private static NetworkCredential GetCredentialCore(AuthenticationSchemes authenticationScheme, SecurityTokenProviderContainer credentialProvider, TimeSpan timeout, out TokenImpersonationLevel impersonationLevel, out AuthenticationLevel authenticationLevel) { impersonationLevel = TokenImpersonationLevel.None; authenticationLevel = AuthenticationLevel.None; NetworkCredential userNameCredential = null; switch (authenticationScheme) { case AuthenticationSchemes.Digest: userNameCredential = TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel); ValidateDigestCredential(ref userNameCredential, impersonationLevel); return(userNameCredential); case AuthenticationSchemes.Negotiate: return(TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel)); case AuthenticationSchemes.Ntlm: userNameCredential = TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel); if (authenticationLevel == AuthenticationLevel.MutualAuthRequired) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("CredentialDisallowsNtlm"))); } return(userNameCredential); case AuthenticationSchemes.Basic: userNameCredential = TransportSecurityHelpers.GetUserNameCredential(credentialProvider, timeout); impersonationLevel = TokenImpersonationLevel.Delegation; return(userNameCredential); } throw Fx.AssertAndThrow("GetCredential: Invalid authentication scheme"); }
protected override void OnOpen(TimeSpan timeout) { if (!this.isClient) { SecurityTokenRequirement sspiTokenRequirement = TransportSecurityHelpers.CreateSspiTokenRequirement(this.Scheme, this.listenUri); this.serverCredential = TransportSecurityHelpers.GetSspiCredential(this.securityTokenManager, sspiTokenRequirement, timeout, out this.extractGroupsForWindowsAccounts); } }
internal override void Open(TimeSpan timeout) { TimeoutHelper helper = new TimeoutHelper(timeout); base.Open(helper.RemainingTime()); System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(this.clientTokenProvider, helper.RemainingTime()); this.credential = TransportSecurityHelpers.GetSspiCredential(this.clientTokenProvider, helper.RemainingTime(), out this.impersonationLevel, out this.allowNtlm); }