Exemple #1
0
 private SslStreamSecurityBindingElement(
     SslStreamSecurityBindingElement other)
     : base(other)
 {
     verifier = other.verifier;
     require_client_certificate = other.require_client_certificate;
 }
 protected SslStreamSecurityBindingElement(SslStreamSecurityBindingElement elementToBeCloned)
     : base(elementToBeCloned)
 {
     this.identityVerifier         = elementToBeCloned.identityVerifier;
     this.requireClientCertificate = elementToBeCloned.requireClientCertificate;
     this.sslProtocols             = elementToBeCloned.sslProtocols;
 }
Exemple #3
0
 protected SslStreamSecurityBindingElement(SslStreamSecurityBindingElement elementToBeCloned)
     : base(elementToBeCloned)
 {
     _identityVerifier        = elementToBeCloned._identityVerifier;
     RequireClientCertificate = elementToBeCloned.RequireClientCertificate;
     _sslProtocols            = elementToBeCloned._sslProtocols;
 }
 private SslStreamSecurityUpgradeProvider(IDefaultCommunicationTimeouts timeouts, SecurityTokenManager clientSecurityTokenManager, bool requireClientCertificate, string scheme, IdentityVerifier identityVerifier, SslProtocols sslProtocols)
     : base(timeouts)
 {
     _identityVerifier           = identityVerifier;
     _scheme                     = scheme;
     _clientSecurityTokenManager = clientSecurityTokenManager;
     _requireClientCertificate   = requireClientCertificate;
     _sslProtocols               = sslProtocols;
 }
        private SslStreamSecurityBindingElement(
            SslStreamSecurityBindingElement other)
            : base(other)
        {
#if !MOBILE && !XAMMAC_4_5
            verifier = other.verifier;
#endif
            require_client_certificate = other.require_client_certificate;
        }
 private SslStreamSecurityUpgradeProvider(IDefaultCommunicationTimeouts timeouts, SecurityTokenProvider serverTokenProvider, bool requireClientCertificate, SecurityTokenAuthenticator clientCertificateAuthenticator, string scheme, IdentityVerifier identityVerifier, SslProtocols sslProtocols)
     : base(timeouts)
 {
     _serverTokenProvider            = serverTokenProvider;
     RequireClientCertificate        = requireClientCertificate;
     _clientCertificateAuthenticator = clientCertificateAuthenticator;
     IdentityVerifier = identityVerifier;
     Scheme           = scheme;
     SslProtocols     = sslProtocols;
 }
 private SslStreamSecurityUpgradeProvider(IDefaultCommunicationTimeouts timeouts, SecurityTokenProvider serverTokenProvider, bool requireClientCertificate, SecurityTokenAuthenticator clientCertificateAuthenticator, string scheme, IdentityVerifier identityVerifier, SslProtocols sslProtocols)
     : base(timeouts)
 {
     _serverTokenProvider            = serverTokenProvider;
     RequireClientCertificate        = requireClientCertificate;
     _clientCertificateAuthenticator = clientCertificateAuthenticator;
     IdentityVerifier           = identityVerifier;
     Scheme                     = scheme;
     SslProtocols               = sslProtocols;
     ClientSecurityTokenManager = null; // Used for client but there's public api which need this and the compiler complains it's never assigned
 }
 public override T GetProperty <T> (BindingContext context)
 {
     if (typeof(T) == typeof(ISecurityCapabilities))
     {
         return((T)(object)this);
     }
     if (typeof(T) == typeof(IdentityVerifier))
     {
         return((T)(object)IdentityVerifier.CreateDefault());
     }
     return(null);
 }
        protected override void OnOpened()
        {
            base.OnOpened();

            if (_identityVerifier == null)
            {
                _identityVerifier = IdentityVerifier.CreateDefault();
            }

            if (_serverCredential == null)
            {
                _serverCredential = CredentialCache.DefaultNetworkCredentials;
            }
        }
        public static SspiSecurityTokenProvider GetSspiTokenProvider(SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, out IdentityVerifier identityVerifier)
        {
            identityVerifier = null;
            if (tokenManager == null)
            {
                return(null);
            }
            SspiSecurityTokenProvider provider = tokenManager.CreateSecurityTokenProvider(CreateSspiTokenRequirement(target, via, transportScheme)) as SspiSecurityTokenProvider;

            if (provider != null)
            {
                identityVerifier = IdentityVerifier.CreateDefault();
            }
            return(provider);
        }
 public LocalClientSecuritySettings()
 {
     DetectReplays                    = SecurityProtocolFactory.defaultDetectReplays;
     ReplayCacheSize                  = SecurityProtocolFactory.defaultMaxCachedNonces;
     ReplayWindow                     = SecurityProtocolFactory.defaultReplayWindow;
     MaxClockSkew                     = SecurityProtocolFactory.defaultMaxClockSkew;
     TimestampValidityDuration        = SecurityProtocolFactory.defaultTimestampValidityDuration;
     CacheCookies                     = IssuanceTokenProviderBase <IssuanceTokenProviderState> .defaultClientCacheTokens;
     MaxCookieCachingTime             = IssuanceTokenProviderBase <IssuanceTokenProviderState> .DefaultClientMaxTokenCachingTime;
     SessionKeyRenewalInterval        = SecuritySessionClientSettings.defaultKeyRenewalInterval;
     SessionKeyRolloverInterval       = SecuritySessionClientSettings.defaultKeyRolloverInterval;
     ReconnectTransportOnFailure      = SecuritySessionClientSettings.defaultTolerateTransportFailures;
     CookieRenewalThresholdPercentage = AcceleratedTokenProvider.defaultServiceTokenValidityThresholdPercentage;
     IdentityVerifier                 = IdentityVerifier.CreateDefault();
     NonceCache = null;
 }
 public override T GetProperty <T>(BindingContext context) where T : class
 {
     if (context == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
     }
     if (typeof(T) == typeof(ISecurityCapabilities))
     {
         return((T) new SecurityCapabilities(true, true, true, this.protectionLevel, this.protectionLevel));
     }
     if (typeof(T) == typeof(IdentityVerifier))
     {
         return((T)IdentityVerifier.CreateDefault());
     }
     return(context.GetInnerProperty <T>());
 }
 private LocalClientSecuritySettings(LocalClientSecuritySettings other)
 {
     _detectReplays                    = other._detectReplays;
     _replayCacheSize                  = other._replayCacheSize;
     _replayWindow                     = other._replayWindow;
     _maxClockSkew                     = other._maxClockSkew;
     _cacheCookies                     = other._cacheCookies;
     _maxCookieCachingTime             = other._maxCookieCachingTime;
     _sessionKeyRenewalInterval        = other._sessionKeyRenewalInterval;
     _sessionKeyRolloverInterval       = other._sessionKeyRolloverInterval;
     _reconnectTransportOnFailure      = other._reconnectTransportOnFailure;
     _timestampValidityDuration        = other._timestampValidityDuration;
     _identityVerifier                 = other._identityVerifier;
     _cookieRenewalThresholdPercentage = other._cookieRenewalThresholdPercentage;
     _nonceCache = other._nonceCache;
 }
 LocalClientSecuritySettings(LocalClientSecuritySettings other)
 {
     this.detectReplays                    = other.detectReplays;
     this.replayCacheSize                  = other.replayCacheSize;
     this.replayWindow                     = other.replayWindow;
     this.maxClockSkew                     = other.maxClockSkew;
     this.cacheCookies                     = other.cacheCookies;
     this.maxCookieCachingTime             = other.maxCookieCachingTime;
     this.sessionKeyRenewalInterval        = other.sessionKeyRenewalInterval;
     this.sessionKeyRolloverInterval       = other.sessionKeyRolloverInterval;
     this.reconnectTransportOnFailure      = other.reconnectTransportOnFailure;
     this.timestampValidityDuration        = other.timestampValidityDuration;
     this.identityVerifier                 = other.identityVerifier;
     this.cookieRenewalThresholdPercentage = other.cookieRenewalThresholdPercentage;
     this.nonceCache = other.nonceCache;
 }
Exemple #15
0
        public override T GetProperty <T>(BindingContext context)
        {
            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(context));
            }

            if (typeof(T) == typeof(ISecurityCapabilities))
            {
                return((T)(object)new SecurityCapabilities(true, true, true, _protectionLevel, _protectionLevel));
            }
            else if (typeof(T) == typeof(IdentityVerifier))
            {
                return((T)(object)IdentityVerifier.CreateDefault());
            }
            else
            {
                return(context.GetInnerProperty <T>());
            }
        }
        private string GetServicePrincipalName(InitiatorServiceModelSecurityTokenRequirement initiatorRequirement)
        {
            IdentityVerifier identityVerifier;
            EndpointIdentity identity;
            EndpointAddress  targetAddress = initiatorRequirement.TargetAddress;

            if (targetAddress == null)
            {
                throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.ServiceModel.SR.GetString("TokenRequirementDoesNotSpecifyTargetAddress", new object[] { initiatorRequirement }));
            }
            SecurityBindingElement securityBindingElement = initiatorRequirement.SecurityBindingElement;

            if (securityBindingElement != null)
            {
                identityVerifier = securityBindingElement.LocalClientSettings.IdentityVerifier;
            }
            else
            {
                identityVerifier = IdentityVerifier.CreateDefault();
            }
            identityVerifier.TryGetIdentity(targetAddress, out identity);
            return(System.ServiceModel.Security.SecurityUtils.GetSpnFromIdentity(identity, targetAddress));
        }
        internal static ClientRuntime BuildProxyBehavior(ServiceEndpoint serviceEndpoint, out BindingParameterCollection parameters)
        {
            parameters = new BindingParameterCollection();
            SecurityContractInformationEndpointBehavior.ClientInstance.AddBindingParameters(serviceEndpoint, parameters);

            AddBindingParameters(serviceEndpoint, parameters);

            ContractDescription contractDescription = serviceEndpoint.Contract;
            ClientRuntime       clientRuntime       = new ClientRuntime(contractDescription.Name, contractDescription.Namespace);

            clientRuntime.ContractClientType = contractDescription.ContractType;

            IdentityVerifier identityVerifier = serviceEndpoint.Binding.GetProperty <IdentityVerifier>(parameters);

            if (identityVerifier != null)
            {
                clientRuntime.IdentityVerifier = identityVerifier;
            }

            for (int i = 0; i < contractDescription.Operations.Count; i++)
            {
                OperationDescription operation = contractDescription.Operations[i];

                if (!operation.IsServerInitiated())
                {
                    DispatcherBuilder.BuildProxyOperation(operation, clientRuntime);
                }
                else
                {
                    DispatcherBuilder.BuildDispatchOperation(operation, clientRuntime.CallbackDispatchRuntime);
                }
            }

            DispatcherBuilder.ApplyClientBehavior(serviceEndpoint, clientRuntime);
            return(clientRuntime);
        }
Exemple #18
0
        string GetServicePrincipalName(InitiatorServiceModelSecurityTokenRequirement initiatorRequirement)
        {
            EndpointAddress targetAddress = initiatorRequirement.TargetAddress;

            if (targetAddress == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.Format(SR.TokenRequirementDoesNotSpecifyTargetAddress, initiatorRequirement));
            }
            IdentityVerifier       identityVerifier;
            SecurityBindingElement securityBindingElement = initiatorRequirement.SecurityBindingElement;

            if (securityBindingElement != null)
            {
                identityVerifier = securityBindingElement.LocalClientSettings.IdentityVerifier;
            }
            else
            {
                identityVerifier = IdentityVerifier.CreateDefault();
            }
            EndpointIdentity identity;

            identityVerifier.TryGetIdentity(targetAddress, out identity);
            return(SecurityUtils.GetSpnFromIdentity(identity, targetAddress));
        }
 protected SslStreamSecurityBindingElement(SslStreamSecurityBindingElement elementToBeCloned)
     : base(elementToBeCloned)
 {
     _identityVerifier         = elementToBeCloned._identityVerifier;
     _requireClientCertificate = elementToBeCloned._requireClientCertificate;
 }
Exemple #20
0
 private void EnsureIncomingIdentity(SecurityMessageProperty property, EndpointAddress address, Message reply)
 {
     IdentityVerifier.EnsureIncomingIdentity(address, property.ServiceSecurityContext.AuthorizationContext);
 }
Exemple #21
0
 public MyIdentityVerifier()
 {
     _defaultVerifier = CreateDefault();
 }
Exemple #22
0
        static void Main()
        {
            // <Snippet2>
            // <Snippet0>
            // <Snippet1>
            LocalClientSecuritySettings settings =
                new LocalClientSecuritySettings();
            // </Snippet1>

            bool cacheCookies = settings.CacheCookies;

            // </Snippet0>
            // </Snippet2>

            // <Snippet3>
            // Set to 20 minutes.
            settings.CookieRenewalThresholdPercentage = 20;
            // </Snippet3>

            // <Snippet4>
            // Enable replay detection.
            settings.DetectReplays = true;
            // </Snippet4>

            // <Snippet5>
            IdentityVerifier id = settings.IdentityVerifier;
            // </Snippet5>

            // <Snippet6>
            TimeSpan timeSpan = settings.MaxClockSkew;
            // </Snippet6>

            // <Snippet7>
            TimeSpan maxCookieCachingTime = settings.MaxCookieCachingTime;
            // </Snippet7>

            // <Snippet8>
            bool reconnect = settings.ReconnectTransportOnFailure;
            // </Snippet8>

            // <Snippet9>
            int replayCacheSize = settings.ReplayCacheSize;
            // </Snippet9>

            // <Snippet10>
            TimeSpan replayWindow = settings.ReplayWindow;
            // </Snippet10>

            // <Snippet11>
            TimeSpan sessionKeyRenewalInterval = settings.SessionKeyRenewalInterval;
            // </Snippet11>

            // <Snippet12>
            TimeSpan rollover = settings.SessionKeyRolloverInterval;
            // </Snippet12>

            // <Snippet13>
            TimeSpan timestamp = settings.TimestampValidityDuration;
            // </Snippet13>

            // <Snippet14>
            LocalClientSecuritySettings clone =
                settings.Clone();
            // </Snippet14>
        }
Exemple #23
0
 public override bool TryGetIdentity(EndpointAddress reference, out EndpointIdentity identity)
 {
     return(IdentityVerifier.CreateDefault().TryGetIdentity(reference, out identity));
 }
Exemple #24
0
 public bool ShouldSerializeIdentityVerifier()
 {
     // IdentifyVerifier.CreateDefault() grabs the static instance of nested DefaultIdentityVerifier.
     // DefaultIdentityVerifier can't be serialized directly because it's nested.
     return(!object.ReferenceEquals(this.IdentityVerifier, IdentityVerifier.CreateDefault()));
 }
        public SslStreamSecurityBindingElement()
        {
#if !MOBILE && !XAMMAC_4_5
            verifier = IdentityVerifier.CreateDefault();
#endif
        }
Exemple #26
0
 public MyIdentityVerifier()
 {
     this.defaultVerifier = IdentityVerifier.CreateDefault();
 }
Exemple #27
0
 public SslStreamSecurityBindingElement()
 {
     verifier = IdentityVerifier.CreateDefault();
 }
 public CustomeIdentityVerifier()
 {
     this.defaultVerifier = CustomeIdentityVerifier.CreateDefault();
 }