private static NetworkCredential GetCredentialCore(AuthenticationSchemes authenticationScheme, SecurityTokenProviderContainer credentialProvider, TimeSpan timeout, out TokenImpersonationLevel impersonationLevel, out AuthenticationLevel authenticationLevel)
{
impersonationLevel = TokenImpersonationLevel.None;
authenticationLevel = AuthenticationLevel.None;
NetworkCredential userNameCredential = null;
switch (authenticationScheme)
{
case AuthenticationSchemes.Digest:
userNameCredential = TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel);
ValidateDigestCredential(ref userNameCredential, impersonationLevel);
return(userNameCredential);
case AuthenticationSchemes.Negotiate:
return(TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel));
case AuthenticationSchemes.Ntlm:
userNameCredential = TransportSecurityHelpers.GetSspiCredential(credentialProvider, timeout, out impersonationLevel, out authenticationLevel);
if (authenticationLevel == AuthenticationLevel.MutualAuthRequired)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("CredentialDisallowsNtlm")));
}
return(userNameCredential);
case AuthenticationSchemes.Basic:
userNameCredential = TransportSecurityHelpers.GetUserNameCredential(credentialProvider, timeout);
impersonationLevel = TokenImpersonationLevel.Delegation;
return(userNameCredential);
}
throw Fx.AssertAndThrow("GetCredential: Invalid authentication scheme");
}
protected override void OnOpen(TimeSpan timeout)
{
if (!this.isClient)
{
SecurityTokenRequirement sspiTokenRequirement = TransportSecurityHelpers.CreateSspiTokenRequirement(this.Scheme, this.listenUri);
this.serverCredential = TransportSecurityHelpers.GetSspiCredential(this.securityTokenManager, sspiTokenRequirement, timeout, out this.extractGroupsForWindowsAccounts);
}
}
internal override void Open(TimeSpan timeout)
{
TimeoutHelper helper = new TimeoutHelper(timeout);
base.Open(helper.RemainingTime());
System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(this.clientTokenProvider, helper.RemainingTime());
this.credential = TransportSecurityHelpers.GetSspiCredential(this.clientTokenProvider, helper.RemainingTime(), out this.impersonationLevel, out this.allowNtlm);
}
