コード例 #1
0
        public override XmlElement CreateWsspHttpsTokenAssertion(MetadataExporter exporter, HttpsTransportBindingElement httpsBinding)
        {
            Fx.Assert(httpsBinding != null, "httpsBinding must not be null.");
            Fx.Assert(httpsBinding.AuthenticationScheme.IsSingleton(), "authenticationScheme must be a singleton value for security-mode TransportWithMessageCredential.");

            XmlElement result = CreateWsspAssertion(WSSecurityPolicy.HttpsTokenName);
            if (httpsBinding.RequireClientCertificate ||
                httpsBinding.AuthenticationScheme == AuthenticationSchemes.Basic ||
                httpsBinding.AuthenticationScheme == AuthenticationSchemes.Digest)
            {
                XmlElement policy = CreateWspPolicyWrapper(exporter);
                if (httpsBinding.RequireClientCertificate)
                {
                    policy.AppendChild(CreateWsspAssertion(WSSecurityPolicy.RequireClientCertificateName));
                }
                if (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Basic)
                {
                    policy.AppendChild(CreateWsspAssertion(WSSecurityPolicy.HttpBasicAuthenticationName));
                }
                else if (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Digest)
                {
                    policy.AppendChild(CreateWsspAssertion(WSSecurityPolicy.HttpDigestAuthenticationName));
                }
                result.AppendChild(policy);
            }
            return result;
        }
 public override XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters)
 {
     XmlElement tokenAssertion = this.CreateWsspAssertion("SecureConversationToken");
     this.SetIncludeTokenValue(tokenAssertion, parameters.InclusionMode);
     tokenAssertion.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys), this.CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation), this.CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement), this.CreateWsspMustNotSendAmendAssertion(), (!parameters.RequireCancellation || !parameters.CanRenewSession) ? this.CreateWsspMustNotSendRenewAssertion() : null }));
     return tokenAssertion;
 }
 private XmlElement CreateWsspSignedEncryptedSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> signedEncrypted, Collection<SecurityTokenParameters> optionalSignedEncrypted)
 {
     if (((signedEncrypted == null) || (signedEncrypted.Count == 0)) && ((optionalSignedEncrypted == null) || (optionalSignedEncrypted.Count == 0)))
     {
         return null;
     }
     XmlElement newChild = this.CreateWspPolicyWrapper(exporter, new XmlElement[0]);
     if (signedEncrypted != null)
     {
         foreach (SecurityTokenParameters parameters in signedEncrypted)
         {
             newChild.AppendChild(this.CreateTokenAssertion(exporter, parameters));
         }
     }
     if (optionalSignedEncrypted != null)
     {
         foreach (SecurityTokenParameters parameters2 in optionalSignedEncrypted)
         {
             newChild.AppendChild(this.CreateTokenAssertion(exporter, parameters2, true));
         }
     }
     XmlElement element = this.CreateWsspAssertion("SignedEncryptedSupportingTokens");
     element.AppendChild(newChild);
     return element;
 }
 public override XmlElement CreateMsspSslContextTokenAssertion(MetadataExporter exporter, SslSecurityTokenParameters parameters)
 {
     XmlElement tokenAssertion = this.CreateMsspAssertion("SslContextToken");
     this.SetIncludeTokenValue(tokenAssertion, parameters.InclusionMode);
     tokenAssertion.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys), this.CreateWsspMustNotSendCancelAssertion(false), this.CreateMsspRequireClientCertificateAssertion(parameters.RequireClientCertificate), this.CreateWsspMustNotSendAmendAssertion(), this.CreateWsspMustNotSendRenewAssertion() }));
     return tokenAssertion;
 }
        internal void OnExportPolicy(MetadataExporter exporter, PolicyConversionContext context)
        {
            string str = "";
            switch (this.Mode)
            {
                case SecurityMode.None:
                    str = "PeerTransportSecurityModeNone";
                    break;

                case SecurityMode.Transport:
                    str = "PeerTransportSecurityModeTransport";
                    break;

                case SecurityMode.Message:
                    str = "PeerTransportSecurityModeMessage";
                    break;

                case SecurityMode.TransportWithMessageCredential:
                    str = "PeerTransportSecurityModeTransportWithMessageCredential";
                    break;

                default:
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
            }
            XmlElement item = new XmlDocument().CreateElement("pc", "PeerTransportSecurityMode", "http://schemas.microsoft.com/soap/peer");
            item.InnerText = str;
            context.GetBindingAssertions().Add(item);
            this.transportSecurity.OnExportPolicy(exporter, context);
        }
コード例 #6
0
 private static void TraceWsdlExportErrors(MetadataExporter exporter)
 {
     foreach (MetadataConversionError error in exporter.Errors)
     {
         if (DiagnosticUtility.ShouldTraceWarning)
         {
             Hashtable hashtable2 = new Hashtable(2);
             hashtable2.Add("IsWarning", error.IsWarning);
             hashtable2.Add("Message", error.Message);
             Hashtable dictionary = hashtable2;
             TraceUtility.TraceEvent(TraceEventType.Warning, 0x8003d, System.ServiceModel.SR.GetString("TraceCodeWsmexNonCriticalWsdlExportError"), new DictionaryTraceRecord(dictionary), null, null);
         }
     }
 }
コード例 #7
0
 static void TraceWsdlExportErrors(MetadataExporter exporter)
 {
     foreach (MetadataConversionError error in exporter.Errors)
     {
         if (DiagnosticUtility.ShouldTraceWarning)
         {
             Hashtable h = new Hashtable(2)
             {
                 { "IsWarning", error.IsWarning },
                 { "Message", error.Message }
             };
             TraceUtility.TraceEvent(TraceEventType.Warning, TraceCode.WsmexNonCriticalWsdlExportError,
                                     SR.GetString(SR.TraceCodeWsmexNonCriticalWsdlExportError), new DictionaryTraceRecord(h), null, null);
         }
     }
 }
        internal void OnExportPolicy(MetadataExporter exporter, PolicyConversionContext context)
        {
            string str = "";
            switch (this.CredentialType)
            {
                case PeerTransportCredentialType.Password:
                    str = "PeerTransportCredentialTypePassword";
                    break;

                case PeerTransportCredentialType.Certificate:
                    str = "PeerTransportCredentialTypeCertificate";
                    break;

                default:
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
            }
            XmlElement item = new XmlDocument().CreateElement("pc", "PeerTransportCredentialType", "http://schemas.microsoft.com/soap/peer");
            item.InnerText = str;
            context.GetBindingAssertions().Add(item);
        }
 public override XmlElement CreateWsspHttpsTokenAssertion(MetadataExporter exporter, HttpsTransportBindingElement httpsBinding)
 {
     XmlElement element = this.CreateWsspAssertion("HttpsToken");
     if ((httpsBinding.RequireClientCertificate || (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Basic)) || (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Digest))
     {
         XmlElement newChild = this.CreateWspPolicyWrapper(exporter, new XmlElement[0]);
         if (httpsBinding.RequireClientCertificate)
         {
             newChild.AppendChild(this.CreateWsspAssertion("RequireClientCertificate"));
         }
         if (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Basic)
         {
             newChild.AppendChild(this.CreateWsspAssertion("HttpBasicAuthentication"));
         }
         else if (httpsBinding.AuthenticationScheme == AuthenticationSchemes.Digest)
         {
             newChild.AppendChild(this.CreateWsspAssertion("HttpDigestAuthentication"));
         }
         element.AppendChild(newChild);
     }
     return element;
 }
コード例 #10
0
 internal void OnExportPolicy(MetadataExporter exporter, PolicyConversionContext context)
 {
     string assertion = "";
     switch (this.CredentialType)
     {
         case PeerTransportCredentialType.Password:
             assertion = PeerTransportPolicyConstants.PeerTransportCredentialTypePassword;
             break;
         case PeerTransportCredentialType.Certificate:
             assertion = PeerTransportPolicyConstants.PeerTransportCredentialTypeCertificate;
             break;
         default:
             Fx.Assert("Unsupported value for PeerTransportSecuritySettings.CredentialType");
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
     }
     XmlDocument doc = new XmlDocument();
     XmlElement element = doc.CreateElement(PeerTransportPolicyConstants.PeerTransportPrefix,
                                            PeerTransportPolicyConstants.PeerTransportCredentialType,
                                            TransportPolicyConstants.PeerTransportUri);
     element.InnerText = assertion;
     context.GetBindingAssertions().Add(element);
 }
コード例 #11
0
 public virtual XmlElement CreateMsspSslContextTokenAssertion(MetadataExporter exporter, SslSecurityTokenParameters parameters)
 {
     XmlElement result = CreateMsspAssertion(SslContextTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation),
             CreateMsspRequireClientCertificateAssertion(parameters.RequireClientCertificate)
     ));
     return result;
 }
コード例 #12
0
            internal MetadataSet GenerateMetadata()
            {
                if (this.behavior.ExternalMetadataLocation == null || this.behavior.ExternalMetadataLocation.ToString() == string.Empty)
                {
                    if (this.metadataGenerationException != null)
                    {
                        throw this.metadataGenerationException;
                    }

                    try
                    {
                        MetadataExporter             exporter          = this.behavior.MetadataExporter;
                        XmlQualifiedName             serviceName       = new XmlQualifiedName(this.description.Name, this.description.Namespace);
                        Collection <ServiceEndpoint> exportedEndpoints = new Collection <ServiceEndpoint>();
                        foreach (ServiceEndpoint endpoint in this.description.Endpoints)
                        {
                            ServiceMetadataContractBehavior contractBehavior = endpoint.Contract.Behaviors.Find <ServiceMetadataContractBehavior>();

                            // if contract behavior exists, generate metadata when the behavior allows metadata generation
                            // if contract behavior doesn't exist, generate metadata only for non system endpoints
                            if ((contractBehavior != null && !contractBehavior.MetadataGenerationDisabled) ||
                                (contractBehavior == null && !endpoint.IsSystemEndpoint))
                            {
                                EndpointAddress    address            = null;
                                EndpointDispatcher endpointDispatcher = GetListenerByID(this.host.ChannelDispatchers, endpoint.Id);
                                if (endpointDispatcher != null)
                                {
                                    address = endpointDispatcher.EndpointAddress;
                                }
                                ServiceEndpoint exportedEndpoint = new ServiceEndpoint(endpoint.Contract);
                                exportedEndpoint.Binding = endpoint.Binding;
                                exportedEndpoint.Name    = endpoint.Name;
                                exportedEndpoint.Address = address;
                                foreach (IEndpointBehavior behavior in endpoint.Behaviors)
                                {
                                    exportedEndpoint.Behaviors.Add(behavior);
                                }
                                exportedEndpoints.Add(exportedEndpoint);
                            }
                        }
                        WsdlExporter wsdlExporter = exporter as WsdlExporter;
                        if (wsdlExporter != null)
                        {
                            // Pass the BindingParameterCollection into the ExportEndpoints method so that the binding parameters can be using to export WSDL correctly.
                            // The binding parameters are used in BuildChannelListener, during which they can modify the configuration of the channel in ways that might have to
                            // be communicated in the WSDL. For example, in the case of Multi-Auth, the AuthenticationSchemesBindingParameter is used during BuildChannelListener
                            // to set the AuthenticationSchemes supported by the virtual directory on the HttpTransportBindingElement.  These authentication schemes also need
                            // to be in the WSDL, so that clients know what authentication schemes are supported by the service.  (see CSDMain #180381)
                            Fx.Assert(this.host != null, "ServiceHostBase field on MetadataExtensionInitializer should never be null.");
                            wsdlExporter.ExportEndpoints(exportedEndpoints, serviceName, this.host.GetBindingParameters(exportedEndpoints));
                        }
                        else
                        {
                            foreach (ServiceEndpoint endpoint in exportedEndpoints)
                            {
                                exporter.ExportEndpoint(endpoint);
                            }
                        }

                        if (exporter.Errors.Count > 0 && DiagnosticUtility.ShouldTraceWarning)
                        {
                            TraceWsdlExportErrors(exporter);
                        }

                        return(exporter.GetGeneratedMetadata());
                    }
                    catch (Exception e)
                    {
                        this.metadataGenerationException = e;
                        throw;
                    }
                }
                return(null);
            }
コード例 #13
0
 public abstract XmlElement CreateWsspHttpsTokenAssertion(MetadataExporter exporter, HttpsTransportBindingElement httpsBinding);
コード例 #14
0
        public virtual Collection<XmlElement> CreateWsspSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> signed, Collection<SecurityTokenParameters> signedEncrypted, Collection<SecurityTokenParameters> endorsing, Collection<SecurityTokenParameters> signedEndorsing, Collection<SecurityTokenParameters> optionalSigned, Collection<SecurityTokenParameters> optionalSignedEncrypted, Collection<SecurityTokenParameters> optionalEndorsing, Collection<SecurityTokenParameters> optionalSignedEndorsing, AddressingVersion addressingVersion)
        {
            Collection<XmlElement> supportingTokenAssertions = new Collection<XmlElement>();

            // Signed Supporting Tokens
            XmlElement supportingTokenAssertion = CreateWsspSignedSupportingTokensAssertion(exporter, signed, signedEncrypted, optionalSigned, optionalSignedEncrypted);
            if (supportingTokenAssertion != null)
                supportingTokenAssertions.Add(supportingTokenAssertion);

            // Endorsing Supporting Tokens.
            supportingTokenAssertion = CreateWsspEndorsingSupportingTokensAssertion(exporter, endorsing, optionalEndorsing, addressingVersion);
            if (supportingTokenAssertion != null)
                supportingTokenAssertions.Add(supportingTokenAssertion);

            // Signed Endorsing Supporting Tokens.
            supportingTokenAssertion = CreateWsspSignedEndorsingSupportingTokensAssertion(exporter, signedEndorsing, optionalSignedEndorsing, addressingVersion);
            if (supportingTokenAssertion != null)
                supportingTokenAssertions.Add(supportingTokenAssertion);

            return supportingTokenAssertions;
        }
コード例 #15
0
 protected XmlElement CreateWsspSignedEndorsingSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> signedEndorsing, Collection<SecurityTokenParameters> optionalSignedEndorsing, AddressingVersion addressingVersion)
 {
     return CreateWsspiSupportingTokensAssertion(exporter, signedEndorsing, optionalSignedEndorsing, addressingVersion, SignedEndorsingSupportingTokensName);
 }
コード例 #16
0
        protected XmlElement CreateWsspTrustAssertion(string trustName, MetadataExporter exporter, SecurityKeyEntropyMode keyEntropyMode)
        {
            XmlElement result = CreateWsspAssertion(trustName);
            result.AppendChild(
                CreateWspPolicyWrapper(
                    exporter,
                    CreateWsspAssertion(MustSupportIssuedTokensName),
                    CreateWsspRequireClientEntropyAssertion(keyEntropyMode),
                    CreateWsspRequireServerEntropyAssertion(keyEntropyMode)
            ));

            return result;
        }
コード例 #17
0
        public virtual XmlElement CreateWsspWss11Assertion(MetadataExporter exporter, bool requireSignatureConfirmation)
        {
            XmlElement result = CreateWsspAssertion(Wss11Name);
            result.AppendChild(
                CreateWspPolicyWrapper(
                    exporter,
                    CreateWsspAssertionMustSupportRefKeyIdentifierName(),
                    CreateWsspAssertionMustSupportRefIssuerSerialName(),
                    CreateWsspAssertionMustSupportRefThumbprintName(),
                    CreateWsspAssertionMustSupportRefEncryptedKeyName(),
                    CreateWsspRequireSignatureConformationAssertion(requireSignatureConfirmation)
            ));

            return result;
        }
コード例 #18
0
        public virtual XmlElement CreateWsspWssAssertion(MetadataExporter exporter, SecurityBindingElement binding)
        {
            if (binding == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("binding");
            }

            if (binding.MessageSecurityVersion.SecurityVersion == SecurityVersion.WSSecurity10)
            {
                return CreateWsspWss10Assertion(exporter);
            }
            else if (binding.MessageSecurityVersion.SecurityVersion == SecurityVersion.WSSecurity11)
            {
                if (binding is SymmetricSecurityBindingElement)
                {
                    return CreateWsspWss11Assertion(exporter, ((SymmetricSecurityBindingElement)binding).RequireSignatureConfirmation);
                }
                else if (binding is AsymmetricSecurityBindingElement)
                {
                    return CreateWsspWss11Assertion(exporter, ((AsymmetricSecurityBindingElement)binding).RequireSignatureConfirmation);
                }
                else
                {
                    return CreateWsspWss11Assertion(exporter, false);
                }
            }
            else
            {
                return null;
            }
        }
コード例 #19
0
        public virtual XmlElement CreateWsspAsymmetricBindingAssertion(MetadataExporter exporter, PolicyConversionContext policyContext, AsymmetricSecurityBindingElement binding)
        {
            if (binding == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("binding");
            }

            XmlElement result = CreateWsspAssertion(AsymmetricBindingName);
            result.AppendChild(
                CreateWspPolicyWrapper(
                    exporter,
                    CreateWsspInitiatorTokenAssertion(exporter, binding.InitiatorTokenParameters),
                    CreateWsspRecipientTokenAssertion(exporter, binding.RecipientTokenParameters),
                    CreateWsspAlgorithmSuiteAssertion(exporter, binding.DefaultAlgorithmSuite),
                    CreateWsspLayoutAssertion(exporter, binding.SecurityHeaderLayout),
                    CreateWsspIncludeTimestampAssertion(binding.IncludeTimestamp),
                    CreateWsspEncryptBeforeSigningAssertion(binding.MessageProtectionOrder),
                    CreateWsspEncryptSignatureAssertion(policyContext, binding),
                    CreateWsspProtectTokensAssertion(binding),
                    CreateWsspAssertion(OnlySignEntireHeadersAndBodyName)
            ));

            return result;
        }
コード例 #20
0
        public virtual XmlElement CreateWsspBootstrapPolicyAssertion(MetadataExporter exporter, SecurityBindingElement bootstrapSecurity)
        {
            if (bootstrapSecurity == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("bootstrapBinding");

            WSSecurityPolicy sp = WSSecurityPolicy.GetSecurityPolicyDriver(bootstrapSecurity.MessageSecurityVersion);

            // create complete bootstrap binding

            CustomBinding bootstrapBinding = new CustomBinding(bootstrapSecurity);
            if (exporter.State.ContainsKey(SecurityPolicyStrings.SecureConversationBootstrapBindingElementsBelowSecurityKey))
            {
                BindingElementCollection bindingElementsBelowSecurity = exporter.State[SecurityPolicyStrings.SecureConversationBootstrapBindingElementsBelowSecurityKey] as BindingElementCollection;
                if (bindingElementsBelowSecurity != null)
                {
                    foreach (BindingElement be in bindingElementsBelowSecurity)
                    {
                        bootstrapBinding.Elements.Add(be);
                    }
                }
            }

            // generate policy for the "how" of security 

            ServiceEndpoint bootstrapEndpoint = new ServiceEndpoint(NullContract);
            bootstrapEndpoint.Binding = bootstrapBinding;
            PolicyConversionContext policyContext = exporter.ExportPolicy(bootstrapEndpoint);

            // generate policy for the "what" of security (protection assertions)

            // hard-coded requirements in V1: sign and encrypt RST and RSTR body
            ChannelProtectionRequirements bootstrapProtection = new ChannelProtectionRequirements();
            bootstrapProtection.IncomingEncryptionParts.AddParts(new MessagePartSpecification(true));
            bootstrapProtection.OutgoingEncryptionParts.AddParts(new MessagePartSpecification(true));
            bootstrapProtection.IncomingSignatureParts.AddParts(new MessagePartSpecification(true));
            bootstrapProtection.OutgoingSignatureParts.AddParts(new MessagePartSpecification(true));

            // add boostrap binding protection requirements (e.g. addressing headers)
            ChannelProtectionRequirements cpr = bootstrapBinding.GetProperty<ChannelProtectionRequirements>(new BindingParameterCollection());
            if (cpr != null)
            {
                bootstrapProtection.Add(cpr);
            }

            // extract channel-scope protection requirements and union them across request and response
            MessagePartSpecification encryption = new MessagePartSpecification();
            encryption.Union(bootstrapProtection.IncomingEncryptionParts.ChannelParts);
            encryption.Union(bootstrapProtection.OutgoingEncryptionParts.ChannelParts);
            encryption.MakeReadOnly();
            MessagePartSpecification signature = new MessagePartSpecification();
            signature.Union(bootstrapProtection.IncomingSignatureParts.ChannelParts);
            signature.Union(bootstrapProtection.OutgoingSignatureParts.ChannelParts);
            signature.MakeReadOnly();

            // create final boostrap policy assertion

            XmlElement nestedPolicy = CreateWspPolicyWrapper(
                    exporter,
                    sp.CreateWsspSignedPartsAssertion(signature),
                    sp.CreateWsspEncryptedPartsAssertion(encryption));
            foreach (XmlElement e in sp.FilterWsspPolicyAssertions(policyContext.GetBindingAssertions()))
            {
                nestedPolicy.AppendChild(e);
            }
            XmlElement result = CreateWsspAssertion(BootstrapPolicyName);
            result.AppendChild(nestedPolicy);

            return result;
        }
コード例 #21
0
 public virtual XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(SecureConversationTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation),
             CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement)
     ));
     return result;
 }
コード例 #22
0
        public virtual XmlElement CreateTokenAssertion(MetadataExporter exporter, SecurityTokenParameters parameters, bool isOptional)
        {
            if (parameters == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("parameters");
            }

            XmlElement result;

            if (parameters is KerberosSecurityTokenParameters)
            {
                result = CreateWsspKerberosTokenAssertion(exporter, (KerberosSecurityTokenParameters)parameters);
            }
            else if (parameters is X509SecurityTokenParameters)
            {
                result = CreateWsspX509TokenAssertion(exporter, (X509SecurityTokenParameters)parameters);
            }
            else if (parameters is UserNameSecurityTokenParameters)
            {
                result = CreateWsspUsernameTokenAssertion(exporter, (UserNameSecurityTokenParameters)parameters);
            }
            else if (parameters is IssuedSecurityTokenParameters)
            {
                result = CreateWsspIssuedTokenAssertion(exporter, (IssuedSecurityTokenParameters)parameters);
            }
            else if (parameters is SspiSecurityTokenParameters)
            {
                result = CreateWsspSpnegoContextTokenAssertion(exporter, (SspiSecurityTokenParameters)parameters);
            }
            else if (parameters is SslSecurityTokenParameters)
            {
                result = CreateMsspSslContextTokenAssertion(exporter, (SslSecurityTokenParameters)parameters);
            }
            else if (parameters is SecureConversationSecurityTokenParameters)
            {
                result = CreateWsspSecureConversationTokenAssertion(exporter, (SecureConversationSecurityTokenParameters)parameters);
            }
            else if (parameters is RsaSecurityTokenParameters)
            {
                result = CreateWsspRsaTokenAssertion((RsaSecurityTokenParameters)parameters);
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("parameters"));
            }

            if (result != null && isOptional)
            {
                result.SetAttribute(OptionalName, exporter.PolicyVersion.Namespace, TrueName);
            }

            return result;
        }
コード例 #23
0
        public virtual XmlElement CreateWsspTransportBindingAssertion(MetadataExporter exporter, TransportSecurityBindingElement binding, XmlElement transportTokenAssertion)
        {
            XmlElement result = CreateWsspAssertion(TransportBindingName);
            result.AppendChild(
                CreateWspPolicyWrapper(
                    exporter,
                    CreateWsspTransportTokenAssertion(exporter, transportTokenAssertion),
                    CreateWsspAlgorithmSuiteAssertion(exporter, binding.DefaultAlgorithmSuite),
                    CreateWsspLayoutAssertion(exporter, binding.SecurityHeaderLayout),
                    CreateWsspIncludeTimestampAssertion(binding.IncludeTimestamp)
            ));

            return result;
        }
コード例 #24
0
 public virtual XmlElement CreateWsspKerberosTokenAssertion(MetadataExporter exporter, KerberosSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(KerberosTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateWsspAssertion(WssGssKerberosV5ApReqToken11Name)
     ));
     return result;
 }
コード例 #25
0
        public virtual XmlElement CreateWsspWss10Assertion(MetadataExporter exporter)
        {
            XmlElement result = CreateWsspAssertion(Wss10Name);
            result.AppendChild(
                CreateWspPolicyWrapper(
                    exporter,
                    CreateWsspAssertionMustSupportRefKeyIdentifierName(),
                    CreateWsspAssertionMustSupportRefIssuerSerialName()
            ));

            return result;
        }
コード例 #26
0
 public virtual XmlElement CreateWsspX509TokenAssertion(MetadataExporter exporter, X509SecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(X509TokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateX509ReferenceStyleAssertion(parameters.X509ReferenceStyle),
             CreateWsspAssertion(WssX509V3Token10Name)
     ));
     return result;
 }
コード例 #27
0
 public abstract XmlElement CreateWsspTrustAssertion(MetadataExporter exporter, SecurityKeyEntropyMode keyEntropyMode);
コード例 #28
0
 public virtual XmlElement CreateWsspUsernameTokenAssertion(MetadataExporter exporter, UserNameSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(UsernameTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspAssertion(WssUsernameToken10Name)
     ));
     return result;
 }
コード例 #29
0
 public virtual Collection<XmlElement> CreateWsspSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> signed, Collection<SecurityTokenParameters> signedEncrypted, Collection<SecurityTokenParameters> endorsing, Collection<SecurityTokenParameters> signedEndorsing, Collection<SecurityTokenParameters> optionalSigned, Collection<SecurityTokenParameters> optionalSignedEncrypted, Collection<SecurityTokenParameters> optionalEndorsing, Collection<SecurityTokenParameters> optionalSignedEndorsing)
 {
     return CreateWsspSupportingTokensAssertion(exporter, signed, signedEncrypted, endorsing, signedEndorsing, optionalSigned, optionalSignedEncrypted, optionalEndorsing, optionalSignedEndorsing, null);
 }
コード例 #30
0
 public virtual XmlElement CreateWsspIssuedTokenAssertion(MetadataExporter exporter, IssuedSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(IssuedTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     XmlElement issuerAssertion = CreateWsspIssuerElement(parameters.IssuerAddress, parameters.IssuerMetadataAddress);
     if (issuerAssertion != null)
     {
         result.AppendChild(issuerAssertion);
     }
     XmlElement tokenTemplate = CreateWsspAssertion(RequestSecurityTokenTemplateName);
     TrustDriver driver = this.TrustDriver;
     foreach (XmlElement p in parameters.CreateRequestParameters(driver))
     {
         tokenTemplate.AppendChild(doc.ImportNode(p, true));
     }
     result.AppendChild(tokenTemplate);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateReferenceStyleAssertion(parameters.ReferenceStyle)
     ));
     return result;
 }
コード例 #31
0
        protected XmlElement CreateWsspSignedSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> signed, Collection<SecurityTokenParameters> signedEncrypted, Collection<SecurityTokenParameters> optionalSigned, Collection<SecurityTokenParameters> optionalSignedEncrypted)
        {
            XmlElement result;

            if ((signed == null || signed.Count == 0)
                && (signedEncrypted == null || signedEncrypted.Count == 0)
                && (optionalSigned == null || optionalSigned.Count == 0)
                && (optionalSignedEncrypted == null || optionalSignedEncrypted.Count == 0))
            {
                result = null;
            }
            else
            {
                XmlElement policy = CreateWspPolicyWrapper(exporter);

                if (signed != null)
                {
                    foreach (SecurityTokenParameters p in signed)
                    {
                        policy.AppendChild(CreateTokenAssertion(exporter, p));
                    }
                }
                if (signedEncrypted != null)
                {
                    foreach (SecurityTokenParameters p in signedEncrypted)
                    {
                        policy.AppendChild(CreateTokenAssertion(exporter, p));
                    }
                }
                if (optionalSigned != null)
                {
                    foreach (SecurityTokenParameters p in optionalSigned)
                    {
                        policy.AppendChild(CreateTokenAssertion(exporter, p, true));
                    }
                }
                if (optionalSignedEncrypted != null)
                {
                    foreach (SecurityTokenParameters p in optionalSignedEncrypted)
                    {
                        policy.AppendChild(CreateTokenAssertion(exporter, p, true));
                    }
                }

                result = CreateWsspAssertion(SignedSupportingTokensName);
                result.AppendChild(policy);
            }

            return result;
        }
コード例 #32
0
        public virtual XmlElement CreateWspPolicyWrapper(MetadataExporter exporter, params XmlElement[] nestedAssertions)
        {
            XmlElement result = doc.CreateElement(WspPrefix, PolicyName, exporter.PolicyVersion.Namespace);

            if (nestedAssertions != null)
            {
                foreach (XmlElement e in nestedAssertions)
                {
                    if (e != null)
                    {
                        result.AppendChild(e);
                    }
                }
            }

            return result;
        }
コード例 #33
0
        protected XmlElement CreateWsspiSupportingTokensAssertion(MetadataExporter exporter, Collection<SecurityTokenParameters> endorsing, Collection<SecurityTokenParameters> optionalEndorsing, AddressingVersion addressingVersion, string assertionName)
        {
            XmlElement result;
            bool hasAssymetricKey = false;

            if ((endorsing == null || endorsing.Count == 0)
                && (optionalEndorsing == null || optionalEndorsing.Count == 0))
            {
                result = null;
            }
            else
            {
                XmlElement policy = CreateWspPolicyWrapper(exporter);

                if (endorsing != null)
                {
                    foreach (SecurityTokenParameters p in endorsing)
                    {
                        if (p.HasAsymmetricKey)
                            hasAssymetricKey = true;

                        policy.AppendChild(CreateTokenAssertion(exporter, p));
                    }
                }
                if (optionalEndorsing != null)
                {
                    foreach (SecurityTokenParameters p in optionalEndorsing)
                    {
                        if (p.HasAsymmetricKey)
                            hasAssymetricKey = true;

                        policy.AppendChild(CreateTokenAssertion(exporter, p, true));
                    }
                }
                if (addressingVersion != null && AddressingVersion.None != addressingVersion)
                {
                    // only add assertion to sign the 'To' only if an assymetric key is found
                    if (hasAssymetricKey)
                    {
                        policy.AppendChild(
                            CreateWsspSignedPartsAssertion(
                                new MessagePartSpecification(new XmlQualifiedName(AddressingStrings.To, addressingVersion.Namespace))));
                    }
                }

                result = CreateWsspAssertion(assertionName);
                result.AppendChild(policy);
            }

            return result;
        }
コード例 #34
0
 internal MetadataSet GenerateMetadata()
 {
     if ((this.behavior.ExternalMetadataLocation == null) || (this.behavior.ExternalMetadataLocation.ToString() == string.Empty))
     {
         if (this.metadataGenerationException != null)
         {
             throw this.metadataGenerationException;
         }
         try
         {
             MetadataExporter             metadataExporter = this.behavior.MetadataExporter;
             XmlQualifiedName             wsdlServiceQName = new XmlQualifiedName(this.description.Name, this.description.Namespace);
             Collection <ServiceEndpoint> endpoints        = new Collection <ServiceEndpoint>();
             foreach (ServiceEndpoint endpoint in this.description.Endpoints)
             {
                 ServiceMetadataContractBehavior behavior = endpoint.Contract.Behaviors.Find <ServiceMetadataContractBehavior>();
                 if (((behavior != null) && !behavior.MetadataGenerationDisabled) || ((behavior == null) && !endpoint.IsSystemEndpoint))
                 {
                     EndpointAddress    endpointAddress = null;
                     EndpointDispatcher listenerByID    = ServiceMetadataBehavior.GetListenerByID(this.host.ChannelDispatchers, endpoint.Id);
                     if (listenerByID != null)
                     {
                         endpointAddress = listenerByID.EndpointAddress;
                     }
                     ServiceEndpoint item = new ServiceEndpoint(endpoint.Contract)
                     {
                         Binding = endpoint.Binding,
                         Name    = endpoint.Name,
                         Address = endpointAddress
                     };
                     foreach (IEndpointBehavior behavior2 in endpoint.Behaviors)
                     {
                         item.Behaviors.Add(behavior2);
                     }
                     endpoints.Add(item);
                 }
             }
             WsdlExporter exporter2 = metadataExporter as WsdlExporter;
             if (exporter2 != null)
             {
                 exporter2.ExportEndpoints(endpoints, wsdlServiceQName);
             }
             else
             {
                 foreach (ServiceEndpoint endpoint3 in endpoints)
                 {
                     metadataExporter.ExportEndpoint(endpoint3);
                 }
             }
             if ((metadataExporter.Errors.Count > 0) && DiagnosticUtility.ShouldTraceWarning)
             {
                 TraceWsdlExportErrors(metadataExporter);
             }
             return(metadataExporter.GetGeneratedMetadata());
         }
         catch (Exception exception)
         {
             this.metadataGenerationException = exception;
             throw;
         }
     }
     return(null);
 }