internal IChannelListener <TChannel> BuildNegotiationChannelListener <TChannel>(BindingContext context) where TChannel : class, IChannel { SecurityCredentialsManager securityCredentials = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (securityCredentials == null) { securityCredentials = ServiceCredentials.CreateDefaultCredentials(); } this.bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EncodingBindingElementDoesNotHandleReaderQuotas))); } TransportBindingElement transportBindingElement = context.RemainingBindingElements.Find <TransportBindingElement>(); if (transportBindingElement != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize; } SecurityProtocolFactory securityProtocolFactory = this.bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <TChannel>(this.IssuerBindingContext.Clone(), securityCredentials, true, this.IssuerBindingContext.Clone()); MessageSecurityProtocolFactory soapBindingFactory = securityProtocolFactory as MessageSecurityProtocolFactory; if (soapBindingFactory != null) { soapBindingFactory.ApplyConfidentiality = soapBindingFactory.ApplyIntegrity = soapBindingFactory.RequireConfidentiality = soapBindingFactory.RequireIntegrity = true; MessagePartSpecification bodyPart = new MessagePartSpecification(true); soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, RequestSecurityTokenResponseAction); soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, RequestSecurityTokenResponseAction); soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, RequestSecurityTokenAction); soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, RequestSecurityTokenAction); } SecurityChannelListener <TChannel> securityChannelListener = new SecurityChannelListener <TChannel>(this.bootstrapSecurityBindingElement, context); securityChannelListener.SecurityProtocolFactory = securityProtocolFactory; // do not send back unsecured faults over composite duplex securityChannelListener.SendUnsecuredFaults = !SecurityUtils.IsCompositeDuplexBinding(context); ChannelBuilder channelBuilder = new ChannelBuilder(context, true); securityChannelListener.InitializeListener(channelBuilder); this.shouldMatchRstWithEndpointFilter = SecurityUtils.ShouldMatchRstWithEndpointFilter(this.bootstrapSecurityBindingElement); return(securityChannelListener); }
internal IChannelListener <TChannel> BuildNegotiationChannelListener <TChannel>(BindingContext context) where TChannel : class, IChannel { SecurityCredentialsManager credentialsManager = base.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ServiceCredentials.CreateDefaultCredentials(); } this.bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>(); if (this.bootstrapSecurityBindingElement.ReaderQuotas == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("EncodingBindingElementDoesNotHandleReaderQuotas"))); } TransportBindingElement element = context.RemainingBindingElements.Find <TransportBindingElement>(); if (element != null) { this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = element.MaxReceivedMessageSize; } SecurityProtocolFactory factory = this.bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <TChannel>(base.IssuerBindingContext.Clone(), credentialsManager, true, base.IssuerBindingContext.Clone()); MessageSecurityProtocolFactory factory2 = factory as MessageSecurityProtocolFactory; if (factory2 != null) { factory2.ApplyConfidentiality = factory2.ApplyIntegrity = factory2.RequireConfidentiality = factory2.RequireIntegrity = true; MessagePartSpecification parts = new MessagePartSpecification(true); factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.RequestSecurityTokenResponseAction); factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.RequestSecurityTokenResponseAction); factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.RequestSecurityTokenAction); factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.RequestSecurityTokenAction); } SecurityChannelListener <TChannel> listener = new SecurityChannelListener <TChannel>(this.bootstrapSecurityBindingElement, context) { SecurityProtocolFactory = factory, SendUnsecuredFaults = !System.ServiceModel.Security.SecurityUtils.IsCompositeDuplexBinding(context) }; ChannelBuilder channelBuilder = new ChannelBuilder(context, true); listener.InitializeListener(channelBuilder); this.shouldMatchRstWithEndpointFilter = System.ServiceModel.Security.SecurityUtils.ShouldMatchRstWithEndpointFilter(this.bootstrapSecurityBindingElement); return(listener); }