private ChannelProtectionRequirements GetProtectionRequirements()
{
if (!this.Transactions && (this.IssuedTokens == TransactionFlowOption.NotAllowed))
{
return(null);
}
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
if (this.Transactions)
{
MessagePartSpecification specification = new MessagePartSpecification(new XmlQualifiedName[] { new XmlQualifiedName("CoordinationContext", "http://schemas.xmlsoap.org/ws/2004/10/wscoor"), new XmlQualifiedName("CoordinationContext", "http://docs.oasis-open.org/ws-tx/wscoor/2006/06"), new XmlQualifiedName("OleTxTransaction", "http://schemas.microsoft.com/ws/2006/02/tx/oletx") });
specification.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(specification);
requirements.OutgoingSignatureParts.AddParts(specification);
requirements.IncomingEncryptionParts.AddParts(specification);
requirements.OutgoingEncryptionParts.AddParts(specification);
}
if (this.IssuedTokens != TransactionFlowOption.NotAllowed)
{
MessagePartSpecification issuedTokenHeaderSpecification = GetIssuedTokenHeaderSpecification(SecurityStandardsManager.DefaultInstance);
issuedTokenHeaderSpecification.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(issuedTokenHeaderSpecification);
requirements.IncomingEncryptionParts.AddParts(issuedTokenHeaderSpecification);
requirements.OutgoingSignatureParts.AddParts(issuedTokenHeaderSpecification);
requirements.OutgoingEncryptionParts.AddParts(issuedTokenHeaderSpecification);
}
MessagePartSpecification parts = new MessagePartSpecification(true);
parts.MakeReadOnly();
requirements.OutgoingSignatureParts.AddParts(parts, "http://schemas.microsoft.com/net/2005/12/windowscommunicationfoundation/transactions/fault");
requirements.OutgoingEncryptionParts.AddParts(parts, "http://schemas.microsoft.com/net/2005/12/windowscommunicationfoundation/transactions/fault");
return(requirements);
}
public void UnionReadOnlyPart()
{
MessagePartSpecification s =
new MessagePartSpecification();
s.MakeReadOnly();
Assert.AreEqual(true, s.IsReadOnly, "#1");
s.Union(new MessagePartSpecification());
}
internal ChannelProtectionRequirements GetProtectionRequirements(AddressingVersion addressing, ProtectionLevel defaultProtectionLevel)
{
if (addressing == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(addressing));
}
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
ProtectionLevel supportedRequestProtectionLevel = GetIndividualProperty <ISecurityCapabilities>().SupportedRequestProtectionLevel;
ProtectionLevel supportedResponseProtectionLevel = GetIndividualProperty <ISecurityCapabilities>().SupportedResponseProtectionLevel;
bool canSupportMoreThanTheDefault =
(ProtectionLevelHelper.IsStrongerOrEqual(supportedRequestProtectionLevel, defaultProtectionLevel) &&
ProtectionLevelHelper.IsStrongerOrEqual(supportedResponseProtectionLevel, defaultProtectionLevel));
if (canSupportMoreThanTheDefault)
{
MessagePartSpecification signedParts = new MessagePartSpecification();
MessagePartSpecification encryptedParts = new MessagePartSpecification();
if (defaultProtectionLevel != ProtectionLevel.None)
{
signedParts.IsBodyIncluded = true;
if (defaultProtectionLevel == ProtectionLevel.EncryptAndSign)
{
encryptedParts.IsBodyIncluded = true;
}
}
signedParts.MakeReadOnly();
encryptedParts.MakeReadOnly();
if (addressing.FaultAction != null)
{
// Addressing faults
result.IncomingSignatureParts.AddParts(signedParts, addressing.FaultAction);
result.OutgoingSignatureParts.AddParts(signedParts, addressing.FaultAction);
result.IncomingEncryptionParts.AddParts(encryptedParts, addressing.FaultAction);
result.OutgoingEncryptionParts.AddParts(encryptedParts, addressing.FaultAction);
}
if (addressing.DefaultFaultAction != null)
{
// Faults that do not specify a particular action
result.IncomingSignatureParts.AddParts(signedParts, addressing.DefaultFaultAction);
result.OutgoingSignatureParts.AddParts(signedParts, addressing.DefaultFaultAction);
result.IncomingEncryptionParts.AddParts(encryptedParts, addressing.DefaultFaultAction);
result.OutgoingEncryptionParts.AddParts(encryptedParts, addressing.DefaultFaultAction);
}
// Infrastructure faults
result.IncomingSignatureParts.AddParts(signedParts, FaultCodeConstants.Actions.NetDispatcher);
result.OutgoingSignatureParts.AddParts(signedParts, FaultCodeConstants.Actions.NetDispatcher);
result.IncomingEncryptionParts.AddParts(encryptedParts, FaultCodeConstants.Actions.NetDispatcher);
result.OutgoingEncryptionParts.AddParts(encryptedParts, FaultCodeConstants.Actions.NetDispatcher);
}
return(result);
}
private ChannelProtectionRequirements GetProtectionRequirements()
{
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
XmlQualifiedName name = new XmlQualifiedName(XD.UtilityDictionary.UniqueEndpointHeaderName.Value, XD.UtilityDictionary.UniqueEndpointHeaderNamespace.Value);
MessagePartSpecification parts = new MessagePartSpecification(new XmlQualifiedName[] { name });
parts.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(parts);
requirements.OutgoingSignatureParts.AddParts(parts);
return(requirements);
}
ChannelProtectionRequirements GetProtectionRequirements()
{
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
XmlQualifiedName refPropHeaderName = new XmlQualifiedName(XD.UtilityDictionary.UniqueEndpointHeaderName.Value,
XD.UtilityDictionary.UniqueEndpointHeaderNamespace.Value);
MessagePartSpecification headerParts = new MessagePartSpecification(refPropHeaderName);
headerParts.MakeReadOnly();
result.IncomingSignatureParts.AddParts(headerParts);
result.OutgoingSignatureParts.AddParts(headerParts);
return(result);
}
/// <summary>
/// Adds the requirement telling WCF to encrypt the body of RM messages
/// </summary>
private void AddProtectionRequirements(BindingParameterCollection bindingParameters)
{
logging.WCFLogger.Write(System.Diagnostics.TraceEventType.Start, "Custom header signing behavior adding protection requirements");
// Get the protection requirements for the binding
ChannelProtectionRequirements cpr = bindingParameters.Find <ChannelProtectionRequirements>();
// If there were no requirements since before, create them
if (cpr == null)
{
cpr = new ChannelProtectionRequirements();
bindingParameters.Add(cpr);
}
// Select the headers to be affected by this behavior
MessagePartSpecification headerMessagePart = new MessagePartSpecification(_headers.ToArray());
headerMessagePart.MakeReadOnly();
ChannelProtectionRequirements newCpr = new ChannelProtectionRequirements();
// Specify each header to be signed
foreach (string action in actionsToWhichThisBehaviorApplies)
{
newCpr.IncomingSignatureParts.AddParts(headerMessagePart, action);
newCpr.OutgoingSignatureParts.AddParts(headerMessagePart, action);
}
newCpr.MakeReadOnly();
cpr.Add(newCpr);
// Tracing
foreach (XmlQualifiedName name in _headers)
{
logging.WCFLogger.Write(System.Diagnostics.TraceEventType.Information, "Header '" + name + "' added for signing");
}
logging.WCFLogger.Write(System.Diagnostics.TraceEventType.Stop, "Custom header signing behavior finished adding protection requirements");
}
ChannelProtectionRequirements GetProtectionRequirements()
{
if (this.Transactions || (this.IssuedTokens != TransactionFlowOption.NotAllowed))
{
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
if (this.Transactions)
{
MessagePartSpecification p = new MessagePartSpecification(
new XmlQualifiedName(CoordinationExternalStrings.CoordinationContext, CoordinationExternal10Strings.Namespace),
new XmlQualifiedName(CoordinationExternalStrings.CoordinationContext, CoordinationExternal11Strings.Namespace),
new XmlQualifiedName(OleTxTransactionExternalStrings.OleTxTransaction, OleTxTransactionExternalStrings.Namespace));
p.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(p);
requirements.OutgoingSignatureParts.AddParts(p);
requirements.IncomingEncryptionParts.AddParts(p);
requirements.OutgoingEncryptionParts.AddParts(p);
}
if (this.IssuedTokens != TransactionFlowOption.NotAllowed)
{
MessagePartSpecification trustParts = GetIssuedTokenHeaderSpecification(SecurityStandardsManager.DefaultInstance);
trustParts.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(trustParts);
requirements.IncomingEncryptionParts.AddParts(trustParts);
requirements.OutgoingSignatureParts.AddParts(trustParts);
requirements.OutgoingEncryptionParts.AddParts(trustParts);
}
MessagePartSpecification body = new MessagePartSpecification(true);
body.MakeReadOnly();
requirements.OutgoingSignatureParts.AddParts(body, FaultCodeConstants.Actions.Transactions);
requirements.OutgoingEncryptionParts.AddParts(body, FaultCodeConstants.Actions.Transactions);
return(requirements);
}
else
{
return(null);
}
}