protected override IChannelFactory <IAsyncRequestChannel> GetNegotiationChannelFactory(IChannelFactory <IAsyncRequestChannel> transportChannelFactory, ChannelBuilder channelBuilder) { ISecurityCapabilities securityCapabilities = _bootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(IssuerBindingContext); SecurityCredentialsManager securityCredentials = IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (securityCredentials == null) { securityCredentials = ClientCredentials.CreateDefaultCredentials(); } _bootstrapSecurityBindingElement.ReaderQuotas = IssuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (_bootstrapSecurityBindingElement.ReaderQuotas == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.EncodingBindingElementDoesNotHandleReaderQuotas)); } TransportBindingElement transportBindingElement = IssuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>(); if (transportBindingElement != null) { _bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize; } SecurityProtocolFactory securityProtocolFactory = _bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IAsyncRequestChannel>(IssuerBindingContext.Clone(), securityCredentials, false, IssuerBindingContext.Clone()); return(new SecurityChannelFactory <IAsyncRequestChannel>( securityCapabilities, IssuerBindingContext, channelBuilder, securityProtocolFactory, transportChannelFactory)); }
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement, BindingContext context, bool isClient) : base(context.Binding) { this.extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts; this.protectionLevel = bindingElement.ProtectionLevel; this.scheme = context.Binding.Scheme; this.isClient = isClient; this.listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { if (isClient) { credentialProvider = ClientCredentials.CreateDefaultCredentials(); } else { credentialProvider = ServiceCredentials.CreateDefaultCredentials(); } } this.securityTokenManager = credentialProvider.CreateSecurityTokenManager(); }
private void InitializeSecurityTokenManager() { if (_channelCredentials == null) { _channelCredentials = ClientCredentials.CreateDefaultCredentials(); } }
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement, BindingContext context, bool isClient) : base(context.Binding) { _extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts; _protectionLevel = bindingElement.ProtectionLevel; _scheme = context.Binding.Scheme; _isClient = isClient; _listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { if (isClient) { credentialProvider = ClientCredentials.CreateDefaultCredentials(); } else { throw ExceptionHelper.PlatformNotSupported("WindowsStreamSecurityUpgradeProvider for server is not supported."); } } _securityTokenManager = credentialProvider.CreateSecurityTokenManager(); }
public static SslStreamSecurityUpgradeProvider CreateClientProvider(SslStreamSecurityBindingElement bindingElement, BindingContext context) { SecurityCredentialsManager manager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (manager == null) { manager = ClientCredentials.CreateDefaultCredentials(); } return(new SslStreamSecurityUpgradeProvider(context.Binding, manager.CreateSecurityTokenManager(), bindingElement.RequireClientCertificate, context.Binding.Scheme, bindingElement.IdentityVerifier)); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { base.ApplyPropertiesOnDemuxer(builder, context); } BindingContext issuanceBindingContext = context.Clone(); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuanceBindingContext))); }
protected override IChannelFactory <IRequestChannel> GetNegotiationChannelFactory(IChannelFactory <IRequestChannel> transportChannelFactory, ChannelBuilder channelBuilder) { ISecurityCapabilities securityCapabilities = this.bootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(this.IssuerBindingContext); SecurityCredentialsManager securityCredentials = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (securityCredentials == null) { securityCredentials = ClientCredentials.CreateDefaultCredentials(); } this.bootstrapSecurityBindingElement.ReaderQuotas = this.IssuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EncodingBindingElementDoesNotHandleReaderQuotas))); } TransportBindingElement transportBindingElement = this.IssuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>(); if (transportBindingElement != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize; } SecurityProtocolFactory securityProtocolFactory = this.bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(this.IssuerBindingContext.Clone(), securityCredentials, false, this.IssuerBindingContext.Clone()); MessageSecurityProtocolFactory soapBindingFactory = (securityProtocolFactory as MessageSecurityProtocolFactory); if (soapBindingFactory != null) { soapBindingFactory.ApplyConfidentiality = soapBindingFactory.ApplyIntegrity = soapBindingFactory.RequireConfidentiality = soapBindingFactory.RequireIntegrity = true; MessagePartSpecification bodyPart = new MessagePartSpecification(true); soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, RequestSecurityTokenAction); soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, RequestSecurityTokenAction); soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, RequestSecurityTokenResponseAction); soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, RequestSecurityTokenResponseAction); } securityProtocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri; securityProtocolFactory.PrivacyNoticeVersion = this.PrivacyNoticeVersion; return(new SecurityChannelFactory <IRequestChannel>( securityCapabilities, this.IssuerBindingContext, channelBuilder, securityProtocolFactory, transportChannelFactory)); }
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement, BindingContext context, bool isClient) : base(context.Binding) { Contract.Assert(isClient, ".NET Core and .NET Native does not support server side"); _extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts; _protectionLevel = bindingElement.ProtectionLevel; _scheme = context.Binding.Scheme; _isClient = isClient; _listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { credentialProvider = ClientCredentials.CreateDefaultCredentials(); } _securityTokenManager = credentialProvider.CreateSecurityTokenManager(); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context); bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext); return(new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory)); }
protected override IChannelFactory <IRequestChannel> GetNegotiationChannelFactory(IChannelFactory <IRequestChannel> transportChannelFactory, ChannelBuilder channelBuilder) { ISecurityCapabilities property = this.bootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(base.IssuerBindingContext); SecurityCredentialsManager credentialsManager = base.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } this.bootstrapSecurityBindingElement.ReaderQuotas = base.IssuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("EncodingBindingElementDoesNotHandleReaderQuotas"))); } TransportBindingElement element = base.IssuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>(); if (element != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = element.MaxReceivedMessageSize; } SecurityProtocolFactory protocolFactory = this.bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(base.IssuerBindingContext.Clone(), credentialsManager, false, base.IssuerBindingContext.Clone()); MessageSecurityProtocolFactory factory2 = protocolFactory as MessageSecurityProtocolFactory; if (factory2 != null) { factory2.ApplyConfidentiality = factory2.ApplyIntegrity = factory2.RequireConfidentiality = factory2.RequireIntegrity = true; MessagePartSpecification parts = new MessagePartSpecification(true); factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.RequestSecurityTokenAction); factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.RequestSecurityTokenAction); factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.RequestSecurityTokenResponseAction); factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.RequestSecurityTokenResponseAction); } protocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri; protocolFactory.PrivacyNoticeVersion = this.PrivacyNoticeVersion; return(new SecurityChannelFactory <IRequestChannel>(property, base.IssuerBindingContext, channelBuilder, protocolFactory, transportChannelFactory)); }
/*internal override bool RequiresChannelDemuxer() * { * if (!base.RequiresChannelDemuxer()) * return this.RequiresChannelDemuxer(this.ProtectionTokenParameters); * return true; * }*/ protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>() ?? (SecurityCredentialsManager)ClientCredentials.CreateDefaultCredentials(); bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { #if FEATURE_CORECLR throw new NotImplementedException("ApplyPropertiesOnDemuxer is not supported in .NET Core"); #else this.ApplyPropertiesOnDemuxer(channelBuilder, context); #endif } BindingContext bindingContext1 = context.Clone(); SecurityChannelFactory <TChannel> securityChannelFactory; if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (protectionTokenParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new InvalidOperationException(SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } BindingContext bindingContext2 = bindingContext1.Clone(); bindingContext2.BindingParameters.Remove <ChannelProtectionRequirements>(); // BootstrapProtectionRequirements not supported // bindingContext2.BindingParameters.Add((object) protectionTokenParameters.BootstrapProtectionRequirements); if (protectionTokenParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory securityProtocolFactory = new SessionSymmetricMessageSecurityProtocolFactory(); securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2; securityProtocolFactory.ApplyConfidentiality = true; securityProtocolFactory.RequireConfidentiality = true; securityProtocolFactory.ApplyIntegrity = true; securityProtocolFactory.RequireIntegrity = true; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false)); this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.CanRenewSession = protectionTokenParameters.CanRenewSession; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = bindingContext1; sessionClientSettings.SecurityStandardsManager = securityProtocolFactory.StandardsManager; Console.WriteLine("Assigned sessionClientSettings.SessionProtocolFactory"); sessionClientSettings.SessionProtocolFactory = (SecurityProtocolFactory)securityProtocolFactory; securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings); } else { #if FEATURE_CORECLR throw new NotImplementedException("SymmetricSecurityProtocolFactory not supported in .NET Core"); #else SymmetricSecurityProtocolFactory securityProtocolFactory = new SymmetricSecurityProtocolFactory(); securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2; securityProtocolFactory.ApplyConfidentiality = true; securityProtocolFactory.RequireConfidentiality = true; securityProtocolFactory.ApplyIntegrity = true; securityProtocolFactory.RequireIntegrity = true; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false)); this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding); securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, (SecurityProtocolFactory)securityProtocolFactory); #endif } } else { SecurityProtocolFactory securityProtocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, bindingContext1); securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, securityProtocolFactory); } return((IChannelFactory <TChannel>)securityChannelFactory); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters item = null; if (base.EndpointSupportingTokenParameters.Endorsing.Count > 0) { item = base.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { base.ApplyPropertiesOnDemuxer(builder, context); } BindingContext issuerBindingContext = context.Clone(); if (item != null) { if (item.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } item.IssuerBindingContext = issuerBindingContext; if (item.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory factory2 = new SessionSymmetricTransportSecurityProtocolFactory { SecurityTokenParameters = item.Clone() }; ((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding); } finally { base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item); } SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> { ChannelBuilder = builder, KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval, KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval, TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure, CanRenewSession = item.CanRenewSession, IssuedSecurityTokenParameters = item.Clone() }; ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager; sessionClientSettings.SessionProtocolFactory = factory2; return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings)); } TransportSecurityProtocolFactory factory = new TransportSecurityProtocolFactory(); base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters parameters2 = (SecureConversationSecurityTokenParameters)item.Clone(); parameters2.IssuerBindingContext = issuerBindingContext; factory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, parameters2); } finally { base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item); } return(new SecurityChannelFactory <TChannel>(property, context, builder, factory)); } return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext))); }
void InitializeFactories() { ISecurityCapabilities securityCapabilities = this.BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(this.IssuerBindingContext); SecurityCredentialsManager securityCredentials = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (securityCredentials == null) { securityCredentials = ClientCredentials.CreateDefaultCredentials(); } BindingContext context = this.IssuerBindingContext; this.bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EncodingBindingElementDoesNotHandleReaderQuotas))); } TransportBindingElement transportBindingElement = context.RemainingBindingElements.Find <TransportBindingElement>(); if (transportBindingElement != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize; } SecurityProtocolFactory securityProtocolFactory = this.BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(this.IssuerBindingContext.Clone(), securityCredentials, false, this.IssuerBindingContext.Clone()); if (securityProtocolFactory is MessageSecurityProtocolFactory) { MessageSecurityProtocolFactory soapBindingFactory = securityProtocolFactory as MessageSecurityProtocolFactory; soapBindingFactory.ApplyConfidentiality = soapBindingFactory.ApplyIntegrity = soapBindingFactory.RequireConfidentiality = soapBindingFactory.RequireIntegrity = true; soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.ChannelParts.IsBodyIncluded = true; soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.ChannelParts.IsBodyIncluded = true; MessagePartSpecification bodyPart = new MessagePartSpecification(true); soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, IssueAction); soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, IssueAction); soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, RenewAction); soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, RenewAction); soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, IssueResponseAction); soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, IssueResponseAction); soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, RenewResponseAction); soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, RenewResponseAction); } securityProtocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri; securityProtocolFactory.PrivacyNoticeVersion = this.privacyNoticeVersion; if (this.localAddress != null) { MessageFilter issueAndRenewFilter = new SessionActionFilter(this.standardsManager, this.IssueResponseAction.Value, this.RenewResponseAction.Value); context.BindingParameters.Add(new LocalAddressProvider(localAddress, issueAndRenewFilter)); } ChannelBuilder channelBuilder = new ChannelBuilder(context, true); IChannelFactory <IRequestChannel> innerChannelFactory; // if the underlying transport does not support request/reply, wrap it inside // a service channel factory. if (channelBuilder.CanBuildChannelFactory <IRequestChannel>()) { innerChannelFactory = channelBuilder.BuildChannelFactory <IRequestChannel>(); requiresManualReplyAddressing = true; } else { ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", NamingHelper.DefaultNamespace); clientRuntime.UseSynchronizationContext = false; clientRuntime.AddTransactionFlowProperties = false; clientRuntime.ValidateMustUnderstand = false; ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime); ClientOperation issueOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", IssueAction.Value); issueOperation.Formatter = operationFormatter; serviceChannelFactory.ClientRuntime.Operations.Add(issueOperation); ClientOperation renewOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", RenewAction.Value); renewOperation.Formatter = operationFormatter; serviceChannelFactory.ClientRuntime.Operations.Add(renewOperation); innerChannelFactory = new RequestChannelFactory(serviceChannelFactory); requiresManualReplyAddressing = false; } SecurityChannelFactory <IRequestChannel> securityChannelFactory = new SecurityChannelFactory <IRequestChannel>( securityCapabilities, this.IssuerBindingContext, channelBuilder, securityProtocolFactory, innerChannelFactory); // attach the ExtendedProtectionPolicy to the securityProtcolFactory so it will be // available when building the channel. if (transportBindingElement != null) { if (securityChannelFactory.SecurityProtocolFactory != null) { securityChannelFactory.SecurityProtocolFactory.ExtendedProtectionPolicy = transportBindingElement.GetProperty <ExtendedProtectionPolicy>(context); } } this.rstChannelFactory = securityChannelFactory; this.messageVersion = securityChannelFactory.MessageVersion; }
private void InitializeFactories() { ISecurityCapabilities securityCapabilities = BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(IssuerBindingContext); SecurityCredentialsManager securityCredentials = IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (securityCredentials == null) { securityCredentials = ClientCredentials.CreateDefaultCredentials(); } BindingContext context = IssuerBindingContext; _bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (_bootstrapSecurityBindingElement.ReaderQuotas == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.EncodingBindingElementDoesNotHandleReaderQuotas)); } TransportBindingElement transportBindingElement = context.RemainingBindingElements.Find <TransportBindingElement>(); if (transportBindingElement != null) { _bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize; } SecurityProtocolFactory securityProtocolFactory = BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(IssuerBindingContext.Clone(), securityCredentials, false, IssuerBindingContext.Clone()); if (_localAddress != null) { MessageFilter issueAndRenewFilter = new SessionActionFilter(_standardsManager, IssueResponseAction.Value, RenewResponseAction.Value); context.BindingParameters.Add(new LocalAddressProvider(_localAddress, issueAndRenewFilter)); } ChannelBuilder channelBuilder = new ChannelBuilder(context, true); IChannelFactory innerChannelFactory; // if the underlying transport does not support request/reply, wrap it inside // a service channel factory. if (channelBuilder.CanBuildChannelFactory <IRequestChannel>()) { innerChannelFactory = channelBuilder.BuildChannelFactory <IRequestChannel>(); _requiresManualReplyAddressing = true; } else { ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", NamingHelper.DefaultNamespace); clientRuntime.UseSynchronizationContext = false; clientRuntime.AddTransactionFlowProperties = false; clientRuntime.ValidateMustUnderstand = false; ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime); ClientOperation issueOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", IssueAction.Value); issueOperation.Formatter = s_operationFormatter; serviceChannelFactory.ClientRuntime.Operations.Add(issueOperation); ClientOperation renewOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", RenewAction.Value); renewOperation.Formatter = s_operationFormatter; serviceChannelFactory.ClientRuntime.Operations.Add(renewOperation); innerChannelFactory = new RequestChannelFactory(serviceChannelFactory); _requiresManualReplyAddressing = false; } SecurityChannelFactory <IAsyncRequestChannel> securityChannelFactory = new SecurityChannelFactory <IAsyncRequestChannel>( securityCapabilities, IssuerBindingContext, channelBuilder, securityProtocolFactory, innerChannelFactory); // attach the ExtendedProtectionPolicy to the securityProtcolFactory so it will be // available when building the channel. if (transportBindingElement != null) { if (securityChannelFactory.SecurityProtocolFactory != null) { securityChannelFactory.SecurityProtocolFactory.ExtendedProtectionPolicy = transportBindingElement.GetProperty <ExtendedProtectionPolicy>(context); } } _rstChannelFactory = securityChannelFactory; MessageVersion = securityChannelFactory.MessageVersion; }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } // This adds the demuxer element to the context. We add a demuxer element only if the binding is configured to do // secure conversation or negotiation bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory <TChannel> channelFactory; if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters scParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (scParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); } BindingContext scIssuerBindingContext = issuerBindingContext.Clone(); scIssuerBindingContext.BindingParameters.Remove <ChannelProtectionRequirements>(); scIssuerBindingContext.BindingParameters.Add(scParameters.BootstrapProtectionRequirements); if (scParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory sessionFactory = new SessionSymmetricMessageSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext; sessionFactory.ApplyConfidentiality = true; sessionFactory.RequireConfidentiality = true; sessionFactory.ApplyIntegrity = true; sessionFactory.RequireIntegrity = true; sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; sessionFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; sessionFactory.MessageProtectionOrder = this.MessageProtectionOrder; sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; sessionFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.CanRenewSession = scParameters.CanRenewSession; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings); } else { SymmetricSecurityProtocolFactory protocolFactory = new SymmetricSecurityProtocolFactory(); protocolFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)protocolFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext; protocolFactory.ApplyConfidentiality = true; protocolFactory.RequireConfidentiality = true; protocolFactory.ApplyIntegrity = true; protocolFactory.RequireIntegrity = true; protocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; protocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; protocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; protocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } return(channelFactory); }
private void InitializeFactories() { IChannelFactory <IRequestChannel> factory3; ISecurityCapabilities property = this.BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(this.IssuerBindingContext); SecurityCredentialsManager credentialsManager = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } BindingContext issuerBindingContext = this.IssuerBindingContext; this.bootstrapSecurityBindingElement.ReaderQuotas = issuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("EncodingBindingElementDoesNotHandleReaderQuotas"))); } TransportBindingElement element = issuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>(); if (element != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = element.MaxReceivedMessageSize; } SecurityProtocolFactory protocolFactory = this.BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(this.IssuerBindingContext.Clone(), credentialsManager, false, this.IssuerBindingContext.Clone()); if (protocolFactory is MessageSecurityProtocolFactory) { MessageSecurityProtocolFactory factory2 = protocolFactory as MessageSecurityProtocolFactory; factory2.ApplyConfidentiality = factory2.ApplyIntegrity = factory2.RequireConfidentiality = factory2.RequireIntegrity = true; factory2.ProtectionRequirements.IncomingSignatureParts.ChannelParts.IsBodyIncluded = true; factory2.ProtectionRequirements.OutgoingSignatureParts.ChannelParts.IsBodyIncluded = true; MessagePartSpecification parts = new MessagePartSpecification(true); factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.IssueAction); factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.IssueAction); factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.RenewAction); factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.RenewAction); factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.IssueResponseAction); factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.IssueResponseAction); factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.RenewResponseAction); factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.RenewResponseAction); } protocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri; protocolFactory.PrivacyNoticeVersion = this.privacyNoticeVersion; if (this.localAddress != null) { MessageFilter filter = new SessionActionFilter(this.standardsManager, new string[] { this.IssueResponseAction.Value, this.RenewResponseAction.Value }); issuerBindingContext.BindingParameters.Add(new LocalAddressProvider(this.localAddress, filter)); } ChannelBuilder channelBuilder = new ChannelBuilder(issuerBindingContext, true); if (channelBuilder.CanBuildChannelFactory <IRequestChannel>()) { factory3 = channelBuilder.BuildChannelFactory <IRequestChannel>(); this.requiresManualReplyAddressing = true; } else { ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", "http://tempuri.org/") { UseSynchronizationContext = false, AddTransactionFlowProperties = false, ValidateMustUnderstand = false }; ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime); ClientOperation item = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", this.IssueAction.Value) { Formatter = operationFormatter }; serviceChannelFactory.ClientRuntime.Operations.Add(item); ClientOperation operation2 = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", this.RenewAction.Value) { Formatter = operationFormatter }; serviceChannelFactory.ClientRuntime.Operations.Add(operation2); factory3 = new RequestChannelFactory(serviceChannelFactory); this.requiresManualReplyAddressing = false; } SecurityChannelFactory <IRequestChannel> factory5 = new SecurityChannelFactory <IRequestChannel>(property, this.IssuerBindingContext, channelBuilder, protocolFactory, factory3); if ((element != null) && (factory5.SecurityProtocolFactory != null)) { factory5.SecurityProtocolFactory.ExtendedProtectionPolicy = element.GetProperty <ExtendedProtectionPolicy>(issuerBindingContext); } this.rstChannelFactory = factory5; this.messageVersion = factory5.MessageVersion; }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { base.ApplyPropertiesOnDemuxer(builder, context); } BindingContext issuerBindingContext = context.Clone(); if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (protectionTokenParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } BindingContext context3 = issuerBindingContext.Clone(); context3.BindingParameters.Remove <ChannelProtectionRequirements>(); context3.BindingParameters.Add(protectionTokenParameters.BootstrapProtectionRequirements); if (protectionTokenParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory factory2 = new SessionSymmetricMessageSecurityProtocolFactory { SecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = context3; factory2.ApplyConfidentiality = true; factory2.RequireConfidentiality = true; factory2.ApplyIntegrity = true; factory2.RequireIntegrity = true; factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory2.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; factory2.MessageProtectionOrder = this.MessageProtectionOrder; factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory2.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> { ChannelBuilder = builder, KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval, CanRenewSession = protectionTokenParameters.CanRenewSession, KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval, TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure, IssuedSecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager; sessionClientSettings.SessionProtocolFactory = factory2; return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings)); } SymmetricSecurityProtocolFactory factory = new SymmetricSecurityProtocolFactory { SecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)factory.SecurityTokenParameters).IssuerBindingContext = context3; factory.ApplyConfidentiality = true; factory.RequireConfidentiality = true; factory.ApplyIntegrity = true; factory.RequireIntegrity = true; factory.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; factory.MessageProtectionOrder = this.MessageProtectionOrder; factory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding); return(new SecurityChannelFactory <TChannel>(property, context, builder, factory)); } return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext))); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) { scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } // This adds the demuxer element to the context bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory <TChannel> channelFactory; if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); } scParameters.IssuerBindingContext = issuerBindingContext; if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.CanRenewSession = scParameters.CanRenewSession; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings); } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters)scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>( context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } return(channelFactory); }