Beispiel #1
0
 public SecurityListenerSettingsLifetimeManager(SecurityProtocolFactory securityProtocolFactory, SecuritySessionServerSettings sessionSettings, bool sessionMode)
 {
     this.securityProtocolFactory = securityProtocolFactory;
     this.sessionSettings         = sessionSettings;
     this.sessionMode             = sessionMode;
     referenceCount = 1;
 }
Beispiel #2
0
 protected SecurityProtocol(SecurityProtocolFactory factory, EndpointAddress target, Uri via)
 {
     SecurityProtocolFactory = factory;
     Target = target;
     Via    = via;
     CommunicationObject = new WrapperSecurityCommunicationObject(this);
 }
        internal SecurityProtocolFactory(SecurityProtocolFactory factory) : this()
        {
            if (factory == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(factory));
            }

            ActAsInitiator          = factory.ActAsInitiator;
            _addTimestamp           = factory._addTimestamp;
            _detectReplays          = factory._detectReplays;
            _incomingAlgorithmSuite = factory._incomingAlgorithmSuite;
            _maxCachedNonces        = factory._maxCachedNonces;
            _maxClockSkew           = factory._maxClockSkew;
            _outgoingAlgorithmSuite = factory._outgoingAlgorithmSuite;
            _replayWindow           = factory._replayWindow;
            ChannelSupportingTokenAuthenticatorSpecification = new Collection <SupportingTokenAuthenticatorSpecification>(new List <SupportingTokenAuthenticatorSpecification>(factory.ChannelSupportingTokenAuthenticatorSpecification));
            ScopedSupportingTokenAuthenticatorSpecification  = new Dictionary <string, ICollection <SupportingTokenAuthenticatorSpecification> >(factory.ScopedSupportingTokenAuthenticatorSpecification);
            _standardsManager          = factory._standardsManager;
            _timestampValidityDuration = factory._timestampValidityDuration;
            // this.auditLogLocation = factory.auditLogLocation;
            _suppressAuditFailure = factory._suppressAuditFailure;
            // this.serviceAuthorizationAuditLevel = factory.serviceAuthorizationAuditLevel;
            // this.messageAuthenticationAuditLevel = factory.messageAuthenticationAuditLevel;
            if (factory._securityBindingElement != null)
            {
                _securityBindingElement = (SecurityBindingElement)factory._securityBindingElement.Clone();
            }
            _securityTokenManager    = factory._securityTokenManager;
            _privacyNoticeUri        = factory._privacyNoticeUri;
            _privacyNoticeVersion    = factory._privacyNoticeVersion;
            _endpointFilterTable     = factory._endpointFilterTable;
            ExtendedProtectionPolicy = factory.ExtendedProtectionPolicy;
            _nonceCache = factory._nonceCache;
        }
Beispiel #4
0
        protected IList <SupportingTokenAuthenticatorSpecification> GetSupportingTokenAuthenticatorsAndSetExpectationFlags(SecurityProtocolFactory factory, Message message,
                                                                                                                           ReceiveSecurityHeader securityHeader)
        {
            if (message == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
            }
            bool expectBasicTokens;
            bool expectSignedTokens;
            bool expectEndorsingTokens;
            IList <SupportingTokenAuthenticatorSpecification> authenticators = factory.GetSupportingTokenAuthenticators(message.Headers.Action,
                                                                                                                        out expectSignedTokens, out expectBasicTokens, out expectEndorsingTokens);

            securityHeader.ExpectBasicTokens     = expectBasicTokens;
            securityHeader.ExpectEndorsingTokens = expectEndorsingTokens;
            securityHeader.ExpectSignedTokens    = expectSignedTokens;
            return(authenticators);
        }
Beispiel #5
0
        internal async Task <IList <SupportingTokenSpecification> > TryGetSupportingTokensAsync(SecurityProtocolFactory factory, EndpointAddress target, Uri via, Message message, TimeSpan timeout)
        {
            IList <SupportingTokenSpecification> supportingTokens = null;

            if (!factory.ActAsInitiator)
            {
                return(null);
            }

            if (message == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(message));
            }

            TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
            IList <SupportingTokenProviderSpecification> supportingTokenProviders = GetSupportingTokenProviders(message.Headers.Action);

            if (supportingTokenProviders != null && supportingTokenProviders.Count > 0)
            {
                supportingTokens = new Collection <SupportingTokenSpecification>();
                for (int i = 0; i < supportingTokenProviders.Count; ++i)
                {
                    SupportingTokenProviderSpecification spec = supportingTokenProviders[i];
                    SecurityToken supportingToken;
                    supportingToken = await spec.TokenProvider.GetTokenAsync(timeoutHelper.GetCancellationToken());

                    supportingTokens.Add(new SupportingTokenSpecification(supportingToken, EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, spec.SecurityTokenAttachmentMode, spec.TokenParameters));
                }
            }

            // add any runtime supporting tokens
            AddMessageSupportingTokens(message, ref supportingTokens);
            return(supportingTokens);
        }
Beispiel #6
0
        private SendSecurityHeader CreateSendSecurityHeader(Message message, string actor, SecurityProtocolFactory factory, bool requireMessageProtection)
        {
            MessageDirection   transferDirection  = factory.ActAsInitiator ? MessageDirection.Input : MessageDirection.Output;
            SendSecurityHeader sendSecurityHeader = factory.StandardsManager.CreateSendSecurityHeader(
                message,
                actor, true, false,
                factory.OutgoingAlgorithmSuite, transferDirection);

            sendSecurityHeader.Layout = factory.SecurityHeaderLayout;
            sendSecurityHeader.RequireMessageProtection = requireMessageProtection;
            SetSecurityHeaderId(sendSecurityHeader, message);
            if (factory.AddTimestamp)
            {
                sendSecurityHeader.AddTimestamp(factory.TimestampValidityDuration);
            }

            sendSecurityHeader.StreamBufferManager = factory.StreamBufferManager;
            return(sendSecurityHeader);
        }
Beispiel #7
0
 protected SendSecurityHeader CreateSendSecurityHeaderForTransportProtocol(Message message, string actor, SecurityProtocolFactory factory)
 {
     return(CreateSendSecurityHeader(message, actor, factory, false));
 }
Beispiel #8
0
 protected SendSecurityHeader CreateSendSecurityHeader(Message message, string actor, SecurityProtocolFactory factory)
 {
     return(CreateSendSecurityHeader(message, actor, factory, true));
 }