protected override HostedServiceTransportSettings CreateTransportSettings(string relativeVirtualPath)
{
HostedServiceTransportSettings settings = new HostedServiceTransportSettings();
using (MetabaseReader reader = new MetabaseReader())
{
settings.Realm = this.GetRealm(reader, relativeVirtualPath);
settings.AccessSslFlags = this.GetAccessSslFlags(reader, relativeVirtualPath);
settings.AuthFlags = this.GetAuthFlags(reader, relativeVirtualPath);
settings.AuthProviders = this.GetAuthProviders(reader, relativeVirtualPath);
if ((settings.AuthFlags & AuthFlags.AuthNTLM) != AuthFlags.None)
{
settings.IisExtendedProtectionPolicy = this.GetExtendedProtectionPolicy();
}
}
return settings;
}
protected override HostedServiceTransportSettings CreateTransportSettings(string relativeVirtualPath)
{
HostedServiceTransportSettings settings = new HostedServiceTransportSettings();
using (MetabaseReader reader = new MetabaseReader())
{
settings.Realm = this.GetRealm(reader, relativeVirtualPath);
settings.AccessSslFlags = this.GetAccessSslFlags(reader, relativeVirtualPath);
settings.AuthFlags = this.GetAuthFlags(reader, relativeVirtualPath);
settings.AuthProviders = this.GetAuthProviders(reader, relativeVirtualPath);
if ((settings.AuthFlags & AuthFlags.AuthNTLM) != AuthFlags.None)
{
settings.IisExtendedProtectionPolicy = this.GetExtendedProtectionPolicy();
}
}
return(settings);
}
private void PopulateApplicationProperties(MetabaseReader reader)
{
int num = 0;
bool flag = false;
bool flag2 = false;
bool flag3 = !base.Bindings.ContainsKey(Uri.UriSchemeHttps);
bool flag4 = false;
this.appTransportSettings = new HostedServiceTransportSettings();
string appAboPath = this.appAboPath;
object obj2 = null;
while ((num < 4) && (appAboPath.Length >= this.siteAboPath.Length))
{
if (!flag && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.Realm)) != null))
{
this.appTransportSettings.Realm = (string)obj2;
flag = true;
num++;
}
if (!flag2 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AuthFlags)) != null))
{
this.appTransportSettings.AuthFlags = (AuthFlags)((uint)obj2);
flag2 = true;
num++;
}
if (!flag3 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AccessSslFlags)) != null))
{
this.appTransportSettings.AccessSslFlags = (HttpAccessSslFlags)((uint)obj2);
flag3 = true;
num++;
}
if (!flag4 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AuthProviders)) != null))
{
this.appTransportSettings.AuthProviders = ((string)obj2).Split(IISConstants.CommaSeparator, StringSplitOptions.RemoveEmptyEntries);
flag4 = true;
num++;
}
int length = appAboPath.LastIndexOf('/');
appAboPath = appAboPath.Substring(0, length);
}
if ((this.appTransportSettings.AuthProviders == null) || (this.appTransportSettings.AuthProviders.Length == 0))
{
this.appTransportSettings.AuthProviders = MetabaseSettingsIis.DefaultAuthProviders;
}
}
void PopulateApplicationProperties(MetabaseReader reader)
{
int foundCount = 0;
bool foundRealm = false;
bool foundAuthFlags = false;
bool foundAccessSslFlags = !Bindings.ContainsKey(Uri.UriSchemeHttps);
bool foundAuthProviders = false;
appTransportSettings = new HostedServiceTransportSettings();
string endAboPath = appAboPath;
object propertyValue = null;
while (foundCount < 4 && endAboPath.Length >= siteAboPath.Length)
{
// Realm
if (!foundRealm && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.Realm))
!= null))
{
appTransportSettings.Realm = (string)propertyValue;
foundRealm = true;
foundCount++;
}
// AuthFlags
if (!foundAuthFlags && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AuthFlags))
!= null))
{
appTransportSettings.AuthFlags = (AuthFlags)(uint)propertyValue;
foundAuthFlags = true;
foundCount++;
}
// AccessSslFlags
if (!foundAccessSslFlags && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AccessSslFlags))
!= null))
{
appTransportSettings.AccessSslFlags = (HttpAccessSslFlags)(uint)propertyValue;
foundAccessSslFlags = true;
foundCount++;
}
// NTAuthProviders
if (!foundAuthProviders && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AuthProviders))
!= null))
{
string providersString = (string)propertyValue;
appTransportSettings.AuthProviders = providersString.Split(IISConstants.CommaSeparator, StringSplitOptions.RemoveEmptyEntries);
foundAuthProviders = true;
foundCount++;
}
// Continue the search in the parent path
int index = endAboPath.LastIndexOf(IISConstants.AboPathDelimiter);
endAboPath = endAboPath.Substring(0, index);
}
if (appTransportSettings.AuthProviders == null || appTransportSettings.AuthProviders.Length == 0)
{
appTransportSettings.AuthProviders = DefaultAuthProviders;
}
}
void PopulateApplicationProperties(MetabaseReader reader)
{
int foundCount = 0;
bool foundRealm = false;
bool foundAuthFlags = false;
bool foundAccessSslFlags = !Bindings.ContainsKey(Uri.UriSchemeHttps);
bool foundAuthProviders = false;
appTransportSettings = new HostedServiceTransportSettings();
string endAboPath = appAboPath;
object propertyValue = null;
while (foundCount < 4 && endAboPath.Length >= siteAboPath.Length)
{
// Realm
if (!foundRealm && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.Realm))
!= null))
{
appTransportSettings.Realm = (string)propertyValue;
foundRealm = true;
foundCount++;
}
// AuthFlags
if (!foundAuthFlags && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AuthFlags))
!= null))
{
appTransportSettings.AuthFlags = (AuthFlags)(uint)propertyValue;
foundAuthFlags = true;
foundCount++;
}
// AccessSslFlags
if (!foundAccessSslFlags && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AccessSslFlags))
!= null))
{
appTransportSettings.AccessSslFlags = (HttpAccessSslFlags)(uint)propertyValue;
foundAccessSslFlags = true;
foundCount++;
}
// NTAuthProviders
if (!foundAuthProviders && ((propertyValue = reader.GetData(endAboPath, MetabasePropertyType.AuthProviders))
!= null))
{
string providersString = (string)propertyValue;
appTransportSettings.AuthProviders = providersString.Split(IISConstants.CommaSeparator, StringSplitOptions.RemoveEmptyEntries);
foundAuthProviders = true;
foundCount++;
}
// Continue the search in the parent path
int index = endAboPath.LastIndexOf(IISConstants.AboPathDelimiter);
endAboPath = endAboPath.Substring(0, index);
}
if (appTransportSettings.AuthProviders == null || appTransportSettings.AuthProviders.Length == 0)
{
appTransportSettings.AuthProviders = DefaultAuthProviders;
}
}
internal override ExtendedProtectionPolicy GetExtendedProtectionPolicy(string virtualPath)
{
HostedServiceTransportSettings transportSettings = GetTransportSettings(virtualPath);
return(transportSettings.IisExtendedProtectionPolicy);
}
internal override AuthenticationSchemes GetAuthenticationSchemes(string virtualPath)
{
HostedServiceTransportSettings transportSettings = GetTransportSettings(virtualPath);
return(RemapAuthenticationSchemes(transportSettings.AuthFlags, transportSettings.AuthProviders));
}
internal override HttpAccessSslFlags GetAccessSslFlags(string virtualPath)
{
HostedServiceTransportSettings transportSettings = GetTransportSettings(virtualPath);
return(transportSettings.AccessSslFlags);
}
internal override string GetRealm(string virtualPath)
{
HostedServiceTransportSettings transportSettings = GetTransportSettings(virtualPath);
return(transportSettings.Realm);
}
void ProcessSecurityAccess(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
{
ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.SecurityAccessSectionName);
// Check SSL Flags.
if (section != null)
{
int sslFlags = (int)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.SslFlagsAttributeName);
transportSettings.AccessSslFlags = (HttpAccessSslFlags)sslFlags;
// Clear SslMapCert field, which should not contain any useful data now.
transportSettings.AccessSslFlags &= ~(HttpAccessSslFlags.SslMapCert);
}
// Check whether IIS client certificate mapping is enabled.
section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.IisClientCertMapAuthenticationName);
if ((section != null) &&
((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
)
{
transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert;
}
else
{
// Check whether Active Directory client certification mapping is enabled.
section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.ClientCertMapAuthenticationName);
if ((section != null) &&
((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
)
{
transportSettings.AccessSslFlags |= HttpAccessSslFlags.SslMapCert;
}
}
}
void ProcessDigestAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
{
ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName);
if ((section != null) &&
((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
)
{
transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5;
}
}
void ProcessWindowsAuthentication(string siteName, string virtualPath, ref HostedServiceTransportSettings transportSettings)
{
ConfigurationSection section = WebConfigurationManagerWrapper.WebConfigGetSection(siteName, virtualPath, MetabaseSettingsIis7Constants.WindowsAuthenticationSectionName);
if ((section != null) &&
((bool)WebConfigurationManagerWrapper.GetValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
)
{
transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthNTLM;
List<string> providerList = WebConfigurationManagerWrapper.GetProviderList(section);
if (providerList.Count != 0)
{
transportSettings.AuthProviders = providerList.ToArray();
}
// Check the CBT configuration
try
{
ConfigurationElement element = section.GetChildElement(MetabaseSettingsIis7Constants.ExtendedProtectionElementName);
if (element != null)
{
ExtendedProtectionTokenChecking tokenChecking;
ExtendedProtectionFlags flags;
List<string> spnList;
WebConfigurationManagerWrapper.ReadIisExtendedProtectionPolicy(element, out tokenChecking, out flags, out spnList);
transportSettings.IisExtendedProtectionPolicy = BuildExtendedProtectionPolicy(tokenChecking, flags, spnList);
}
}
catch (COMException e)
{
// hit this exception only when IIS does not support CBT
// safe for us to igore this COMException so that services not using CBT still can be activated
// if a service does use CBT in binding, channel listener will catch it when comparing IIS setting against WCF (on CBT) and throw exception
if (DiagnosticUtility.ShouldTraceWarning)
{
TraceUtility.TraceEvent(TraceEventType.Warning, TraceCode.WebHostNoCBTSupport,
SR.TraceCodeWebHostNoCBTSupport, this, e);
}
}
}
}
protected override HostedServiceTransportSettings CreateTransportSettings(string relativeVirtualPath)
{
Debug.Print("MetabaseSettingsIis7.CreateTransportSettings() calling ServerManager.GetWebConfiguration() virtualPath: " + relativeVirtualPath);
string absolutePath = VirtualPathUtility.ToAbsolute(relativeVirtualPath, HostingEnvironment.ApplicationVirtualPath);
HostedServiceTransportSettings transportSettings = new HostedServiceTransportSettings();
string siteName = HostingEnvironment.SiteName;
ProcessAnonymousAuthentication(siteName, absolutePath, ref transportSettings);
ProcessBasicAuthentication(siteName, absolutePath, ref transportSettings);
ProcessWindowsAuthentication(siteName, absolutePath, ref transportSettings);
ProcessDigestAuthentication(siteName, absolutePath, ref transportSettings);
ProcessSecurityAccess(siteName, absolutePath, ref transportSettings);
return transportSettings;
}
void ProcessDigestAuthentication(Configuration config, ref HostedServiceTransportSettings transportSettings)
{
ConfigurationSection section = ServerManagerWrapper.GetSection(config, MetabaseSettingsIis7Constants.DigestAuthenticationSectionName);
if ((section != null) &&
((bool)ServerManagerWrapper.GetAttributeValue(section, MetabaseSettingsIis7Constants.EnabledAttributeName))
)
{
transportSettings.AuthFlags = transportSettings.AuthFlags | AuthFlags.AuthMD5;
}
}
private void PopulateApplicationProperties(MetabaseReader reader)
{
int num = 0;
bool flag = false;
bool flag2 = false;
bool flag3 = !base.Bindings.ContainsKey(Uri.UriSchemeHttps);
bool flag4 = false;
this.appTransportSettings = new HostedServiceTransportSettings();
string appAboPath = this.appAboPath;
object obj2 = null;
while ((num < 4) && (appAboPath.Length >= this.siteAboPath.Length))
{
if (!flag && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.Realm)) != null))
{
this.appTransportSettings.Realm = (string) obj2;
flag = true;
num++;
}
if (!flag2 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AuthFlags)) != null))
{
this.appTransportSettings.AuthFlags = (AuthFlags) ((uint) obj2);
flag2 = true;
num++;
}
if (!flag3 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AccessSslFlags)) != null))
{
this.appTransportSettings.AccessSslFlags = (HttpAccessSslFlags) ((uint) obj2);
flag3 = true;
num++;
}
if (!flag4 && ((obj2 = reader.GetData(appAboPath, MetabasePropertyType.AuthProviders)) != null))
{
this.appTransportSettings.AuthProviders = ((string) obj2).Split(IISConstants.CommaSeparator, StringSplitOptions.RemoveEmptyEntries);
flag4 = true;
num++;
}
int length = appAboPath.LastIndexOf('/');
appAboPath = appAboPath.Substring(0, length);
}
if ((this.appTransportSettings.AuthProviders == null) || (this.appTransportSettings.AuthProviders.Length == 0))
{
this.appTransportSettings.AuthProviders = MetabaseSettingsIis.DefaultAuthProviders;
}
}
