public ServiceAuthorizationBehaviorAttribute(PrincipalPermissionMode principalPermissionMode, string roleProviderName = "") { switch (principalPermissionMode) { case PrincipalPermissionMode.UseWindowsGroups: { this.CallContextInitializer = new WindowsAuthorizationCallContextInitializer(); break; } case PrincipalPermissionMode.UseAspNetRoles: { if (string.IsNullOrEmpty(roleProviderName)) { this.CallContextInitializer = new AspRoleAuthorizationCallContextInitializer(Roles.Provider); } else { this.CallContextInitializer = new AspRoleAuthorizationCallContextInitializer(Roles.Providers[roleProviderName]); } break; } case PrincipalPermissionMode.Custom: { throw new ArgumentException("只有UseWindowsGroups和UseAspNetRoles模式被支持!"); } } }
public static bool IsDefined(PrincipalPermissionMode principalPermissionMode) { if (((principalPermissionMode != PrincipalPermissionMode.None) && (principalPermissionMode != PrincipalPermissionMode.UseWindowsGroups)) && (principalPermissionMode != PrincipalPermissionMode.UseAspNetRoles)) { return (principalPermissionMode == PrincipalPermissionMode.Custom); } return true; }
public static bool IsDefined(PrincipalPermissionMode principalPermissionMode) { if (((principalPermissionMode != PrincipalPermissionMode.None) && (principalPermissionMode != PrincipalPermissionMode.UseWindowsGroups)) && (principalPermissionMode != PrincipalPermissionMode.UseAspNetRoles)) { return(principalPermissionMode == PrincipalPermissionMode.Custom); } return(true); }
//AuditLevel auditLevel = ServiceSecurityAuditBehavior.defaultMessageAuthenticationAuditLevel; //AuditLogLocation auditLogLocation = ServiceSecurityAuditBehavior.defaultAuditLogLocation; //bool suppressAuditFailure = ServiceSecurityAuditBehavior.defaultSuppressAuditFailure; private SecurityImpersonationBehavior(DispatchRuntime dispatch) { _principalPermissionMode = dispatch.PrincipalPermissionMode; _impersonateCallerForAllOperations = dispatch.ImpersonateCallerForAllOperations; //this.auditLevel = dispatch.MessageAuthenticationAuditLevel; //this.auditLogLocation = dispatch.SecurityAuditLogLocation; //this.suppressAuditFailure = dispatch.SuppressAuditFailure; _ncNameMap = new Dictionary <string, string>(maxDomainNameMapSize, StringComparer.OrdinalIgnoreCase); }
public static ServiceHost CreateWcfChannel <T>( object singletonInstance, Binding binding, string address, string thumbPrint = null, ServiceAuthorizationManager authorizationManager = null, PrincipalPermissionMode permissionMode = PrincipalPermissionMode.UseWindowsGroups, ServiceThrottlingBehavior throttlingBehavior = null) { return(CreateWcfChannel <T>(singletonInstance, binding, new Uri(address), thumbPrint, authorizationManager, permissionMode, throttlingBehavior)); }
private SecurityImpersonationBehavior(DispatchRuntime dispatch) { this.principalPermissionMode = dispatch.PrincipalPermissionMode; this.impersonateCallerForAllOperations = dispatch.ImpersonateCallerForAllOperations; this.auditLevel = dispatch.MessageAuthenticationAuditLevel; this.auditLogLocation = dispatch.SecurityAuditLogLocation; this.suppressAuditFailure = dispatch.SuppressAuditFailure; if (dispatch.IsRoleProviderSet) { this.ApplyRoleProvider(dispatch); } this.domainNameMap = new Dictionary<string, string>(5, StringComparer.OrdinalIgnoreCase); }
private SecurityImpersonationBehavior(DispatchRuntime dispatch) { this.principalPermissionMode = dispatch.PrincipalPermissionMode; this.impersonateCallerForAllOperations = dispatch.ImpersonateCallerForAllOperations; this.auditLevel = dispatch.MessageAuthenticationAuditLevel; this.auditLogLocation = dispatch.SecurityAuditLogLocation; this.suppressAuditFailure = dispatch.SuppressAuditFailure; if (dispatch.IsRoleProviderSet) { this.ApplyRoleProvider(dispatch); } this.domainNameMap = new Dictionary <string, string>(5, StringComparer.OrdinalIgnoreCase); }
private ServiceAuthorizationBehavior(ServiceAuthorizationBehavior other) { _impersonateCallerForAllOperations = other._impersonateCallerForAllOperations; _impersonateOnSerializingReply = other._impersonateOnSerializingReply; _principalPermissionMode = other._principalPermissionMode; _isExternalPoliciesSet = other._isExternalPoliciesSet; _isAuthorizationManagerSet = other._isAuthorizationManagerSet; if (other._isExternalPoliciesSet || other._isAuthorizationManagerSet) { CopyAuthorizationPoliciesAndManager(other); } _isReadOnly = other._isReadOnly; }
ServiceAuthorizationBehavior(ServiceAuthorizationBehavior other) { this.impersonateCallerForAllOperations = other.impersonateCallerForAllOperations; this.impersonateOnSerializingReply = other.impersonateOnSerializingReply; this.principalPermissionMode = other.principalPermissionMode; this.roleProvider = other.roleProvider; this.isExternalPoliciesSet = other.isExternalPoliciesSet; this.isAuthorizationManagerSet = other.isAuthorizationManagerSet; if (other.isExternalPoliciesSet || other.isAuthorizationManagerSet) { CopyAuthorizationPoliciesAndManager(other); } this.isReadOnly = other.isReadOnly; }
public static async Task <ServiceHost> SetupWcfChannelAsync <T>( object singletonInstance, Binding binding, ServiceAuthorizationManager authorizationManager, PrincipalPermissionMode permissionMode, ServiceThrottlingBehavior throttlingBehavior, string address) { Trace.TraceInformation("[WcfHost] Start WCF endpoint on {0}", address); var host = CreateWcfChannel <T>(singletonInstance, binding, address, null, authorizationManager, permissionMode, throttlingBehavior); await Task.Factory.FromAsync(host.BeginOpen(null, null), host.EndOpen).ConfigureAwait(false); Trace.TraceInformation("[WcfHost] End to setup WCF channel"); return(host); }
DispatchRuntime(SharedRuntimeState shared) { this.shared = shared; operations = new OperationCollection(this); inputSessionShutdownHandlers = NewBehaviorCollection <IInputSessionShutdown>(); MessageInspectors = NewBehaviorCollection <IDispatchMessageInspector>(); instanceContextInitializers = NewBehaviorCollection <IInstanceContextInitializer>(); synchronizationContext = ThreadBehavior.GetCurrentSynchronizationContext(); automaticInputSessionShutdown = true; principalPermissionMode = ServiceAuthorizationBehavior.DefaultPrincipalPermissionMode; unhandled = new DispatchOperation(this, "*", MessageHeaders.WildcardAction, MessageHeaders.WildcardAction); unhandled.InternalFormatter = MessageOperationFormatter.Instance; unhandled.InternalInvoker = new UnhandledActionInvoker(this); }
DispatchRuntime(SharedRuntimeState shared) { this.shared = shared; this.operations = new OperationCollection(this); this.inputSessionShutdownHandlers = this.NewBehaviorCollection <IInputSessionShutdown>(); this.messageInspectors = this.NewBehaviorCollection <IDispatchMessageInspector>(); this.instanceContextInitializers = this.NewBehaviorCollection <IInstanceContextInitializer>(); this.synchronizationContext = ThreadBehavior.GetCurrentSynchronizationContext(); this.automaticInputSessionShutdown = true; this.principalPermissionMode = ServiceAuthorizationBehavior.DefaultPrincipalPermissionMode; this.securityAuditLogLocation = ServiceSecurityAuditBehavior.defaultAuditLogLocation; this.suppressAuditFailure = ServiceSecurityAuditBehavior.defaultSuppressAuditFailure; this.serviceAuthorizationAuditLevel = ServiceSecurityAuditBehavior.defaultServiceAuthorizationAuditLevel; this.messageAuthenticationAuditLevel = ServiceSecurityAuditBehavior.defaultMessageAuthenticationAuditLevel; this.unhandled = new DispatchOperation(this, "*", MessageHeaders.WildcardAction, MessageHeaders.WildcardAction); this.unhandled.InternalFormatter = MessageOperationFormatter.Instance; this.unhandled.InternalInvoker = new UnhandledActionInvoker(this); }
public static ServiceHost CreateWcfChannel <T>( object singletonInstance, Binding binding, Uri address, string thumbPrint = null, ServiceAuthorizationManager authorizationManager = null, PrincipalPermissionMode permissionMode = PrincipalPermissionMode.UseWindowsGroups, ServiceThrottlingBehavior throttlingBehavior = null) { var host = new ServiceHost(singletonInstance); if (authorizationManager != null) { host.Authorization.ServiceAuthorizationManager = authorizationManager; } if (throttlingBehavior != null) { host.Description.Behaviors.Add(throttlingBehavior); } var myServiceBehavior = host.Description.Behaviors.Find <ServiceAuthorizationBehavior>(); myServiceBehavior.PrincipalPermissionMode = permissionMode; host.AddServiceEndpoint(typeof(T), binding, address); host.OpenTimeout = ServiceHostOpenTimeout; host.CloseTimeout = ServiceHostCloseTimeout; if (!string.IsNullOrEmpty(thumbPrint)) { host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerOrChainTrust; host.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, thumbPrint); } return(host); }
public PrincipalPermissionModeAuthorization(PrincipalPermissionMode principalPermissionMode) { m_PrincipalPermissionMode = principalPermissionMode; }
public ServiceAuthorizationBehavior() { this.impersonateCallerForAllOperations = DefaultImpersonateCallerForAllOperations; this.impersonateOnSerializingReply = DefaultImpersonateOnSerializingReply; this.principalPermissionMode = DefaultPrincipalPermissionMode; }
public static bool IsDefined(PrincipalPermissionMode principalPermissionMode) { return(Enum.IsDefined(typeof(PrincipalPermissionMode), principalPermissionMode)); }
public static bool IsDefined(PrincipalPermissionMode principalPermissionMode) { return Enum.IsDefined( typeof( PrincipalPermissionMode ), principalPermissionMode ); }
public StartUpPermissionBase(PrincipalPermissionMode modeToTest, bool isImmpersonation = false) { this.principalMode = modeToTest; this.isImpersonate = isImmpersonation; }