public override T GetProperty <T>(BindingContext context) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(context)); } if (typeof(T) == typeof(ITransportServiceBuilder)) { return((T)(object)new HttpTransportServiceBuilder()); } //else if (typeof(T) == typeof(ISecurityCapabilities)) //{ // AuthenticationSchemes effectiveAuthenticationSchemes = HttpTransportBindingElement.GetEffectiveAuthenticationSchemes(this.AuthenticationScheme, // context.BindingParameters); // return (T)(object)new SecurityCapabilities(this.GetSupportsClientAuthenticationImpl(effectiveAuthenticationSchemes), // effectiveAuthenticationSchemes == AuthenticationSchemes.Negotiate, // this.GetSupportsClientWindowsIdentityImpl(effectiveAuthenticationSchemes), // ProtectionLevel.None, // ProtectionLevel.None); //} //else if (typeof(T) == typeof(IBindingDeliveryCapabilities)) //{ // return (T)(object)new BindingDeliveryCapabilitiesHelper(); //} else if (typeof(T) == typeof(TransferMode)) { return((T)(object)TransferMode); } //else if (typeof(T) == typeof(ExtendedProtectionPolicy)) //{ // return (T)(object)this.ExtendedProtectionPolicy; //} //else if (typeof(T) == typeof(IAnonymousUriPrefixMatcher)) //{ // if (_anonymousUriPrefixMatcher == null) // { // _anonymousUriPrefixMatcher = new HttpAnonymousUriPrefixMatcher(); // } // return (T)(object)_anonymousUriPrefixMatcher; //} else if (typeof(T).FullName.Equals("CoreWCF.Channels.ITransportCompressionSupport")) { IApplicationBuilder app = context.BindingParameters.Find <IApplicationBuilder>(); if (app == null) { return(base.GetProperty <T>(context)); } object tcs = app.ApplicationServices.GetService(typeof(T).Assembly.GetType("CoreWCF.Channels.TransportCompressionSupportHelper")); return((T)tcs); } else { if (context.BindingParameters.Find <MessageEncodingBindingElement>() == null) { context.BindingParameters.Add(new TextMessageEncodingBindingElement()); } return(base.GetProperty <T>(context)); } }
public override StreamUpgradeProvider BuildServerStreamUpgradeProvider(BindingContext context) { return(new WindowsStreamSecurityUpgradeProvider(this, context, false)); }
internal override SecurityProtocolFactory CreateSecurityProtocolFactory <TChannel>(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(context)); } if (credentialsManager == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(credentialsManager)); } TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); // if (isForService) // base.ApplyAuditBehaviorSettings(context, protocolFactory); ConfigureProtocolFactory(protocolFactory, credentialsManager, isForService, issuerBindingContext, context.Binding); protocolFactory.DetectReplays = false; return(protocolFactory); }
protected override IServiceDispatcher BuildServiceDispatcherCore <TChannel>(BindingContext context, IServiceDispatcher serviceDispatcher) { SecurityServiceDispatcher securityServiceDispatcher = new SecurityServiceDispatcher(context, serviceDispatcher); SecurityCredentialsManager credentialsManager = serviceDispatcher.Host.Description.Behaviors.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ServiceCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters scParameters; if (EndpointSupportingTokenParameters.Endorsing.Count > 0) { scParameters = EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } else { scParameters = null; } bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); issuerBindingContext.BindingParameters.Add(credentialsManager); if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); } if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory { // base.ApplyAuditBehaviorSettings(context, sessionFactory); SecurityTokenParameters = scParameters.Clone() }; ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { ConfigureProtocolFactory(sessionFactory, credentialsManager, true, issuerBindingContext, context.Binding); } finally { EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } securityServiceDispatcher.SessionMode = true; securityServiceDispatcher.SessionServerSettings.InactivityTimeout = LocalServiceSettings.InactivityTimeout; securityServiceDispatcher.SessionServerSettings.KeyRolloverInterval = LocalServiceSettings.SessionKeyRolloverInterval; securityServiceDispatcher.SessionServerSettings.MaximumPendingSessions = LocalServiceSettings.MaxPendingSessions; securityServiceDispatcher.SessionServerSettings.MaximumKeyRenewalInterval = LocalServiceSettings.SessionKeyRenewalInterval; securityServiceDispatcher.SessionServerSettings.TolerateTransportFailures = LocalServiceSettings.ReconnectTransportOnFailure; securityServiceDispatcher.SessionServerSettings.CanRenewSession = scParameters.CanRenewSession; securityServiceDispatcher.SessionServerSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)securityServiceDispatcher.SessionServerSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; securityServiceDispatcher.SessionServerSettings.SecurityStandardsManager = sessionFactory.StandardsManager; securityServiceDispatcher.SessionServerSettings.SessionProtocolFactory = sessionFactory; securityServiceDispatcher.SecurityProtocolFactory = sessionFactory; // pass in the error handler for handling unknown security sessions - dont do this if the underlying channel is duplex since sending // back faults in response to badly secured requests over duplex can result in DoS. //if (context.BindingParameters != null && context.BindingParameters.Find<IChannelDemuxFailureHandler>() == null // && !IsUnderlyingListenerDuplex<TChannel>(context)) //{ // context.BindingParameters.Add(new SecuritySessionServerSettings.SecuritySessionDemuxFailureHandler(sessionFactory.StandardsManager)); //} } else { //TODO later TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); // base.ApplyAuditBehaviorSettings(context, protocolFactory); EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { ConfigureProtocolFactory(protocolFactory, credentialsManager, true, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters)scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } securityServiceDispatcher.SecurityProtocolFactory = protocolFactory; } } else { SecurityProtocolFactory protocolFactory = CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, true, issuerBindingContext); securityServiceDispatcher.SecurityProtocolFactory = protocolFactory; } securityServiceDispatcher.InitializeSecurityDispatcher(channelBuilder, typeof(TChannel)); //return channelListener; channelBuilder.BuildServiceDispatcher <TChannel>(context, securityServiceDispatcher); return(securityServiceDispatcher); }
internal IServiceDispatcher CreateServiceDispatcher <TChannel>(IServiceDispatcher innerDispatcher, BindingContext context) { return(GetTypedServiceDispatcher <TChannel>(context).AddDispatcher(innerDispatcher, new ChannelDemuxerFilter(new MatchAllMessageFilter(), 0))); }
internal void RemoveServiceDispatcher <TChannel>(MessageFilter filter, BindingContext context) { GetTypedServiceDispatcher <TChannel>(context).RemoveDispatcher(filter); }
internal IServiceDispatcher CreateServiceDispatcher <TChannel>(IServiceDispatcher innerDispatcher, ChannelDemuxerFilter filter, BindingContext context) { return(GetTypedServiceDispatcher <TChannel>(context).AddDispatcher(innerDispatcher, filter)); }
internal void ConfigureProtocolFactory(SecurityProtocolFactory factory, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext, Binding binding) { if (factory == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(factory))); } if (credentialsManager == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(credentialsManager))); } factory.AddTimestamp = IncludeTimestamp; factory.IncomingAlgorithmSuite = DefaultAlgorithmSuite; factory.OutgoingAlgorithmSuite = DefaultAlgorithmSuite; factory.SecurityHeaderLayout = SecurityHeaderLayout; factory.TimestampValidityDuration = LocalServiceSettings.TimestampValidityDuration; factory.DetectReplays = LocalServiceSettings.DetectReplays; factory.MaxCachedNonces = LocalServiceSettings.ReplayCacheSize; factory.MaxClockSkew = LocalServiceSettings.MaxClockSkew; factory.ReplayWindow = LocalServiceSettings.ReplayWindow; if (LocalServiceSettings.DetectReplays) { factory.NonceCache = LocalServiceSettings.NonceCache; } factory.SecurityBindingElement = (SecurityBindingElement)Clone(); factory.SecurityBindingElement.SetIssuerBindingContextIfRequired(issuerBindingContext); factory.SecurityTokenManager = credentialsManager.CreateSecurityTokenManager(); SecurityTokenSerializer tokenSerializer = factory.SecurityTokenManager.CreateSecurityTokenSerializer(_messageSecurityVersion.SecurityTokenVersion); factory.StandardsManager = new SecurityStandardsManager(_messageSecurityVersion, tokenSerializer); }
private static void SetIssuerBindingContextIfRequired(SupportingTokenParameters supportingParameters, BindingContext issuerBindingContext) { for (int i = 0; i < supportingParameters.Endorsing.Count; ++i) { SetIssuerBindingContextIfRequired(supportingParameters.Endorsing[i], issuerBindingContext); } for (int i = 0; i < supportingParameters.SignedEndorsing.Count; ++i) { SetIssuerBindingContextIfRequired(supportingParameters.SignedEndorsing[i], issuerBindingContext); } for (int i = 0; i < supportingParameters.Signed.Count; ++i) { SetIssuerBindingContextIfRequired(supportingParameters.Signed[i], issuerBindingContext); } for (int i = 0; i < supportingParameters.SignedEncrypted.Count; ++i) { SetIssuerBindingContextIfRequired(supportingParameters.SignedEncrypted[i], issuerBindingContext); } }
// since the OnOuterListenerOpen method will be called for every outer listener and we will open // the inner listener only once, we need to ensure that all the outer listeners wait till the // inner listener is opened. public DatagramChannelDemuxer(BindingContext context) { _filterTable = new MessageFilterTable <IServiceDispatcher>(); DemuxFailureHandler = context.BindingParameters?.Find <IChannelDemuxFailureHandler>(); }
protected static void SetIssuerBindingContextIfRequired(SecurityTokenParameters parameters, BindingContext issuerBindingContext) { if (parameters is SslSecurityTokenParameters) { throw new NotImplementedException(); //((SslSecurityTokenParameters)parameters).IssuerBindingContext = CreateIssuerBindingContextForNegotiation(issuerBindingContext); } else if (parameters is SspiSecurityTokenParameters) { throw new NotImplementedException(); // ((SspiSecurityTokenParameters)parameters).IssuerBindingContext = CreateIssuerBindingContextForNegotiation(issuerBindingContext); } }
protected abstract IServiceDispatcher BuildServiceDispatcherCore <TChannel>(BindingContext context, IServiceDispatcher serviceDispatcher) where TChannel : class, IChannel;
internal abstract SecurityProtocolFactory CreateSecurityProtocolFactory <TChannel>(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuanceBindingContext);
public abstract T GetProperty <T>(BindingContext context) where T : class;
public ReplyChannelDemuxer(BindingContext context) : base(context) { }
public override IServiceDispatcher BuildServiceDispatcher <TChannel>(BindingContext context, IServiceDispatcher innerDispatcher) { return(innerDispatcher); }
internal bool IsUnderlyingDispatcherDuplex <TChannel>(BindingContext context) { return((typeof(TChannel) == typeof(IDuplexSessionChannel)) && context.CanBuildNextServiceDispatcher <IDuplexChannel>() && !context.CanBuildNextServiceDispatcher <IDuplexSessionChannel>()); }