Esempio n. 1
0
        internal static AuthenticationSchemes GetEffectiveAuthenticationSchemes(AuthenticationSchemes currentAuthenticationSchemes,
                                                                                BindingParameterCollection bindingParameters)
        {
            if (bindingParameters == null)
            {
                return(currentAuthenticationSchemes);
            }

            AuthenticationSchemes hostSupportedAuthenticationSchemes;

            if (!AuthenticationSchemesBindingParameter.TryExtract(bindingParameters, out hostSupportedAuthenticationSchemes))
            {
                return(currentAuthenticationSchemes);
            }

            if (currentAuthenticationSchemes == AuthenticationSchemes.None ||
                (AspNetEnvironment.Current.IsMetadataListener(bindingParameters) &&
                 currentAuthenticationSchemes == AuthenticationSchemes.Anonymous &&
                 hostSupportedAuthenticationSchemes.IsNotSet(AuthenticationSchemes.Anonymous)))
            {
                //Inherit authentication schemes from host.
                //This logic of inheriting from the host for anonymous MEX endpoints was previously implemented in HostedAspNetEnvironment.ValidateHttpSettings.
                //We moved it here to maintain the pre-multi-auth behavior. (see CSDMain 183553)

                if (!hostSupportedAuthenticationSchemes.IsSingleton() &&
                    hostSupportedAuthenticationSchemes.IsSet(AuthenticationSchemes.Anonymous) &&
                    AspNetEnvironment.Current.AspNetCompatibilityEnabled &&
                    AspNetEnvironment.Current.IsSimpleApplicationHost &&
                    AspNetEnvironment.Current.IsWindowsAuthenticationConfigured())
                {
                    // Remove Anonymous if ASP.Net authentication mode is Windows (Asp.Net would not allow anonymous requests in this case anyway)
                    hostSupportedAuthenticationSchemes ^= AuthenticationSchemes.Anonymous;
                }

                return(hostSupportedAuthenticationSchemes);
            }
            else
            {
                //build intersection between AuthenticationSchemes supported on the HttpTransportbidningELement and ServiceHost/IIS
                return(currentAuthenticationSchemes & hostSupportedAuthenticationSchemes);
            }
        }
Esempio n. 2
0
        protected void UpdateAuthenticationSchemes(BindingContext context)
        {
            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }
            AuthenticationSchemes effectiveAutheSchemes = HttpTransportBindingElement.GetEffectiveAuthenticationSchemes(this.AuthenticationScheme,
                                                                                                                        context.BindingParameters);

            if (effectiveAutheSchemes == AuthenticationSchemes.None)
            {
#pragma warning suppress 56506 // Microsoft, context.Binding will never be null.
                string bindingName = context.Binding.Name;

                if (this.AuthenticationScheme == AuthenticationSchemes.None)
                {
                    //can't inherit from host because none were configured.
                    //We are throwing a "NotSupportedException" to be consistent with the type of exception that was thrown in this scenario,
                    //before the multi-auth feature, in HostedAspNetEnvironment.ValidateHttpSettings.
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                              new NotSupportedException(SR.GetString(SR.AuthenticationSchemesCannotBeInheritedFromHost, bindingName)));
                }
                else
                {
                    //settings configured on the host and binding conflict.
                    AuthenticationSchemes hostSchemes;
                    if (!AuthenticationSchemesBindingParameter.TryExtract(context.BindingParameters, out hostSchemes))
                    {
                        //The host/binding settings can only conflict if host has settings specified, so we should never
                        //hit this line of code
                        DiagnosticUtility.DebugAssert("Failed to find AuthenticationSchemesBindingParameter");
                    }

                    //We are throwing a "NotSupportedException" to be consistent with the type of exception that was thrown in this scenario,
                    //before the multi-auth feature, in HostedAspNetEnvironment.ValidateHttpSettings.
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                              new NotSupportedException(SR.GetString(SR.AuthenticationSchemes_BindingAndHostConflict, hostSchemes, bindingName, this.AuthenticationScheme)));
                }
            }
            this.AuthenticationScheme = effectiveAutheSchemes;
        }