Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / SpnEndpointIdentity.cs / 1 / SpnEndpointIdentity.cs
//---------------------------------------------------------- // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System; using System.ServiceModel.Dispatcher; using System.Diagnostics; using System.DirectoryServices; using System.Runtime.InteropServices; using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.Security.Cryptography; using System.Security.Principal; using System.ServiceModel.Diagnostics; using System.ServiceModel.Security; using System.Xml; using System.Xml.Serialization; public class SpnEndpointIdentity : EndpointIdentity { static TimeSpan spnLookupTime = TimeSpan.FromMinutes(1); SecurityIdentifier spnSid; bool hasSpnSidBeenComputed; Object thisLock = new Object(); static Object typeLock = new Object(); static DirectoryEntry directoryEntry; public static TimeSpan SpnLookupTime { get { return spnLookupTime; } set { if (value.Ticks < 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value", value.Ticks, SR.GetString(SR.ValueMustBeNonNegative))); } spnLookupTime = value; } } public SpnEndpointIdentity(string spnName) { if (spnName == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("spnName"); base.Initialize(Claim.CreateSpnClaim(spnName)); } public SpnEndpointIdentity(Claim identity) { if (identity == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("identity"); // PreSharp Bug: Parameter 'identity.ResourceType' to this public method must be validated: A null-dereference can occur here. #pragma warning suppress 56506 // Claim.ClaimType will never return null if (!identity.ClaimType.Equals(ClaimTypes.Spn)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.UnrecognizedClaimTypeForIdentity, identity.ClaimType, ClaimTypes.Spn)); base.Initialize(identity); } internal override void WriteContentsTo(XmlDictionaryWriter writer) { if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); writer.WriteElementString(XD.AddressingDictionary.Spn, XD.AddressingDictionary.IdentityExtensionNamespace, (string)this.IdentityClaim.Resource); } internal SecurityIdentifier GetSpnSid() { DiagnosticUtility.DebugAssert(ClaimTypes.Spn.Equals(this.IdentityClaim.ClaimType) || ClaimTypes.Dns.Equals(this.IdentityClaim.ClaimType), ""); if (!hasSpnSidBeenComputed) { lock (thisLock) { if (!hasSpnSidBeenComputed) { string spn = null; try { if (ClaimTypes.Dns.Equals(this.IdentityClaim.ClaimType)) { spn = "host/" + (string)this.IdentityClaim.Resource; } else { spn = (string)this.IdentityClaim.Resource; } // canonicalize SPN for use in LDAP filter following RFC 1960: if (spn != null) { spn = spn.Replace("*",@"\*").Replace("(",@"\(").Replace(")",@"\)"); } DirectoryEntry de = GetDirectoryEntry(); using (DirectorySearcher searcher = new DirectorySearcher(de)) { searcher.CacheResults = true; searcher.ClientTimeout = SpnLookupTime; searcher.Filter = "(&(objectCategory=Computer)(objectClass=computer)(servicePrincipalName=" + spn + "))"; searcher.PropertiesToLoad.Add("objectSid"); SearchResult result = searcher.FindOne(); if (result != null) { byte[] sidBinaryForm = (byte[])result.Properties["objectSid"][0]; this.spnSid = new SecurityIdentifier(sidBinaryForm, 0); } else { SecurityTraceRecordHelper.TraceSpnToSidMappingFailure(spn, null); } } } #pragma warning suppress 56500 // covered by FxCOP catch (Exception e) { // Always immediately rethrow fatal exceptions. if (DiagnosticUtility.IsFatal(e)) throw; if (e is NullReferenceException || e is SEHException) throw; SecurityTraceRecordHelper.TraceSpnToSidMappingFailure(spn, e); } finally { hasSpnSidBeenComputed = true; } } } } return this.spnSid; } static DirectoryEntry GetDirectoryEntry() { if (directoryEntry == null) { lock (typeLock) { if (directoryEntry == null) { DirectoryEntry tmp = new DirectoryEntry(@"LDAP://" + SecurityUtils.GetPrimaryDomain()); tmp.RefreshCache(new string[] { "name" }); System.Threading.Thread.MemoryBarrier(); directoryEntry = tmp; } } } return directoryEntry; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ImpersonationContext.cs
- securitymgrsite.cs
- BehaviorEditorPart.cs
- RowUpdatingEventArgs.cs
- ProxyManager.cs
- AutoCompleteStringCollection.cs
- Attributes.cs
- SevenBitStream.cs
- NetworkInformationException.cs
- SymmetricAlgorithm.cs
- ExpressionDumper.cs
- Geometry.cs
- CompleteWizardStep.cs
- SmtpFailedRecipientException.cs
- XmlWriter.cs
- InputLanguageManager.cs
- DispatcherHookEventArgs.cs
- ParameterEditorUserControl.cs
- dataobject.cs
- DockPatternIdentifiers.cs
- DataTableClearEvent.cs
- ComponentChangingEvent.cs
- TemplateManager.cs
- QueryStringParameter.cs
- UInt16.cs
- ProtocolsSection.cs
- WebPartAuthorizationEventArgs.cs
- HostingEnvironment.cs
- XmlILAnnotation.cs
- StackOverflowException.cs
- FtpWebResponse.cs
- ProxyWebPart.cs
- RC2CryptoServiceProvider.cs
- SafeNativeMemoryHandle.cs
- VScrollProperties.cs
- HostedBindingBehavior.cs
- CustomBinding.cs
- DelegateBodyWriter.cs
- SafeCryptHandles.cs
- TimeoutException.cs
- NeutralResourcesLanguageAttribute.cs
- DbParameterHelper.cs
- PassportAuthenticationEventArgs.cs
- BaseTemplateCodeDomTreeGenerator.cs
- RelatedImageListAttribute.cs
- FrameworkContentElement.cs
- SafeViewOfFileHandle.cs
- DNS.cs
- AdPostCacheSubstitution.cs
- XmlObjectSerializer.cs
- InstancePersistenceCommand.cs
- MeshGeometry3D.cs
- ToolStripScrollButton.cs
- GZipDecoder.cs
- TextHidden.cs
- ClassicBorderDecorator.cs
- CacheHelper.cs
- EntityClientCacheKey.cs
- MessageVersionConverter.cs
- KnownTypesHelper.cs
- WindowInteropHelper.cs
- CategoryNameCollection.cs
- ImageAttributes.cs
- ConstrainedDataObject.cs
- DashStyle.cs
- ReadOnlyDictionary.cs
- StylusShape.cs
- NameObjectCollectionBase.cs
- WebPartsSection.cs
- EventLogPermissionEntry.cs
- CodePageUtils.cs
- RegexGroupCollection.cs
- AccessDataSourceView.cs
- XhtmlConformanceSection.cs
- ElasticEase.cs
- MemoryMappedFile.cs
- SrgsToken.cs
- GroupBoxRenderer.cs
- WsrmTraceRecord.cs
- RTTrackingProfile.cs
- SQLBytes.cs
- RightsManagementPermission.cs
- Message.cs
- PropagatorResult.cs
- ColorConvertedBitmap.cs
- PropertyCollection.cs
- webeventbuffer.cs
- PerformanceCounterPermission.cs
- ClassImporter.cs
- ButtonPopupAdapter.cs
- PagedDataSource.cs
- ContentIterators.cs
- datacache.cs
- ComboBoxItem.cs
- OlePropertyStructs.cs
- RuntimeCompatibilityAttribute.cs
- SqlCaseSimplifier.cs
- TextEditorSelection.cs
- ScriptReferenceEventArgs.cs
- UnconditionalPolicy.cs