public override bool CheckAccess(OperationContext operationContext, ref Message message) { base.CheckAccess(operationContext, ref message); string action = operationContext.IncomingMessageHeaders.Action; if (action == "urn:msdnmag/IService/GetRoles") { // messags in WCF are always read-once // we create one copy to work with, and one copy to return back to the plumbing MessageBuffer buffer = operationContext.RequestContext.RequestMessage.CreateBufferedCopy(int.MaxValue); message = buffer.CreateMessage(); // get the username vale using XPath XPathNavigator nav = buffer.CreateNavigator(); StandardNamespaceManager nsm = new StandardNamespaceManager(nav.NameTable); nsm.AddNamespace("msdn", "urn:msdnmag"); XPathNavigator node = nav.SelectSingleNode("s:Envelope/s:Body/msdn:GetRoles/msdn:username", nsm); string parameter = node.InnerXml; // check authorization if (operationContext.ServiceSecurityContext.PrimaryIdentity.Name == parameter) { return(true); } else { return(GetPrincipal(operationContext).IsInRole("administrators")); } } return(true); }
/// <summary> /// Converts the message buffer to the message which is actually journalled in /// the database. This will follow/respect the configuration settings and /// apply the necessary transformations. /// </summary> /// <param name="emit">Whether to obtain the message from the buffer or not.</param> /// <param name="buffer">Buffer containing message.</param> /// <returns>XML message to journal.</returns> private static string ToMessage(bool emit, MessageBuffer buffer) { #region Validations if (buffer == null) { throw new ArgumentNullException(nameof(buffer)); } #endregion if (emit == false) { return("<not-journaled />"); } /* * */ XPathNavigator nav = buffer.CreateNavigator(); string message = nav.OuterXml; return(message); }
private Message TransformMessage(Message oldMessage) { Message newMessage = null; MessageBuffer msgbuf = oldMessage.CreateBufferedCopy(int.MaxValue); XPathNavigator nav = msgbuf.CreateNavigator(); //load the old message into xmldocument MemoryStream ms = new MemoryStream(); XmlWriter xw = XmlWriter.Create(ms); nav.WriteSubtree(xw); xw.Flush(); xw.Close(); ms.Position = 0; XDocument xdoc = XDocument.Load( XmlReader.Create(ms) ); string sXML = xdoc.ToString(); //perform transformation var strElms = xdoc.Descendants(XName.Get("StringValue", "urn:test:datacontracts")); foreach (XElement strElm in strElms) { strElm.Value = "[Modified in SimpleMessageInspector]" + strElm.Value; } XDocument xdoc1 = XDocument.Parse(sXML); //xdoc = XDocument.Parse(sXML); xw = XmlWriter.Create(ms); ms.Position = 0; xdoc.Save( xw ); xw.Flush(); xw.Close(); ms.Position = 0; StreamReader sr = new StreamReader(ms); Console.WriteLine(sr.ReadToEnd()); //create the new message ms.Position = 0; XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader( ms, new XmlDictionaryReaderQuotas() ); newMessage = Message.CreateMessage(xdr, int.MaxValue, oldMessage.Version); return(newMessage); }
public void TestCreateNavigator() { Message m = Message.CreateMessage(MessageVersion.Default, "http://tempuri.org/"); MessageBuffer mb = m.CreateBufferedCopy(1024); XPathNavigator nav = mb.CreateNavigator(); Assert.IsTrue(nav is SeekableXPathNavigator); }
public override bool Match(MessageBuffer buffer) { XPathExpression expr = XPathExpression.Compile(string.Format("////value == {0}", _filterParam)); XPathNavigator navigator = buffer.CreateNavigator(); return(navigator.Matches(expr)); //XDocument doc = await GetMessageEnvelope(buffer); //return Match(doc); }
/*Atención: * Los procedimientos aquí realizados son basados y cumplen con la especificación * OASIS Web Service Security 1.1 * (https://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf), * La especificación XML Encryption Syntax and Processing(https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html) * y la Espeficación XML Signature Syntax and Processing(https://www.w3.org/TR/xmldsig-core1/) * No cambiar nada de lo que hay acá, inclusive el orden de los elementos puede causar errores fatales en * el servidor al querer procesar el mensaje. * Si se quiere cambiar algo, por favor, guiarse y adherirse a la especificación de OASIS Web Service Security 1.1 */ public static Message GetSignedRequest(ref Message unsignedRequest) { #region Obtener el XML del Message MessageBuffer messageBuffer = unsignedRequest.CreateBufferedCopy(Int32.MaxValue); //Crea una copia de request en el Buffer de tamaño Int32.MaxValue XPathNavigator xpathNavigator = messageBuffer.CreateNavigator(); //Creamos un Cursor para navegar a través del mensaje xml (messageBuffer) //Cargar el mensaje en un documento xml. MemoryStream memoryStream = new MemoryStream(); XmlWriter escritorXml = XmlWriter.Create(memoryStream); xpathNavigator.WriteSubtree(escritorXml); escritorXml.Flush(); escritorXml.Close(); memoryStream.Position = 0; //Creamos un documento XML vacio XmlDocument xmldoc = new XmlDocument() { PreserveWhitespace = true }; xmldoc.Load(XmlReader.Create(memoryStream)); #endregion PrepararXml(ref xmldoc); //Obtenemos los certificados requeridos para Firmas y Encriptar. //Aquí comienza la magia. X509Certificate2 certificadoconllaveprivada = RetrieveCertificate(true, "cf0b691745fd90204f387214e49ffc3e7b48f3c0"); X509Certificate2 certificadopublico = RetrieveCertificate(false, "3febb2423e8baf23ae4ee30672551e766f0a536b"); #region Obtener el XML firmado y encriptado y lo convierte en un objeto Message XmlDocument newxml = FirmaryEncriptarSoapRequest(xmldoc, certificadoconllaveprivada, certificadopublico); newxml.PreserveWhitespace = true; escritorXml = XmlWriter.Create(memoryStream); memoryStream.Position = 0; newxml.Save(escritorXml); escritorXml.Flush(); escritorXml.Close(); memoryStream.Position = 0; XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader(memoryStream, new XmlDictionaryReaderQuotas()); Message newMessage = Message.CreateMessage(xdr, Int32.MaxValue, unsignedRequest.Version); newMessage.Properties.CopyProperties(unsignedRequest.Properties); #endregion return(newMessage); }
public override bool Match(MessageBuffer buffer) { if (_filterExpression == null) { _filterExpression = XPathExpression.Compile($"////value == {_filterParam}"); } XPathNavigator navigator = buffer.CreateNavigator(); return(navigator.Matches(_filterExpression)); //XDocument doc = await GetMessageEnvelope(buffer); //return Match(doc); }
/// <summary> /// Returns a StringBuilder containing the contents of the given message buffer. /// </summary> /// <param name="messageBuffer"></param> /// <returns></returns> protected StringBuilder GetMessageBufferAsStringBuilder(MessageBuffer messageBuffer) { XPathNavigator nav = messageBuffer.CreateNavigator(); XmlDocument navDoc = new XmlDocument(); navDoc.LoadXml(nav.OuterXml); StringBuilder sb = new StringBuilder(); sb.Append(navDoc.ChildNodes[0].ChildNodes[1].InnerXml); return(sb); }
internal static Message GetDecryptedResponse(ref Message reply) { #region Obtener el XML del Message MessageBuffer messageBuffer = reply.CreateBufferedCopy(Int32.MaxValue); //Crea una copia de request en el Buffer de tamaño Int32.MaxValue XPathNavigator xpathNavigator = messageBuffer.CreateNavigator(); //Creamos un Cursor para navegar a través del mensaje xml (messageBuffer) //Cargar el mensaje en un documento xml. MemoryStream memoryStream = new MemoryStream(); XmlWriter escritorXml = XmlWriter.Create(memoryStream); xpathNavigator.WriteSubtree(escritorXml); escritorXml.Flush(); escritorXml.Close(); memoryStream.Position = 0; //Creamos un documento XML vacio XmlDocument xmldoc = new XmlDocument() { PreserveWhitespace = true }; xmldoc.Load(XmlReader.Create(memoryStream)); #endregion #region Desencriptar la respuesta. X509Certificate2 certificadoconllaveprivada = RetrieveCertificate(true, "cf0b691745fd90204f387214e49ffc3e7b48f3c0"); #endregion #region Crear un message a partir del XML desencriptado. XmlDocument newxml = Decrypt(xmldoc, certificadoconllaveprivada); newxml.PreserveWhitespace = true; escritorXml = XmlWriter.Create(memoryStream); memoryStream.Position = 0; newxml.Save(escritorXml); escritorXml.Flush(); escritorXml.Close(); memoryStream.Position = 0; XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader(memoryStream, new XmlDictionaryReaderQuotas()); Message newMessage = Message.CreateMessage(xdr, Int32.MaxValue, reply.Version); newMessage.Properties.CopyProperties(reply.Properties); #endregion return(newMessage); }