public override SecurityTokenProvider CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement) { ServiceModelSecurityTokenRequirement requirement = tokenRequirement as ServiceModelSecurityTokenRequirement; if (requirement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement"); } if (this.IsX509TokenRequirement(requirement)) { X509CertificateValidator validator; if (this.IsForConnectionValidator(requirement)) { SecurityTokenProvider provider = null; if (this.ssc != null) { provider = new X509SecurityTokenProvider(this.ssc.GetX509Certificate()); } else if (this.delegateManager != null) { requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Transport; requirement.TransportScheme = "net.p2p"; provider = this.delegateManager.CreateSecurityTokenProvider(tokenRequirement); } else if (this.credential.Certificate != null) { provider = new X509SecurityTokenProvider(this.credential.Certificate); } if ((provider == null) && (this.mode == PeerAuthenticationMode.Password)) { this.ssc = this.parent.GetCertificate(); provider = new X509SecurityTokenProvider(this.ssc.GetX509Certificate()); } return(provider); } if (this.delegateManager != null) { requirement.TransportScheme = "net.p2p"; requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Message; return(this.delegateManager.CreateSecurityTokenProvider(tokenRequirement)); } if (!this.credential.MessageSenderAuthentication.TryGetCertificateValidator(out validator)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("TokenType"); } return(new PeerX509TokenProvider(validator, this.credential.Certificate)); } if (!this.IsPasswordTokenRequirement(requirement)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("TokenType"); } return(this.GetPasswordTokenProvider()); }
public override SecurityTokenAuthenticator CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver) { ServiceModelSecurityTokenRequirement requirement = tokenRequirement as ServiceModelSecurityTokenRequirement; outOfBandTokenResolver = null; if (requirement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement"); } if (!this.IsX509TokenRequirement(requirement)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("tokenRequirement"); } if ((this.mode == PeerAuthenticationMode.Password) && this.IsForConnectionValidator(requirement)) { return(new X509SecurityTokenAuthenticator(X509CertificateValidator.None)); } if (this.delegateManager != null) { if (this.IsForConnectionValidator(requirement)) { requirement.TransportScheme = "net.p2p"; requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Transport; } else { requirement.TransportScheme = "net.p2p"; requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Message; } return(this.delegateManager.CreateSecurityTokenAuthenticator(tokenRequirement, out outOfBandTokenResolver)); } X509CertificateValidator none = null; if (this.IsForConnectionValidator(requirement)) { if (this.mode == PeerAuthenticationMode.MutualCertificate) { if (!this.credential.PeerAuthentication.TryGetCertificateValidator(out none)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SecurityTokenManagerCannotCreateProviderForRequirement", new object[] { requirement }))); } } else { none = X509CertificateValidator.None; } } else if (!this.credential.MessageSenderAuthentication.TryGetCertificateValidator(out none)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SecurityTokenManagerCannotCreateProviderForRequirement", new object[] { requirement }))); } return(new X509SecurityTokenAuthenticator(none)); }
private UserNameSecurityTokenProvider GetPasswordTokenProvider() { if (this.delegateManager == null) { return(new UserNameSecurityTokenProvider(string.Empty, this.credential.MeshPassword)); } ServiceModelSecurityTokenRequirement tokenRequirement = CreateRequirement(SecurityTokenTypes.UserName); UserNameSecurityTokenProvider provider = this.delegateManager.CreateSecurityTokenProvider(tokenRequirement) as UserNameSecurityTokenProvider; if (provider == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SecurityTokenManagerCannotCreateProviderForRequirement", new object[] { tokenRequirement }))); } return(provider); }
UserNameSecurityTokenProvider GetPasswordTokenProvider() { if (delegateManager != null) { ServiceModelSecurityTokenRequirement requirement = CreateRequirement(SecurityTokenTypes.UserName); UserNameSecurityTokenProvider tokenProvider = delegateManager.CreateSecurityTokenProvider(requirement) as UserNameSecurityTokenProvider; if (tokenProvider == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateProviderForRequirement, requirement))); } return(tokenProvider); } else { return(new UserNameSecurityTokenProvider(string.Empty, credential.MeshPassword)); } }
public override SecurityTokenAuthenticator CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver) { ServiceModelSecurityTokenRequirement requirement = tokenRequirement as ServiceModelSecurityTokenRequirement; outOfBandTokenResolver = null; if (requirement != null) { if (IsX509TokenRequirement(requirement)) { if (mode == PeerAuthenticationMode.Password && IsForConnectionValidator(requirement)) { return(new X509SecurityTokenAuthenticator(X509CertificateValidator.None)); } if (delegateManager != null) { if (IsForConnectionValidator(requirement)) { requirement.TransportScheme = PeerStrings.Scheme; requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Transport; } else { requirement.TransportScheme = PeerStrings.Scheme; requirement.Properties[SecurityTokenRequirement.PeerAuthenticationMode] = SecurityMode.Message; } return(delegateManager.CreateSecurityTokenAuthenticator(tokenRequirement, out outOfBandTokenResolver)); } else { X509CertificateValidator validator = null; if (IsForConnectionValidator(requirement)) { if (this.mode == PeerAuthenticationMode.MutualCertificate) { if (!this.credential.PeerAuthentication.TryGetCertificateValidator(out validator)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateProviderForRequirement, requirement))); } } else { validator = X509CertificateValidator.None; } } else { if (!this.credential.MessageSenderAuthentication.TryGetCertificateValidator(out validator)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateProviderForRequirement, requirement))); } } return(new X509SecurityTokenAuthenticator(validator)); } } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("tokenRequirement"); } } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement"); } }
bool IsForConnectionValidator(ServiceModelSecurityTokenRequirement requirement) { return(requirement.TransportScheme == "net.tcp" && requirement.SecurityBindingElement == null && requirement.MessageSecurityVersion == null); }
bool IsX509TokenRequirement(ServiceModelSecurityTokenRequirement requirement) { return(requirement != null && requirement.TokenType == SecurityTokenTypes.X509Certificate); }
bool IsPasswordTokenRequirement(ServiceModelSecurityTokenRequirement requirement) { return((requirement != null) && (requirement.TokenType == SecurityTokenTypes.UserName)); }