static void Main(string[] args)
{
WSHttpBinding b = new WSHttpBinding();
Console.WriteLine("Анализируемая привязка {0} состоит из:",
b.GetType().Name);
BindingElementCollection elements = b.CreateBindingElements();
foreach (BindingElement element in elements)
Console.WriteLine("Базовая привязка {0}", element.GetType().FullName);
Console.WriteLine();
}
public void DefaultValues ()
{
WSHttpBinding b= new WSHttpBinding ();
// common tests
DefaultValues (b, "http");
// WSHttpSecurity
WSHttpSecurity sec = b.Security;
Assert.IsNotNull (sec, "#2-1");
Assert.AreEqual (SecurityMode.Message, sec.Mode, "#2-2");
// Security.Message
NonDualMessageSecurityOverHttp msg = sec.Message;
Assert.IsNotNull (msg, "#2-3");
Assert.AreEqual (true, msg.EstablishSecurityContext, "#2-3-1");
Assert.AreEqual (SecurityAlgorithmSuite.Default,
msg.AlgorithmSuite, "#2-3-2");
// it is not worthy of test, just for checking default value.
Assert.AreEqual (MessageCredentialType.Windows,
msg.ClientCredentialType, "#2-3-3");
Assert.AreEqual (true, msg.NegotiateServiceCredential, "#2-3-4");
// FIXME: test Security.Transport
Assert.IsNotNull (sec.Transport, "#2-4");
// Binding elements
BindingElementCollection bec = b.CreateBindingElements ();
Assert.AreEqual (4, bec.Count, "#5-1");
Assert.AreEqual (typeof (TransactionFlowBindingElement),
bec [0].GetType (), "#5-2");
Assert.AreEqual (typeof (SymmetricSecurityBindingElement),
bec [1].GetType (), "#5-3");
Assert.AreEqual (typeof (TextMessageEncodingBindingElement),
bec [2].GetType (), "#5-4");
Assert.AreEqual (typeof (HttpTransportBindingElement),
bec [3].GetType (), "#5-5");
}
public void MessageSecurityIssuedToken ()
{
WSHttpBinding binding = new WSHttpBinding ();
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.ClientCredentialType =
MessageCredentialType.IssuedToken;
SymmetricSecurityBindingElement sbe =
binding.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#1");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.Signed.Count, "#1-1");
Assert.AreEqual (1, sbe.EndpointSupportingTokenParameters.Endorsing.Count, "#1-2");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.SignedEndorsing.Count, "#1-3");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.SignedEncrypted.Count, "#1-4");
IssuedSecurityTokenParameters p =
sbe.EndpointSupportingTokenParameters.Endorsing [0]
as IssuedSecurityTokenParameters;
Assert.IsNotNull (p, "#2");
Assert.IsNotNull (p.ClaimTypeRequirements, "#2-1");
Assert.AreEqual (1, p.ClaimTypeRequirements.Count, "#2-2");
ClaimTypeRequirement r = p.ClaimTypeRequirements [0];
Assert.AreEqual (ClaimTypes.PPID, r.ClaimType, "#3-1");
Assert.IsFalse (r.IsOptional, "#3-2");
}
public void MessageSecurityUserName ()
{
WSHttpBinding binding = new WSHttpBinding ();
binding.Security.Message.NegotiateServiceCredential = false;
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.ClientCredentialType =
MessageCredentialType.UserName;
SymmetricSecurityBindingElement sbe =
binding.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#1");
Assert.AreEqual (false, sbe.RequireSignatureConfirmation, "#1-2");
X509SecurityTokenParameters sp =
sbe.ProtectionTokenParameters
as X509SecurityTokenParameters;
Assert.IsNotNull (sp, "#2");
Assert.AreEqual (SecurityTokenReferenceStyle.Internal,
sp.ReferenceStyle, "#3");
Assert.AreEqual (SecurityTokenInclusionMode.Never,
sp.InclusionMode, "#4");
UserNameSecurityTokenParameters up =
sbe.EndpointSupportingTokenParameters.SignedEncrypted [0]
as UserNameSecurityTokenParameters;
Assert.AreEqual (SecurityTokenReferenceStyle.Internal,
up.ReferenceStyle, "#5");
Assert.AreEqual (SecurityTokenInclusionMode.AlwaysToRecipient,
up.InclusionMode, "#6");
}
public void MessageSecuritySPNego ()
{
WSHttpBinding binding = new WSHttpBinding ();
SymmetricSecurityBindingElement sbe =
binding.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#1");
Assert.AreEqual (false, sbe.RequireSignatureConfirmation, "#1-2");
SecureConversationSecurityTokenParameters sp =
sbe.ProtectionTokenParameters
as SecureConversationSecurityTokenParameters;
Assert.IsNotNull (sp, "#2");
SymmetricSecurityBindingElement spbe =
sp.BootstrapSecurityBindingElement
as SymmetricSecurityBindingElement;
Assert.IsNotNull (spbe, "#3");
SspiSecurityTokenParameters p =
spbe.ProtectionTokenParameters
as SspiSecurityTokenParameters;
Assert.IsNotNull (p, "#4");
Assert.AreEqual (SecurityTokenReferenceStyle.Internal,
p.ReferenceStyle, "#5");
Assert.AreEqual (SecurityTokenInclusionMode.AlwaysToRecipient,
p.InclusionMode, "#6");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.Signed.Count, "#7");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.SignedEncrypted.Count, "#8");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.Endorsing.Count, "#9");
Assert.AreEqual (0, sbe.EndpointSupportingTokenParameters.SignedEndorsing.Count, "#10");
Assert.AreEqual (0, spbe.EndpointSupportingTokenParameters.Signed.Count, "#11");
Assert.AreEqual (0, spbe.EndpointSupportingTokenParameters.SignedEncrypted.Count, "#12");
Assert.AreEqual (0, spbe.EndpointSupportingTokenParameters.Endorsing.Count, "#13");
Assert.AreEqual (0, spbe.EndpointSupportingTokenParameters.SignedEndorsing.Count, "#14");
Assert.AreEqual (0, sbe.OptionalEndpointSupportingTokenParameters.Signed.Count, "#17");
Assert.AreEqual (0, sbe.OptionalEndpointSupportingTokenParameters.SignedEncrypted.Count, "#18");
Assert.AreEqual (0, sbe.OptionalEndpointSupportingTokenParameters.Endorsing.Count, "#19");
Assert.AreEqual (0, sbe.OptionalEndpointSupportingTokenParameters.SignedEndorsing.Count, "#110");
Assert.AreEqual (0, spbe.OptionalEndpointSupportingTokenParameters.Signed.Count, "#21");
Assert.AreEqual (0, spbe.OptionalEndpointSupportingTokenParameters.SignedEncrypted.Count, "#22");
Assert.AreEqual (0, spbe.OptionalEndpointSupportingTokenParameters.Endorsing.Count, "#23");
Assert.AreEqual (0, spbe.OptionalEndpointSupportingTokenParameters.SignedEndorsing.Count, "#24");
}
public void MessageSecurityCertificateNego ()
{
WSHttpBinding binding = new WSHttpBinding ();
binding.Security.Message.ClientCredentialType =
MessageCredentialType.Certificate;
SymmetricSecurityBindingElement sbe =
binding.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#1");
Assert.AreEqual (false, sbe.RequireSignatureConfirmation, "#1-2");
SecureConversationSecurityTokenParameters sp =
sbe.ProtectionTokenParameters
as SecureConversationSecurityTokenParameters;
Assert.IsNotNull (sp, "#2");
SymmetricSecurityBindingElement spbe =
sp.BootstrapSecurityBindingElement
as SymmetricSecurityBindingElement;
Assert.IsNotNull (spbe, "#3");
SslSecurityTokenParameters p =
spbe.ProtectionTokenParameters
as SslSecurityTokenParameters;
Assert.IsNotNull (p, "#4");
Assert.AreEqual (SecurityTokenReferenceStyle.Internal,
p.ReferenceStyle, "#5");
Assert.AreEqual (SecurityTokenInclusionMode.AlwaysToRecipient,
p.InclusionMode, "#6");
}
public void MessageSecurityNoSecureConversation ()
{
WSHttpBinding b = new WSHttpBinding ();
b.Security.Message.EstablishSecurityContext = false;
SymmetricSecurityBindingElement sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#0");
Assert.AreEqual (
typeof (SspiSecurityTokenParameters),
sbe.ProtectionTokenParameters.GetType (), "#1");
// no worthy to check SSPI security as we never support it.
b.Security.Message.ClientCredentialType = MessageCredentialType.None;
sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
SslSecurityTokenParameters ssltp =
sbe.ProtectionTokenParameters
as SslSecurityTokenParameters;
Assert.IsNotNull(ssltp, "#2-1");
Assert.AreEqual (true, ssltp.RequireCancellation, "#2-2");
Assert.AreEqual (false, ssltp.RequireClientCertificate, "#2-3");
b.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
ssltp = sbe.ProtectionTokenParameters as SslSecurityTokenParameters;
Assert.IsNotNull(ssltp, "#3-1");
// No NegotiateServiceCredential modes ...
b.Security.Message.NegotiateServiceCredential = false;
b.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
KerberosSecurityTokenParameters ktp =
sbe.ProtectionTokenParameters
as KerberosSecurityTokenParameters;
Assert.IsNotNull (ktp, "#4-1");
// no worthy of testing windows-only Kerberos stuff
b.Security.Message.ClientCredentialType = MessageCredentialType.None;
sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
X509SecurityTokenParameters x509tp =
sbe.ProtectionTokenParameters
as X509SecurityTokenParameters;
Assert.IsNotNull (x509tp, "#5-1");
Assert.AreEqual (X509KeyIdentifierClauseType.Thumbprint, x509tp.X509ReferenceStyle, "#5-2");
Assert.AreEqual (SecurityTokenInclusionMode.Never, x509tp.InclusionMode, "#5-3");
b.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.AreEqual (1, sbe.EndpointSupportingTokenParameters.Endorsing.Count, "#6-0");
x509tp = sbe.EndpointSupportingTokenParameters.Endorsing [0] as X509SecurityTokenParameters;
Assert.IsNotNull (x509tp, "#6-1");
Assert.AreEqual (X509KeyIdentifierClauseType.Thumbprint, x509tp.X509ReferenceStyle, "#6-2");
Assert.AreEqual (SecurityTokenInclusionMode.AlwaysToRecipient, x509tp.InclusionMode, "#6-3");
Assert.AreEqual (false, x509tp.RequireDerivedKeys, "#6-4");
x509tp = sbe.ProtectionTokenParameters as X509SecurityTokenParameters;
Assert.IsNotNull (x509tp, "#7-1");
Assert.AreEqual (X509KeyIdentifierClauseType.Thumbprint, x509tp.X509ReferenceStyle, "#7-2");
Assert.AreEqual (SecurityTokenInclusionMode.Never, x509tp.InclusionMode, "#7-3");
Assert.AreEqual (true, x509tp.RequireDerivedKeys, "#7-4");
Assert.AreEqual (true, sbe.RequireSignatureConfirmation, "#8");
}
public void DefaultMessageSecurity ()
{
WSHttpBinding b = new WSHttpBinding ();
SymmetricSecurityBindingElement sbe = b.CreateBindingElements ().Find<SymmetricSecurityBindingElement> ();
Assert.IsNotNull (sbe, "#0");
SecureConversationSecurityTokenParameters p =
sbe.ProtectionTokenParameters as SecureConversationSecurityTokenParameters;
Assert.IsNotNull (p, "#1");
SymmetricSecurityBindingElement scbe =
p.BootstrapSecurityBindingElement as SymmetricSecurityBindingElement;
Assert.IsNotNull (scbe, "#1.1");
// since the default w/o SecureConv is SSPI ...
Assert.IsTrue (scbe.ProtectionTokenParameters is SspiSecurityTokenParameters, "#1.2");
Assert.AreEqual (SecurityAlgorithmSuite.Default,
sbe.DefaultAlgorithmSuite, "#2");
SupportingTokenParameters s =
sbe.EndpointSupportingTokenParameters;
Assert.IsNotNull (s, "#3");
Assert.AreEqual (0, s.Endorsing.Count, "#3-1");
Assert.AreEqual (0, s.Signed.Count, "#3-2");
Assert.AreEqual (0, s.SignedEndorsing.Count, "#3-3");
Assert.AreEqual (0, s.SignedEncrypted.Count, "#3-4");
Assert.AreEqual (0, sbe.OperationSupportingTokenParameters.Count, "#4");
s = sbe.OptionalEndpointSupportingTokenParameters;
Assert.IsNotNull (s, "#5");
Assert.AreEqual (0, s.Endorsing.Count, "#5-1");
Assert.AreEqual (0, s.Signed.Count, "#5-2");
Assert.AreEqual (0, s.SignedEndorsing.Count, "#5-3");
Assert.AreEqual (0, s.SignedEncrypted.Count, "#5-4");
Assert.AreEqual (0, sbe.OptionalOperationSupportingTokenParameters.Count, "#6");
}
public void DefaultTransactionFlow ()
{
WSHttpBinding b = new WSHttpBinding ();
foreach (BindingElement be in b.CreateBindingElements ()) {
TransactionFlowBindingElement tbe =
be as TransactionFlowBindingElement;
if (tbe == null)
continue;
Assert.AreEqual (TransactionProtocol.WSAtomicTransactionOctober2004,
tbe.TransactionProtocol, "#1");
return;
}
Assert.Fail ("No transaction flow binding element.");
}
public void DefaultHttpTransport ()
{
WSHttpBinding b = new WSHttpBinding ();
foreach (BindingElement be in b.CreateBindingElements ()) {
HttpTransportBindingElement tbe =
be as HttpTransportBindingElement;
if (tbe == null)
continue;
Assert.AreEqual (false, tbe.AllowCookies, "#1");
Assert.AreEqual (AuthenticationSchemes.Anonymous, tbe.AuthenticationScheme, "#2");
Assert.AreEqual (false, tbe.BypassProxyOnLocal, "#3");
Assert.AreEqual (HostNameComparisonMode.StrongWildcard, tbe.HostNameComparisonMode, "#4");
Assert.AreEqual (true, tbe.KeepAliveEnabled, "#5");
Assert.AreEqual (false, tbe.ManualAddressing, "#6");
Assert.AreEqual (0x80000, tbe.MaxBufferPoolSize, "#7");
Assert.AreEqual (0x10000, tbe.MaxBufferSize, "#8");
Assert.AreEqual (0x10000, tbe.MaxReceivedMessageSize, "#9");
Assert.IsNull (tbe.ProxyAddress, "#10");
Assert.AreEqual (AuthenticationSchemes.Anonymous, tbe.ProxyAuthenticationScheme, "#11");
Assert.AreEqual ("", tbe.Realm, "#12");
Assert.AreEqual (TransferMode.Buffered, tbe.TransferMode, "#13");
Assert.AreEqual (true, tbe.UseDefaultWebProxy, "#14");
return;
}
Assert.Fail ("No transport binding element.");
}
public void DefaultMessageEncoding ()
{
WSHttpBinding b = new WSHttpBinding ();
foreach (BindingElement be in b.CreateBindingElements ()) {
MessageEncodingBindingElement mbe =
be as MessageEncodingBindingElement;
if (mbe == null)
continue;
MessageEncoderFactory f = mbe.CreateMessageEncoderFactory ();
MessageEncoder e = f.Encoder;
Assert.AreEqual (typeof (TextMessageEncodingBindingElement), mbe.GetType (), "#1-1");
Assert.AreEqual (MessageVersion.Default, f.MessageVersion, "#2-1");
Assert.AreEqual ("application/soap+xml; charset=utf-8", e.ContentType, "#3-1");
Assert.AreEqual ("application/soap+xml", e.MediaType, "#3-2");
return;
}
Assert.Fail ("No message encodiing binding element.");
}
//Create a custom binding using a WsHttpBinding
public static Binding CreateCustomSecurityBinding()
{
WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);
//Clients are anonymous to the service
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;
//Secure conversation is turned off for simplification. If secure conversation is turned on then
//you also need to set the IdentityVerifier on the secureconversation bootstrap binding.
binding.Security.Message.EstablishSecurityContext = false;
//Get the SecurityBindingElement and cast to a SymmetricSecurityBindingElement to set the IdentityVerifier
BindingElementCollection outputBec = binding.CreateBindingElements();
SymmetricSecurityBindingElement ssbe = (SymmetricSecurityBindingElement)outputBec.Find<SecurityBindingElement>();
//Set the Custom IdentityVerifier
ssbe.LocalClientSettings.IdentityVerifier = new CustomIdentityVerifier();
return new CustomBinding(outputBec);
}
// ws1:anonymouse
public static System.ServiceModel.Channels.Binding CreateWs1Binding()
{
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;
binding.MaxReceivedMessageSize = MAX_RECEIVE_MESSAGE_SIZE;
binding.MessageEncoding = WSMessageEncoding.Mtom;
XmlDictionaryReaderQuotas quotas = new XmlDictionaryReaderQuotas();
quotas.MaxArrayLength = 1024 * 1024;
quotas.MaxStringContentLength = 1024 * 1024;
binding.ReaderQuotas = quotas;
SetTimeout(binding);
//binding.ReliableSession.Enabled = true;
binding.ReliableSession.InactivityTimeout = new TimeSpan(0, 20, 0);
// return binding;
#if NO
//Clients are anonymous to the service.
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;
//Secure conversation is turned off for simplification. If secure conversation is turned on, then
//you also need to set the IdentityVerifier on the secureconversation bootstrap binding.
// binding.Security.Message.EstablishSecurityContext = false;
// Get the SecurityBindingElement and cast to a SymmetricSecurityBindingElement to set the IdentityVerifier.
BindingElementCollection outputBec = binding.CreateBindingElements();
SymmetricSecurityBindingElement ssbe = (SymmetricSecurityBindingElement)outputBec.Find<SecurityBindingElement>();
//Set the Custom IdentityVerifier.
ssbe.LocalClientSettings.IdentityVerifier = new CustomIdentityVerifier();
return new CustomBinding(outputBec);
#endif
// Get the SecurityBindingElement and cast to a SymmetricSecurityBindingElement to set the IdentityVerifier.
BindingElementCollection outputBec = binding.CreateBindingElements();
SymmetricSecurityBindingElement ssbe = (SymmetricSecurityBindingElement)outputBec.Find<SecurityBindingElement>();
//Set the Custom IdentityVerifier.
ssbe.LocalClientSettings.IdentityVerifier = new CustomIdentityVerifier();
//
// Get the System.ServiceModel.Security.Tokens.SecureConversationSecurityTokenParameters
SecureConversationSecurityTokenParameters secureTokenParams =
(SecureConversationSecurityTokenParameters)ssbe.ProtectionTokenParameters;
// From the collection, get the bootstrap element.
SecurityBindingElement bootstrap = secureTokenParams.BootstrapSecurityBindingElement;
// Set the MaxClockSkew on the bootstrap element.
bootstrap.LocalClientSettings.IdentityVerifier = new CustomIdentityVerifier();
return new CustomBinding(outputBec);
}
