public static SecurityTokenProvider GetCertificateTokenProvider( SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, ChannelParameterCollection channelParameters) { if (tokenManager != null) { InitiatorServiceModelSecurityTokenRequirement certificateTokenRequirement = new InitiatorServiceModelSecurityTokenRequirement(); certificateTokenRequirement.TokenType = SecurityTokenTypes.X509Certificate; certificateTokenRequirement.TargetAddress = target; certificateTokenRequirement.Via = via; certificateTokenRequirement.RequireCryptographicToken = false; certificateTokenRequirement.TransportScheme = transportScheme; if (channelParameters != null) { certificateTokenRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } return(tokenManager.CreateSecurityTokenProvider(certificateTokenRequirement)); } return(null); }
public override SecurityTokenAuthenticator CreateTokenAuthenticator(SecurityTokenParameters p, out SecurityTokenResolver resolver) { resolver = null; // This check might be almost extra, though it is // needed to check correct signing token existence. // // Not sure if it is limited to this condition, but // Ssl parameters do not support token provider and // still do not fail. X509 parameters do fail. if (!RecipientParameters.InternalSupportsServerAuthentication) { return(null); } SecurityTokenRequirement r = CreateRequirement(); r.Properties [ReqType.MessageDirectionProperty] = MessageDirection.Input; InitializeRequirement(p, r); return(SecurityTokenManager.CreateSecurityTokenAuthenticator(r, out resolver)); }
protected void SetSecurityTokenAuthenticator(string scheme, BindingContext context) { if (base.ReceiveParameters.TransportSecurity.MsmqAuthenticationMode == MsmqAuthenticationMode.Certificate) { SecurityTokenResolver resolver; SecurityCredentialsManager manager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (manager == null) { manager = ServiceCredentials.CreateDefaultCredentials(); } SecurityTokenManager manager2 = manager.CreateSecurityTokenManager(); RecipientServiceModelSecurityTokenRequirement tokenRequirement = new RecipientServiceModelSecurityTokenRequirement { TokenType = SecurityTokenTypes.X509Certificate, TransportScheme = scheme, ListenUri = this.Uri, KeyUsage = SecurityKeyUsage.Signature }; this.x509SecurityTokenAuthenticator = manager2.CreateSecurityTokenAuthenticator(tokenRequirement, out resolver); } }
public static SecurityTokenProvider GetDigestTokenProvider(SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, AuthenticationSchemes authenticationScheme, ChannelParameterCollection channelParameters) { if (tokenManager == null) { return(null); } InitiatorServiceModelSecurityTokenRequirement tokenRequirement = new InitiatorServiceModelSecurityTokenRequirement { TokenType = ServiceModelSecurityTokenTypes.SspiCredential, TargetAddress = target, Via = via, RequireCryptographicToken = false, TransportScheme = transportScheme }; tokenRequirement.Properties[ServiceModelSecurityTokenRequirement.HttpAuthenticationSchemeProperty] = authenticationScheme; if (channelParameters != null) { tokenRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } return(tokenManager.CreateSecurityTokenProvider(tokenRequirement) as SspiSecurityTokenProvider); }
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement, BindingContext context, bool isClient) : base(context.Binding) { Contract.Assert(isClient, ".NET Core and .NET Native does not support server side"); _extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts; _protectionLevel = bindingElement.ProtectionLevel; _scheme = context.Binding.Scheme; _isClient = isClient; _listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { credentialProvider = ClientCredentials.CreateDefaultCredentials(); } _securityTokenManager = credentialProvider.CreateSecurityTokenManager(); }
void CallBegin(bool completedSynchronously) { IAsyncResult result = null; Exception exception = null; try { CardSpacePolicyElement[] chain; SecurityTokenManager tokenManager = credentials.CreateSecurityTokenManager(); requiresInfoCard = InfoCardHelper.IsInfocardRequired(binding, credentials, tokenManager, proxy.RemoteAddress, out chain, out relyingPartyIssuer); MessageSecurityVersion bindingSecurityVersion = InfoCardHelper.GetBindingSecurityVersionOrDefault(binding); WSSecurityTokenSerializer tokenSerializer = WSSecurityTokenSerializer.DefaultInstance; result = credentials.GetInfoCardTokenCallback.BeginInvoke(requiresInfoCard, chain, tokenManager.CreateSecurityTokenSerializer(bindingSecurityVersion.SecurityTokenVersion), callback, this); } catch (Exception e) { if (Fx.IsFatal(e)) { throw; } exception = e; } if (exception == null) { if (!result.CompletedSynchronously) { return; } this.CallEnd(result, out exception); } if (exception != null) { return; } this.CallComplete(completedSynchronously, null); }
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement, BindingContext context, bool isClient) : base(context.Binding) { this.extractGroupsForWindowsAccounts = true; this.protectionLevel = bindingElement.ProtectionLevel; this.scheme = context.Binding.Scheme; this.isClient = isClient; this.listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityCredentialsManager manager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (manager == null) { if (isClient) { manager = ClientCredentials.CreateDefaultCredentials(); } else { manager = ServiceCredentials.CreateDefaultCredentials(); } } this.securityTokenManager = manager.CreateSecurityTokenManager(); }
internal SecurityProtocolFactory(SecurityProtocolFactory factory) : this() { if (factory == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(factory)); } ActAsInitiator = factory.ActAsInitiator; _addTimestamp = factory._addTimestamp; _detectReplays = factory._detectReplays; _incomingAlgorithmSuite = factory._incomingAlgorithmSuite; _maxCachedNonces = factory._maxCachedNonces; _maxClockSkew = factory._maxClockSkew; _outgoingAlgorithmSuite = factory._outgoingAlgorithmSuite; _replayWindow = factory._replayWindow; _channelSupportingTokenAuthenticatorSpecification = new Collection <SupportingTokenAuthenticatorSpecification>(new List <SupportingTokenAuthenticatorSpecification>(factory._channelSupportingTokenAuthenticatorSpecification)); _standardsManager = factory._standardsManager; _timestampValidityDuration = factory._timestampValidityDuration; _securityBindingElement = (SecurityBindingElement)factory._securityBindingElement?.Clone(); _securityTokenManager = factory._securityTokenManager; _nonceCache = factory._nonceCache; }
private void ValidateToken(HeContext heContext, int userId, int tenantId, string eSpaceKey) { if (!HttpContext.Current.Request.Headers.AllKeys.Contains("Authorization")) { // check if in compatibility mode with pre-O11 versions if (RuntimePlatformSettings.Authentication.ReferencesAllowLegacyAuth.GetValue()) { // Check if the request is from a valid IP if (!NetworkInterfaceUtils.IsLoopbackAddress(HttpContext.Current.Request.UserHostAddress)) { ErrorLog.StaticWrite(DateTime.Now, heContext.Session.SessionID, heContext.AppInfo != null ? heContext.AppInfo.eSpaceId: 0, heContext.AppInfo != null ? heContext.AppInfo.Tenant.Id: 0, heContext.Session.UserId, "Access to ActivityActionsHandler with invalid IP: " + HttpContext.Current.Request.UserHostAddress, "The activity actions handler can only be accessed by the 127.0.0.1 IP", "BPM"); throw new Exception("The activity actions handler can only be accessed by the 127.0.0.1 IP"); } else { // Request is valid in compatibility mode return; } } else { throw new Exception("Token validation failed"); } } SecurityTokenManager.ValidateAuthorizationHeader( RuntimeSettingsProvider.Instance, HttpContext.Current.Request.Headers["Authorization"], userId, tenantId, eSpaceKey); }
public string FindAllByDate(string securityToken, string beginDate, string endDate, int length) { try { StringBuilder outString = new StringBuilder(); string applicationId = SecurityTokenManager.Authenticate(securityToken); string whereClause = string.Format(" ApplicationId = ##{0}## AND ( CreateDate > ##{1}## AND CreateDate < ##{2}## ) ", applicationId, beginDate, endDate); IList <TaskWorkItemInfo> list = TasksContext.Instance.TaskService.FindAll(whereClause, length); outString.AppendLine("<?xml version=\"1.0\" encoding=\"utf-8\"?>"); outString.Append("<root>"); foreach (TaskWorkItemInfo item in list) { // outString.Append(item.Serializable()); } outString.Append("</root>"); return(outString.ToString()); } catch (Exception ex) { return(string.Format("SecurityToken:{0}\r\nBeginDate:{1}\r\nEndDate:{2}\r\nLength:{3}\r\nException:{4}", securityToken, beginDate, endDate, length, ex.ToString())); } }
public string FindAllByLoginName(string securityToken, string loginName, int length) { try { StringBuilder outString = new StringBuilder(); string applicationId = SecurityTokenManager.Authenticate(securityToken); IAccountInfo account = Membership.MembershipManagement.Instance.AccountService.FindOneByLoginName(loginName); string whereClause = string.Format(" ApplicationId = ##{0}## AND ( SenderId = ##{1}## OR Id IN ( SELECT TaskId FROM TaskReceiver WHERE ReceiverId = ##{1}## ))", applicationId, account.Id); IList <TaskWorkItemInfo> list = TasksContext.Instance.TaskService.FindAll(whereClause, length); outString.AppendLine("<?xml version=\"1.0\" encoding=\"utf-8\"?>"); outString.Append("<root>"); foreach (TaskWorkItemInfo item in list) { // outString.Append(item.Serializable()); } outString.Append("</root>"); return(outString.ToString()); } catch (Exception ex) { return(string.Format("SecurityToken:{0}\r\nloginName:{1}\r\nLength:{2}\r\nException:{3}", securityToken, loginName, length, ex.ToString())); } }
// used by server WindowsStream security (from Open) public static NetworkCredential GetSspiCredential(SecurityTokenManager credentialProvider, SecurityTokenRequirement sspiTokenRequirement, TimeSpan timeout, out bool extractGroupsForWindowsAccounts) { extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts; NetworkCredential result = null; if (credentialProvider != null) { SecurityTokenProvider tokenProvider = credentialProvider.CreateSecurityTokenProvider(sspiTokenRequirement); if (tokenProvider != null) { TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); SecurityUtils.OpenTokenProviderIfRequired(tokenProvider, timeoutHelper.RemainingTime()); bool success = false; try { OutWrapper <TokenImpersonationLevel> dummyImpersonationLevelWrapper = new OutWrapper <TokenImpersonationLevel>(); OutWrapper <bool> dummyAllowNtlmWrapper = new OutWrapper <bool>(); OutWrapper <bool> extractGroupsForWindowsAccountsWrapper = new OutWrapper <bool>(); result = GetSspiCredentialAsync((SspiSecurityTokenProvider)tokenProvider, extractGroupsForWindowsAccountsWrapper, dummyImpersonationLevelWrapper, dummyAllowNtlmWrapper, timeoutHelper.RemainingTime()).GetAwaiter().GetResult(); success = true; } finally { if (!success) { SecurityUtils.AbortTokenProviderIfRequired(tokenProvider); } } SecurityUtils.CloseTokenProviderIfRequired(tokenProvider, timeoutHelper.RemainingTime()); } } return(result); }
BuildChannelFactoryCore <TChannel> ( BindingContext context) { if (ProtectionTokenParameters == null) { throw new InvalidOperationException("Protection token parameters must be set before building channel factory."); } SetIssuerBindingContextIfRequired(ProtectionTokenParameters, context); ClientCredentials cred = context.BindingParameters.Find <ClientCredentials> (); if (cred == null) { // it happens when there is no ChannelFactory<T>. cred = new ClientCredentials(); } SecurityTokenManager manager = cred.CreateSecurityTokenManager(); ChannelProtectionRequirements requirements = context.BindingParameters.Find <ChannelProtectionRequirements> (); return(new SecurityChannelFactory <TChannel> ( context.BuildInnerChannelFactory <TChannel> (), new InitiatorMessageSecurityBindingSupport(GetCapabilities(), manager, requirements))); }
public static SslStreamSecurityUpgradeProvider CreateServerProvider( SslStreamSecurityBindingElement bindingElement, BindingContext context) { SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { credentialProvider = ServiceCredentials.CreateDefaultCredentials(); } Uri listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityTokenManager tokenManager = credentialProvider.CreateSecurityTokenManager(); RecipientServiceModelSecurityTokenRequirement serverCertRequirement = new RecipientServiceModelSecurityTokenRequirement { TokenType = SecurityTokenTypes.X509Certificate, RequireCryptographicToken = true, KeyUsage = SecurityKeyUsage.Exchange, TransportScheme = context.Binding.Scheme, ListenUri = listenUri }; SecurityTokenProvider tokenProvider = tokenManager.CreateSecurityTokenProvider(serverCertRequirement); if (tokenProvider == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.ClientCredentialsUnableToCreateLocalTokenProvider, serverCertRequirement))); } SecurityTokenAuthenticator certificateAuthenticator = TransportSecurityHelpers.GetCertificateTokenAuthenticator(tokenManager, context.Binding.Scheme, listenUri); return(new SslStreamSecurityUpgradeProvider(context.Binding, tokenProvider, bindingElement.RequireClientCertificate, certificateAuthenticator, context.Binding.Scheme, bindingElement.IdentityVerifier, bindingElement.SslProtocols)); }
public static int SendEmailRequest(string url, string from, string to, string cc, string bcc, int activityId, int tenantId, int userId, string consumerKey, string producerKey, bool storeContent, EmailType type) { from = EmailFunctions.Normalize(from); to = EmailFunctions.Normalize(to); cc = EmailFunctions.Normalize(cc); bcc = EmailFunctions.Normalize(bcc); if (to.IsEmpty() && cc.IsEmpty() && bcc.IsEmpty()) { throw new InvalidOperationException("Error creating email. There must be at least one recipient."); } try { int emailId = 0; url = url + (url.Contains("?") ? "&" : "?") + "_From=" + HttpUtility.UrlEncode(from) + "&_To=" + HttpUtility.UrlEncode(to) + "&_CC=" + HttpUtility.UrlEncode(cc) + "&_BCC=" + HttpUtility.UrlEncode(bcc) + "&_ActivityId=" + activityId + "&_TenantId=" + tenantId + "&_UserId=" + userId + "&_ProducerKey=" + producerKey + "&_IsEmail=true" + "&_StoreContent=" + ((storeContent || (type == EmailType.TestDownloadEmail)) ? "true" : "false") + ((type == EmailType.TestSendEmail || type == EmailType.TestDownloadEmail) ? "&_IsTestEmail=true" : ""); string baseUrl; EmailHelper.QueryParameter[] parameters; EmailHelper.SplitUrl(url, out baseUrl, out parameters); string content; string encoding; var authHeader = SecurityTokenManager.GenerateAuthorizationHeader(RuntimeSettingsProvider.Instance, consumerKey, producerKey, userId, tenantId); var headers = new Dictionary <HttpRequestHeader, string>(); headers.Add(HttpRequestHeader.Authorization, authHeader); EmailHelper.HttpPost(baseUrl, parameters, headers, "", null, out content, out encoding); var exceptionMatch = exceptionExp.Match(content); if (exceptionMatch != Match.Empty) { string message = HttpUtility.HtmlDecode(exceptionMatch.Groups[1].Value); string stacktrace = HttpUtility.HtmlDecode(exceptionMatch.Groups[2].Value); throw new EmailException("Error creating Email. " + message, stacktrace); } else { var emailMatch = emailIdExp.Match(content); if (emailMatch != Match.Empty) { emailId = Convert.ToInt32(emailMatch.Groups[1].Value); } else { throw new EmailException("Error creating Email. No EmailId was returned."); } } if (type != EmailType.TestDownloadEmail) { if (RuntimePlatformSettings.Sandbox.SandboxOperating.GetValue()) { using (Transaction statusTransaction = DatabaseAccess.ForCurrentDatabase.GetCommitableTransaction()) { DBRuntimePlatform.Instance.CreateEmailStatus(statusTransaction, emailId); SendEmailNotifier.Current.NotifiyNewEmail(); statusTransaction.Commit(); } } else { using (Transaction trans = DatabaseAccess.ForRuntimeDatabase.GetRequestTransaction()) { DBRuntimePlatform.Instance.CreateEmailStatus(trans, emailId); } } } return(emailId); } catch (EmailException) { throw; } catch (Exception e) { throw new EmailException("Error creating Email.", e); } }
public static bool IsInfocardRequired(Binding binding, ClientCredentials clientCreds, SecurityTokenManager clientCredentialsTokenManager, EndpointAddress target, out CardSpacePolicyElement[] infocardChain, out Uri relyingPartyIssuer) { infocardChain = null; bool flag = false; relyingPartyIssuer = null; if (!clientCreds.SupportInteractive || ((null != clientCreds.IssuedToken.LocalIssuerAddress) && (clientCreds.IssuedToken.LocalIssuerBinding != null))) { return(false); } IssuedSecurityTokenParameters parameters = TryGetNextStsIssuedTokenParameters(binding); if (parameters != null) { Uri uri; int num; GetPrivacyNoticeLinkFromIssuerBinding(binding, out uri, out num); PolicyElement[] chain = GetPolicyChain(target, binding, parameters, uri, num, clientCredentialsTokenManager); relyingPartyIssuer = null; if (chain != null) { flag = RequiresInfoCard(chain, out relyingPartyIssuer); } if (!flag) { return(flag); } infocardChain = new CardSpacePolicyElement[chain.Length]; for (int i = 0; i < chain.Length; i++) { infocardChain[i] = chain[i].ToCardSpacePolicyElement(); } } return(flag); }
internal static SecurityStandardsManager CreateSecurityStandardsManager(SecurityTokenRequirement requirement, SecurityTokenManager tokenManager) { MessageSecurityTokenVersion securityVersion = (MessageSecurityTokenVersion)requirement.GetProperty <MessageSecurityTokenVersion>(ServiceModelSecurityTokenRequirement.MessageSecurityVersionProperty); if (securityVersion == MessageSecurityTokenVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10, tokenManager)); } if (securityVersion == MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11, tokenManager)); } if (securityVersion == MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10, tokenManager)); } if (securityVersion == MessageSecurityTokenVersion.WSSecurity10WSTrust13WSSecureConversation13BasicSecurityProfile10) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10, tokenManager)); } if (securityVersion == MessageSecurityTokenVersion.WSSecurity11WSTrust13WSSecureConversation13) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12, tokenManager)); } if (securityVersion == MessageSecurityTokenVersion.WSSecurity11WSTrust13WSSecureConversation13BasicSecurityProfile10) { return(CreateSecurityStandardsManager(MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10, tokenManager)); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); }
internal static SecurityStandardsManager CreateSecurityStandardsManager(MessageSecurityVersion securityVersion, SecurityTokenManager tokenManager) { SecurityTokenSerializer tokenSerializer = tokenManager.CreateSecurityTokenSerializer(securityVersion.SecurityTokenVersion); return(new SecurityStandardsManager(securityVersion, tokenSerializer)); }
private static PolicyElement[] GetPolicyChain(EndpointAddress target, Binding outerBinding, IssuedSecurityTokenParameters parameters, Uri firstPrivacyNoticeLink, int firstPrivacyNoticeVersion, SecurityTokenManager clientCredentialsTokenManager) { EndpointAddress issuerAddress = target; IssuedSecurityTokenParameters parameters2 = parameters; List <PolicyElement> list = new List <PolicyElement>(); Uri privacyNoticeLink = firstPrivacyNoticeLink; int privacyNoticeVersion = firstPrivacyNoticeVersion; bool isManagedIssuer = false; while (parameters2 != null) { MessageSecurityVersion messageSecurityVersion = null; if (parameters2.IssuerBinding == null) { messageSecurityVersion = GetBindingSecurityVersionOrDefault(outerBinding); } else { messageSecurityVersion = GetBindingSecurityVersionOrDefault(parameters2.IssuerBinding); } list.Add(new PolicyElement(issuerAddress, parameters2.IssuerAddress, parameters2.CreateRequestParameters(messageSecurityVersion, clientCredentialsTokenManager.CreateSecurityTokenSerializer(messageSecurityVersion.SecurityTokenVersion)), privacyNoticeLink, privacyNoticeVersion, isManagedIssuer, parameters2.IssuerBinding)); isManagedIssuer = IsReferralToManagedIssuer(parameters2.IssuerBinding); GetPrivacyNoticeLinkFromIssuerBinding(parameters2.IssuerBinding, out privacyNoticeLink, out privacyNoticeVersion); issuerAddress = parameters2.IssuerAddress; outerBinding = parameters2.IssuerBinding; parameters2 = TryGetNextStsIssuedTokenParameters(parameters2.IssuerBinding); } if (isManagedIssuer) { list.Add(new PolicyElement(issuerAddress, null, null, privacyNoticeLink, privacyNoticeVersion, isManagedIssuer, null)); } return(list.ToArray()); }
private SslStreamSecurityUpgradeProvider(IDefaultCommunicationTimeouts timeouts, SecurityTokenManager clientSecurityTokenManager, bool requireClientCertificate, string scheme, IdentityVerifier identityVerifier, SslProtocols sslProtocols) : base(timeouts) { _identityVerifier = identityVerifier; _scheme = scheme; _clientSecurityTokenManager = clientSecurityTokenManager; _requireClientCertificate = requireClientCertificate; _sslProtocols = sslProtocols; }
private string Process(string securityToken, string xml, string actionType) { try { /* * * Xml数据示例 * * <?xml version="1.0" encoding="utf-8"?> * * <root> * <task> * <taskCode>T00001</taskCode> * <title>Some Title</title> * <url>http://www.google.com</url> * <category>Document</category> * <senderId>administrator</senderId> * <receiver>0#test1,1#test2#2008-1-1 08:08:08</receiver> * <createDate>2008-01-01</createDate> * </task> * <task> * <taskCode>T00002</taskCode> * <title>Some Title</title> * <url>http://www.google.com</url> * <category>Document</category> * <senderId>administrator</senderId> * <receiver>0#test1,1#test2#2008-1-1 08:08:08</receiver> * <createDate>2008-01-01</createDate> * </task> * </root> * * (*) 接收者信息说明 格式:{0}#{1}#{2} , {0}代表代办状态 1 完成 0 未完成, {1}相关的帐号, {2}{任务完成时间} * * * */ string result = null; string applicationId = SecurityTokenManager.Authenticate(securityToken); TaskWorkInfo param = null; XmlDocument doc = new XmlDocument(); doc.LoadXml(xml); XmlNodeList list = doc.GetElementsByTagName("ajaxStorage")[0].ChildNodes; foreach (XmlNode item in list) { param = new TaskWorkInfo(applicationId); param.Deserialize((XmlElement)item); if (param.ReceiverGroup.Count == 0) { result += string.Format("任务【{0}】没有指派给任何用户请重新设置,", param.TaskCode); } else { if (actionType == "发送" && TasksContext.Instance.TaskService.IsExistTaskCode(param.ApplicationId, param.TaskCode)) { result += string.Format("发送失败(任务【{0}】已存在),", param.TaskCode); } else if (actionType == "更新" && !TasksContext.Instance.TaskService.IsExistTaskCode(param.ApplicationId, param.TaskCode)) { result += string.Format("更新失败(任务【{0}】不存在),", param.TaskCode); } else { param = TasksContext.Instance.TaskService.Save(param); if (param == null) { result += string.Format("任务【{0}】" + actionType + "失败请重新" + actionType + ",", param.TaskCode); } } } } if (string.IsNullOrEmpty(result)) { return("任务全部" + actionType + "成功。"); } else { return(result.TrimEnd(new char[] { ',' }) + "。"); } } catch (Exception ex) { return(string.Format("SecurityToken:{0}\r\nXml:{1}\r\nException:{2}", securityToken, xml, ex.ToString())); } }
private SslStreamSecurityUpgradeProvider(IDefaultCommunicationTimeouts timeouts, SecurityTokenManager clientSecurityTokenManager, bool requireClientCertificate, string scheme, System.ServiceModel.Security.IdentityVerifier identityVerifier) : base(timeouts) { this.identityVerifier = identityVerifier; this.scheme = scheme; this.clientSecurityTokenManager = clientSecurityTokenManager; this.requireClientCertificate = requireClientCertificate; }
public static bool IsInfocardRequired(Binding binding, ClientCredentials clientCreds, SecurityTokenManager clientCredentialsTokenManager, EndpointAddress target, out CardSpacePolicyElement[] infocardChain, out Uri relyingPartyIssuer) { infocardChain = null; bool requiresInfoCard = false; relyingPartyIssuer = null; if (!clientCreds.SupportInteractive || (null != clientCreds.IssuedToken.LocalIssuerAddress && null != clientCreds.IssuedToken.LocalIssuerBinding) ) { return(false); } IssuedSecurityTokenParameters parameters = TryGetNextStsIssuedTokenParameters(binding); if (null != parameters) { Uri privacyNotice; int privacyVersion; GetPrivacyNoticeLinkFromIssuerBinding(binding, out privacyNotice, out privacyVersion); PolicyElement[] policyChain = GetPolicyChain(target, binding, parameters, privacyNotice, privacyVersion, clientCredentialsTokenManager); relyingPartyIssuer = null; if (null != policyChain) { requiresInfoCard = RequiresInfoCard(policyChain, out relyingPartyIssuer); } if (requiresInfoCard) { infocardChain = new CardSpacePolicyElement[policyChain.Length]; for (int i = 0; i < policyChain.Length; i++) { infocardChain[i] = policyChain[i].ToCardSpacePolicyElement(); } } } return(requiresInfoCard); }
static PolicyElement[] GetPolicyChain(EndpointAddress target, Binding outerBinding, IssuedSecurityTokenParameters parameters, Uri firstPrivacyNoticeLink, int firstPrivacyNoticeVersion, SecurityTokenManager clientCredentialsTokenManager) { EndpointAddress nextTarget = target; IssuedSecurityTokenParameters nextParameters = parameters; List <PolicyElement> chain = new List <PolicyElement>(); Uri privacyNoticeLink = firstPrivacyNoticeLink; int privacyNoticeVersion = firstPrivacyNoticeVersion; bool isManagedIssuer = false; // // this is the binding to the final STS in the chain. Start from here and walk the // chain backwards to the 1st STS in the chain // while (null != nextParameters) { MessageSecurityVersion bindingSecurityVersion = null; if (nextParameters.IssuerBinding == null) { bindingSecurityVersion = GetBindingSecurityVersionOrDefault(outerBinding); } else { bindingSecurityVersion = GetBindingSecurityVersionOrDefault(nextParameters.IssuerBinding); } chain.Add(new PolicyElement(nextTarget, nextParameters.IssuerAddress, nextParameters.CreateRequestParameters(bindingSecurityVersion, clientCredentialsTokenManager.CreateSecurityTokenSerializer(bindingSecurityVersion.SecurityTokenVersion)), privacyNoticeLink, privacyNoticeVersion, isManagedIssuer, nextParameters.IssuerBinding)); isManagedIssuer = IsReferralToManagedIssuer(nextParameters.IssuerBinding); GetPrivacyNoticeLinkFromIssuerBinding(nextParameters.IssuerBinding, out privacyNoticeLink, out privacyNoticeVersion); nextTarget = nextParameters.IssuerAddress; outerBinding = nextParameters.IssuerBinding; nextParameters = TryGetNextStsIssuedTokenParameters(nextParameters.IssuerBinding); } // // Add the last element for the MCIP case // if (isManagedIssuer) { chain.Add(new PolicyElement(nextTarget, null, null, privacyNoticeLink, privacyNoticeVersion, isManagedIssuer, null)); } return(chain.ToArray()); }