public void Authenticate(ref MessageRpc rpc) { SecurityMessageProperty orCreate = SecurityMessageProperty.GetOrCreate(rpc.Request); ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies = orCreate.ServiceSecurityContext.AuthorizationPolicies; try { authorizationPolicies = this.serviceAuthenticationManager.Authenticate(orCreate.ServiceSecurityContext.AuthorizationPolicies, rpc.Channel.ListenUri, ref rpc.Request); if (authorizationPolicies == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("AuthenticationManagerShouldNotReturnNull"))); } } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } if (PerformanceCounters.PerformanceCountersEnabled) { PerformanceCounters.AuthenticationFailed(rpc.Request, rpc.Channel.ListenUri); } if (AuditLevel.Failure == (this.messageAuthenticationAuditLevel & AuditLevel.Failure)) { try { string identityNamesFromContext; AuthorizationContext authorizationContext = orCreate.ServiceSecurityContext.AuthorizationContext; if (authorizationContext != null) { identityNamesFromContext = System.ServiceModel.Security.SecurityUtils.GetIdentityNamesFromContext(authorizationContext); } else { identityNamesFromContext = System.ServiceModel.Security.SecurityUtils.AnonymousIdentity.Name; } SecurityAuditHelper.WriteMessageAuthenticationFailureEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Channel.ListenUri, rpc.Request.Headers.Action, identityNamesFromContext, exception); } catch (Exception exception2) { if (Fx.IsFatal(exception2)) { throw; } DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Error); } } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateFailedAuthenticationFaultException()); } rpc.Request.Properties.Security.ServiceSecurityContext.AuthorizationPolicies = authorizationPolicies; if (AuditLevel.Success == (this.messageAuthenticationAuditLevel & AuditLevel.Success)) { string name; AuthorizationContext authContext = orCreate.ServiceSecurityContext.AuthorizationContext; if (authContext != null) { name = System.ServiceModel.Security.SecurityUtils.GetIdentityNamesFromContext(authContext); } else { name = System.ServiceModel.Security.SecurityUtils.AnonymousIdentity.Name; } SecurityAuditHelper.WriteMessageAuthenticationSuccessEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Channel.ListenUri, rpc.Request.Headers.Action, name); } }
public void Authenticate(ref MessageRpc rpc) { SecurityMessageProperty security = SecurityMessageProperty.GetOrCreate(rpc.Request); ReadOnlyCollection <IAuthorizationPolicy> authPolicy = security.ServiceSecurityContext.AuthorizationPolicies; bool outputTiming = DS.AuthenticationIsEnabled(); Stopwatch sw = null; if (outputTiming) { sw = Stopwatch.StartNew(); } try { authPolicy = this.serviceAuthenticationManager.Authenticate(security.ServiceSecurityContext.AuthorizationPolicies, rpc.Channel.ListenUri, ref rpc.Request); if (authPolicy == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.AuthenticationManagerShouldNotReturnNull))); } if (outputTiming) { DS.Authentication(this.serviceAuthenticationManager.GetType(), true, sw.Elapsed); } } catch (Exception ex) { if (Fx.IsFatal(ex)) { throw; } if (outputTiming) { DS.Authentication(this.serviceAuthenticationManager.GetType(), false, sw.Elapsed); } if (PerformanceCounters.PerformanceCountersEnabled) { PerformanceCounters.AuthenticationFailed(rpc.Request, rpc.Channel.ListenUri); } if (AuditLevel.Failure == (this.messageAuthenticationAuditLevel & AuditLevel.Failure)) { try { string primaryIdentity; AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; if (authContext != null) { primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); } else { primaryIdentity = SecurityUtils.AnonymousIdentity.Name; } SecurityAuditHelper.WriteMessageAuthenticationFailureEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Channel.ListenUri, rpc.Request.Headers.Action, primaryIdentity, ex); } #pragma warning suppress 56500 catch (Exception auditException) { if (Fx.IsFatal(auditException)) { throw; } DiagnosticUtility.TraceHandledException(auditException, TraceEventType.Error); } } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateFailedAuthenticationFaultException()); } rpc.Request.Properties.Security.ServiceSecurityContext.AuthorizationPolicies = authPolicy; if (AuditLevel.Success == (this.messageAuthenticationAuditLevel & AuditLevel.Success)) { string primaryIdentity; AuthorizationContext authContext = security.ServiceSecurityContext.AuthorizationContext; if (authContext != null) { primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(authContext); } else { primaryIdentity = SecurityUtils.AnonymousIdentity.Name; } SecurityAuditHelper.WriteMessageAuthenticationSuccessEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Request, rpc.Channel.ListenUri, rpc.Request.Headers.Action, primaryIdentity); } }