void ProcessSecurityAccess(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.SecurityAccessSectionName); // Check SSL Flags. if (section != null) { int sslFlags = (int)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.SslFlagsAttributeName); transportSettings.AccessSslFlags = (HttpAccessSslFlags)sslFlags; // Clear SslMapCert field, which should not contain any useful data now. transportSettings.AccessSslFlags &= ~(HttpAccessSslFlags.SslMapCert); } // Check whether IIS client certificate mapping is enabled. section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.IisClientCertMapAuthenticationName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert; } else { // Check whether Active Directory client certification mapping is enabled. section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.ClientCertMapAuthenticationName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert; } } }
void ProcessDigestAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5; } }
void ProcessDigestAuthentication(Configuration config, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = ServerManagerWrapper.GetSection(config, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName); if ((section != null) && ((bool)ServerManagerWrapper.GetAttributeValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5; } }
protected override HostedServiceTransportSettings CreateTransportSettings(string relativeVirtualPath) { Debug.Print("MetabaseSettingsIis7.CreateTransportSettings() calling ServerManager.GetWebConfiguration() virtualPath: " + relativeVirtualPath); string absolutePath = VirtualPathUtility.ToAbsolute(relativeVirtualPath, HostingEnvironment.ApplicationVirtualPath); HostedServiceTransportSettings transportSettings = new HostedServiceTransportSettings(); string siteName = HostingEnvironment.SiteName; ProcessAnonymousAuthentication(siteName, absolutePath, ref transportSettings); ProcessBasicAuthentication(siteName, absolutePath, ref transportSettings); ProcessWindowsAuthentication(siteName, absolutePath, ref transportSettings); ProcessDigestAuthentication(siteName, absolutePath, ref transportSettings); ProcessSecurityAccess(siteName, absolutePath, ref transportSettings); return(transportSettings); }
void ProcessWindowsAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings) { ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.WindowsAuthenticationSectionName); if ((section != null) && ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName)) ) { transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthNTLM; List <string> providerList = WebConfigurationManagerWrapper.GetProviderList(section); if (providerList.Count != 0) { transportSettings.AuthProviders = providerList.ToArray(); } // Check the CBT configuration try { ConfigurationElement element = section.GetChildElement(MetabaseSettingsIis7Constants.ExtendedProtectionElementName); if (element != null) { ExtendedProtectionTokenChecking tokenChecking; ExtendedProtectionFlags flags; List <string> spnList; WebConfigurationManagerWrapper.ReadIisExtendedProtectionPolicy(element, out tokenChecking, out flags, out spnList); transportSettings.IisExtendedProtectionPolicy = BuildExtendedProtectionPolicy(tokenChecking, flags, spnList); } } catch (COMException e) { // hit this exception only when IIS does not support CBT // safe for us to igore this COMException so that services not using CBT still can be activated // if a service does use CBT in binding, channel listener will catch it when comparing IIS setting against WCF (on CBT) and throw exception if (DiagnosticUtility.ShouldTraceWarning) { TraceUtility.TraceEvent(TraceEventType.Warning, TraceCode.WebHostNoCBTSupport, SR.TraceCodeWebHostNoCBTSupport, this, e); } } } }