[Category("NotWorking")] // transport security public void DefaultValuesSecurityModeTransport() { WSFederationHttpBinding b = new WSFederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); // common tests. DefaultValues(b, "https"); // WSFederationHttpSecurity WSFederationHttpSecurity sec = b.Security; Assert.IsNotNull(sec, "#2-1"); Assert.AreEqual(WSFederationHttpSecurityMode.TransportWithMessageCredential, sec.Mode, "#2-2"); // Security.Message FederatedMessageSecurityOverHttp msg = sec.Message; Assert.IsNotNull(msg, "#2-3"); Assert.AreEqual(SecurityAlgorithmSuite.Default, msg.AlgorithmSuite, "#2-3-2"); Assert.AreEqual(SecurityKeyType.SymmetricKey, msg.IssuedKeyType, "#2-3-3"); Assert.AreEqual(true, msg.NegotiateServiceCredential, "#2-3-4"); // Binding elements BindingElementCollection bec = b.CreateBindingElements(); Assert.AreEqual(4, bec.Count, "#5-1"); Assert.AreEqual(typeof(TransactionFlowBindingElement), bec [0].GetType(), "#5-2"); Assert.AreEqual(typeof(TransportSecurityBindingElement), bec [1].GetType(), "#5-3"); Assert.AreEqual(typeof(TextMessageEncodingBindingElement), bec [2].GetType(), "#5-4"); Assert.AreEqual(typeof(HttpsTransportBindingElement), bec [3].GetType(), "#5-5"); }
//<snippet2> // This method creates a CustomBinding based on a WSFederationHttpBinding which does not use secure conversation. public static CustomBinding CreateFederationBindingWithoutSecureSession(WSFederationHttpBinding inputBinding) { // This CustomBinding starts out identical to the specified WSFederationHttpBinding. CustomBinding outputBinding = new CustomBinding(inputBinding.CreateBindingElements()); // Find the SecurityBindingElement for message security. SecurityBindingElement security = outputBinding.Elements.Find <SecurityBindingElement>(); // If the security mode is message, then the secure session settings are the protection token parameters. SecureConversationSecurityTokenParameters secureConversation; if (WSFederationHttpSecurityMode.Message == inputBinding.Security.Mode) { SymmetricSecurityBindingElement symmetricSecurity = security as SymmetricSecurityBindingElement; secureConversation = symmetricSecurity.ProtectionTokenParameters as SecureConversationSecurityTokenParameters; } // If the security mode is message, then the secure session settings are the endorsing token parameters. else if (WSFederationHttpSecurityMode.TransportWithMessageCredential == inputBinding.Security.Mode) { TransportSecurityBindingElement transportSecurity = security as TransportSecurityBindingElement; secureConversation = transportSecurity.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } else { throw new NotSupportedException(String.Format("Unhandled security mode {0}.", inputBinding.Security.Mode)); } // Replace the secure session SecurityBindingElement with the bootstrap SecurityBindingElement. int securityIndex = outputBinding.Elements.IndexOf(security); outputBinding.Elements[securityIndex] = secureConversation.BootstrapSecurityBindingElement; // Return modified binding. return(outputBinding); }
/// <summary> /// 创建传输协议 /// </summary> /// <param name="binding">传输协议名称</param> /// <returns></returns> private static Binding CreateBinding(string binding) { Binding bindinginstance = null; if (binding.ToLower() == "basichttpbinding") { BasicHttpBinding ws = new BasicHttpBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "netnamedpipebinding") { NetNamedPipeBinding ws = new NetNamedPipeBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "netpeertcpbinding") { NetPeerTcpBinding ws = new NetPeerTcpBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "nettcpbinding") { NetTcpBinding ws = new NetTcpBinding(); ws.MaxReceivedMessageSize = 65535000; ws.Security.Mode = SecurityMode.None; bindinginstance = ws; } else if (binding.ToLower() == "wsdualhttpbinding") { WSDualHttpBinding ws = new WSDualHttpBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "webhttpbinding") { WebHttpBinding ws = new WebHttpBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "wsfederationhttpbinding") { WSFederationHttpBinding ws = new WSFederationHttpBinding(); ws.MaxReceivedMessageSize = 65535000; bindinginstance = ws; } else if (binding.ToLower() == "wshttpbinding") { WSHttpBinding ws = new WSHttpBinding(SecurityMode.None); ws.MaxReceivedMessageSize = 65535000; ws.Security.Message.ClientCredentialType = System.ServiceModel.MessageCredentialType.Windows; ws.Security.Transport.ClientCredentialType = System.ServiceModel.HttpClientCredentialType.Windows; ws.ReaderQuotas.MaxStringContentLength = 65535000; bindinginstance = ws; } return(bindinginstance); }
public static Binding CreateBinding(BindingType bindingType, long maxReceivedMessageSize) { Binding binding = null; if (bindingType == BindingType.Unknow) { return(binding); } switch (bindingType) { case BindingType.BasicHttpBinding: BasicHttpBinding basicHttpBinding = new BasicHttpBinding(); basicHttpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = basicHttpBinding; break; case BindingType.NetNamedPipeBinding: NetNamedPipeBinding netNamedPipeBinding = new NetNamedPipeBinding(); netNamedPipeBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = netNamedPipeBinding; break; case BindingType.NetPeerTcpBinding: NetPeerTcpBinding netPeerTcpBinding = new NetPeerTcpBinding(); netPeerTcpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = netPeerTcpBinding; break; case BindingType.NetTcpBinding: NetTcpBinding netTcpBinding = new NetTcpBinding(); netTcpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = netTcpBinding; break; case BindingType.WSDualHttpBinding: WSDualHttpBinding wsDualHttpBinding = new WSDualHttpBinding(); wsDualHttpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = wsDualHttpBinding; break; case BindingType.WSFederationHttpBinding: WSFederationHttpBinding wsFederationHttpBinding = new WSFederationHttpBinding(); wsFederationHttpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = wsFederationHttpBinding; break; case BindingType.WSHttpBinding: WSHttpBinding wsHttpBinding = new WSHttpBinding(); wsHttpBinding.MaxReceivedMessageSize = maxReceivedMessageSize; binding = wsHttpBinding; break; default: break; } return(binding); }
private static Binding GetWSFederationHttpBinding() { var binding = new WSFederationHttpBinding(); binding.MaxReceivedMessageSize = int.MaxValue; binding.Security.Mode = WSFederationHttpSecurityMode.None; return(binding); }
public static Binding CreateBinding(string bindingName) { Binding result = null; try { if (string.Compare(bindingName, typeof(WSHttpBinding).FullName, true) == 0) { result = new WSHttpBinding(); } else if (string.Compare(bindingName, typeof(WS2007HttpBinding).FullName, true) == 0) { result = new WS2007HttpBinding(); } else if (string.Compare(bindingName, typeof(BasicHttpBinding).FullName, true) == 0) { result = new BasicHttpBinding(); } else if (string.Compare(bindingName, typeof(WSDualHttpBinding).FullName, true) == 0) { result = new WSDualHttpBinding(); } else if (string.Compare(bindingName, typeof(WS2007FederationHttpBinding).FullName, true) == 0) { result = new WS2007FederationHttpBinding(); } else if (string.Compare(bindingName, typeof(WSFederationHttpBinding).FullName, true) == 0) { result = new WSFederationHttpBinding(); } else if (string.Compare(bindingName, typeof(NetNamedPipeBinding).FullName, true) == 0) { result = new NetNamedPipeBinding(); } else if (string.Compare(bindingName, typeof(NetMsmqBinding).FullName, true) == 0) { result = new NetMsmqBinding(); } else if (string.Compare(bindingName, typeof(MsmqIntegrationBinding).FullName, true) == 0) { result = new MsmqIntegrationBinding(); } else if (string.Compare(bindingName, typeof(NetTcpBinding).FullName, true) == 0) { result = new NetTcpBinding(); } else if (string.Compare(bindingName, typeof(NetPeerTcpBinding).FullName, true) == 0) { result = new NetPeerTcpBinding(); } } catch { result = new BasicHttpBinding(BasicHttpSecurityMode.None); } return(result); }
/// <summary> /// Loads the binding's settings from a XML encoded string. /// </summary> /// <param name="binding">The binding.</param> /// <param name="settings">The settings.</param> /// <exception cref="ArgumentException">Thrown if the settings are not valid.</exception> private void LoadSettings(WSFederationHttpBinding binding, string settings) { if (string.IsNullOrWhiteSpace(settings)) { return; } throw new NotImplementedException(); // $todo(jeff.lill): Implement this }
static void Main() { // Create a channel. EndpointAddress address = new EndpointAddress("http://localhost/servicemodelsamples/service.svc"); // <Snippet2> // <Snippet1> WSFederationHttpBinding binding = new WSFederationHttpBinding(); binding.Security.Message.ClaimTypeRequirements.Add (new ClaimTypeRequirement ("http://schemas.microsoft.com/ws/2005/05/identity/claims/EmailAddress")); binding.Security.Message.ClaimTypeRequirements.Add (new ClaimTypeRequirement ("http://schemas.microsoft.com/ws/2005/05/identity/claims/UserName", true)); // </Snippet1> ClaimTypeRequirement cr = new ClaimTypeRequirement ("http://schemas.microsoft.com/ws/2005/05/identity/claims/UserName", true); Console.WriteLine(cr.ClaimType); Console.WriteLine(cr.IsOptional); // </Snippet2> ChannelFactory <ICalculator> factory = new ChannelFactory <ICalculator>(binding, address); ICalculator channel = factory.CreateChannel(); // Call the Add service operation. double value1 = 100.00D; double value2 = 15.99D; double result = channel.Add(value1, value2); Console.WriteLine("Add({0},{1}) = {2}", value1, value2, result); // Call the Subtract service operation. value1 = 145.00D; value2 = 76.54D; result = channel.Subtract(value1, value2); Console.WriteLine("Subtract({0},{1}) = {2}", value1, value2, result); // Call the Multiply service operation. value1 = 9.00D; value2 = 81.25D; result = channel.Multiply(value1, value2); Console.WriteLine("Multiply({0},{1}) = {2}", value1, value2, result); // Call the Divide service operation. value1 = 22.00D; value2 = 7.00D; result = channel.Divide(value1, value2); Console.WriteLine("Divide({0},{1}) = {2}", value1, value2, result); Console.WriteLine(); Console.WriteLine("Press <ENTER> to terminate client."); Console.ReadLine(); ((IChannel)channel).Close(); }
/// <summary> /// Configures the specified binding. /// </summary> /// <param name="binding">The binding.</param> /// <returns>Binding.</returns> public virtual Binding Configure( WSFederationHttpBinding binding) { if (binding == null) { throw new ArgumentNullException(nameof(binding)); } return(ConfigureDefault(binding)); }
public static void WSFederationHttpBindingTests_Succeeds() { EndpointAddress issuerAddress = null; EndpointAddress serviceEndpointAddress = null; string tokenTargetAddress = null; string testString = "Hello"; ChannelFactory <IWcfService> factory = null; IWcfService serviceProxy = null; try { // *** SETUP *** \\ issuerAddress = new EndpointAddress(new Uri(Endpoints.WSFederationAuthorityLocalSTS)); tokenTargetAddress = Endpoints.Https_SecModeTransWithMessCred_ClientCredTypeIssuedTokenSaml2; serviceEndpointAddress = new EndpointAddress(new Uri(tokenTargetAddress)); var issuerBinding = new WSHttpBinding(SecurityMode.Transport); issuerBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; WSFederationHttpBinding federationBinding = new WSFederationHttpBinding( new WSTrustTokenParameters { IssuerAddress = issuerAddress, IssuerBinding = issuerBinding, KeyType = SecurityKeyType.BearerKey, Target = tokenTargetAddress, TokenType = Saml2Constants.OasisWssSaml2TokenProfile11 }); //federationBinding.Security.Message.EstablishSecurityContext = false; var customBinding = new CustomBinding(federationBinding); var sbe = customBinding.Elements.Find <SecurityBindingElement>(); sbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; factory = new ChannelFactory <IWcfService>(customBinding, serviceEndpointAddress); // TODO: Fix the need for this factory.Credentials.UserName.UserName = "******"; factory.Credentials.UserName.Password = "******"; serviceProxy = factory.CreateChannel(); // *** EXECUTE *** \\ string result = serviceProxy.Echo(testString); // *** VALIDATE *** \\ Assert.Equal(testString, result); // *** CLEANUP *** \\ ((ICommunicationObject)serviceProxy).Close(); factory.Close(); } finally { // *** ENSURE CLEANUP *** \\ ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory); } }
protected override void OnApplyConfiguration(Binding binding) { base.OnApplyConfiguration(binding); WSFederationHttpBinding binding2 = (WSFederationHttpBinding)binding; if (this.PrivacyNoticeAt != null) { binding2.PrivacyNoticeAt = this.PrivacyNoticeAt; binding2.PrivacyNoticeVersion = this.PrivacyNoticeVersion; } this.Security.ApplyConfiguration(binding2.Security); }
protected internal override void InitializeFrom(Binding binding) { base.InitializeFrom(binding); WSFederationHttpBinding binding2 = (WSFederationHttpBinding)binding; if (binding2.PrivacyNoticeAt != null) { this.PrivacyNoticeAt = binding2.PrivacyNoticeAt; this.PrivacyNoticeVersion = binding2.PrivacyNoticeVersion; } this.Security.InitializeFrom(binding2.Security); }
/// <summary> /// 标签:2015.7.13,魏中针 /// 说明:WSFederationHttpBinding 模式 /// </summary> /// <returns></returns> public static WSFederationHttpBinding WsFederationBinding() { var WsFederationBinding = new WSFederationHttpBinding(); WsFederationBinding.Security.Mode = WSFederationHttpSecurityMode.None; WsFederationBinding.ReceiveTimeout = TimeSpan.MaxValue; WsFederationBinding.SendTimeout = TimeSpan.MaxValue; WsFederationBinding.MaxReceivedMessageSize = int.MaxValue; WsFederationBinding.Name = "wsf"; return(WsFederationBinding); }
public static void WSFederationHttpBindingTests_Succeeds(MessageSecurityVersion messageSecurityVersion, SecurityKeyType securityKeyType, bool useSecureConversation, string endpointSuffix, WSMessageEncoding encoding) { Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; EndpointAddress issuerAddress = null; EndpointAddress serviceEndpointAddress = null; string tokenTargetAddress = null; string testString = "Hello"; ChannelFactory <IWcfService> factory = null; IWcfService serviceProxy = null; try { // *** SETUP *** \\ issuerAddress = new EndpointAddress(new Uri(Endpoints.WSFederationAuthorityLocalSTS + endpointSuffix)); tokenTargetAddress = Endpoints.Https_SecModeTransWithMessCred_ClientCredTypeIssuedTokenSaml2 + endpointSuffix + (useSecureConversation ? "/sc" : string.Empty) + "/" + Enum.GetName(typeof(WSMessageEncoding), encoding); serviceEndpointAddress = new EndpointAddress(new Uri(tokenTargetAddress)); var issuerBinding = new WSHttpBinding(SecurityMode.Transport); issuerBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; WSFederationHttpBinding federationBinding = new WSFederationHttpBinding( new WSTrustTokenParameters { IssuerAddress = issuerAddress, IssuerBinding = issuerBinding, KeyType = securityKeyType, TokenType = Saml2Constants.OasisWssSaml2TokenProfile11, MessageSecurityVersion = messageSecurityVersion, }); federationBinding.MessageEncoding = encoding; federationBinding.Security.Message.EstablishSecurityContext = useSecureConversation; factory = new ChannelFactory <IWcfService>(federationBinding, serviceEndpointAddress); factory.Credentials.UserName.UserName = "******"; // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a real secret")] factory.Credentials.UserName.Password = "******"; serviceProxy = factory.CreateChannel(); // *** EXECUTE *** \\ string result = serviceProxy.Echo(testString); // *** VALIDATE *** \\ Assert.Equal(testString, result); // *** CLEANUP *** \\ ((ICommunicationObject)serviceProxy).Close(); factory.Close(); } finally { // *** ENSURE CLEANUP *** \\ ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory); } }
protected internal override void InitializeFrom(Binding binding) { base.InitializeFrom(binding); WSFederationHttpBinding wspBinding = (WSFederationHttpBinding)binding; if (wspBinding.PrivacyNoticeAt != null) { SetPropertyValueIfNotDefaultValue(ConfigurationStrings.PrivacyNoticeAt, wspBinding.PrivacyNoticeAt); SetPropertyValueIfNotDefaultValue(ConfigurationStrings.PrivacyNoticeVersion, wspBinding.PrivacyNoticeVersion); } this.Security.InitializeFrom(wspBinding.Security); }
//<snippet4> // This method creates a WSFederationHttpBinding. public static WSFederationHttpBinding CreateWSFederationHttpBinding() { // Create an instance of the WSFederationHttpBinding WSFederationHttpBinding b = new WSFederationHttpBinding(); // Set the security mode to Message b.Security.Mode = WSFederationHttpSecurityMode.Message; // Set the Algorithm Suite to Basic256Rsa15 b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15; // Set NegotiateServiceCredential to true b.Security.Message.NegotiateServiceCredential = true; // Set IssuedKeyType to Symmetric b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey; // Set IssuedTokenType to SAML 1.1 b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1"; // Extract the STS certificate from the certificate store X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindByThumbprint, "cd 54 88 85 0d 63 db ac 92 59 05 af ce b8 b1 de c3 67 9e 3f", false); store.Close(); // Create an EndpointIdentity from the STS certificate EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity(certs[0]); // Set the IssuerAddress using the address of the STS and the previously created EndpointIdentity b.Security.Message.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity); // <Snippet5> // Set the IssuerBinding to a WSHttpBinding loaded from config b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer"); // </Snippet5> // Set the IssuerMetadataAddress using the metadata address of the STS and the previously created EndpointIdentity b.Security.Message.IssuerMetadataAddress = new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity); // Create a ClaimTypeRequirement ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false); // Add the ClaimTypeRequirement to ClaimTypeRequirements b.Security.Message.ClaimTypeRequirements.Add(ctr); // Return the created binding return(b); }
internal static Binding CreateBinding(string flag) { Binding binding = null; switch (flag) { case "NetTcp": binding = new NetTcpBinding(); break; case "BasicHttp": binding = new BasicHttpBinding(); break; case "WSHttp": binding = new WSHttpBinding(); break; case "WSDualHttp": binding = new WSDualHttpBinding(); break; case "WSFederationHttp": binding = new WSFederationHttpBinding(); break; case "NetNamedPipe": binding = new NetNamedPipeBinding(); break; case "NetMsmq": binding = new NetMsmqBinding(); break; case "NetPeerTcp": binding = new NetPeerTcpBinding(); break; case "MsmqIntegration": binding = new System.ServiceModel.MsmqIntegration.MsmqIntegrationBinding(); break; default: binding = new NetTcpBinding(); break; } return(binding); }
/// <summary> /// 根据绑定协议创建具体绑定对象 /// </summary> /// <param name="bindingName"></param> /// <returns></returns> private static Binding CreateBindingByName(string bindingName) { Binding binding = null; switch (bindingName) { case BindingName.NetTcpBinding: binding = new NetTcpBinding(); break; case BindingName.BasicHttpBinding: binding = new BasicHttpBinding(); break; case BindingName.WSHttpBinding: binding = new WSHttpBinding(); break; case BindingName.WSDualHttpBinding: binding = new WSDualHttpBinding(); break; case BindingName.WSFederationHttpBinding: binding = new WSFederationHttpBinding(); break; case BindingName.NetNamedPipeBinding: binding = new NetNamedPipeBinding(); break; case BindingName.NetMsmqBinding: binding = new NetMsmqBinding(); break; case BindingName.NetPeerTcpBinding: binding = new NetPeerTcpBinding(); break; case BindingName.CustomBinding: binding = new CustomBinding(); break; default: binding = new NetTcpBinding(); break; } return(binding); }
private Binding method_1(IBindingConfigurationElement ibindingConfigurationElement_0) { Binding result; if (ibindingConfigurationElement_0 is CustomBindingElement) { result = new CustomBinding(); } else if (ibindingConfigurationElement_0 is BasicHttpBindingElement) { result = new BasicHttpBinding(); } else if (ibindingConfigurationElement_0 is NetMsmqBindingElement) { result = new NetMsmqBinding(); } else if (ibindingConfigurationElement_0 is NetNamedPipeBindingElement) { result = new NetNamedPipeBinding(); } else if (ibindingConfigurationElement_0 is NetPeerTcpBindingElement) { result = new NetPeerTcpBinding(); } else if (ibindingConfigurationElement_0 is NetTcpBindingElement) { result = new NetTcpBinding(); } else if (ibindingConfigurationElement_0 is WSDualHttpBindingElement) { result = new WSDualHttpBinding(); } else if (ibindingConfigurationElement_0 is WSHttpBindingElement) { result = new WSHttpBinding(); } else if (ibindingConfigurationElement_0 is WSFederationHttpBindingElement) { result = new WSFederationHttpBinding(); } else { result = null; } return(result); }
void DefaultValues(WSFederationHttpBinding b, string scheme) { Assert.AreEqual(false, b.BypassProxyOnLocal, "#1"); Assert.AreEqual(HostNameComparisonMode.StrongWildcard, b.HostNameComparisonMode, "#2"); Assert.AreEqual(0x80000, b.MaxBufferPoolSize, "#3"); Assert.AreEqual(0x10000, b.MaxReceivedMessageSize, "#5"); Assert.AreEqual(WSMessageEncoding.Text, b.MessageEncoding, "#6"); Assert.IsNull(b.ProxyAddress, "#7"); // FIXME: test b.ReaderQuotas Assert.AreEqual(scheme, b.Scheme, "#8"); Assert.AreEqual(EnvelopeVersion.Soap12, b.EnvelopeVersion, "#9"); Assert.AreEqual(65001, b.TextEncoding.CodePage, "#10"); // utf-8 Assert.AreEqual(false, b.TransactionFlow, "#11"); Assert.AreEqual(true, b.UseDefaultWebProxy, "#12"); Assert.AreEqual(MessageVersion.Default, b.MessageVersion, "#14"); Assert.IsNotNull(b.ReliableSession, "#15"); }
public static void WSTrustTokeParameters_WSStaticHelper() { Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; EndpointAddress issuerAddress = null; EndpointAddress serviceEndpointAddress = null; string tokenTargetAddress = null; string testString = "Hello"; ChannelFactory <IWcfService> factory = null; IWcfService serviceProxy = null; try { // *** SETUP *** \\ issuerAddress = new EndpointAddress(new Uri(Endpoints.WSFederationAuthorityLocalSTS + "wsHttp/wstrustFeb2005")); tokenTargetAddress = Endpoints.Https_SecModeTransWithMessCred_ClientCredTypeIssuedTokenSaml2 + "wsHttp/wstrustFeb2005"; serviceEndpointAddress = new EndpointAddress(new Uri(tokenTargetAddress)); var issuerBinding = new WSHttpBinding(SecurityMode.Transport); issuerBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; WSFederationHttpBinding federationBinding = new WSFederationHttpBinding(WSTrustTokenParameters.CreateWSFederationTokenParameters(issuerBinding, issuerAddress)); federationBinding.Security.Message.EstablishSecurityContext = false; factory = new ChannelFactory <IWcfService>(federationBinding, serviceEndpointAddress); factory.Credentials.UserName.UserName = "******"; // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a real secret")] factory.Credentials.UserName.Password = "******"; serviceProxy = factory.CreateChannel(); // *** EXECUTE *** \\ string result = serviceProxy.Echo(testString); // *** VALIDATE *** \\ Assert.Equal(testString, result); // *** CLEANUP *** \\ ((ICommunicationObject)serviceProxy).Close(); factory.Close(); } finally { // *** ENSURE CLEANUP *** \\ ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory); } }
static void Main(string[] args) { NetNamedPipeBinding netNamedPipeBinding = new NetNamedPipeBinding(NetNamedPipeSecurityMode.None); NetMsmqBinding netMsmqBinding = new NetMsmqBinding(); NetTcpBinding netTcpBinding = new NetTcpBinding(); WSHttpBinding wsHttpBinding = new WSHttpBinding(); wsHttpBinding.Security.Mode = SecurityMode.Transport; WSDualHttpBinding wSDualHttpBinding = new WSDualHttpBinding(); WSFederationHttpBinding wSFederationHttpBinding = new WSFederationHttpBinding(); wSFederationHttpBinding.Security.Mode = SecurityMode.TransportWithMessageCredential; }
private void SetSecuritySettings(Endpoint serviceInterface, WSFederationHttpBinding secureBinding) { GetStsSettingsFromEnvironment(serviceInterface); secureBinding.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256; secureBinding.Security.Message.NegotiateServiceCredential = false; secureBinding.Security.Message.EstablishSecurityContext = false; secureBinding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; secureBinding.Security.Message.IssuedTokenType = null; var identity = EndpointIdentity.CreateDnsIdentity((new Uri(serviceInterface.IssuerName).DnsSafeHost)); secureBinding.Security.Message.IssuerAddress = CreateIssuerAddress(serviceInterface, identity); if (IsClient) { secureBinding.Security.Message.IssuerBinding = CreateIssuerBinding(serviceInterface); } else { secureBinding.Security.Message.IssuerMetadataAddress = new EndpointAddress(new Uri(serviceInterface.IssuerMetadataAddress), identity); } }
private WSFederationHttpBinding GetFederatedBindingFromIssuerContract(Type contractType) { WSFederationHttpBinding binding; // If STS endpoint is using WSTrustFeb2005, then need to use WSFederationHttpBinding if (contractType == typeof(IWSTrustFeb2005SyncContract)) { binding = new WSFederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); } // If STS endpoint is using WSTrust1.3, then need to use WS2007FederationHttpBinding else if (contractType == typeof(IWSTrust13SyncContract)) { binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); } else { throw new ArgumentException("Unknown contract type", "contractType"); } return(binding); }
public void federation() { //var stsEp = new EndpointAddress("https://services-int.ehealth.fgov.be/IAM/SingleSignOnService/v1"); var stsEp = new EndpointAddress("https://localhost:8080/services/echo/soap12wss10"); var stsBinding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential); stsBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; stsBinding.Security.Message.NegotiateServiceCredential = false; stsBinding.Security.Message.EstablishSecurityContext = false; WSFederationHttpBinding binding; #if NETFRAMEWORK binding = new WSFederationHttpBinding(); binding.Security.Mode = WSFederationHttpSecurityMode.TransportWithMessageCredential; binding.Security.Message.IssuedKeyType = SecurityKeyType.AsymmetricKey; binding.Security.Message.IssuerAddress = stsEp; binding.Security.Message.IssuerBinding = stsBinding; binding.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"; ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false); binding.Security.Message.ClaimTypeRequirements.Add(ctr); #else var parameters = WSTrustTokenParameters.CreateWSFederationTokenParameters(stsBinding, stsEp); parameters.KeyType = SecurityKeyType.AsymmetricKey; parameters.TokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"; binding = new WSFederationHttpBinding(parameters); #endif var ep = new EndpointAddress("https://localhost:8080/services/echo/soap12"); ChannelFactory <IEchoService> channelFactory = new ChannelFactory <IEchoService>(binding, ep); channelFactory.Credentials.ClientCertificate.Certificate = rsa; IEchoService client = channelFactory.CreateChannel(); String pong = client.Echo("boe"); Assert.Equal("boe", pong); }
private WSFederationHttpBinding GetFederatedBindingFromIssuerContract(Type contractType) { WSFederationHttpBinding binding; // If STS endpoint is using WSTrustFeb2005, then need to use WSFederationHttpBinding and symmetric issued tokens if (contractType == typeof(IWSTrustFeb2005SyncContract)) { binding = new WSFederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey; } // If STS endpoint is using WSTrust1.3, then need to use WS2007FederationHttpBinding and bearer issued tokens else if (contractType == typeof(IWSTrust13SyncContract)) { binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; } else { throw new ArgumentException("Unknown contract type", "contractType"); } return(binding); }
void ConfigureTransactions(Binding binding) { if (binding is NetTcpBinding) { NetTcpBinding tcpBinding = binding as NetTcpBinding; if (tcpBinding.TransactionFlow) { m_TransactionFlowLabel.Text = "Flow: Enabled"; if (tcpBinding.TransactionProtocol == TransactionProtocol.OleTransactions) { m_TransactionProtocol.Text = "Protocol: OleTx"; } else { m_TransactionProtocol.Text = "Protocol: WSAT"; } } else { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } } if (binding is NetNamedPipeBinding) { NetNamedPipeBinding pipeBinding = binding as NetNamedPipeBinding; if (pipeBinding.TransactionFlow) { m_TransactionFlowLabel.Text = "Flow: Enabled"; if (pipeBinding.TransactionProtocol == TransactionProtocol.OleTransactions) { m_TransactionProtocol.Text = "Protocol: OleTx"; } else { m_TransactionProtocol.Text = "Protocol: WSAT"; } } else { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } } if (binding is NetMsmqBinding) { m_TransactionFlowLabel.Text = "Flow: N/A"; m_TransactionProtocol.Text = "Protocol: -"; } if (binding is BasicHttpBinding || binding is NetPeerTcpBinding) { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } if (binding is WSHttpBinding) { WSHttpBinding wsBinding = binding as WSHttpBinding; if (wsBinding.TransactionFlow) { m_TransactionFlowLabel.Text = "Flow: Enabled"; m_TransactionProtocol.Text = "Protocol: WSAT"; } else { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } } if (binding is WSDualHttpBinding) { WSDualHttpBinding wsDualBinding = binding as WSDualHttpBinding; if (wsDualBinding.TransactionFlow) { m_TransactionFlowLabel.Text = "Flow: Enabled"; m_TransactionProtocol.Text = "Protocol: WSAT"; } else { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } } if (binding is WSFederationHttpBinding) { WSFederationHttpBinding federatedBinding = binding as WSFederationHttpBinding; if (federatedBinding.TransactionFlow) { m_TransactionFlowLabel.Text = "Flow: Enabled"; m_TransactionProtocol.Text = "Protocol: WSAT"; } else { m_TransactionFlowLabel.Text = "Flow: Disabled"; m_TransactionProtocol.Text = "Protocol: -"; } } }
void ConfigureReliability(Binding binding) { if (binding is NetTcpBinding) { NetTcpBinding tcpBinding = binding as NetTcpBinding; if (tcpBinding.ReliableSession.Enabled) { m_ReliabilityEnabledLabel.Text = "Enabled"; if (tcpBinding.ReliableSession.Ordered) { m_OrderedLabel.Text = "Ordered"; } else { m_OrderedLabel.Text = "Unordered"; } } else { m_ReliabilityEnabledLabel.Text = "Disabled"; m_OrderedLabel.Text = "Unordered"; } } if (binding is NetNamedPipeBinding) { m_ReliabilityEnabledLabel.Text = "Enabled"; m_OrderedLabel.Text = "Ordered"; } if (binding is NetMsmqBinding) { m_OrderedLabel.Text = "Reliability: N/A"; m_OrderedLabel.Text = "Ordered: N/A"; } if (binding is BasicHttpBinding || binding is NetPeerTcpBinding) { m_ReliabilityEnabledLabel.Text = "Disabled"; m_OrderedLabel.Text = "Unordered"; } if (binding is WSHttpBinding) { WSHttpBinding wsBinding = binding as WSHttpBinding; if (wsBinding.ReliableSession.Enabled) { m_ReliabilityEnabledLabel.Text = "Enabled"; if (wsBinding.ReliableSession.Ordered) { m_OrderedLabel.Text = "Ordered"; } else { m_OrderedLabel.Text = "Unordered"; } } else { m_ReliabilityEnabledLabel.Text = "Disabled"; m_OrderedLabel.Text = "Unordered"; } } if (binding is WSDualHttpBinding) { m_ReliabilityEnabledLabel.Text = "Enabled"; WSDualHttpBinding wsDualBinding = binding as WSDualHttpBinding; if (wsDualBinding.ReliableSession.Ordered) { m_OrderedLabel.Text = "Ordered"; } else { m_OrderedLabel.Text = "Unordered"; } } if (binding is WSFederationHttpBinding) { WSFederationHttpBinding federatedBinding = binding as WSFederationHttpBinding; if (federatedBinding.ReliableSession.Enabled) { m_ReliabilityEnabledLabel.Text = "Enabled"; if (federatedBinding.ReliableSession.Ordered) { m_OrderedLabel.Text = "Ordered"; } else { m_OrderedLabel.Text = "Unordered"; } } else { m_ReliabilityEnabledLabel.Text = "Disabled"; m_OrderedLabel.Text = "Unordered"; } } }
void ConfigureSecurityMode(Binding binding) { SecurityModeEx securityMode = SecurityModeEx.None; if (binding is NetTcpBinding) { NetTcpBinding tcpBinding = binding as NetTcpBinding; switch (tcpBinding.Security.Mode) { case SecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case SecurityMode.None: { securityMode = SecurityModeEx.None; break; } case SecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } case SecurityMode.TransportWithMessageCredential: { securityMode = SecurityModeEx.Mixed; break; } } } if (binding is NetNamedPipeBinding) { NetNamedPipeBinding pipeBinding = binding as NetNamedPipeBinding; switch (pipeBinding.Security.Mode) { case NetNamedPipeSecurityMode.None: { securityMode = SecurityModeEx.None; break; } case NetNamedPipeSecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } } } if (binding is NetMsmqBinding) { NetMsmqBinding msmqBinding = binding as NetMsmqBinding; switch (msmqBinding.Security.Mode) { case NetMsmqSecurityMode.Both: { securityMode = SecurityModeEx.Both; break; } case NetMsmqSecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case NetMsmqSecurityMode.None: { securityMode = SecurityModeEx.None; break; } case NetMsmqSecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } } } if (binding is BasicHttpBinding) { BasicHttpBinding basicBinding = binding as BasicHttpBinding; switch (basicBinding.Security.Mode) { case BasicHttpSecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case BasicHttpSecurityMode.None: { securityMode = SecurityModeEx.None; break; } case BasicHttpSecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } case BasicHttpSecurityMode.TransportCredentialOnly: { securityMode = SecurityModeEx.Transport; break; } case BasicHttpSecurityMode.TransportWithMessageCredential: { securityMode = SecurityModeEx.Mixed; break; } } } if (binding is WSHttpBinding) { WSHttpBinding wsBinding = binding as WSHttpBinding; switch (wsBinding.Security.Mode) { case SecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case SecurityMode.None: { securityMode = SecurityModeEx.None; break; } case SecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } case SecurityMode.TransportWithMessageCredential: { securityMode = SecurityModeEx.Mixed; break; } } } if (binding is WSDualHttpBinding) { WSDualHttpBinding wsDualBinding = binding as WSDualHttpBinding; switch (wsDualBinding.Security.Mode) { case WSDualHttpSecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case WSDualHttpSecurityMode.None: { securityMode = SecurityModeEx.None; break; } } } if (binding is NetPeerTcpBinding) { NetPeerTcpBinding peerBinding = binding as NetPeerTcpBinding; switch (peerBinding.Security.Mode) { case SecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case SecurityMode.None: { securityMode = SecurityModeEx.None; break; } case SecurityMode.Transport: { securityMode = SecurityModeEx.Transport; break; } case SecurityMode.TransportWithMessageCredential: { securityMode = SecurityModeEx.Transport; break; } } } if (binding is WSFederationHttpBinding) { WSFederationHttpBinding federatedBinding = binding as WSFederationHttpBinding; switch (federatedBinding.Security.Mode) { case WSFederationHttpSecurityMode.Message: { securityMode = SecurityModeEx.Message; break; } case WSFederationHttpSecurityMode.None: { securityMode = SecurityModeEx.None; break; } case WSFederationHttpSecurityMode.TransportWithMessageCredential: { securityMode = SecurityModeEx.Mixed; break; } } } m_NoneRadioButton.Checked = securityMode == SecurityModeEx.None; m_TransportRadioButton.Checked = securityMode == SecurityModeEx.Transport; m_MessageRadioButton.Checked = securityMode == SecurityModeEx.Message; m_MixedRadioButton.Checked = securityMode == SecurityModeEx.Mixed; m_BothRadioButton.Checked = securityMode == SecurityModeEx.Both; }
// Create and configure bindings within this EXE console application. public static void Main() { // Create a WSHttpBinding // <Snippet3> // <Snippet1> WSHttpBinding binding1 = new WSHttpBinding(); // </Snippet1> binding1.BypassProxyOnLocal = true; // </Snippet3> // <Snippet4> EnvelopeVersion envelopeVersion = binding1.EnvelopeVersion; // </Snippet4> // <Snippet5> HostNameComparisonMode hostnameComparisonMode = binding1.HostNameComparisonMode; // </Snippet5> // <Snippet6> long maxBufferPoolSize = binding1.MaxBufferPoolSize; // </Snippet6> // <Snippet7> long maxReceivedMessageSize = binding1.MaxReceivedMessageSize; // </Snippet7> // <Snippet8> WSMessageEncoding messageEncoding = binding1.MessageEncoding; // </Snippet8> // <Snippet9> Uri proxyAddress = binding1.ProxyAddress; // </Snippet9> // <Snippet10> XmlDictionaryReaderQuotas readerQuotas = binding1.ReaderQuotas; // </Snippet10> // <Snippet11> OptionalReliableSession reliableSession = binding1.ReliableSession; // </Snippet11> // <Snippet12> string scheme = binding1.Scheme; // </Snippet12> // <Snippet13> Encoding textEncoding = binding1.TextEncoding; // </Snippet13> // <Snippet14> bool transactionFlow = binding1.TransactionFlow; // </Snippet14> // <Snippet15> bool useDefaultWebProxy = binding1.UseDefaultWebProxy; // </Snippet15> // <Snippet16> BindingElementCollection bindingElements = binding1.CreateBindingElements(); // </Snippet16> // Set WSHttpBinding binding property values binding1.Name = "Binding1"; binding1.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard; binding1.Security.Mode = SecurityMode.Message; binding1.ReliableSession.Enabled = false; binding1.TransactionFlow = false; // binding1.Security.Message.DefaultProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign; // Enumerate properties of the binding1. Console.WriteLine("WSHttpBinding binding1 properties:"); Console.WriteLine(" - name:\t\t\t{0}", binding1.Name); Console.WriteLine(" - hostname comparison:\t{0}", binding1.HostNameComparisonMode); Console.WriteLine(" - security mode:\t\t{0}", binding1.Security.Mode); Console.WriteLine(" - RM enabled:\t\t{0}", binding1.ReliableSession.Enabled); Console.WriteLine(" - transaction flow:\t{0}", binding1.TransactionFlow); //Console.WriteLine(" - message security:\t{0}", binding1.Security.Message.DefaultProtectionLevel); Console.WriteLine(" - transport scheme:\t{0}", binding1.Scheme); Console.WriteLine(" - max message size:\t{0}", binding1.MaxReceivedMessageSize); Console.WriteLine(" - default text encoding:\t{0}", binding1.TextEncoding); Console.WriteLine(); // Create a WSFederationBinding with a message security mode // and with a reliable session enabled. WSFederationHttpBinding binding3 = new WSFederationHttpBinding(WSFederationHttpSecurityMode.Message, true); // Enumerate properties of the binding2. Console.WriteLine("WSFederationBinding binding3 properties:"); Console.WriteLine(" - security mode:\t\t{0}", binding3.Security.Mode); Console.WriteLine(" - RM enabled:\t\t{0}", binding3.ReliableSession.Enabled); Console.WriteLine(); Console.WriteLine("Press <ENTER> to terminate."); Console.ReadLine(); }