == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); if (credentialsManager == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("credentialsManager"); TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); if (isForService) base.ApplyAuditBehaviorSettings(context, protocolFactory); base.ConfigureProtocolFactory(protocolFactory, credentialsManager, isForService, issuerBindingContext, context.Binding); protocolFactory.DetectReplays = false; return protocolFactory; } protected override IChannelFactory BuildChannelFactoryCore (BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty (context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find (); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) { scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } // This adds the demuxer element to the context ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer()); BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory channelFactory; if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); scParameters.IssuerBindingContext = issuerBindingContext; if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } SecuritySessionClientSettings sessionClientSettings = new SecuritySessionClientSettings (); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory (securityCapabilities, context, sessionClientSettings); } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelFactory = new SecurityChannelFactory (securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory ( context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory (securityCapabilities, context, channelBuilder, protocolFactory); } return channelFactory; } protected override IChannelListener BuildChannelListenerCore (BindingContext context) { SecurityChannelListener channelListener = new SecurityChannelListener (this, context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find (); if (credentialsManager == null) credentialsManager = ServiceCredentials.CreateDefaultCredentials(); SecureConversationSecurityTokenParameters scParameters; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; else scParameters = null; ChannelBuilder channelBuilder = new ChannelBuilder(context, RequiresChannelDemuxer()); BindingContext issuerBindingContext = context.Clone(); if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); AddDemuxerForSecureConversation(channelBuilder, issuerBindingContext); if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); base.ApplyAuditBehaviorSettings(context, sessionFactory); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, true, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelListener.SessionMode = true; channelListener.SessionServerSettings.InactivityTimeout = this.LocalServiceSettings.InactivityTimeout; channelListener.SessionServerSettings.KeyRolloverInterval = this.LocalServiceSettings.SessionKeyRolloverInterval; channelListener.SessionServerSettings.MaximumPendingSessions = this.LocalServiceSettings.MaxPendingSessions; channelListener.SessionServerSettings.MaximumKeyRenewalInterval = this.LocalServiceSettings.SessionKeyRenewalInterval; channelListener.SessionServerSettings.TolerateTransportFailures = this.LocalServiceSettings.ReconnectTransportOnFailure; channelListener.SessionServerSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)channelListener.SessionServerSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; channelListener.SessionServerSettings.SecurityStandardsManager = sessionFactory.StandardsManager; channelListener.SessionServerSettings.SessionProtocolFactory = sessionFactory; // pass in the error handler for handling unknown security sessions - dont do this if the underlying channel is duplex since sending // back faults in response to badly secured requests over duplex can result in DoS. if (context.BindingParameters != null && context.BindingParameters.Find () == null && !IsUnderlyingListenerDuplex (context)) { context.BindingParameters.Add(new SecuritySessionServerSettings.SecuritySessionDemuxFailureHandler(sessionFactory.StandardsManager)); } } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); base.ApplyAuditBehaviorSettings(context, protocolFactory); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, true, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters) scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelListener.SecurityProtocolFactory = protocolFactory; } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory (context, credentialsManager, true, issuerBindingContext); channelListener.SecurityProtocolFactory = protocolFactory; } channelListener.InitializeListener(channelBuilder); return channelListener; } public override T GetProperty (BindingContext context) { if (context == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); if (typeof(T) == typeof(ChannelProtectionRequirements)) { AddressingVersion addressing = MessageVersion.Default.Addressing; #pragma warning suppress 56506 MessageEncodingBindingElement encoding = context.Binding.Elements.Find (); if (encoding != null) { addressing = encoding.MessageVersion.Addressing; } ChannelProtectionRequirements myRequirements = base.GetProtectionRequirements(addressing, ProtectionLevel.EncryptAndSign); myRequirements.Add(context.GetInnerProperty ()??new ChannelProtectionRequirements()); return (T)(object)myRequirements; } else { return base.GetProperty (context); } } public override BindingElement Clone() { return new TransportSecurityBindingElement(this); } void IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext policyContext) { if (exporter == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("exporter"); if (policyContext == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("policyContext"); if (policyContext.BindingElements.Find () == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ExportOfBindingWithTransportSecurityBindingElementAndNoTransportSecurityNotSupported))); // the ITransportTokenAssertionProvider will perform the acutal export steps. } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DisableDpiAwarenessAttribute.cs
- GenericTextProperties.cs
- KeysConverter.cs
- UpdateTracker.cs
- XmlEntity.cs
- TableCell.cs
- X509ChainElement.cs
- OutOfProcStateClientManager.cs
- SqlClientPermission.cs
- UnionCodeGroup.cs
- XmlQualifiedNameTest.cs
- MouseEvent.cs
- ScrollChrome.cs
- SqlFactory.cs
- HtmlTitle.cs
- LicenseProviderAttribute.cs
- Crc32.cs
- ArrayConverter.cs
- EndOfStreamException.cs
- ValueUnavailableException.cs
- AdapterDictionary.cs
- MD5.cs
- ObjectDataSource.cs
- Positioning.cs
- DrawingContext.cs
- WsdlHelpGeneratorElement.cs
- FeatureSupport.cs
- WizardStepBase.cs
- AmbiguousMatchException.cs
- DataSourceCacheDurationConverter.cs
- ImageKeyConverter.cs
- SignatureToken.cs
- SecuritySessionSecurityTokenAuthenticator.cs
- VirtualDirectoryMappingCollection.cs
- EditorPart.cs
- HtmlTableRow.cs
- TextDecorations.cs
- QuotaExceededException.cs
- SafeNativeMethods.cs
- AbsoluteQuery.cs
- Screen.cs
- SortFieldComparer.cs
- Int16Animation.cs
- PermissionToken.cs
- PeerCollaboration.cs
- XPathException.cs
- Table.cs
- CommonXSendMessage.cs
- PrimitiveType.cs
- CallSiteBinder.cs
- Trace.cs
- OrthographicCamera.cs
- WSDualHttpSecurityMode.cs
- CompiledAction.cs
- SqlPersonalizationProvider.cs
- PageAdapter.cs
- SubclassTypeValidatorAttribute.cs
- WindowPattern.cs
- ThreadInterruptedException.cs
- RouteParametersHelper.cs
- UserMapPath.cs
- SrgsElementFactoryCompiler.cs
- SystemInformation.cs
- SecurityKeyType.cs
- SystemUdpStatistics.cs
- TextEditorLists.cs
- DbParameterCollection.cs
- PathBox.cs
- ScriptReferenceBase.cs
- PersonalizationState.cs
- Drawing.cs
- ThicknessAnimation.cs
- WindowsIPAddress.cs
- PersistChildrenAttribute.cs
- FixedBufferAttribute.cs
- ParseHttpDate.cs
- GenerateScriptTypeAttribute.cs
- ScrollEvent.cs
- CachedFontFace.cs
- UnicodeEncoding.cs
- TextContainer.cs
- AttachedPropertyBrowsableAttribute.cs
- MimeMapping.cs
- XmlDeclaration.cs
- PtsPage.cs
- QilValidationVisitor.cs
- SecurityHeader.cs
- DesignerActionKeyboardBehavior.cs
- SliderAutomationPeer.cs
- BreakRecordTable.cs
- Empty.cs
- WhitespaceRuleLookup.cs
- ProxyWebPartManager.cs
- SchemaElementLookUpTable.cs
- ClientSettings.cs
- ColorInterpolationModeValidation.cs
- ActivationWorker.cs
- DesignTimeVisibleAttribute.cs
- XmlSchemaSimpleContent.cs
- CollectionTypeElement.cs