private void CheckSettings()
{
#if FEATURE_NETNATIVE // In .NET Native, some settings for the binding security are not supported; this check is not necessary for CoreCLR
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
#endif // FEATURE_NETNATIVE
}
NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Fx.Assert(SecurityModeHelper.IsDefined(mode), string.Format("Invalid SecurityMode value: {0}.", mode.ToString()));
this.mode = mode;
this.transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Fx.Assert(SecurityModeHelper.IsDefined(mode), string.Format("Invalid SecurityMode value: {0}.", mode.ToString()));
this.mode = mode;
this.transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
public static void ClientCredentialType_Property_Values_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
msot.ClientCredentialType = credentialType;
MessageCredentialType actual = msot.ClientCredentialType;
Assert.True(actual == credentialType,
string.Format("ClientCredentialType returned '{0}' but expected '{1}'", credentialType, actual));
}
public static void ClientCredentialType_Property_Values_Not_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.Throws<PlatformNotSupportedException>(() =>
{
msot.ClientCredentialType = credentialType;
});
}
public static void Ctor_Default_Properties_Not_Supported()
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.Throws <PlatformNotSupportedException>(() =>
{
MessageCredentialType unused = msot.ClientCredentialType;
});
}
internal void ApplyConfiguration(MessageSecurityOverTcp security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
security.ClientCredentialType = this.ClientCredentialType;
if (PropertyValueOrigin.Default != this.ElementInformation.Properties[ConfigurationStrings.AlgorithmSuite].ValueOrigin)
{
security.AlgorithmSuite = this.AlgorithmSuite;
}
}
internal void InitializeFrom(MessageSecurityOverTcp security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ClientCredentialType, security.ClientCredentialType);
if (security.WasAlgorithmSuiteSet)
{
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.AlgorithmSuite, security.AlgorithmSuite);
}
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Contract.Assert(SecurityModeHelper.IsDefined(mode),
string.Format("Invalid SecurityMode value: {0} = {1} (default is {2} = {3}).",
(int)mode,
mode.ToString(),
(int)SecurityMode.Transport,
SecurityMode.Transport.ToString()));
_mode = mode;
_transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
_messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
Contract.Assert(SecurityModeHelper.IsDefined(mode),
string.Format("Invalid SecurityMode value: {0} = {1} (default is {2} = {3}).",
(int)mode,
mode.ToString(),
(int)SecurityMode.Transport,
SecurityMode.Transport.ToString()));
_mode = mode;
_transportSecurity = transportSecurity == null ? new TcpTransportSecurity() : transportSecurity;
_messageSecurity = messageSecurity == null ? new MessageSecurityOverTcp() : messageSecurity;
}
// In the Win8 profile, some settings for the binding security are not supported.
void CheckSettings()
{
if (!UnsafeNativeMethods.IsTailoredApplication.Value)
{
return;
}
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
// Transport.ClientCredentialType = Certificate is not supported.
Fx.Assert((mode == SecurityMode.Transport) || (mode == SecurityMode.TransportWithMessageCredential), "Unexpected SecurityMode value: " + mode);
TcpTransportSecurity transport = security.Transport;
if ((transport != null) && (transport.ClientCredentialType == TcpClientCredentialType.Certificate))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Transport.ClientCredentialType", transport.ClientCredentialType)));
}
}
internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
{
security = null;
MessageSecurityOverTcp messageSecurity = null;
if (mode == SecurityMode.Message)
{
if (!MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, null, out messageSecurity))
{
return(false);
}
}
else if ((mode == SecurityMode.TransportWithMessageCredential) && !MessageSecurityOverTcp.TryCreate(wsSecurity, isReliableSessionEnabled, transportSecurity, out messageSecurity))
{
return(false);
}
security = new NetTcpSecurity(mode, tcpTransportSecurity, messageSecurity);
return(SecurityElementBase.AreBindingsMatching(security.CreateMessageSecurity(isReliableSessionEnabled), wsSecurity, false));
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
throw new NotImplementedException();
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
this.mode = mode;
this.transportSecurity = (transportSecurity == null) ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new MessageSecurityOverTcp() : messageSecurity;
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
messageSecurity = null;
if (sbe == null)
{
return(false);
}
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
if (!sbe.IncludeTimestamp)
{
return(false);
}
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11 &&
sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
{
return(false);
}
if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout)
{
return(false);
}
MessageCredentialType clientCredentialType;
SecurityBindingElement bootstrapSecurity;
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity))
{
return(false);
}
bool isSecureTransportMode = bootstrapSecurity is TransportSecurityBindingElement;
IssuedSecurityTokenParameters infocardParameters;
if (isSecureTransportMode)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity))
{
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity))
{
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true))
{
clientCredentialType = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
{
return(false);
}
clientCredentialType = MessageCredentialType.IssuedToken;
}
else
{
// the standard binding does not support None client credential type in mixed mode
return(false);
}
}
else
{
if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true))
{
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true))
{
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true))
{
clientCredentialType = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
{
return(false);
}
clientCredentialType = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true))
{
clientCredentialType = MessageCredentialType.None;
}
else
{
return(false);
}
}
messageSecurity = new MessageSecurityOverTcp();
messageSecurity.ClientCredentialType = clientCredentialType;
// set the algorithm suite and issued token params if required
if (clientCredentialType != MessageCredentialType.IssuedToken)
{
messageSecurity.AlgorithmSuite = bootstrapSecurity.DefaultAlgorithmSuite;
}
return(true);
}
public static void Ctor_Default_Properties()
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.True(msot != null, "MessageSecurityOverTcp default ctor failed");
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
MessageCredentialType userName;
SecurityBindingElement element;
IssuedSecurityTokenParameters parameters;
messageSecurity = null;
if (sbe == null)
{
return false;
}
if (!sbe.IncludeTimestamp)
{
return false;
}
if ((sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11) && (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10))
{
return false;
}
if (sbe.SecurityHeaderLayout != SecurityHeaderLayout.Strict)
{
return false;
}
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out element))
{
return false;
}
if (element is TransportSecurityBindingElement)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(element))
{
userName = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsCertificateOverTransportBinding(element))
{
userName = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(element, true))
{
userName = MessageCredentialType.Windows;
}
else
{
if (!SecurityBindingElement.IsIssuedTokenOverTransportBinding(element, out parameters))
{
return false;
}
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(parameters, new SecurityStandardsManager(element.MessageSecurityVersion, new WSSecurityTokenSerializer(element.MessageSecurityVersion.SecurityVersion, element.MessageSecurityVersion.TrustVersion, element.MessageSecurityVersion.SecureConversationVersion, true, null, null, null))))
{
return false;
}
userName = MessageCredentialType.IssuedToken;
}
}
else if (SecurityBindingElement.IsUserNameForSslBinding(element, true))
{
userName = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(element, true, true))
{
userName = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationBinding(element, true))
{
userName = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(element, true, out parameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(parameters, new SecurityStandardsManager(element.MessageSecurityVersion, new WSSecurityTokenSerializer(element.MessageSecurityVersion.SecurityVersion, element.MessageSecurityVersion.TrustVersion, element.MessageSecurityVersion.SecureConversationVersion, true, null, null, null))))
{
return false;
}
userName = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(element, false, true))
{
userName = MessageCredentialType.None;
}
else
{
return false;
}
messageSecurity = new MessageSecurityOverTcp();
messageSecurity.ClientCredentialType = userName;
if (userName != MessageCredentialType.IssuedToken)
{
messageSecurity.AlgorithmSuite = element.DefaultAlgorithmSuite;
}
return true;
}
private NetTcpSecurity(SecurityMode mode, TcpTransportSecurity transportSecurity, MessageSecurityOverTcp messageSecurity)
{
this.mode = mode;
this.transportSecurity = (transportSecurity == null) ? new TcpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new MessageSecurityOverTcp() : messageSecurity;
}
public static List<NetTcpBinding> GetNetTcpBindings(string exeConfigPath)
{
var svcSection = Read.Config.ExeConfig.GetServiceModelSection(exeConfigPath);
var defaultTimeout = new TimeSpan(0, 0, 60);
var configs = new List<NetTcpBinding>();
foreach (
var section in
svcSection.Bindings.NetTcpBinding.ConfiguredBindings
.Cast<NetTcpBindingElement>())
{
var dfltb = new NetTcpBinding();
var binding = new NetTcpBinding
{
Name = section.Name,
CloseTimeout = section.CloseTimeout != TimeSpan.Zero ? section.CloseTimeout : defaultTimeout,
OpenTimeout = section.OpenTimeout != TimeSpan.Zero ? section.OpenTimeout : defaultTimeout,
SendTimeout = section.SendTimeout != TimeSpan.Zero ? section.SendTimeout : defaultTimeout,
ReceiveTimeout =
section.ReceiveTimeout != TimeSpan.Zero ? section.ReceiveTimeout : defaultTimeout,
MaxReceivedMessageSize =
section.MaxReceivedMessageSize > 0
? section.MaxReceivedMessageSize
: dfltb.MaxReceivedMessageSize,
MaxBufferPoolSize =
section.MaxBufferPoolSize > 0 ? section.MaxBufferPoolSize : dfltb.MaxBufferPoolSize,
MaxConnections = section.MaxConnections > 0 ? section.MaxConnections : dfltb.MaxConnections,
ListenBacklog = section.ListenBacklog > 0 ? section.ListenBacklog : dfltb.ListenBacklog,
PortSharingEnabled = section.PortSharingEnabled,
TransactionFlow = section.TransactionFlow,
TransferMode = section.TransferMode,
HostNameComparisonMode = section.HostNameComparisonMode
};
var readerQuotasSection = section.ReaderQuotas;
var readerQuotas = new System.Xml.XmlDictionaryReaderQuotas();
if (readerQuotasSection != null && readerQuotasSection.MaxDepth > 0)
{
readerQuotas.MaxDepth = readerQuotasSection.MaxDepth;
readerQuotas.MaxStringContentLength = readerQuotasSection.MaxStringContentLength;
readerQuotas.MaxArrayLength = readerQuotasSection.MaxArrayLength;
readerQuotas.MaxBytesPerRead = readerQuotasSection.MaxBytesPerRead;
readerQuotas.MaxNameTableCharCount = readerQuotasSection.MaxNameTableCharCount;
}
else
{
readerQuotas = null;
}
var netTcpSecurity = new NetTcpSecurity() { Mode = section.Security.Mode };
var tcpTransportSecurity = new TcpTransportSecurity();
var msgSecurityOverTcp = new MessageSecurityOverTcp
{
ClientCredentialType = section.Security.Message.ClientCredentialType,
AlgorithmSuite = section.Security.Message.AlgorithmSuite
};
netTcpSecurity.Message = msgSecurityOverTcp;
netTcpSecurity.Transport = tcpTransportSecurity;
binding.Security = netTcpSecurity;
if (readerQuotas != null)
{
binding.ReaderQuotas = readerQuotas;
}
binding.ReliableSession = new OptionalReliableSession
{
Enabled = section.ReliableSession.Enabled,
InactivityTimeout = section.ReliableSession.InactivityTimeout,
Ordered = section.ReliableSession.Ordered
};
configs.Add(binding);
}
return configs;
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
messageSecurity = null;
if (sbe == null)
return false;
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
if (!sbe.IncludeTimestamp)
return false;
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11
&& sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
{
return false;
}
if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout)
return false;
MessageCredentialType clientCredentialType;
SecurityBindingElement bootstrapSecurity;
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity))
return false;
bool isSecureTransportMode = bootstrapSecurity is TransportSecurityBindingElement;
IssuedSecurityTokenParameters infocardParameters;
if (isSecureTransportMode)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity))
clientCredentialType = MessageCredentialType.UserName;
else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity))
clientCredentialType = MessageCredentialType.Certificate;
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.Windows;
else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
return false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else
{
// the standard binding does not support None client credential type in mixed mode
return false;
}
}
else
{
if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.UserName;
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true))
clientCredentialType = MessageCredentialType.Certificate;
else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.Windows;
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
return false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true))
clientCredentialType = MessageCredentialType.None;
else
return false;
}
messageSecurity = new MessageSecurityOverTcp();
messageSecurity.ClientCredentialType = clientCredentialType;
// set the algorithm suite and issued token params if required
if (clientCredentialType != MessageCredentialType.IssuedToken)
{
messageSecurity.AlgorithmSuite = bootstrapSecurity.DefaultAlgorithmSuite;
}
return true;
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
MessageCredentialType userName;
SecurityBindingElement element;
IssuedSecurityTokenParameters parameters;
messageSecurity = null;
if (sbe == null)
{
return(false);
}
if (!sbe.IncludeTimestamp)
{
return(false);
}
if ((sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11) && (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10))
{
return(false);
}
if (sbe.SecurityHeaderLayout != SecurityHeaderLayout.Strict)
{
return(false);
}
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out element))
{
return(false);
}
if (element is TransportSecurityBindingElement)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(element))
{
userName = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsCertificateOverTransportBinding(element))
{
userName = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(element, true))
{
userName = MessageCredentialType.Windows;
}
else
{
if (!SecurityBindingElement.IsIssuedTokenOverTransportBinding(element, out parameters))
{
return(false);
}
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(parameters, new SecurityStandardsManager(element.MessageSecurityVersion, new WSSecurityTokenSerializer(element.MessageSecurityVersion.SecurityVersion, element.MessageSecurityVersion.TrustVersion, element.MessageSecurityVersion.SecureConversationVersion, true, null, null, null))))
{
return(false);
}
userName = MessageCredentialType.IssuedToken;
}
}
else if (SecurityBindingElement.IsUserNameForSslBinding(element, true))
{
userName = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(element, true, true))
{
userName = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationBinding(element, true))
{
userName = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(element, true, out parameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(parameters, new SecurityStandardsManager(element.MessageSecurityVersion, new WSSecurityTokenSerializer(element.MessageSecurityVersion.SecurityVersion, element.MessageSecurityVersion.TrustVersion, element.MessageSecurityVersion.SecureConversationVersion, true, null, null, null))))
{
return(false);
}
userName = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(element, false, true))
{
userName = MessageCredentialType.None;
}
else
{
return(false);
}
messageSecurity = new MessageSecurityOverTcp();
messageSecurity.ClientCredentialType = userName;
if (userName != MessageCredentialType.IssuedToken)
{
messageSecurity.AlgorithmSuite = element.DefaultAlgorithmSuite;
}
return(true);
}
