protected SendSecurityHeader ConfigureSendSecurityHeader(Message message, string actor, IList <SupportingTokenSpecification> supportingTokens, SecurityProtocolCorrelationState correlationState)
{
System.ServiceModel.Security.MessageSecurityProtocolFactory messageSecurityProtocolFactory = this.MessageSecurityProtocolFactory;
SendSecurityHeader securityHeader = base.CreateSendSecurityHeader(message, actor, messageSecurityProtocolFactory);
securityHeader.SignThenEncrypt = messageSecurityProtocolFactory.MessageProtectionOrder != MessageProtectionOrder.EncryptBeforeSign;
securityHeader.EncryptPrimarySignature = messageSecurityProtocolFactory.MessageProtectionOrder == MessageProtectionOrder.SignBeforeEncryptAndEncryptSignature;
if (messageSecurityProtocolFactory.DoRequestSignatureConfirmation && (correlationState != null))
{
if (messageSecurityProtocolFactory.ActAsInitiator)
{
securityHeader.MaintainSignatureConfirmationState = true;
securityHeader.CorrelationState = correlationState;
}
else if (correlationState.SignatureConfirmations != null)
{
securityHeader.AddSignatureConfirmations(correlationState.SignatureConfirmations);
}
}
string action = message.Headers.Action;
if (this.factory.ApplyIntegrity)
{
securityHeader.SignatureParts = this.factory.GetOutgoingSignatureParts(action);
}
if (messageSecurityProtocolFactory.ApplyConfidentiality)
{
securityHeader.EncryptionParts = this.factory.GetOutgoingEncryptionParts(action);
}
base.AddSupportingTokens(securityHeader, supportingTokens);
return(securityHeader);
}
protected SendSecurityHeader ConfigureSendSecurityHeader(Message message, string actor, IList <SupportingTokenSpecification> supportingTokens, SecurityProtocolCorrelationState correlationState)
{
MessageSecurityProtocolFactory factory = this.MessageSecurityProtocolFactory;
SendSecurityHeader securityHeader = CreateSendSecurityHeader(message, actor, factory);
securityHeader.SignThenEncrypt = factory.MessageProtectionOrder != MessageProtectionOrder.EncryptBeforeSign;
// If ProtectTokens is enabled then we make sure that both the client side and the service side sign the primary token
// ( if it is an issued token, the check exists in sendsecurityheader)in the primary signature while sending a message.
securityHeader.ShouldProtectTokens = factory.SecurityBindingElement.ProtectTokens;
securityHeader.EncryptPrimarySignature = factory.MessageProtectionOrder == MessageProtectionOrder.SignBeforeEncryptAndEncryptSignature;
if (factory.DoRequestSignatureConfirmation && correlationState != null)
{
if (factory.ActAsInitiator)
{
securityHeader.MaintainSignatureConfirmationState = true;
securityHeader.CorrelationState = correlationState;
}
else if (correlationState.SignatureConfirmations != null)
{
securityHeader.AddSignatureConfirmations(correlationState.SignatureConfirmations);
}
}
string action = message.Headers.Action;
if (this.factory.ApplyIntegrity)
{
securityHeader.SignatureParts = this.factory.GetOutgoingSignatureParts(action);
}
if (factory.ApplyConfidentiality)
{
securityHeader.EncryptionParts = this.factory.GetOutgoingEncryptionParts(action);
}
AddSupportingTokens(securityHeader, supportingTokens);
return(securityHeader);
}
