Пример #1
0
        void ProcessSecurityAccess(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
        {
            ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.SecurityAccessSectionName);

            // Check SSL Flags.
            if (section != null)
            {
                int sslFlags = (int)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.SslFlagsAttributeName);
                transportSettings.AccessSslFlags = (HttpAccessSslFlags)sslFlags;

                // Clear SslMapCert field, which should not contain any useful data now.
                transportSettings.AccessSslFlags &= ~(HttpAccessSslFlags.SslMapCert);
            }

            // Check whether IIS client certificate mapping is enabled.
            section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.IisClientCertMapAuthenticationName);
            if ((section != null) &&
                ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
                )
            {
                transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert;
            }
            else
            {
                // Check whether Active Directory client certification mapping is enabled.
                section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.ClientCertMapAuthenticationName);
                if ((section != null) &&
                    ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
                    )
                {
                    transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert;
                }
            }
        }
Пример #2
0
        void PopulateSiteProperties()
        {
            ConfigurationElement site = WebConfigurationManagerWrapper.GetSite(HostingEnvironment.SiteName);
            //
            // Build up the binding table.
            //
            IDictionary <string, List <string> > bindingList = WebConfigurationManagerWrapper.GetProtocolBindingTable(site);

            // Convert to string arrays
            foreach (KeyValuePair <string, List <string> > entry in bindingList)
            {
                this.Bindings.Add(entry.Key, entry.Value.ToArray());
                entry.Value.Clear();
            }

            // Clear the temporary buffer
            bindingList.Clear();

            //
            // Build up the protocol list.
            //

            string[] protocols = WebConfigurationManagerWrapper.GetEnabledProtocols(site).Split(MetabaseSettingsIis7Constants.CommaSeparator.ToCharArray(), StringSplitOptions.RemoveEmptyEntries);
            foreach (string protocolValue in protocols)
            {
                string protocol = protocolValue.Trim();
                protocol = protocol.ToLowerInvariant();

                if (string.IsNullOrEmpty(protocol) || this.Protocols.Contains(protocol))
                {
                    // Ignore duplicates and empty protocols
                    continue;
                }
                else if (string.Compare(protocol, Uri.UriSchemeHttp, StringComparison.OrdinalIgnoreCase) == 0 ||
                         string.Compare(protocol, Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase) == 0)
                {
                    // Special casing HTTPS. If HTTP is enabled, it means that
                    // both HTTP and HTTPS are enabled.
                    if (this.Bindings.ContainsKey(Uri.UriSchemeHttp))
                    {
                        this.Protocols.Add(Uri.UriSchemeHttp);
                    }

                    if (this.Bindings.ContainsKey(Uri.UriSchemeHttps))
                    {
                        this.Protocols.Add(Uri.UriSchemeHttps);
                    }
                }
                else if (this.Bindings.ContainsKey(protocol))
                {
                    // We only take the protocols that have bindings.
                    this.Protocols.Add(protocol);
                }
            }
        }
Пример #3
0
        void ProcessDigestAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
        {
            ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName);

            if ((section != null) &&
                ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
                )
            {
                transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5;
            }
        }
Пример #4
0
        void ProcessWindowsAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
        {
            ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.WindowsAuthenticationSectionName);

            if ((section != null) &&
                ((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
                )
            {
                transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthNTLM;

                List <string> providerList = WebConfigurationManagerWrapper.GetProviderList(section);

                if (providerList.Count != 0)
                {
                    transportSettings.AuthProviders = providerList.ToArray();
                }

                // Check the CBT configuration
                try
                {
                    ConfigurationElement element = section.GetChildElement(MetabaseSettingsIis7Constants.ExtendedProtectionElementName);
                    if (element != null)
                    {
                        ExtendedProtectionTokenChecking tokenChecking;
                        ExtendedProtectionFlags         flags;
                        List <string> spnList;
                        WebConfigurationManagerWrapper.ReadIisExtendedProtectionPolicy(element, out tokenChecking, out flags, out spnList);
                        transportSettings.IisExtendedProtectionPolicy = BuildExtendedProtectionPolicy(tokenChecking, flags, spnList);
                    }
                }
                catch (COMException e)
                {
                    // hit this exception only when IIS does not support CBT
                    // safe for us to igore this COMException so that services not using CBT still can be activated
                    // if a service does use CBT in binding, channel listener will catch it when comparing IIS setting against WCF (on CBT) and throw exception
                    if (DiagnosticUtility.ShouldTraceWarning)
                    {
                        TraceUtility.TraceEvent(TraceEventType.Warning, TraceCode.WebHostNoCBTSupport,
                                                SR.TraceCodeWebHostNoCBTSupport, this, e);
                    }
                }
            }
        }
Пример #5
0
        protected override IEnumerable <string> GetSiteApplicationPaths()
        {
            ConfigurationElement site = WebConfigurationManagerWrapper.GetSite(HostingEnvironment.SiteName);

            return(WebConfigurationManagerWrapper.GetApplicationPaths(site));
        }