public void ConfigureService(System.ServiceModel.Description.ServiceDescription serviceDescription, System.ServiceModel.ServiceHostBase serviceHostBase) { var host = (serviceHostBase as ServiceHost); if (host != null) { // Don't use this crappy binding var address = serviceHostBase.Description.Endpoints.First().Address; var contract = serviceHostBase.Description.Endpoints.First().Contract; // clear existing host.Description.Endpoints.Clear(); var binding = new WS2007HttpBinding(); binding.Security.Mode = SecurityMode.None; MaxSetter.SetMaxes(binding); host.AddServiceEndpoint(contract.ContractType, binding, address.Uri); } DisableErrorMasking.Disable(serviceHostBase); }
public void ConfigureService(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase) { if (ConfigHelper.IsSecurityEnabled(serviceHostBase)) { // Get certificate location from the cert store. StoreLocation location = StoreLocation.LocalMachine; CertHelper.TryGetCertLocation(ServiceCert, out location, true); // Set certificate serviceHostBase.Credentials.ServiceCertificate.SetCertificate( location, System.Security.Cryptography.X509Certificates.StoreName.My, X509FindType.FindBySubjectName, ServiceCert); // Set certificate validation mode (defaults to peer trust). serviceHostBase.Credentials.ClientCertificate.Authentication.CertificateValidationMode = ValidationMode; if (serviceHostBase.Description.Endpoints != null) { bool reConfigure = false; foreach (var endpoint in serviceHostBase.Description.Endpoints) { if (endpoint.Binding is WS2007HttpBinding) { // Setup each endpoint to use Message security. var binding = endpoint.Binding as WS2007HttpBinding; binding.Security.Mode = SecurityMode.Message; binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.NegotiateServiceCredential = false; MaxSetter.SetMaxes(binding); } if (endpoint.Binding is NetTcpBinding) { // Setup each endpoint to use Message security. var binding = endpoint.Binding as NetTcpBinding; binding.Security.Mode = SecurityMode.Message; binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; MaxSetter.SetMaxes(binding); } if (endpoint.Binding is BasicHttpBinding) { reConfigure = true; } } // reconfigure host if (reConfigure && serviceHostBase.Description.Endpoints.Count() > 0) { var host = (serviceHostBase as ServiceHost); if (host != null) { // Don't use this crappy binding var address = serviceHostBase.Description.Endpoints.First().Address; var contract = serviceHostBase.Description.Endpoints.First().Contract; // clear existing host.Description.Endpoints.Clear(); var binding = new WS2007HttpBinding(); binding.Security.Mode = SecurityMode.Message; binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; binding.Security.Message.EstablishSecurityContext = false; MaxSetter.SetMaxes(binding); var endpoint = host.AddServiceEndpoint(contract.ContractType, binding, address.Uri); } } DisableErrorMasking.Disable(serviceHostBase); } } }