public SecurityEnforcer(ISecurityEvaluator securityEvaluator)
        {
            if (securityEvaluator == null) {
                throw new ArgumentNullException("securityEvaluator");
            }

            _securityEvaluator = securityEvaluator;
        }
        public SecurityEnforcer(ISecurityEvaluator securityEvaluator)
        {
            if (securityEvaluator == null)
            {
                throw new ArgumentNullException("securityEvaluator");
            }

            _securityEvaluator = securityEvaluator;
        }
        public void Enrich(HttpResponseBase response, HttpRequestBase request, ISecurityEvaluator securityEvaluator, Settings settings)
        {
            if (!securityEvaluator.IsSecureConnection(request, settings) || !settings.EnableHsts) {
                return;
            }

            // Add the needed STS header.
            response.AddHeader("Strict-Transport-Security", string.Format("max-age={0:f0}", settings.HstsMaxAge));
        }
Beispiel #4
0
        /// <summary>
        /// Determines a target URL (if any) for this request, based on the expected security.
        /// </summary>
        /// <param name="context"></param>
        /// <param name="expectedSecurity"></param>
        /// <returns></returns>
        private string DetermineTargetUrl(HttpContextBase context, RequestSecurity expectedSecurity)
        {
            // Ensure the request matches the expected security.
            Logger.Log("Determining the URI for the expected security.", Logger.LogLevel.Info);
            ISecurityEvaluator securityEvaluator = SecurityEvaluatorFactory.Instance.Create(context, _settings);
            ISecurityEnforcer  securityEnforcer  = SecurityEnforcerFactory.Instance.Create(context, securityEvaluator);
            string             targetUrl         = securityEnforcer.GetUriForMatchedSecurityRequest(context.Request, context.Response, expectedSecurity, _settings);

            return(targetUrl);
        }
Beispiel #5
0
        public void Enrich(HttpResponseBase response, HttpRequestBase request, ISecurityEvaluator securityEvaluator, Settings settings)
        {
            if (!securityEvaluator.IsSecureConnection(request, settings) || !settings.EnableHsts)
            {
                return;
            }

            // Add the needed STS header.
            response.AddHeader("Strict-Transport-Security", string.Format("max-age={0:f0}", settings.HstsMaxAge));
        }
        /// <summary>
        /// Gets a security enforcer.
        /// </summary>
        /// <returns></returns>
        internal ISecurityEnforcer Create(HttpContextBase context, ISecurityEvaluator securityEvaluator)
        {
            var enforcer = GetCacheValue(context);

            if (enforcer != null)
            {
                return(enforcer);
            }

            Logger.Log("Creating SecurityEnforcer.");
            return(new SecurityEnforcer(securityEvaluator));
        }
Beispiel #7
0
        /// <summary>
        /// Enriches the response as needed, based on the expected security and settings.
        /// </summary>
        /// <param name="context"></param>
        /// <param name="settings"></param>
        private void EnrichResponse(HttpContextBase context, Settings settings)
        {
            IEnumerable <IResponseEnricher> enrichers = ResponseEnricherFactory.Instance.GetAll(context);

            if (enrichers == null)
            {
                return;
            }

            ISecurityEvaluator securityEvaluator = SecurityEvaluatorFactory.Instance.Create(context, _settings);

            foreach (var enricher in enrichers)
            {
                enricher.Enrich(context.Response, context.Request, securityEvaluator, settings);
            }
        }