Esempio n. 1
0
    // Asking for PeerTrust alone should throw SecurityNegotiationException
    // if the certificate is not in the TrustedPeople store.  For this test
    // we use a valid chain-trusted certificate that we know is not in the
    // TrustedPeople store.

    public static void Https_SecModeTrans_CertValMode_PeerTrust_Fails_Not_In_TrustedPeople()
    {
        EndpointAddress endpointAddress               = null;
        string          testString                    = "Hello";
        ChannelFactory <IWcfService> factory          = null;
        IWcfService            serviceProxy           = null;
        CommunicationException communicationException = null;

        try
        {
            // *** SETUP *** \\
            BasicHttpsBinding binding = new BasicHttpsBinding(BasicHttpsSecurityMode.Transport);
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
            endpointAddress = new EndpointAddress(new Uri(
                                                      Endpoints.Https_SecModeTrans_ClientCredTypeNone_ServerCertValModeChainTrust_Address));

            factory = new ChannelFactory <IWcfService>(binding, endpointAddress);
            factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication();
            factory.Credentials.ServiceCertificate.SslCertificateAuthentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;

            serviceProxy = factory.CreateChannel();

            // *** EXECUTE *** \\
            try
            {
                serviceProxy.Echo(testString);
            }
            catch (CommunicationException ce)
            {
                communicationException = ce;
            }

            // *** VALIDATE *** \\
            Assert.True(communicationException != null, "Expected CommunicationException but no exception was thrown.");
            Assert.True(communicationException.GetType().Name == "SecurityNegotiationException",
                        String.Format("Expected SecurityNegotiationException but received {0}",
                                      communicationException.ToString()));

            // *** CLEANUP *** \\
            ((ICommunicationObject)serviceProxy).Close();
            factory.Close();
        }
        finally
        {
            // *** ENSURE CLEANUP *** \\
            ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory);
        }
    }
Esempio n. 2
0
    // Asking for PeerTrust alone should throw SecurityNegotiationException
    // if the certificate is not in the TrustedPeople store.  For this test
    // we use a valid chain-trusted certificate that we know is not in the
    // TrustedPeople store.
    public static void NetTcp_SecModeTrans_CertValMode_PeerTrust_Fails_Not_In_TrustedPeople()
    {
        EndpointAddress endpointAddress               = null;
        string          testString                    = "Hello";
        ChannelFactory <IWcfService> factory          = null;
        IWcfService            serviceProxy           = null;
        CommunicationException communicationException = null;

        try
        {
            // *** SETUP *** \\
            NetTcpBinding binding = new NetTcpBinding(SecurityMode.Transport);
            binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.None;

            endpointAddress = new EndpointAddress(new Uri(
                                                      Endpoints.Tcp_CustomBinding_SslStreamSecurity_Address));

            factory = new ChannelFactory <IWcfService>(binding, endpointAddress);
            factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;

            serviceProxy = factory.CreateChannel();

            // *** EXECUTE *** \\
            try
            {
                serviceProxy.Echo(testString);
            }
            catch (CommunicationException ce)
            {
                communicationException = ce;
            }

            // *** VALIDATE *** \\
            Assert.True(communicationException != null, "Expected CommunicationException but no exception was thrown.");
            Assert.True(communicationException.GetType().Name == "SecurityNegotiationException",
                        String.Format("Expected SecurityNegotiationException but received {0}",
                                      communicationException.ToString()));

            // *** CLEANUP *** \\
            // objects are in faulted state and will throw, so only use finally style cleanup
        }
        finally
        {
            // *** ENSURE CLEANUP *** \\
            ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory);
        }
    }
Esempio n. 3
0
 protected void OnMessageException(Microsoft.Transactions.Wsat.Messaging.RequestAsyncResult result, Message message, CommunicationException exception, Fault fault)
 {
     DebugTrace.Trace(TraceLevel.Warning, "{0} - {1} reading request with action {2}: {3}", base.GetType().Name, exception.GetType().Name, message.Headers.Action, exception.Message);
     this.SendFaultReply(result, fault);
     DebugTrace.Trace(TraceLevel.Warning, "Replied with {0} fault", fault.Code.Name);
 }
Esempio n. 4
0
    // Asking for PeerTrust alone should throw SecurityNegotiationException
    // if the certificate is not in the TrustedPeople store.  For this test
    // we use a valid chain-trusted certificate that we know is not in the
    // TrustedPeople store.
    public static void NetTcp_SecModeTrans_CertValMode_PeerTrust_Fails_Not_In_TrustedPeople()
    {
#if FULLXUNIT_NOTSUPPORTED
        bool root_Certificate_Installed   = Root_Certificate_Installed();
        bool client_Certificate_Installed = Client_Certificate_Installed();
        bool peer_Certificate_Installed   = Peer_Certificate_Installed();
        bool ssl_Available = SSL_Available();

        if (!root_Certificate_Installed ||
            !client_Certificate_Installed ||
            !peer_Certificate_Installed ||
            !ssl_Available)
        {
            Console.WriteLine("---- Test SKIPPED --------------");
            Console.WriteLine("Attempting to run the test in ToF, a ConditionalFact evaluated as FALSE.");
            Console.WriteLine("Root_Certificate_Installed evaluated as {0}", root_Certificate_Installed);
            Console.WriteLine("Client_Certificate_Installed evaluated as {0}", client_Certificate_Installed);
            Console.WriteLine("Peer_Certificate_Installed evaluated as {0}", peer_Certificate_Installed);
            Console.WriteLine("SSL_Available evaluated as {0}", ssl_Available);
            return;
        }
#endif
        EndpointAddress endpointAddress               = null;
        string          testString                    = "Hello";
        ChannelFactory <IWcfService> factory          = null;
        IWcfService            serviceProxy           = null;
        CommunicationException communicationException = null;

        try
        {
            // *** SETUP *** \\
            NetTcpBinding binding = new NetTcpBinding(SecurityMode.Transport);
            binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.None;

            endpointAddress = new EndpointAddress(new Uri(
                                                      Endpoints.Tcp_CustomBinding_SslStreamSecurity_Address));

            factory = new ChannelFactory <IWcfService>(binding, endpointAddress);
            factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;

            serviceProxy = factory.CreateChannel();

            // *** EXECUTE *** \\
            try
            {
                serviceProxy.Echo(testString);
            }
            catch (CommunicationException ce)
            {
                communicationException = ce;
            }

            // *** VALIDATE *** \\
            Assert.True(communicationException != null, "Expected CommunicationException but no exception was thrown.");
            Assert.True(communicationException.GetType().Name == "SecurityNegotiationException",
                        String.Format("Expected SecurityNegotiationException but received {0}",
                                      communicationException.ToString()));

            // *** CLEANUP *** \\
            // objects are in faulted state and will throw, so only use finally style cleanup
        }
        finally
        {
            // *** ENSURE CLEANUP *** \\
            ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory);
        }
    }
        protected void OnMessageException(Message message, CommunicationException exception)
        {
            DebugTrace.Trace(TraceLevel.Warning, "{0} - {1} reading datagram with action {2}: {3}", base.GetType().Name, exception.GetType().Name, message.Headers.Action, exception.Message);
            EndpointAddress faultToHeader = Library.GetFaultToHeader(message.Headers, this.protocolVersion);

            if (faultToHeader == null)
            {
                DebugTrace.Trace(TraceLevel.Warning, "Ignoring invalid datagram - a fault-to header could not be obtained");
            }
            else
            {
                DatagramProxy proxy = null;
                try
                {
                    proxy = this.CreateFaultProxy(faultToHeader);
                }
                catch (CreateChannelFailureException exception2)
                {
                    Microsoft.Transactions.Bridge.DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Warning);
                    DebugTrace.Trace(TraceLevel.Warning, "Ignoring invalid datagram: {0}", exception2.Message);
                }
                if (proxy != null)
                {
                    try
                    {
                        IAsyncResult ar = proxy.BeginSendFault(message.Headers.MessageId, Faults.Version(this.protocolVersion).InvalidParameters, null, null);
                        proxy.EndSendMessage(ar);
                        if (DebugTrace.Warning)
                        {
                            DebugTrace.Trace(TraceLevel.Warning, "Sent InvalidParameters fault to {0}", proxy.To.Uri);
                        }
                    }
                    catch (WsatSendFailureException exception3)
                    {
                        Microsoft.Transactions.Bridge.DiagnosticUtility.ExceptionUtility.TraceHandledException(exception3, TraceEventType.Warning);
                        if (DebugTrace.Warning)
                        {
                            DebugTrace.Trace(TraceLevel.Warning, "{0} sending InvalidParameters fault to {1}: {2}", exception3.GetType().Name, proxy.To.Uri, exception3.Message);
                        }
                    }
                    finally
                    {
                        proxy.Release();
                    }
                }
            }
        }