public void ConfigureService(System.ServiceModel.Description.ServiceDescription serviceDescription, System.ServiceModel.ServiceHostBase serviceHostBase)
{
var host = (serviceHostBase as ServiceHost);
if (host != null)
{
// Don't use this crappy binding
var address = serviceHostBase.Description.Endpoints.First().Address;
var contract = serviceHostBase.Description.Endpoints.First().Contract;
// clear existing
host.Description.Endpoints.Clear();
var binding = new WS2007HttpBinding();
binding.Security.Mode = SecurityMode.None;
MaxSetter.SetMaxes(binding);
host.AddServiceEndpoint(contract.ContractType, binding, address.Uri);
}
DisableErrorMasking.Disable(serviceHostBase);
}
public void ConfigureService(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase)
{
if (ConfigHelper.IsSecurityEnabled(serviceHostBase))
{
// Get certificate location from the cert store.
StoreLocation location = StoreLocation.LocalMachine;
CertHelper.TryGetCertLocation(ServiceCert, out location, true);
// Set certificate
serviceHostBase.Credentials.ServiceCertificate.SetCertificate(
location,
System.Security.Cryptography.X509Certificates.StoreName.My,
X509FindType.FindBySubjectName,
ServiceCert);
// Set certificate validation mode (defaults to peer trust).
serviceHostBase.Credentials.ClientCertificate.Authentication.CertificateValidationMode = ValidationMode;
if (serviceHostBase.Description.Endpoints != null)
{
bool reConfigure = false;
foreach (var endpoint in serviceHostBase.Description.Endpoints)
{
if (endpoint.Binding is WS2007HttpBinding)
{
// Setup each endpoint to use Message security.
var binding = endpoint.Binding as WS2007HttpBinding;
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.NegotiateServiceCredential = false;
MaxSetter.SetMaxes(binding);
}
if (endpoint.Binding is NetTcpBinding)
{
// Setup each endpoint to use Message security.
var binding = endpoint.Binding as NetTcpBinding;
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
MaxSetter.SetMaxes(binding);
}
if (endpoint.Binding is BasicHttpBinding)
{
reConfigure = true;
}
}
// reconfigure host
if (reConfigure && serviceHostBase.Description.Endpoints.Count() > 0)
{
var host = (serviceHostBase as ServiceHost);
if (host != null)
{
// Don't use this crappy binding
var address = serviceHostBase.Description.Endpoints.First().Address;
var contract = serviceHostBase.Description.Endpoints.First().Contract;
// clear existing
host.Description.Endpoints.Clear();
var binding = new WS2007HttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
binding.Security.Message.EstablishSecurityContext = false;
MaxSetter.SetMaxes(binding);
var endpoint = host.AddServiceEndpoint(contract.ContractType, binding, address.Uri);
}
}
DisableErrorMasking.Disable(serviceHostBase);
}
}
}
