Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / ServiceAuthorizationManager.cs / 1 / ServiceAuthorizationManager.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel { using System.Collections.Generic; using System.ServiceModel.Channels; using System.ServiceModel.Description; using System.Collections.ObjectModel; using System.Diagnostics; using System.IdentityModel.Policy; using System.ServiceModel.Diagnostics; using System.ServiceModel.Security; public class ServiceAuthorizationManager { // This is the API called by framework to perform CheckAccess. // The API is responsible for ... // 1) Evaluate all policies (Forward\Backward) // 2) Optionally wire up the resulting AuthorizationContext // to ServiceSecurityContext. // 3) An availability of message content to make an authoritive decision. // 4) Return the authoritive decision true/false (allow/deny). public virtual bool CheckAccess(OperationContext operationContext, ref Message message) { return CheckAccess(operationContext); } public virtual bool CheckAccess(OperationContext operationContext) { if (operationContext == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("operationContext"); } // default to forward-chaining implementation // 1) Get policies that will participate in chain process. // We provide a safe default policies set below. ReadOnlyCollectionauthorizationPolicies = GetAuthorizationPolicies(operationContext); // 2) Do forward chaining and wire the new ServiceSecurityContext operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = new ServiceSecurityContext(authorizationPolicies ?? EmptyReadOnlyCollection .Instance); // 3) Call the CheckAccessCore return CheckAccessCore(operationContext); } // Define the set of policies taking part in chaining. We will provide // the safe default set (primary token + all supporting tokens except token with // with SecurityTokenAttachmentMode.Signed + transport token). Implementor // can override and provide different selection of policies set. protected virtual ReadOnlyCollection GetAuthorizationPolicies(OperationContext operationContext) { SecurityMessageProperty security = operationContext.IncomingMessageProperties.Security; if (security == null) { return EmptyReadOnlyCollection .Instance; } ReadOnlyCollection externalPolicies = security.ExternalAuthorizationPolicies; if (security.ServiceSecurityContext == null) { return externalPolicies ?? EmptyReadOnlyCollection .Instance; } ReadOnlyCollection authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies; if (externalPolicies == null || externalPolicies.Count <= 0) { return authorizationPolicies; } // Combine List policies = new List (authorizationPolicies); policies.AddRange(externalPolicies); return policies.AsReadOnly(); } // Implementor overrides this API to make authoritive decision. // The AuthorizationContext in opContext is generally the result from forward chain. protected virtual bool CheckAccessCore(OperationContext operationContext) { return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ViewEvent.cs
- FixedStringLookup.cs
- SqlProfileProvider.cs
- ICspAsymmetricAlgorithm.cs
- MulticastOption.cs
- PropertyTabChangedEvent.cs
- GridViewColumnHeader.cs
- TableCellCollection.cs
- AudienceUriMode.cs
- Socket.cs
- CSharpCodeProvider.cs
- DBProviderConfigurationHandler.cs
- HandleRef.cs
- BoundColumn.cs
- Size.cs
- BitmapPalettes.cs
- TextServicesCompartmentEventSink.cs
- NativeMethods.cs
- HtmlControl.cs
- SemanticResultKey.cs
- Double.cs
- RtfToXamlLexer.cs
- ChangeBlockUndoRecord.cs
- Monitor.cs
- SerializationInfoEnumerator.cs
- CacheModeConverter.cs
- DataRelationPropertyDescriptor.cs
- SByteConverter.cs
- Imaging.cs
- SiteMapHierarchicalDataSourceView.cs
- StaticExtension.cs
- IPipelineRuntime.cs
- GridPattern.cs
- ByteFacetDescriptionElement.cs
- BitmapEffectvisualstate.cs
- HttpProtocolReflector.cs
- ConfigsHelper.cs
- ThrowHelper.cs
- NotCondition.cs
- TemplatedMailWebEventProvider.cs
- ConnectionInterfaceCollection.cs
- SimpleType.cs
- WebProxyScriptElement.cs
- UInt16Storage.cs
- HtmlGenericControl.cs
- HttpResponseInternalWrapper.cs
- DiscoveryClientOutputChannel.cs
- Activity.cs
- UnsafeNativeMethods.cs
- HttpModuleCollection.cs
- DnsEndPoint.cs
- SByteStorage.cs
- DependsOnAttribute.cs
- IItemContainerGenerator.cs
- OdbcConnectionHandle.cs
- SessionStateModule.cs
- AcceptorSessionSymmetricTransportSecurityProtocol.cs
- FrameworkElementFactory.cs
- ContentTypeSettingClientMessageFormatter.cs
- ShortcutKeysEditor.cs
- SecurityContextKeyIdentifierClause.cs
- SqlMetaData.cs
- TemplateContainer.cs
- InertiaRotationBehavior.cs
- BulletedListEventArgs.cs
- SectionXmlInfo.cs
- ButtonColumn.cs
- CheckBoxAutomationPeer.cs
- Util.cs
- CodeRemoveEventStatement.cs
- HtmlInputRadioButton.cs
- ISessionStateStore.cs
- PersonalizationStateInfoCollection.cs
- ServiceManager.cs
- DesignerCalendarAdapter.cs
- StrokeNodeData.cs
- MissingSatelliteAssemblyException.cs
- DataSourceExpressionCollection.cs
- ADMembershipUser.cs
- HandlerFactoryCache.cs
- DNS.cs
- FixedPageStructure.cs
- NamespaceExpr.cs
- Color.cs
- Attributes.cs
- SqlDependencyUtils.cs
- TextEditorSpelling.cs
- ActionNotSupportedException.cs
- DesignerActionItemCollection.cs
- _Win32.cs
- Vertex.cs
- DoubleAnimationClockResource.cs
- BaseCodePageEncoding.cs
- WebBrowserPermission.cs
- ToolStripControlHost.cs
- CodeGotoStatement.cs
- HttpPostClientProtocol.cs
- XmlTextAttribute.cs
- DataGridTableStyleMappingNameEditor.cs
- EmissiveMaterial.cs