Exemplo n.º 1
0
        public override BindingElementCollection CreateBindingElements()
        {
            CheckSettings();

            // return collection of BindingElements
            BindingElementCollection bindingElements = new BindingElementCollection();

            // order of BindingElements is important
            // add session
            if (_reliableSession.Enabled)
            {
                bindingElements.Add(_session);
            }

            // add security (*optional)
            SecurityBindingElement messageSecurity = BasicHttpSecurity.CreateMessageSecurity();

            if (messageSecurity != null)
            {
                bindingElements.Add(messageSecurity);
            }

            // add encoding
            switch (MessageEncoding)
            {
            case NetHttpMessageEncoding.Text:
                bindingElements.Add(TextMessageEncodingBindingElement);
                break;

            case NetHttpMessageEncoding.Mtom:
                throw ExceptionHelper.PlatformNotSupported(SR.Format(SR.UnsupportedBindingProperty, "MessageEncoding", MessageEncoding));

            default:
                bindingElements.Add(_binaryMessageEncodingBindingElement);
                break;
            }

            // add transport (http or https)
            bindingElements.Add(GetTransport());

            return(bindingElements.Clone());
        }
Exemplo n.º 2
0
        public override BindingElementCollection CreateBindingElements()
        {
            this.CheckSettings();

            // return collection of BindingElements
            BindingElementCollection bindingElements = new BindingElementCollection();

            // order of BindingElements is important

            // add security (*optional)
            SecurityBindingElement messageSecurity = this.BasicHttpSecurity.CreateMessageSecurity();

            if (messageSecurity != null)
            {
                bindingElements.Add(messageSecurity);
            }

            // add encoding
            switch (this.MessageEncoding)
            {
            case NetHttpMessageEncoding.Text:
                bindingElements.Add(this.TextMessageEncodingBindingElement);
                break;

            case NetHttpMessageEncoding.Mtom:
                throw ExceptionHelper.PlatformNotSupported();

            default:
                bindingElements.Add(_binaryMessageEncodingBindingElement);
                break;
            }

            // add transport (http or https)
            bindingElements.Add(this.GetTransport());

            return(bindingElements.Clone());
        }
Exemplo n.º 3
0
 public static PropertyInfo GetProperty(this Type type, string name, BindingFlags bindingAttr)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 4
0
 public static ConstructorInfo GetConstructor(this Type type, BindingFlags bindingAttr, object binder, Type[] types, object[] modifiers)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
 public override SecurityTokenAuthenticator CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver)
 {
     // not referenced anywhere in current code, but must implement abstract.
     throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver) not supported");
 }
 public override SecurityTokenProvider CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement)
 {
     throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement) not supported");
 }
        internal SecurityBindingElement CreateSecurityBindingElement(bool isSecureTransportMode, bool isReliableSession, MessageSecurityVersion version)
        {
            if (isReliableSession)
            {
                throw ExceptionHelper.PlatformNotSupported(); // Reliable sessions
            }

            SecurityBindingElement result;
            SecurityBindingElement oneShotSecurity;

            bool isKerberosSelected = false;

            //bool emitBspAttributes = true;
            if (isSecureTransportMode)
            {
                switch (_clientCredentialType)
                {
                case MessageCredentialType.None:
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.ClientCredentialTypeMustBeSpecifiedForMixedMode));

                case MessageCredentialType.UserName:
                    oneShotSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
                    break;

                case MessageCredentialType.Certificate:
                    oneShotSecurity = SecurityBindingElement.CreateCertificateOverTransportBindingElement();
                    break;

                case MessageCredentialType.Windows:
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());

                case MessageCredentialType.IssuedToken:
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());

                default:
                    Fx.Assert("unknown ClientCredentialType");
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
                }

                if (IsSecureConversationEnabled())
                {
                    result = SecurityBindingElement.CreateSecureConversationBindingElement(oneShotSecurity, true);
                }
                else
                {
                    result = oneShotSecurity;
                }
            }
            else
            {
                throw ExceptionHelper.PlatformNotSupported();
            }

            // set the algorithm suite and issued token params if required
            if (_wasAlgorithmSuiteSet || (!isKerberosSelected))
            {
                result.DefaultAlgorithmSuite = oneShotSecurity.DefaultAlgorithmSuite = AlgorithmSuite;
            }
            else if (isKerberosSelected)
            {
                throw ExceptionHelper.PlatformNotSupported();
            }

            result.IncludeTimestamp = true;
            oneShotSecurity.MessageSecurityVersion = version;
            result.MessageSecurityVersion          = version;
            if (!isReliableSession)
            {
                result.LocalClientSettings.ReconnectTransportOnFailure = false;
            }
            else
            {
                result.LocalClientSettings.ReconnectTransportOnFailure = true;
            }

            return(result);
        }
Exemplo n.º 8
0
 private bool IsMachineJoinedToDomain()
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 9
0
 public static MemberInfo[] GetMembers(this Type type, BindingFlags bindingAttr)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 10
0
 public static InterfaceMapping GetInterfaceMap(this Type type, Type interfaceType)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 11
0
 public object GetServiceInstance(Message message)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 12
0
 internal static bool TryCreate(SecurityBindingElement wsSecurity, SecurityMode mode, bool isReliableSessionEnabled, BindingElement transportSecurity, TcpTransportSecurity tcpTransportSecurity, out NetTcpSecurity security)
 {
     throw ExceptionHelper.PlatformNotSupported("NetTcpSecurity.TryCreate is not supported.");
 }
Exemplo n.º 13
0
 internal SecurityBindingElement CreateMessageSecurity(bool isReliableSessionEnabled)
 {
     throw ExceptionHelper.PlatformNotSupported("NetTcpSecurity.CreateMesssageSecurity is not supported.");
 }
Exemplo n.º 14
0
 private SslStreamSecurityBindingElement CreateSslBindingElement(bool requireClientCertificate)
 {
     throw ExceptionHelper.PlatformNotSupported("TcpTransportSecurity.CreateSslBindingElement is not supported.");
 }
Exemplo n.º 15
0
        public override SecurityTokenAuthenticator CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver)
        {
            if (tokenRequirement == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(tokenRequirement));
            }

            outOfBandTokenResolver = null;
            SecurityTokenAuthenticator result = null;

            InitiatorServiceModelSecurityTokenRequirement initiatorRequirement = tokenRequirement as InitiatorServiceModelSecurityTokenRequirement;

            if (initiatorRequirement != null)
            {
                string tokenType = initiatorRequirement.TokenType;
                if (IsIssuedSecurityTokenRequirement(initiatorRequirement))
                {
                    throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenAuthenticator : GenericXmlSecurityTokenAuthenticator");
                }
                else if (tokenType == SecurityTokenTypes.X509Certificate)
                {
                    if (initiatorRequirement.IsOutOfBandToken)
                    {
                        // when the client side soap security asks for a token authenticator, its for doing
                        // identity checks on the out of band server certificate
                        result = new X509SecurityTokenAuthenticator(X509CertificateValidator.None);
                    }
                    else if (initiatorRequirement.PreferSslCertificateAuthenticator)
                    {
                        result = CreateServerSslX509TokenAuthenticator();
                    }
                    else
                    {
                        result = CreateServerX509TokenAuthenticator();
                    }
                }
                else if (tokenType == SecurityTokenTypes.Rsa)
                {
                    throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenAuthenticator : SecurityTokenTypes.Rsa");
                }
                else if (tokenType == SecurityTokenTypes.Kerberos)
                {
                    throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenAuthenticator : SecurityTokenTypes.Kerberos");
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.SecureConversation ||
                         tokenType == ServiceModelSecurityTokenTypes.MutualSslnego ||
                         tokenType == ServiceModelSecurityTokenTypes.AnonymousSslnego ||
                         tokenType == ServiceModelSecurityTokenTypes.Spnego)
                {
                    throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenAuthenticator : GenericXmlSecurityTokenAuthenticator");
                }
            }
            else if ((tokenRequirement is RecipientServiceModelSecurityTokenRequirement) && tokenRequirement.TokenType == SecurityTokenTypes.X509Certificate)
            {
                // uncorrelated duplex case
                result = CreateServerX509TokenAuthenticator();
            }

            if (result == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SecurityTokenManagerCannotCreateAuthenticatorForRequirement, tokenRequirement)));
            }

            return(result);
        }
Exemplo n.º 16
0
 public static bool IsPublic(this ConstructorInfo ci)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 17
0
        public override SecurityTokenProvider CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement)
        {
            if (tokenRequirement == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(tokenRequirement));
            }

            SecurityTokenProvider result = null;

            if (tokenRequirement is RecipientServiceModelSecurityTokenRequirement && tokenRequirement.TokenType == SecurityTokenTypes.X509Certificate && tokenRequirement.KeyUsage == SecurityKeyUsage.Exchange)
            {
                // this is the uncorrelated duplex case
                if (ClientCredentials.ClientCertificate.Certificate == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.ClientCertificateNotProvidedOnClientCredentials)));
                }
                result = new X509SecurityTokenProvider(ClientCredentials.ClientCertificate.Certificate, ClientCredentials.ClientCertificate.CloneCertificate);
            }
            else if (tokenRequirement is InitiatorServiceModelSecurityTokenRequirement)
            {
                InitiatorServiceModelSecurityTokenRequirement initiatorRequirement = tokenRequirement as InitiatorServiceModelSecurityTokenRequirement;
                string tokenType = initiatorRequirement.TokenType;
                if (IsIssuedSecurityTokenRequirement(initiatorRequirement))
                {
                    throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenProvider (IsIssuedSecurityTokenRequirement(initiatorRequirement)");
                }
                else if (tokenType == SecurityTokenTypes.X509Certificate)
                {
                    if (initiatorRequirement.Properties.ContainsKey(SecurityTokenRequirement.KeyUsageProperty) && initiatorRequirement.KeyUsage == SecurityKeyUsage.Exchange)
                    {
                        throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenProvider X509Certificate - SecurityKeyUsage.Exchange");
                    }
                    else
                    {
                        if (ClientCredentials.ClientCertificate.Certificate == null)
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.ClientCertificateNotProvidedOnClientCredentials)));
                        }
                        result = new X509SecurityTokenProvider(ClientCredentials.ClientCertificate.Certificate, ClientCredentials.ClientCertificate.CloneCertificate);
                    }
                }
                else if (tokenType == SecurityTokenTypes.Kerberos)
                {
                    string spn = GetServicePrincipalName(initiatorRequirement);
                    result = new KerberosSecurityTokenProviderWrapper(
                        new KerberosSecurityTokenProvider(spn, ClientCredentials.Windows.AllowedImpersonationLevel, SecurityUtils.GetNetworkCredentialOrDefault(ClientCredentials.Windows.ClientCredential)));
                }
                else if (tokenType == SecurityTokenTypes.UserName)
                {
                    if (ClientCredentials.UserName.UserName == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.UserNamePasswordNotProvidedOnClientCredentials));
                    }
                    result = new UserNameSecurityTokenProvider(ClientCredentials.UserName.UserName, ClientCredentials.UserName.Password);
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.SspiCredential)
                {
                    if (IsDigestAuthenticationScheme(initiatorRequirement))
                    {
                        result = new SspiSecurityTokenProvider(SecurityUtils.GetNetworkCredentialOrDefault(ClientCredentials.HttpDigest.ClientCredential), true, TokenImpersonationLevel.Delegation);
                    }
                    else
                    {
#pragma warning disable 618   // to disable AllowNtlm obsolete warning.
                        result = new SspiSecurityTokenProvider(SecurityUtils.GetNetworkCredentialOrDefault(ClientCredentials.Windows.ClientCredential),

                                                               ClientCredentials.Windows.AllowNtlm,
                                                               ClientCredentials.Windows.AllowedImpersonationLevel);
#pragma warning restore 618
                    }
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.SecureConversation)
                {
                    result = CreateSecureConversationSecurityTokenProvider(initiatorRequirement);
                }
            }

            if ((result == null) && !tokenRequirement.IsOptionalToken)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SecurityTokenManagerCannotCreateProviderForRequirement, tokenRequirement)));
            }

            return(result);
        }
Exemplo n.º 18
0
 public static object Invoke(this ConstructorInfo ci, BindingFlags invokeAttr, object binder, object[] parameters, CultureInfo culture)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 19
0
 private string GetUpnFromDownlevelName(string downlevelName)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 20
0
 public static RuntimeMethodHandle MethodHandle(this MethodInfo mi)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 21
0
 internal BindingElement CreateTransportProtectionOnly()
 {
     throw ExceptionHelper.PlatformNotSupported("TcpTransportSecurity.CreateTransportProtectionOnly is not supported.");
 }
Exemplo n.º 22
0
 public static Type ReflectedType(this MethodInfo mi)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
 public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
 {
     // not referenced anywhere in current code, but must implement abstract.
     throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenSerializer(SecurityTokenVersion version) not supported");
 }
Exemplo n.º 24
0
 public static ConstructorInfo GetConstructor(this Type type, Type[] types)
 {
     throw ExceptionHelper.PlatformNotSupported();
 }
Exemplo n.º 25
0
        internal static EndpointIdentity ReadIdentity(XmlDictionaryReader reader)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            reader.MoveToContent();
            if (reader.IsEmptyElement)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.Format(SR.UnexpectedEmptyElementExpectingClaim, XD.AddressingDictionary.Identity.Value, XD.AddressingDictionary.IdentityExtensionNamespace.Value)));
            }

            reader.ReadStartElement(XD.AddressingDictionary.Identity, XD.AddressingDictionary.IdentityExtensionNamespace);

            if (reader.IsStartElement(XD.AddressingDictionary.Spn, XD.AddressingDictionary.IdentityExtensionNamespace))
            {
                throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity SpnEndpointIdentity is not supported.");
            }
            else if (reader.IsStartElement(XD.AddressingDictionary.Upn, XD.AddressingDictionary.IdentityExtensionNamespace))
            {
                throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity UpnEndpointIdentity is not supported.");
            }
            else if (reader.IsStartElement(XD.AddressingDictionary.Dns, XD.AddressingDictionary.IdentityExtensionNamespace))
            {
                throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity DnsEndpointIdentity is not supported.");
            }
            else if (reader.IsStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace))
            {
                reader.ReadStartElement();
                if (reader.IsStartElement(XD.XmlSignatureDictionary.X509Data, XD.XmlSignatureDictionary.Namespace))
                {
                    throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity X509CertificateEndpointIdentity is not supported.");
                }
                else if (reader.IsStartElement(XD.XmlSignatureDictionary.RsaKeyValue, XD.XmlSignatureDictionary.Namespace))
                {
                    throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity RsaEndpointIdentity is not supported.");
                }
                else
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.Format(SR.UnrecognizedIdentityType, reader.Name, reader.NamespaceURI)));
                }
                throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity RsaEndpointIdentity is not supported.");
            }
            else if (reader.NodeType == XmlNodeType.Element)
            {
                //
                // Something unknown
                //
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.Format(SR.UnrecognizedIdentityType, reader.Name, reader.NamespaceURI)));
            }
            else
            {
                //
                // EndpointIdentity element is empty or some other invalid xml
                //
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.InvalidIdentityElement));
            }

            throw ExceptionHelper.PlatformNotSupported("EndpointIdentity.ReadIdentity RsaEndpointIdentity is not supported.");
        }
        internal SecurityTokenProvider CreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement, bool disableInfoCard)
        {
            if (tokenRequirement == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement");
            }

            SecurityTokenProvider result = null;

            // Where CardSpace is not supported, CardSpaceTryCreateSecurityTokenProviderStub(...) always returns false
            if (tokenRequirement is RecipientServiceModelSecurityTokenRequirement && tokenRequirement.TokenType == SecurityTokenTypes.X509Certificate && tokenRequirement.KeyUsage == SecurityKeyUsage.Exchange)
            {
                throw ExceptionHelper.PlatformNotSupported("uncorrelated duplex case - not supported");
            }
            else if (tokenRequirement is InitiatorServiceModelSecurityTokenRequirement)
            {
                InitiatorServiceModelSecurityTokenRequirement initiatorRequirement = tokenRequirement as InitiatorServiceModelSecurityTokenRequirement;

                // initiatorRequirement will never be null due to the preceding 'is' validation.
                string tokenType = initiatorRequirement.TokenType;
                if (IsIssuedSecurityTokenRequirement(initiatorRequirement))
                {
                    throw ExceptionHelper.PlatformNotSupported("Security tokens are not supported for security. ");
                }
                else if (tokenType == SecurityTokenTypes.X509Certificate)
                {
                    throw ExceptionHelper.PlatformNotSupported("X509Certificates are not supported for security. ");
                }
                else if (tokenType == SecurityTokenTypes.Kerberos)
                {
                    throw ExceptionHelper.PlatformNotSupported("Kerberos is not supported for security yet. ");
                }
                else if (tokenType == SecurityTokenTypes.UserName)
                {
                    if (_parent.UserName.UserName == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.UserNamePasswordNotProvidedOnClientCredentials));
                    }
                    result = new UserNameSecurityTokenProvider(_parent.UserName.UserName, _parent.UserName.Password);
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.SspiCredential)
                {
                    if (IsDigestAuthenticationScheme(initiatorRequirement))
                    {
                        result = new SspiSecurityTokenProvider(SecurityUtils.GetNetworkCredentialOrDefault(_parent.HttpDigest.ClientCredential), true, _parent.HttpDigest.AllowedImpersonationLevel);
                    }
                    else
                    {
                        throw ExceptionHelper.PlatformNotSupported("NTLM is not supported for security yet. ");
                    }
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.Spnego)
                {
                    throw ExceptionHelper.PlatformNotSupported("Spnego is not supported for security yet. ");
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.MutualSslnego)
                {
                    throw ExceptionHelper.PlatformNotSupported("MutualSslnego is not supported for security yet. ");
                    //result = CreateTlsnegoTokenProvider(initiatorRequirement, true);
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.AnonymousSslnego)
                {
                    throw ExceptionHelper.PlatformNotSupported("AnonymousSslnego is not supported for security yet. ");
                }
                else if (tokenType == ServiceModelSecurityTokenTypes.SecureConversation)
                {
                    throw ExceptionHelper.PlatformNotSupported("SecureConversation is not supported for security yet. ");
                }
            }

            if ((result == null) && !tokenRequirement.IsOptionalToken)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                          new NotSupportedException(string.Format(SR.SecurityTokenManagerCannotCreateProviderForRequirement, tokenRequirement)));
            }

            return(result);
        }