public void Contains_Found() { var collection = new ServiceNameCollection(new[] { "first", "second" }); Assert.True(collection.Contains("first")); Assert.True(collection.Contains("second")); }
public void Contains_NotFound() { var collection = new ServiceNameCollection(new[] { "first", "second" }); Assert.False(collection.Contains(null)); Assert.False(collection.Contains(string.Empty)); Assert.False(collection.Contains("third")); }
public void Contains_Found() { var collection = new ServiceNameCollection(new[] { "first", "second", "localhost:3000/test", "www.test.com" }); Assert.True(collection.Contains("first")); Assert.True(collection.Contains("second")); Assert.True(collection.Contains("localhost:3000/test")); Assert.True(collection.Contains("www.test.com")); }
// Assumes already normalized private bool Contains(string newServiceName) { if (newServiceName == null) { return(false); } return(ServiceNameCollection.Contains(newServiceName, serviceNames)); }
public void Contains_NotFound() { var collection = new ServiceNameCollection(new[] { "first", "second" }); Assert.False(collection.Contains(null)); Assert.False(collection.Contains(string.Empty)); Assert.False(collection.Contains("third")); }
public void Contains_Found() { var collection = new ServiceNameCollection(new[] { "first", "second" }); Assert.True(collection.Contains("first")); Assert.True(collection.Contains("second")); }
/// <summary> /// ServiceBinding check has the following logic: /// 1. Check PolicyEnforcement - never => return true; /// 1. Check status returned from SecurityContext which is obtained when querying for the serviceBinding /// 2. Check PolicyEnforcement /// a. WhenSupported - valid when OS does not support, null serviceBinding is valid /// b. Always - a non-empty servicebinding must be available /// 3. if serviceBinding is non null, check that an expected value is in the ServiceNameCollection - ignoring case /// note that the empty string must be explicitly specified in the serviceNames. /// </summary> /// <param name="securityContext to ">status Code returned when obtaining serviceBinding from SecurityContext</param> /// <returns>If servicebinding is valid</returns> public void CheckServiceBinding(SafeDeleteContext securityContext, string defaultServiceBinding) { if (_policyEnforcement == PolicyEnforcement.Never) { return; } string serviceBinding = null; int statusCode = SspiWrapper.QuerySpecifiedTarget(securityContext, out serviceBinding); if (statusCode != (int)SecurityStatus.OK) { // only two acceptable non-zero values // client OS not patched: stausCode == TargetUnknown // service OS not patched: statusCode == Unsupported if (statusCode != (int)SecurityStatus.TargetUnknown && statusCode != (int)SecurityStatus.Unsupported) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationNoServiceBinding))); } // if policyEnforcement is Always we needed to see a TargetName (SPN) if (_policyEnforcement == PolicyEnforcement.Always) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationNoServiceBinding))); } // in this case we accept because either the client or service is not patched. if (_policyEnforcement == PolicyEnforcement.WhenSupported) { return; } // guard against futures, force failure and fix as necessary throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationNoServiceBinding))); } switch (_policyEnforcement) { case PolicyEnforcement.WhenSupported: // serviceBinding == null => client is not patched if (serviceBinding == null) { return; } break; case PolicyEnforcement.Always: // serviceBinding == null => client is not patched // serviceBinding == "" => SB was not specified if (string.IsNullOrEmpty(serviceBinding)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, string.Empty))); } break; } // iff no values were 'user' set, then check the defaultServiceBinding if (_serviceNameCollection == null || _serviceNameCollection.Count < 1) { if (defaultServiceBinding == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, string.Empty))); } if (string.Compare(defaultServiceBinding, serviceBinding, StringComparison.OrdinalIgnoreCase) == 0) { return; } if (string.IsNullOrEmpty(serviceBinding)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, string.Empty))); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, serviceBinding))); } } if (_serviceNameCollection != null) { if (_serviceNameCollection.Contains(serviceBinding)) { return; } } if (string.IsNullOrEmpty(serviceBinding)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, string.Empty))); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.InvalidServiceBindingInSspiNegotiationServiceBindingNotMatched, serviceBinding))); } }