void ProcessSecurityAccess(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.SecurityAccessSectionName); // Check SSL Flags. if (section != null) { int sslFlags = (int)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.SslFlagsAttributeName); transportSettings.AccessSslFlags = (HttpAccessSslFlags)sslFlags; // Clear SslMapCert field, which should not contain any useful data now. transportSettings.AccessSslFlags &= ~(HttpAccessSslFlags.SslMapCert); } // Check whether IIS client certificate mapping is enabled. section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.IisClientCertMapAuthenticationName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert; } else { // Check whether Active Directory client certification mapping is enabled. section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.ClientCertMapAuthenticationName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert; } } }
void PopulateSiteProperties() { ConfigurationElement site = WebConfigurationManagerWrapper.GetSite(HostingEnvironment.SiteName); // // Build up the binding table. // IDictionary <string, List <string> > bindingList = WebConfigurationManagerWrapper.GetProtocolBindingTable(site); // Convert to string arrays foreach (KeyValuePair <string, List <string> > entry in bindingList) { this.Bindings.Add(entry.Key, entry.Value.ToArray()); entry.Value.Clear(); } // Clear the temporary buffer bindingList.Clear(); // // Build up the protocol list. // string[] protocols = WebConfigurationManagerWrapper.GetEnabledProtocols(site).Split(MetabaseSettingsIis7Constants.CommaSeparator.ToCharArray(), StringSplitOptions.RemoveEmptyEntries); foreach (string protocolValue in protocols) { string protocol = protocolValue.Trim(); protocol = protocol.ToLowerInvariant(); if (string.IsNullOrEmpty(protocol) || this.Protocols.Contains(protocol)) { // Ignore duplicates and empty protocols continue; } else if (string.Compare(protocol, Uri.UriSchemeHttp, StringComparison.OrdinalIgnoreCase) == 0 || string.Compare(protocol, Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase) == 0) { // Special casing HTTPS. If HTTP is enabled, it means that // both HTTP and HTTPS are enabled. if (this.Bindings.ContainsKey(Uri.UriSchemeHttp)) { this.Protocols.Add(Uri.UriSchemeHttp); } if (this.Bindings.ContainsKey(Uri.UriSchemeHttps)) { this.Protocols.Add(Uri.UriSchemeHttps); } } else if (this.Bindings.ContainsKey(protocol)) { // We only take the protocols that have bindings. this.Protocols.Add(protocol); } } }
void ProcessDigestAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5; } }
void ProcessWindowsAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.WindowsAuthenticationSectionName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthNTLM; List <string> providerList = WebConfigurationManagerWrapper.GetProviderList(section); if (providerList.Count != 0) { transportSettings.AuthProviders = providerList.ToArray(); } // Check the CBT configuration try { ConfigurationElement element = section.GetChildElement(MetabaseSettingsIis7Constants.ExtendedProtectionElementName); if (element != null) { ExtendedProtectionTokenChecking tokenChecking; ExtendedProtectionFlags flags; List <string> spnList; WebConfigurationManagerWrapper.ReadIisExtendedProtectionPolicy(element, out tokenChecking, out flags, out spnList); transportSettings.IisExtendedProtectionPolicy = BuildExtendedProtectionPolicy(tokenChecking, flags, spnList); } } catch (COMException e) { // hit this exception only when IIS does not support CBT // safe for us to igore this COMException so that services not using CBT still can be activated // if a service does use CBT in binding, channel listener will catch it when comparing IIS setting against WCF (on CBT) and throw exception if (DiagnosticUtility.ShouldTraceWarning) { TraceUtility.TraceEvent(TraceEventType.Warning, TraceCode.WebHostNoCBTSupport, SR.TraceCodeWebHostNoCBTSupport, this, e); } } } }
protected override IEnumerable <string> GetSiteApplicationPaths() { ConfigurationElement site = WebConfigurationManagerWrapper.GetSite(HostingEnvironment.SiteName); return(WebConfigurationManagerWrapper.GetApplicationPaths(site)); }