コード例 #1
0
 public static void LoadFromMetabase(string metabasePath, ObjectId identity, Task task, out ExtendedProtectionTokenCheckingMode extendedProtectionTokenChecking, out MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags, out MultiValuedProperty <string> extendedProtectionSPNList)
 {
     extendedProtectionTokenChecking = ExtendedProtectionTokenCheckingMode.None;
     extendedProtectionFlags         = new MultiValuedProperty <ExtendedProtectionFlag>();
     extendedProtectionSPNList       = new MultiValuedProperty <string>();
     using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, (task != null) ? new Task.TaskErrorLoggingReThrowDelegate(task.WriteError) : null, identity, false))
     {
         if (directoryEntry != null)
         {
             string text;
             string str;
             string str2;
             if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out str, out str2))
             {
                 using (ServerManager serverManager = ServerManager.OpenRemote(text))
                 {
                     Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
                     if (applicationHostConfiguration != null)
                     {
                         ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", "/" + str + str2);
                         if (section != null)
                         {
                             ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
                             if (configurationElement != null)
                             {
                                 object attributeValue = configurationElement.GetAttributeValue("tokenChecking");
                                 if (attributeValue != null && attributeValue is int)
                                 {
                                     extendedProtectionTokenChecking = (ExtendedProtectionTokenCheckingMode)attributeValue;
                                 }
                                 object attributeValue2 = configurationElement.GetAttributeValue("flags");
                                 if (attributeValue2 != null && attributeValue2 is int)
                                 {
                                     extendedProtectionFlags.Add((ExtendedProtectionFlag)attributeValue2);
                                 }
                                 ConfigurationElementCollection collection = configurationElement.GetCollection();
                                 if (collection != null)
                                 {
                                     foreach (ConfigurationElement configurationElement2 in collection)
                                     {
                                         if (configurationElement2.Schema.Name == "spn")
                                         {
                                             string item = configurationElement2.GetAttributeValue("name").ToString();
                                             extendedProtectionSPNList.Add(item);
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
 }
コード例 #2
0
        public static void CommitToMetabase(ExchangeVirtualDirectory exchangeVirtualDirectory, Task task)
        {
            if (exchangeVirtualDirectory.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010))
            {
                return;
            }
            bool flag  = task.Fields.IsModified("ExtendedProtectionTokenChecking");
            bool flag2 = task.Fields.IsModified("ExtendedProtectionFlags");
            bool flag3 = task.Fields.IsModified("ExtendedProtectionSPNList");

            if (flag || flag2 || flag3)
            {
                string metabasePath = exchangeVirtualDirectory.MetabasePath;
                using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, new Task.TaskErrorLoggingReThrowDelegate(task.WriteError), exchangeVirtualDirectory.Identity))
                {
                    if (directoryEntry != null)
                    {
                        string text;
                        string text2;
                        string text3;
                        if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out text2, out text3))
                        {
                            if (!ExtendedProtection.WebConfigReflectionHelper.IsExtendedProtectionSupported(task))
                            {
                                TaskLogger.Trace("Warning: ExtendedProtectionPolicy has not been added to HttpTransportElement of web.config.  Install the operating system update(s) specified in KB {0} onto server {1} and try again.", new object[]
                                {
                                    "981205",
                                    text
                                });
                                task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "981205"));
                            }
                            else
                            {
                                string text4 = "/" + text2 + text3;
                                using (ServerManager serverManager = ServerManager.OpenRemote(text))
                                {
                                    Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
                                    if (applicationHostConfiguration != null)
                                    {
                                        ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", text4);
                                        if (section != null)
                                        {
                                            ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
                                            if (configurationElement != null)
                                            {
                                                if (flag)
                                                {
                                                    int num = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionTokenChecking];
                                                    configurationElement.SetAttributeValue("tokenChecking", num);
                                                }
                                                if (flag2)
                                                {
                                                    int num2 = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionFlags];
                                                    configurationElement.SetAttributeValue("flags", num2);
                                                }
                                                if (flag3)
                                                {
                                                    ConfigurationElementCollection collection = configurationElement.GetCollection();
                                                    collection.Clear();
                                                    foreach (string text5 in exchangeVirtualDirectory.ExtendedProtectionSPNList)
                                                    {
                                                        ConfigurationElement configurationElement2 = collection.CreateElement("spn");
                                                        configurationElement2.SetAttributeValue("name", text5);
                                                        collection.Add(configurationElement2);
                                                    }
                                                }
                                                ExtendedProtection.WebConfigReflectionHelper.CommitToWebConfigMWA(exchangeVirtualDirectory, task, text3, text2, text, flag, flag3);
                                                serverManager.CommitChanges();
                                                return;
                                            }
                                            TaskLogger.Trace("Warning: Extended protection has not been enabled.  Install the operating system update specified in KB {0} onto server {1} and try again.", new object[]
                                            {
                                                "973917",
                                                text
                                            });
                                            task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "973917"));
                                            return;
                                        }
                                    }
                                    TaskLogger.Trace("Error:ApplicationHost.config or {0} is not found for virtual directory with metabase path '{1}' and local path '{2}'.", new object[]
                                    {
                                        "system.webServer/security/authentication/windowsAuthentication",
                                        metabasePath,
                                        text4
                                    });
                                    task.WriteError(new ArgumentException(Strings.ErrorAppHostOrWindowsAuthenticationNotFound("system.webServer/security/authentication/windowsAuthentication", metabasePath, text4)), ErrorCategory.ObjectNotFound, exchangeVirtualDirectory.Identity);
                                }
                            }
                        }
                    }
                }
            }
        }