Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / ServiceAuthorizationManager.cs / 1 / ServiceAuthorizationManager.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel { using System.Collections.Generic; using System.ServiceModel.Channels; using System.ServiceModel.Description; using System.Collections.ObjectModel; using System.Diagnostics; using System.IdentityModel.Policy; using System.ServiceModel.Diagnostics; using System.ServiceModel.Security; public class ServiceAuthorizationManager { // This is the API called by framework to perform CheckAccess. // The API is responsible for ... // 1) Evaluate all policies (Forward\Backward) // 2) Optionally wire up the resulting AuthorizationContext // to ServiceSecurityContext. // 3) An availability of message content to make an authoritive decision. // 4) Return the authoritive decision true/false (allow/deny). public virtual bool CheckAccess(OperationContext operationContext, ref Message message) { return CheckAccess(operationContext); } public virtual bool CheckAccess(OperationContext operationContext) { if (operationContext == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("operationContext"); } // default to forward-chaining implementation // 1) Get policies that will participate in chain process. // We provide a safe default policies set below. ReadOnlyCollectionauthorizationPolicies = GetAuthorizationPolicies(operationContext); // 2) Do forward chaining and wire the new ServiceSecurityContext operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = new ServiceSecurityContext(authorizationPolicies ?? EmptyReadOnlyCollection .Instance); // 3) Call the CheckAccessCore return CheckAccessCore(operationContext); } // Define the set of policies taking part in chaining. We will provide // the safe default set (primary token + all supporting tokens except token with // with SecurityTokenAttachmentMode.Signed + transport token). Implementor // can override and provide different selection of policies set. protected virtual ReadOnlyCollection GetAuthorizationPolicies(OperationContext operationContext) { SecurityMessageProperty security = operationContext.IncomingMessageProperties.Security; if (security == null) { return EmptyReadOnlyCollection .Instance; } ReadOnlyCollection externalPolicies = security.ExternalAuthorizationPolicies; if (security.ServiceSecurityContext == null) { return externalPolicies ?? EmptyReadOnlyCollection .Instance; } ReadOnlyCollection authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies; if (externalPolicies == null || externalPolicies.Count <= 0) { return authorizationPolicies; } // Combine List policies = new List (authorizationPolicies); policies.AddRange(externalPolicies); return policies.AsReadOnly(); } // Implementor overrides this API to make authoritive decision. // The AuthorizationContext in opContext is generally the result from forward chain. protected virtual bool CheckAccessCore(OperationContext operationContext) { return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ProcessHostMapPath.cs
- Thumb.cs
- Object.cs
- AsyncPostBackErrorEventArgs.cs
- ColumnTypeConverter.cs
- ContextMenuStripGroupCollection.cs
- SecurityTokenResolver.cs
- RegexNode.cs
- TextEffect.cs
- TrackBarRenderer.cs
- ChangeNode.cs
- SelectedGridItemChangedEvent.cs
- ContextMenuAutomationPeer.cs
- UnsafeNativeMethods.cs
- DPCustomTypeDescriptor.cs
- QueryInterceptorAttribute.cs
- sqlpipe.cs
- BamlLocalizableResource.cs
- EdmPropertyAttribute.cs
- IgnoreDataMemberAttribute.cs
- XPathNodePointer.cs
- WindowsGraphics2.cs
- backend.cs
- ProviderConnectionPoint.cs
- DBNull.cs
- PropertyValue.cs
- TextPointer.cs
- LazyTextWriterCreator.cs
- ResourceContainer.cs
- TextBreakpoint.cs
- ExtendedPropertyCollection.cs
- MexTcpBindingElement.cs
- Pen.cs
- GridViewDeletedEventArgs.cs
- ISO2022Encoding.cs
- ByteRangeDownloader.cs
- SafeCryptoHandles.cs
- TypeUsageBuilder.cs
- CoTaskMemHandle.cs
- ByValueEqualityComparer.cs
- AddDataControlFieldDialog.cs
- ExpressionBindings.cs
- __FastResourceComparer.cs
- ExtenderProvidedPropertyAttribute.cs
- RichTextBox.cs
- Model3DGroup.cs
- SchemaElementDecl.cs
- BamlTreeNode.cs
- Component.cs
- DropShadowBitmapEffect.cs
- PageHandlerFactory.cs
- MasterPageCodeDomTreeGenerator.cs
- ResXFileRef.cs
- RoleServiceManager.cs
- FormViewModeEventArgs.cs
- KeyGesture.cs
- XPathNodeInfoAtom.cs
- OverlappedAsyncResult.cs
- CodeAccessSecurityEngine.cs
- HttpCapabilitiesSectionHandler.cs
- XPathQueryGenerator.cs
- ContextProperty.cs
- CompositeDataBoundControl.cs
- TypeSystem.cs
- ExpressionVisitor.cs
- HttpModuleActionCollection.cs
- DataSourceSelectArguments.cs
- BooleanStorage.cs
- ObjectQueryProvider.cs
- RangeValidator.cs
- SizeF.cs
- Invariant.cs
- NativeMethods.cs
- ExceptionList.cs
- SemaphoreSecurity.cs
- WindowsSysHeader.cs
- StringComparer.cs
- SequentialActivityDesigner.cs
- RotateTransform.cs
- ItemCollection.cs
- HwndTarget.cs
- WrappedIUnknown.cs
- RequestQueue.cs
- PersonalizationStateInfo.cs
- LocalizableAttribute.cs
- SplineKeyFrames.cs
- FontDifferentiator.cs
- HtmlToClrEventProxy.cs
- XmlSiteMapProvider.cs
- MarkupProperty.cs
- NativeCompoundFileAPIs.cs
- _LazyAsyncResult.cs
- HttpCachePolicy.cs
- RankException.cs
- Interfaces.cs
- JpegBitmapEncoder.cs
- PngBitmapDecoder.cs
- SpellerStatusTable.cs
- assertwrapper.cs
- ProgressBar.cs