Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Selectors / X509SecurityTokenAuthenticator.cs / 1305376 / X509SecurityTokenAuthenticator.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Selectors { using System.Collections.Generic; using System.Collections.ObjectModel; using System.ComponentModel; using System.Diagnostics; using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.IdentityModel.Tokens; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security.Cryptography.X509Certificates; using System.Security.AccessControl; using System.Security.Principal; using System.Text; public class X509SecurityTokenAuthenticator : SecurityTokenAuthenticator { X509CertificateValidator validator; bool mapToWindows; bool includeWindowsGroups; bool cloneHandle; public X509SecurityTokenAuthenticator() : this(X509CertificateValidator.ChainTrust) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator) : this(validator, false) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows) : this(validator, mapToWindows, WindowsClaimSet.DefaultIncludeWindowsGroups) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows, bool includeWindowsGroups) : this(validator, mapToWindows, includeWindowsGroups, true) { } internal X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows, bool includeWindowsGroups, bool cloneHandle) { if (validator == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("validator"); } this.validator = validator; this.mapToWindows = mapToWindows; this.includeWindowsGroups = includeWindowsGroups; this.cloneHandle = cloneHandle; } public bool MapCertificateToWindowsAccount { get { return this.mapToWindows; } } protected override bool CanValidateTokenCore(SecurityToken token) { return token is X509SecurityToken; } protected override ReadOnlyCollectionValidateTokenCore(SecurityToken token) { X509SecurityToken x509Token = (X509SecurityToken)token; this.validator.Validate(x509Token.Certificate); X509CertificateClaimSet x509ClaimSet = new X509CertificateClaimSet(x509Token.Certificate, this.cloneHandle); if (!this.mapToWindows) return SecurityUtils.CreateAuthorizationPolicies(x509ClaimSet, x509Token.ValidTo); WindowsClaimSet windowsClaimSet; if (token is X509WindowsSecurityToken) { windowsClaimSet = new WindowsClaimSet( ( (X509WindowsSecurityToken)token ).WindowsIdentity, SecurityUtils.AuthTypeCertMap, this.includeWindowsGroups, this.cloneHandle ); } else { // Ensure NT_AUTH chain policy for certificate account mapping X509CertificateValidator.NTAuthChainTrust.Validate(x509Token.Certificate); WindowsIdentity windowsIdentity = null; // for Vista, LsaLogon supporting mapping cert to NTToken if (Environment.OSVersion.Version.Major >= SecurityUtils.WindowsVistaMajorNumber) { windowsIdentity = KerberosCertificateLogon(x509Token.Certificate); } else { // Downlevel, S4U over PrincipalName SubjectAltNames string name = x509Token.Certificate.GetNameInfo(X509NameType.UpnName, false); if (String.IsNullOrEmpty(name)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenValidationException(SR.GetString(SR.InvalidNtMapping, SecurityUtils.GetCertificateId(x509Token.Certificate)))); } using (WindowsIdentity initialWindowsIdentity = new WindowsIdentity(name, SecurityUtils.AuthTypeCertMap)) { // This is to make sure that the auth Type is shoved down to the class as the above constructor does not do it. windowsIdentity = new WindowsIdentity(initialWindowsIdentity.Token, SecurityUtils.AuthTypeCertMap); } } windowsClaimSet = new WindowsClaimSet(windowsIdentity, SecurityUtils.AuthTypeCertMap, this.includeWindowsGroups, false); } List claimSets = new List (2); claimSets.Add(windowsClaimSet); claimSets.Add(x509ClaimSet); List policies = new List (1); policies.Add(new UnconditionalPolicy(claimSets.AsReadOnly(), x509Token.ValidTo)); return policies.AsReadOnly(); } // For Vista, LsaLogon supporting mapping cert to NTToken. W/O SeTcbPrivilege // the identify token is returned; otherwise, impersonation. This is consistent // with S4U. Note: duplicate code partly from CLR's WindowsIdentity Class (S4U). static WindowsIdentity KerberosCertificateLogon(X509Certificate2 certificate) { int status; SafeHGlobalHandle pSourceName = null; SafeHGlobalHandle pPackageName = null; SafeHGlobalHandle pLogonInfo = null; SafeLsaLogonProcessHandle logonHandle = null; SafeLsaReturnBufferHandle profileHandle = null; SafeCloseHandle tokenHandle = null; try { pSourceName = SafeHGlobalHandle.AllocHGlobal(NativeMethods.LsaSourceName.Length + 1); Marshal.Copy(NativeMethods.LsaSourceName, 0, pSourceName.DangerousGetHandle(), NativeMethods.LsaSourceName.Length); UNICODE_INTPTR_STRING sourceName = new UNICODE_INTPTR_STRING(NativeMethods.LsaSourceName.Length, NativeMethods.LsaSourceName.Length + 1, pSourceName.DangerousGetHandle()); Privilege privilege = null; RuntimeHelpers.PrepareConstrainedRegions(); // Try to get an impersonation token. try { // Try to enable the TCB privilege if possible try { privilege = new Privilege(Privilege.SeTcbPrivilege); privilege.Enable(); } catch (PrivilegeNotHeldException ex) { if (DiagnosticUtility.ShouldTraceInformation) { DiagnosticUtility.ExceptionUtility.TraceHandledException(ex, TraceEventType.Information); } } IntPtr dummy = IntPtr.Zero; status = NativeMethods.LsaRegisterLogonProcess(ref sourceName, out logonHandle, out dummy); if (NativeMethods.ERROR_ACCESS_DENIED == NativeMethods.LsaNtStatusToWinError(status)) { // We don't have the Tcb privilege. The best we can hope for is to get an Identification token. status = NativeMethods.LsaConnectUntrusted(out logonHandle); } if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } } finally { // if reverting privilege fails, fail fast! int revertResult = -1; string message = null; try { revertResult = privilege.Revert(); if (revertResult != 0) { message = SR.GetString(SR.RevertingPrivilegeFailed, new Win32Exception(revertResult)); } } finally { if (revertResult != 0) { DiagnosticUtility.FailFast(message); } } } // package name ("Kerberos") pPackageName = SafeHGlobalHandle.AllocHGlobal(NativeMethods.LsaKerberosName.Length + 1); Marshal.Copy(NativeMethods.LsaKerberosName, 0, pPackageName.DangerousGetHandle(), NativeMethods.LsaKerberosName.Length); UNICODE_INTPTR_STRING packageName = new UNICODE_INTPTR_STRING(NativeMethods.LsaKerberosName.Length, NativeMethods.LsaKerberosName.Length + 1, pPackageName.DangerousGetHandle()); uint packageId = 0; status = NativeMethods.LsaLookupAuthenticationPackage(logonHandle, ref packageName, out packageId); if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } // source context TOKEN_SOURCE sourceContext = new TOKEN_SOURCE(); if (!NativeMethods.AllocateLocallyUniqueId(out sourceContext.SourceIdentifier)) { int dwErrorCode = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(dwErrorCode)); } // SourceContext sourceContext.Name = new char[8]; sourceContext.Name[0] = 'W'; sourceContext.Name[1] = 'C'; sourceContext.Name[2] = 'F'; // LogonInfo byte[] certRawData = certificate.RawData; int logonInfoSize = KERB_CERTIFICATE_S4U_LOGON.Size + certRawData.Length; pLogonInfo = SafeHGlobalHandle.AllocHGlobal(logonInfoSize); unsafe { KERB_CERTIFICATE_S4U_LOGON* pInfo = (KERB_CERTIFICATE_S4U_LOGON*)pLogonInfo.DangerousGetHandle().ToPointer(); pInfo->MessageType = KERB_LOGON_SUBMIT_TYPE.KerbCertificateS4ULogon; pInfo->Flags = NativeMethods.KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS; pInfo->UserPrincipalName = new UNICODE_INTPTR_STRING(0, 0, IntPtr.Zero); pInfo->DomainName = new UNICODE_INTPTR_STRING(0, 0, IntPtr.Zero); pInfo->CertificateLength = (uint)certRawData.Length; pInfo->Certificate = new IntPtr(pLogonInfo.DangerousGetHandle().ToInt64() + KERB_CERTIFICATE_S4U_LOGON.Size); Marshal.Copy(certRawData, 0, pInfo->Certificate, certRawData.Length); } QUOTA_LIMITS quotas = new QUOTA_LIMITS(); LUID logonId = new LUID(); uint profileBufferLength; int subStatus = 0; // Call LsaLogonUser status = NativeMethods.LsaLogonUser( logonHandle, ref sourceName, SecurityLogonType.Network, packageId, pLogonInfo.DangerousGetHandle(), (uint)logonInfoSize, IntPtr.Zero, ref sourceContext, out profileHandle, out profileBufferLength, out logonId, out tokenHandle, out quotas, out subStatus ); // LsaLogon has restriction (eg. password expired). SubStatus indicates the reason. if ((uint)status == NativeMethods.STATUS_ACCOUNT_RESTRICTION && subStatus < 0) { status = subStatus; } if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } if (subStatus < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(subStatus))); } return new WindowsIdentity(tokenHandle.DangerousGetHandle(), SecurityUtils.AuthTypeCertMap); } finally { if (tokenHandle != null) { tokenHandle.Close(); } if (pLogonInfo != null) { pLogonInfo.Close(); } if (profileHandle != null) { profileHandle.Close(); } if (pSourceName != null) { pSourceName.Close(); } if (pPackageName != null) { pPackageName.Close(); } if (logonHandle != null) { logonHandle.Close(); } } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Selectors { using System.Collections.Generic; using System.Collections.ObjectModel; using System.ComponentModel; using System.Diagnostics; using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.IdentityModel.Tokens; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security.Cryptography.X509Certificates; using System.Security.AccessControl; using System.Security.Principal; using System.Text; public class X509SecurityTokenAuthenticator : SecurityTokenAuthenticator { X509CertificateValidator validator; bool mapToWindows; bool includeWindowsGroups; bool cloneHandle; public X509SecurityTokenAuthenticator() : this(X509CertificateValidator.ChainTrust) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator) : this(validator, false) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows) : this(validator, mapToWindows, WindowsClaimSet.DefaultIncludeWindowsGroups) { } public X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows, bool includeWindowsGroups) : this(validator, mapToWindows, includeWindowsGroups, true) { } internal X509SecurityTokenAuthenticator(X509CertificateValidator validator, bool mapToWindows, bool includeWindowsGroups, bool cloneHandle) { if (validator == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("validator"); } this.validator = validator; this.mapToWindows = mapToWindows; this.includeWindowsGroups = includeWindowsGroups; this.cloneHandle = cloneHandle; } public bool MapCertificateToWindowsAccount { get { return this.mapToWindows; } } protected override bool CanValidateTokenCore(SecurityToken token) { return token is X509SecurityToken; } protected override ReadOnlyCollection ValidateTokenCore(SecurityToken token) { X509SecurityToken x509Token = (X509SecurityToken)token; this.validator.Validate(x509Token.Certificate); X509CertificateClaimSet x509ClaimSet = new X509CertificateClaimSet(x509Token.Certificate, this.cloneHandle); if (!this.mapToWindows) return SecurityUtils.CreateAuthorizationPolicies(x509ClaimSet, x509Token.ValidTo); WindowsClaimSet windowsClaimSet; if (token is X509WindowsSecurityToken) { windowsClaimSet = new WindowsClaimSet( ( (X509WindowsSecurityToken)token ).WindowsIdentity, SecurityUtils.AuthTypeCertMap, this.includeWindowsGroups, this.cloneHandle ); } else { // Ensure NT_AUTH chain policy for certificate account mapping X509CertificateValidator.NTAuthChainTrust.Validate(x509Token.Certificate); WindowsIdentity windowsIdentity = null; // for Vista, LsaLogon supporting mapping cert to NTToken if (Environment.OSVersion.Version.Major >= SecurityUtils.WindowsVistaMajorNumber) { windowsIdentity = KerberosCertificateLogon(x509Token.Certificate); } else { // Downlevel, S4U over PrincipalName SubjectAltNames string name = x509Token.Certificate.GetNameInfo(X509NameType.UpnName, false); if (String.IsNullOrEmpty(name)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenValidationException(SR.GetString(SR.InvalidNtMapping, SecurityUtils.GetCertificateId(x509Token.Certificate)))); } using (WindowsIdentity initialWindowsIdentity = new WindowsIdentity(name, SecurityUtils.AuthTypeCertMap)) { // This is to make sure that the auth Type is shoved down to the class as the above constructor does not do it. windowsIdentity = new WindowsIdentity(initialWindowsIdentity.Token, SecurityUtils.AuthTypeCertMap); } } windowsClaimSet = new WindowsClaimSet(windowsIdentity, SecurityUtils.AuthTypeCertMap, this.includeWindowsGroups, false); } List claimSets = new List (2); claimSets.Add(windowsClaimSet); claimSets.Add(x509ClaimSet); List policies = new List (1); policies.Add(new UnconditionalPolicy(claimSets.AsReadOnly(), x509Token.ValidTo)); return policies.AsReadOnly(); } // For Vista, LsaLogon supporting mapping cert to NTToken. W/O SeTcbPrivilege // the identify token is returned; otherwise, impersonation. This is consistent // with S4U. Note: duplicate code partly from CLR's WindowsIdentity Class (S4U). static WindowsIdentity KerberosCertificateLogon(X509Certificate2 certificate) { int status; SafeHGlobalHandle pSourceName = null; SafeHGlobalHandle pPackageName = null; SafeHGlobalHandle pLogonInfo = null; SafeLsaLogonProcessHandle logonHandle = null; SafeLsaReturnBufferHandle profileHandle = null; SafeCloseHandle tokenHandle = null; try { pSourceName = SafeHGlobalHandle.AllocHGlobal(NativeMethods.LsaSourceName.Length + 1); Marshal.Copy(NativeMethods.LsaSourceName, 0, pSourceName.DangerousGetHandle(), NativeMethods.LsaSourceName.Length); UNICODE_INTPTR_STRING sourceName = new UNICODE_INTPTR_STRING(NativeMethods.LsaSourceName.Length, NativeMethods.LsaSourceName.Length + 1, pSourceName.DangerousGetHandle()); Privilege privilege = null; RuntimeHelpers.PrepareConstrainedRegions(); // Try to get an impersonation token. try { // Try to enable the TCB privilege if possible try { privilege = new Privilege(Privilege.SeTcbPrivilege); privilege.Enable(); } catch (PrivilegeNotHeldException ex) { if (DiagnosticUtility.ShouldTraceInformation) { DiagnosticUtility.ExceptionUtility.TraceHandledException(ex, TraceEventType.Information); } } IntPtr dummy = IntPtr.Zero; status = NativeMethods.LsaRegisterLogonProcess(ref sourceName, out logonHandle, out dummy); if (NativeMethods.ERROR_ACCESS_DENIED == NativeMethods.LsaNtStatusToWinError(status)) { // We don't have the Tcb privilege. The best we can hope for is to get an Identification token. status = NativeMethods.LsaConnectUntrusted(out logonHandle); } if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } } finally { // if reverting privilege fails, fail fast! int revertResult = -1; string message = null; try { revertResult = privilege.Revert(); if (revertResult != 0) { message = SR.GetString(SR.RevertingPrivilegeFailed, new Win32Exception(revertResult)); } } finally { if (revertResult != 0) { DiagnosticUtility.FailFast(message); } } } // package name ("Kerberos") pPackageName = SafeHGlobalHandle.AllocHGlobal(NativeMethods.LsaKerberosName.Length + 1); Marshal.Copy(NativeMethods.LsaKerberosName, 0, pPackageName.DangerousGetHandle(), NativeMethods.LsaKerberosName.Length); UNICODE_INTPTR_STRING packageName = new UNICODE_INTPTR_STRING(NativeMethods.LsaKerberosName.Length, NativeMethods.LsaKerberosName.Length + 1, pPackageName.DangerousGetHandle()); uint packageId = 0; status = NativeMethods.LsaLookupAuthenticationPackage(logonHandle, ref packageName, out packageId); if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } // source context TOKEN_SOURCE sourceContext = new TOKEN_SOURCE(); if (!NativeMethods.AllocateLocallyUniqueId(out sourceContext.SourceIdentifier)) { int dwErrorCode = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(dwErrorCode)); } // SourceContext sourceContext.Name = new char[8]; sourceContext.Name[0] = 'W'; sourceContext.Name[1] = 'C'; sourceContext.Name[2] = 'F'; // LogonInfo byte[] certRawData = certificate.RawData; int logonInfoSize = KERB_CERTIFICATE_S4U_LOGON.Size + certRawData.Length; pLogonInfo = SafeHGlobalHandle.AllocHGlobal(logonInfoSize); unsafe { KERB_CERTIFICATE_S4U_LOGON* pInfo = (KERB_CERTIFICATE_S4U_LOGON*)pLogonInfo.DangerousGetHandle().ToPointer(); pInfo->MessageType = KERB_LOGON_SUBMIT_TYPE.KerbCertificateS4ULogon; pInfo->Flags = NativeMethods.KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS; pInfo->UserPrincipalName = new UNICODE_INTPTR_STRING(0, 0, IntPtr.Zero); pInfo->DomainName = new UNICODE_INTPTR_STRING(0, 0, IntPtr.Zero); pInfo->CertificateLength = (uint)certRawData.Length; pInfo->Certificate = new IntPtr(pLogonInfo.DangerousGetHandle().ToInt64() + KERB_CERTIFICATE_S4U_LOGON.Size); Marshal.Copy(certRawData, 0, pInfo->Certificate, certRawData.Length); } QUOTA_LIMITS quotas = new QUOTA_LIMITS(); LUID logonId = new LUID(); uint profileBufferLength; int subStatus = 0; // Call LsaLogonUser status = NativeMethods.LsaLogonUser( logonHandle, ref sourceName, SecurityLogonType.Network, packageId, pLogonInfo.DangerousGetHandle(), (uint)logonInfoSize, IntPtr.Zero, ref sourceContext, out profileHandle, out profileBufferLength, out logonId, out tokenHandle, out quotas, out subStatus ); // LsaLogon has restriction (eg. password expired). SubStatus indicates the reason. if ((uint)status == NativeMethods.STATUS_ACCOUNT_RESTRICTION && subStatus < 0) { status = subStatus; } if (status < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(status))); } if (subStatus < 0) // non-negative numbers indicate success { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(NativeMethods.LsaNtStatusToWinError(subStatus))); } return new WindowsIdentity(tokenHandle.DangerousGetHandle(), SecurityUtils.AuthTypeCertMap); } finally { if (tokenHandle != null) { tokenHandle.Close(); } if (pLogonInfo != null) { pLogonInfo.Close(); } if (profileHandle != null) { profileHandle.Close(); } if (pSourceName != null) { pSourceName.Close(); } if (pPackageName != null) { pPackageName.Close(); } if (logonHandle != null) { logonHandle.Close(); } } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DataGridColumnStyleMappingNameEditor.cs
- DataObjectSettingDataEventArgs.cs
- EncodingInfo.cs
- WmiPutTraceRecord.cs
- BrushConverter.cs
- BufferedWebEventProvider.cs
- WindowsScrollBar.cs
- XmlSchemaComplexContentExtension.cs
- PropertyIDSet.cs
- XmlLinkedNode.cs
- ErrorStyle.cs
- WindowsComboBox.cs
- BackoffTimeoutHelper.cs
- FlowDocumentPaginator.cs
- XPathNavigatorReader.cs
- ListViewHitTestInfo.cs
- AbstractDataSvcMapFileLoader.cs
- Menu.cs
- AxHost.cs
- OverflowException.cs
- DataRecordObjectView.cs
- PrintController.cs
- BamlBinaryReader.cs
- SecurityKeyType.cs
- LineBreakRecord.cs
- IssuanceLicense.cs
- InvariantComparer.cs
- CorrelationManager.cs
- SchemaElementLookUpTable.cs
- BCryptNative.cs
- Label.cs
- ControlSerializer.cs
- DataControlFieldCollection.cs
- Bitmap.cs
- HelpProvider.cs
- RegistryDataKey.cs
- UICuesEvent.cs
- SqlRowUpdatedEvent.cs
- CompositeControl.cs
- WindowsListViewItem.cs
- ToolStripManager.cs
- WinEventHandler.cs
- PointLightBase.cs
- ConnectionPoolManager.cs
- LinearGradientBrush.cs
- TreeNodeCollectionEditor.cs
- MergeEnumerator.cs
- SafeSerializationManager.cs
- TextRangeEditLists.cs
- Formatter.cs
- SimpleLine.cs
- EncoderExceptionFallback.cs
- SiteOfOriginPart.cs
- UserUseLicenseDictionaryLoader.cs
- Propagator.JoinPropagator.JoinPredicateVisitor.cs
- StandardRuntimeEnumValidatorAttribute.cs
- ToolStripLabel.cs
- DoubleCollection.cs
- PagerSettings.cs
- ReachDocumentPageSerializerAsync.cs
- DataServiceProcessingPipelineEventArgs.cs
- QilPatternVisitor.cs
- Convert.cs
- CardSpaceSelector.cs
- CapabilitiesUse.cs
- _ShellExpression.cs
- FileRecordSequenceHelper.cs
- ProxyWebPart.cs
- FunctionDetailsReader.cs
- ADMembershipUser.cs
- DataGridColumnHeader.cs
- QueryContinueDragEventArgs.cs
- RuleSettings.cs
- ReadOnlyState.cs
- Logging.cs
- SqlTriggerAttribute.cs
- Expressions.cs
- RSACryptoServiceProvider.cs
- HttpResponseHeader.cs
- IsolatedStoragePermission.cs
- CommandDevice.cs
- Int64AnimationBase.cs
- ElementNotAvailableException.cs
- ProfileGroupSettings.cs
- SelectionProviderWrapper.cs
- ArithmeticException.cs
- KeyInstance.cs
- VirtualPathUtility.cs
- XmlDownloadManager.cs
- ThreadExceptionEvent.cs
- KnownBoxes.cs
- Single.cs
- RIPEMD160.cs
- SmiRequestExecutor.cs
- FilterException.cs
- AdCreatedEventArgs.cs
- ControlIdConverter.cs
- PointCollection.cs
- ListCollectionView.cs
- AnnouncementDispatcherAsyncResult.cs