public override void CopyFrom(ServiceModelExtensionElement from)
{
base.CopyFrom(from);
HttpTransportElement source = (HttpTransportElement)from;
#pragma warning suppress 56506 // Microsoft, base.CopyFrom() validates the argument
this.AllowCookies = source.AllowCookies;
this.RequestInitializationTimeout = source.RequestInitializationTimeout;
this.AuthenticationScheme = source.AuthenticationScheme;
this.BypassProxyOnLocal = source.BypassProxyOnLocal;
this.DecompressionEnabled = source.DecompressionEnabled;
this.KeepAliveEnabled = source.KeepAliveEnabled;
this.HostNameComparisonMode = source.HostNameComparisonMode;
this.MaxBufferSize = source.MaxBufferSize;
this.MaxPendingAccepts = source.MaxPendingAccepts;
this.ProxyAddress = source.ProxyAddress;
this.ProxyAuthenticationScheme = source.ProxyAuthenticationScheme;
this.Realm = source.Realm;
this.TransferMode = source.TransferMode;
this.UnsafeConnectionNtlmAuthentication = source.UnsafeConnectionNtlmAuthentication;
this.UseDefaultWebProxy = source.UseDefaultWebProxy;
this.WebSocketSettings = source.WebSocketSettings;
this.MessageHandlerFactory = source.MessageHandlerFactory;
ChannelBindingUtility.CopyFrom(source.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void ApplyConfiguration(BindingElement bindingElement)
{
base.ApplyConfiguration(bindingElement);
HttpTransportBindingElement binding = (HttpTransportBindingElement)bindingElement;
binding.AllowCookies = this.AllowCookies;
binding.AuthenticationScheme = this.AuthenticationScheme;
binding.BypassProxyOnLocal = this.BypassProxyOnLocal;
binding.DecompressionEnabled = this.DecompressionEnabled;
binding.KeepAliveEnabled = this.KeepAliveEnabled;
binding.HostNameComparisonMode = this.HostNameComparisonMode;
PropertyInformationCollection propertyInfo = this.ElementInformation.Properties;
if (propertyInfo[ConfigurationStrings.MaxBufferSize].ValueOrigin != PropertyValueOrigin.Default)
{
binding.MaxBufferSize = this.MaxBufferSize;
}
binding.MaxPendingAccepts = this.MaxPendingAccepts;
binding.ProxyAddress = this.ProxyAddress;
binding.ProxyAuthenticationScheme = this.ProxyAuthenticationScheme;
binding.Realm = this.Realm;
binding.RequestInitializationTimeout = this.RequestInitializationTimeout;
binding.TransferMode = this.TransferMode;
binding.UnsafeConnectionNtlmAuthentication = this.UnsafeConnectionNtlmAuthentication;
binding.UseDefaultWebProxy = this.UseDefaultWebProxy;
binding.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
this.WebSocketSettings.ApplyConfiguration(binding.WebSocketSettings);
if (this.MessageHandlerFactory != null)
{
binding.MessageHandlerFactory = HttpMessageHandlerFactory.CreateFromConfigurationElement(this.MessageHandlerFactory);
}
}
protected override void OnClosed()
{
base.OnClosed();
// clean up the CBT after transitioning to the closed state
ChannelBindingUtility.Dispose(ref _channelBindingToken);
}
protected internal override void InitializeFrom(BindingElement bindingElement)
{
base.InitializeFrom(bindingElement);
HttpTransportBindingElement source = (HttpTransportBindingElement)bindingElement;
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.AllowCookies, source.AllowCookies);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.AuthenticationScheme, source.AuthenticationScheme);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.DecompressionEnabled, source.DecompressionEnabled);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.BypassProxyOnLocal, source.BypassProxyOnLocal);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.KeepAliveEnabled, source.KeepAliveEnabled);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.HostNameComparisonMode, source.HostNameComparisonMode);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.MaxBufferSize, source.MaxBufferSize);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.MaxPendingAccepts, source.MaxPendingAccepts);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ProxyAddress, source.ProxyAddress);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ProxyAuthenticationScheme, source.ProxyAuthenticationScheme);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.Realm, source.Realm);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.RequestInitializationTimeout, source.RequestInitializationTimeout);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.TransferMode, source.TransferMode);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.UnsafeConnectionNtlmAuthentication, source.UnsafeConnectionNtlmAuthentication);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.UseDefaultWebProxy, source.UseDefaultWebProxy);
this.WebSocketSettings.InitializeFrom(source.WebSocketSettings);
if (source.MessageHandlerFactory != null)
{
this.MessageHandlerFactory = source.MessageHandlerFactory.GenerateConfigurationElement();
}
ChannelBindingUtility.InitializeFrom(source.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
internal static void ApplyConfiguration(this HttpTransportSecurityElement httpTransportSecurityElement, HttpTransportSecurity httpTransportSecurity)
{
Fx.Assert(httpTransportSecurityElement != null, "httpTransportSecurityElement cannot be null");
Fx.Assert(httpTransportSecurity != null, "httpTransportSecurity cannot be null");
httpTransportSecurity.ClientCredentialType = httpTransportSecurityElement.ClientCredentialType;
httpTransportSecurity.ProxyCredentialType = httpTransportSecurityElement.ProxyCredentialType;
httpTransportSecurity.Realm = httpTransportSecurityElement.Realm;
httpTransportSecurity.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(httpTransportSecurityElement.ExtendedProtectionPolicy);
}
internal void InitializeFrom(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
this.ClientCredentialType = security.ClientCredentialType;
this.ProtectionLevel = security.ProtectionLevel;
ChannelBindingUtility.InitializeFrom(security.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
internal void InitializeFrom(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ClientCredentialType, security.ClientCredentialType);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ProtectionLevel, security.ProtectionLevel);
ChannelBindingUtility.InitializeFrom(security.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
internal void ApplyConfiguration(TcpTransportSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
security.ClientCredentialType = this.ClientCredentialType;
security.ProtectionLevel = this.ProtectionLevel;
security.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
}
public override void CopyFrom(ServiceModelExtensionElement from)
{
base.CopyFrom(from);
TcpTransportElement element = (TcpTransportElement)from;
this.ListenBacklog = element.ListenBacklog;
this.PortSharingEnabled = element.PortSharingEnabled;
this.TeredoEnabled = element.TeredoEnabled;
this.ConnectionPoolSettings.CopyFrom(element.ConnectionPoolSettings);
ChannelBindingUtility.CopyFrom(element.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
protected internal override void InitializeFrom(BindingElement bindingElement)
{
base.InitializeFrom(bindingElement);
TcpTransportBindingElement element = (TcpTransportBindingElement)bindingElement;
this.ListenBacklog = element.ListenBacklog;
this.PortSharingEnabled = element.PortSharingEnabled;
this.TeredoEnabled = element.TeredoEnabled;
this.ConnectionPoolSettings.InitializeFrom(element.ConnectionPoolSettings);
ChannelBindingUtility.InitializeFrom(element.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void ApplyConfiguration(BindingElement bindingElement)
{
base.ApplyConfiguration(bindingElement);
TcpTransportBindingElement element = (TcpTransportBindingElement)bindingElement;
element.ListenBacklog = this.ListenBacklog;
element.PortSharingEnabled = this.PortSharingEnabled;
element.TeredoEnabled = this.TeredoEnabled;
this.ConnectionPoolSettings.ApplyConfiguration(element.ConnectionPoolSettings);
element.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
}
internal static void InitializeFrom(this HttpTransportSecurityElement httpTransportSecurityElement, HttpTransportSecurity httpTransportSecurity)
{
Fx.Assert(httpTransportSecurityElement != null, "httpTransportSecurityElement cannot be null");
Fx.Assert(httpTransportSecurity != null, "httpTransportSecurity cannot be null");
ConfigurationElementProxy proxy = new ConfigurationElementProxy(httpTransportSecurityElement);
proxy.SetPropertyValueIfNotDefaultValue <HttpClientCredentialType>(ConfigurationStrings.ClientCredentialType, httpTransportSecurity.ClientCredentialType);
proxy.SetPropertyValueIfNotDefaultValue <HttpProxyCredentialType>(ConfigurationStrings.ProxyCredentialType, httpTransportSecurity.ProxyCredentialType);
proxy.SetPropertyValueIfNotDefaultValue <string>(ConfigurationStrings.Realm, httpTransportSecurity.Realm);
ChannelBindingUtility.InitializeFrom(httpTransportSecurity.ExtendedProtectionPolicy, httpTransportSecurityElement.ExtendedProtectionPolicy);
}
public override void CopyFrom(ServiceModelExtensionElement from)
{
base.CopyFrom(from);
TcpTransportElement source = (TcpTransportElement)from;
#pragma warning suppress 56506 // [....], base.CopyFrom() validates the argument
this.ListenBacklog = source.ListenBacklog;
this.PortSharingEnabled = source.PortSharingEnabled;
this.TeredoEnabled = source.TeredoEnabled;
this.ConnectionPoolSettings.CopyFrom(source.ConnectionPoolSettings);
ChannelBindingUtility.CopyFrom(source.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void CopyFrom(ServiceModelExtensionElement from)
{
base.CopyFrom(from);
TcpTransportElement source = (TcpTransportElement)from;
this.ListenBacklog = source.ListenBacklog;
this.PortSharingEnabled = source.PortSharingEnabled;
this.TeredoEnabled = source.TeredoEnabled;
this.ConnectionPoolSettings.CopyFrom(source.ConnectionPoolSettings);
#if DESKTOP
ChannelBindingUtility.CopyFrom(source.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
#endif
}
protected internal override void InitializeFrom(BindingElement bindingElement)
{
base.InitializeFrom(bindingElement);
#pragma warning suppress 56506 // [....], base.CopyFrom() validates the argument
TcpTransportBindingElement binding = (TcpTransportBindingElement)bindingElement;
if (binding.IsListenBacklogSet)
{
ConfigurationProperty listenBacklogProperty = this.Properties[ConfigurationStrings.ListenBacklog];
SetPropertyValue(listenBacklogProperty, binding.ListenBacklog, false /*ignore locks*/);
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.PortSharingEnabled, binding.PortSharingEnabled);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.TeredoEnabled, binding.TeredoEnabled);
this.ConnectionPoolSettings.InitializeFrom(binding.ConnectionPoolSettings);
ChannelBindingUtility.InitializeFrom(binding.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void ApplyConfiguration(BindingElement bindingElement)
{
base.ApplyConfiguration(bindingElement);
#pragma warning suppress 56506 // [....], base.ApplyConfiguration() validates the argument
TcpTransportBindingElement binding = (TcpTransportBindingElement)bindingElement;
PropertyInformationCollection propertyInfo = this.ElementInformation.Properties;
if (this.ListenBacklog != TcpTransportDefaults.ListenBacklogConst)
{
binding.ListenBacklog = this.ListenBacklog;
}
binding.PortSharingEnabled = this.PortSharingEnabled;
binding.TeredoEnabled = this.TeredoEnabled;
#pragma warning suppress 56506 // [....], base.ApplyConfiguration() validates the argument
this.ConnectionPoolSettings.ApplyConfiguration(binding.ConnectionPoolSettings);
binding.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
}
protected internal override void InitializeFrom(BindingElement bindingElement)
{
base.InitializeFrom(bindingElement);
TcpTransportBindingElement binding = (TcpTransportBindingElement)bindingElement;
#if DESKTOP
if (binding.IsListenBacklogSet)
{
ConfigurationProperty listenBacklogProperty = this.Properties[ConfigurationStrings.ListenBacklog];
SetPropertyValue(listenBacklogProperty, binding.ListenBacklog, false /*ignore locks*/);
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.PortSharingEnabled, binding.PortSharingEnabled);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.TeredoEnabled, binding.TeredoEnabled);
#endif
this.ConnectionPoolSettings.InitializeFrom(binding.ConnectionPoolSettings);
#if DESKTOP
ChannelBindingUtility.InitializeFrom(binding.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
#endif
}
public override void ApplyConfiguration(BindingElement bindingElement)
{
base.ApplyConfiguration(bindingElement);
TcpTransportBindingElement binding = (TcpTransportBindingElement)bindingElement;
PropertyInformationCollection propertyInfo = this.ElementInformation.Properties;
#if DESKTOP
if (this.ListenBacklog != TcpTransportDefaults.ListenBacklogConst)
{
binding.ListenBacklog = this.ListenBacklog;
}
binding.PortSharingEnabled = this.PortSharingEnabled;
binding.TeredoEnabled = this.TeredoEnabled;
#endif
this.ConnectionPoolSettings.ApplyConfiguration(binding.ConnectionPoolSettings);
#if DESKTOP
binding.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
#endif
}
protected internal override void InitializeFrom(BindingElement bindingElement)
{
base.InitializeFrom(bindingElement);
HttpTransportBindingElement element = (HttpTransportBindingElement)bindingElement;
this.AllowCookies = element.AllowCookies;
this.AuthenticationScheme = element.AuthenticationScheme;
this.DecompressionEnabled = element.DecompressionEnabled;
this.BypassProxyOnLocal = element.BypassProxyOnLocal;
this.KeepAliveEnabled = element.KeepAliveEnabled;
this.HostNameComparisonMode = element.HostNameComparisonMode;
this.MaxBufferSize = element.MaxBufferSize;
this.ProxyAddress = element.ProxyAddress;
this.ProxyAuthenticationScheme = element.ProxyAuthenticationScheme;
this.Realm = element.Realm;
this.TransferMode = element.TransferMode;
this.UnsafeConnectionNtlmAuthentication = element.UnsafeConnectionNtlmAuthentication;
this.UseDefaultWebProxy = element.UseDefaultWebProxy;
ChannelBindingUtility.InitializeFrom(element.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void CopyFrom(ServiceModelExtensionElement from)
{
base.CopyFrom(from);
HttpTransportElement element = (HttpTransportElement)from;
this.AllowCookies = element.AllowCookies;
this.AuthenticationScheme = element.AuthenticationScheme;
this.BypassProxyOnLocal = element.BypassProxyOnLocal;
this.DecompressionEnabled = element.DecompressionEnabled;
this.KeepAliveEnabled = element.KeepAliveEnabled;
this.HostNameComparisonMode = element.HostNameComparisonMode;
this.MaxBufferSize = element.MaxBufferSize;
this.ProxyAddress = element.ProxyAddress;
this.ProxyAuthenticationScheme = element.ProxyAuthenticationScheme;
this.Realm = element.Realm;
this.TransferMode = element.TransferMode;
this.UnsafeConnectionNtlmAuthentication = element.UnsafeConnectionNtlmAuthentication;
this.UseDefaultWebProxy = element.UseDefaultWebProxy;
ChannelBindingUtility.CopyFrom(element.ExtendedProtectionPolicy, this.ExtendedProtectionPolicy);
}
public override void ApplyConfiguration(BindingElement bindingElement)
{
base.ApplyConfiguration(bindingElement);
HttpTransportBindingElement element = (HttpTransportBindingElement)bindingElement;
element.AllowCookies = this.AllowCookies;
element.AuthenticationScheme = this.AuthenticationScheme;
element.BypassProxyOnLocal = this.BypassProxyOnLocal;
element.DecompressionEnabled = this.DecompressionEnabled;
element.KeepAliveEnabled = this.KeepAliveEnabled;
element.HostNameComparisonMode = this.HostNameComparisonMode;
if (base.ElementInformation.Properties["maxBufferSize"].ValueOrigin != PropertyValueOrigin.Default)
{
element.MaxBufferSize = this.MaxBufferSize;
}
element.ProxyAddress = this.ProxyAddress;
element.ProxyAuthenticationScheme = this.ProxyAuthenticationScheme;
element.Realm = this.Realm;
element.TransferMode = this.TransferMode;
element.UnsafeConnectionNtlmAuthentication = this.UnsafeConnectionNtlmAuthentication;
element.UseDefaultWebProxy = this.UseDefaultWebProxy;
element.ExtendedProtectionPolicy = ChannelBindingUtility.BuildPolicy(this.ExtendedProtectionPolicy);
}
public bool ShouldSerializeExtendedProtectionPolicy()
{
return(!ChannelBindingUtility.AreEqual(this.ExtendedProtectionPolicy, ChannelBindingUtility.DefaultPolicy));
}
public override void ValidateHttpSettings(string virtualPath, bool isMetadataListener, bool usingDefaultSpnList, ref AuthenticationSchemes bindingElementAuthenticationSchemes, ref ExtendedProtectionPolicy extendedProtectionPolicy, ref string realm)
{
// Verify the authentication settings
AuthenticationSchemes hostSupportedSchemes = HostedTransportConfigurationManager.MetabaseSettings.GetAuthenticationSchemes(virtualPath);
if ((bindingElementAuthenticationSchemes & hostSupportedSchemes) == 0)
{
if (bindingElementAuthenticationSchemes == AuthenticationSchemes.Negotiate ||
bindingElementAuthenticationSchemes == AuthenticationSchemes.Ntlm ||
bindingElementAuthenticationSchemes == AuthenticationSchemes.IntegratedWindowsAuthentication)
{
throw FxTrace.Exception.AsError(new NotSupportedException(SR.Hosting_AuthSchemesRequireWindowsAuth));
}
else
{
throw FxTrace.Exception.AsError(new NotSupportedException(SR.Hosting_AuthSchemesRequireOtherAuth(bindingElementAuthenticationSchemes.ToString())));
}
}
//only use AuthenticationSchemes, which are supported both in IIS and the WCF binding
bindingElementAuthenticationSchemes &= hostSupportedSchemes;
if (bindingElementAuthenticationSchemes != AuthenticationSchemes.Anonymous)
{
//Compare the ExtendedProtectionPolicy setttings to IIS
ExtendedProtectionPolicy iisPolicy = HostedTransportConfigurationManager.MetabaseSettings.GetExtendedProtectionPolicy(virtualPath);
if (iisPolicy == null) //OS doesn't support CBT
{
if (extendedProtectionPolicy.PolicyEnforcement == PolicyEnforcement.Always)
{
throw FxTrace.Exception.AsError(new NotSupportedException(SR.ExtendedProtectionNotSupported));
}
}
else
{
if (isMetadataListener && ChannelBindingUtility.IsDefaultPolicy(extendedProtectionPolicy))
{
//push the IIS policy onto the metadataListener if and only if the default policy is
//in force. policy for non metadata listeners will still have to match IIS policy.
extendedProtectionPolicy = iisPolicy;
}
else
{
if (!ChannelBindingUtility.AreEqual(iisPolicy, extendedProtectionPolicy))
{
string mismatchErrorMessage;
if (iisPolicy.PolicyEnforcement != extendedProtectionPolicy.PolicyEnforcement)
{
mismatchErrorMessage = SR.ExtendedProtectionPolicyEnforcementMismatch(iisPolicy.PolicyEnforcement, extendedProtectionPolicy.PolicyEnforcement);
}
else if (iisPolicy.ProtectionScenario != extendedProtectionPolicy.ProtectionScenario)
{
mismatchErrorMessage = SR.ExtendedProtectionPolicyScenarioMismatch(iisPolicy.ProtectionScenario, extendedProtectionPolicy.ProtectionScenario);
}
else
{
Fx.Assert(iisPolicy.CustomChannelBinding != extendedProtectionPolicy.CustomChannelBinding, "new case in ChannelBindingUtility.AreEqual to account for");
mismatchErrorMessage = SR.ExtendedProtectionPolicyCustomChannelBindingMismatch;
}
if (mismatchErrorMessage != null)
{
throw FxTrace.Exception.AsError(new NotSupportedException(SR.Hosting_ExtendedProtectionPoliciesMustMatch(mismatchErrorMessage)));
}
}
//when using the default SPN list we auto generate, we should make sure that the IIS policy is also the default...
ServiceNameCollection listenerSpnList = usingDefaultSpnList ? null : extendedProtectionPolicy.CustomServiceNames;
if (!ChannelBindingUtility.IsSubset(iisPolicy.CustomServiceNames, listenerSpnList))
{
throw FxTrace.Exception.AsError(new NotSupportedException(SR.Hosting_ExtendedProtectionPoliciesMustMatch(SR.Hosting_ExtendedProtectionSPNListNotSubset)));
}
}
}
}
// Do not set realm for Cassini.
if (!ServiceHostingEnvironment.IsSimpleApplicationHost)
{
// Set the realm
realm = HostedTransportConfigurationManager.MetabaseSettings.GetRealm(virtualPath);
}
}
protected void ApplyChannelBinding(Message message)
{
ChannelBindingUtility.TryAddToMessage(_channelBindingToken, message, false);
}
public override void ValidateHttpSettings(string virtualPath, bool isMetadataListener, bool usingDefaultSpnList, ref AuthenticationSchemes supportedSchemes, ref ExtendedProtectionPolicy extendedProtectionPolicy, ref string realm)
{
AuthenticationSchemes authenticationSchemes = HostedTransportConfigurationManager.MetabaseSettings.GetAuthenticationSchemes(virtualPath);
if (((supportedSchemes == AuthenticationSchemes.Anonymous) && ((authenticationSchemes & AuthenticationSchemes.Anonymous) == AuthenticationSchemes.None)) && isMetadataListener)
{
if ((authenticationSchemes & AuthenticationSchemes.Negotiate) != AuthenticationSchemes.None)
{
supportedSchemes = AuthenticationSchemes.Negotiate;
}
else
{
supportedSchemes = authenticationSchemes;
}
}
if ((supportedSchemes & authenticationSchemes) == AuthenticationSchemes.None)
{
if (AuthenticationSchemesHelper.IsWindowsAuth(supportedSchemes))
{
throw FxTrace.Exception.AsError(new NotSupportedException(System.ServiceModel.Activation.SR.Hosting_AuthSchemesRequireWindowsAuth));
}
throw FxTrace.Exception.AsError(new NotSupportedException(System.ServiceModel.Activation.SR.Hosting_AuthSchemesRequireOtherAuth(((AuthenticationSchemes)supportedSchemes).ToString())));
}
if (supportedSchemes != AuthenticationSchemes.Anonymous)
{
ExtendedProtectionPolicy policy = HostedTransportConfigurationManager.MetabaseSettings.GetExtendedProtectionPolicy(virtualPath);
if (policy == null)
{
if (extendedProtectionPolicy.PolicyEnforcement == PolicyEnforcement.Always)
{
throw FxTrace.Exception.AsError(new NotSupportedException(System.ServiceModel.Activation.SR.ExtendedProtectionNotSupported));
}
}
else if (isMetadataListener && ChannelBindingUtility.IsDefaultPolicy(extendedProtectionPolicy))
{
extendedProtectionPolicy = policy;
}
else
{
if (!ChannelBindingUtility.AreEqual(policy, extendedProtectionPolicy))
{
string extendedProtectionPolicyCustomChannelBindingMismatch;
if (policy.PolicyEnforcement != extendedProtectionPolicy.PolicyEnforcement)
{
extendedProtectionPolicyCustomChannelBindingMismatch = System.ServiceModel.Activation.SR.ExtendedProtectionPolicyEnforcementMismatch(policy.PolicyEnforcement, extendedProtectionPolicy.PolicyEnforcement);
}
else if (policy.ProtectionScenario != extendedProtectionPolicy.ProtectionScenario)
{
extendedProtectionPolicyCustomChannelBindingMismatch = System.ServiceModel.Activation.SR.ExtendedProtectionPolicyScenarioMismatch(policy.ProtectionScenario, extendedProtectionPolicy.ProtectionScenario);
}
else
{
extendedProtectionPolicyCustomChannelBindingMismatch = System.ServiceModel.Activation.SR.ExtendedProtectionPolicyCustomChannelBindingMismatch;
}
if (extendedProtectionPolicyCustomChannelBindingMismatch != null)
{
throw FxTrace.Exception.AsError(new NotSupportedException(System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionPoliciesMustMatch(extendedProtectionPolicyCustomChannelBindingMismatch)));
}
}
ServiceNameCollection subset = usingDefaultSpnList ? null : extendedProtectionPolicy.CustomServiceNames;
if (!ChannelBindingUtility.IsSubset(policy.CustomServiceNames, subset))
{
throw FxTrace.Exception.AsError(new NotSupportedException(System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionPoliciesMustMatch(System.ServiceModel.Activation.SR.Hosting_ExtendedProtectionSPNListNotSubset)));
}
}
}
if (!ServiceHostingEnvironment.IsSimpleApplicationHost)
{
realm = HostedTransportConfigurationManager.MetabaseSettings.GetRealm(virtualPath);
}
}
