// This method adds automatic endpoints at the base addresses, 1 per site binding (http or https). It only configures
// the security on the binding. It does not add any behaviors.
// If there are no base addresses, or if endpoints have been configured explicitly, it does not add any
// automatic endpoints.
// If it adds automatic endpoints, it validates that the service implements a single contract
internal static void AddAutomaticWebHttpBindingEndpoints(ServiceHost host, IDictionary<string, ContractDescription> implementedContracts, string multipleContractsErrorMessage, string noContractErrorMessage, string standardEndpointKind)
{
bool enableAutoEndpointCompat = AppSettings.EnableAutomaticEndpointsCompatibility;
// We do not add an automatic endpoint if an explicit endpoint has been configured unless
// the user has specifically opted into compat mode. See CSDMain bugs 176157 & 262728 for history
if (host.Description.Endpoints != null
&& host.Description.Endpoints.Count > 0
&& !enableAutoEndpointCompat)
{
return;
}
AuthenticationSchemes supportedSchemes = AuthenticationSchemes.None;
if (host.BaseAddresses.Count > 0)
{
supportedSchemes = AspNetEnvironment.Current.GetAuthenticationSchemes(host.BaseAddresses[0]);
if (AspNetEnvironment.Current.IsSimpleApplicationHost)
{
// Cassini always reports the auth scheme as anonymous or Ntlm. Map this to Ntlm, except when forms auth
// is requested
if (supportedSchemes == (AuthenticationSchemes.Anonymous | AuthenticationSchemes.Ntlm))
{
if (AspNetEnvironment.Current.IsWindowsAuthenticationConfigured())
{
supportedSchemes = AuthenticationSchemes.Ntlm;
}
else
{
supportedSchemes = AuthenticationSchemes.Anonymous;
}
}
}
}
Type contractType = null;
// add an endpoint with the contract at each base address
foreach (Uri baseAddress in host.BaseAddresses)
{
string uriScheme = baseAddress.Scheme;
// HTTP and HTTPs are only supported schemes
if (Object.ReferenceEquals(uriScheme, Uri.UriSchemeHttp) || Object.ReferenceEquals(uriScheme, Uri.UriSchemeHttps))
{
// bypass adding the automatic endpoint if there's already one at the base address
bool isExplicitEndpointConfigured = false;
foreach (ServiceEndpoint endpoint in host.Description.Endpoints)
{
if (endpoint.Address != null && EndpointAddress.UriEquals(endpoint.Address.Uri, baseAddress, true, false))
{
isExplicitEndpointConfigured = true;
break;
}
}
if (isExplicitEndpointConfigured)
{
continue;
}
if (contractType == null)
{
if (implementedContracts.Count > 1)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(multipleContractsErrorMessage));
}
else if (implementedContracts.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(noContractErrorMessage));
}
foreach (ContractDescription contract in implementedContracts.Values)
{
contractType = contract.ContractType;
break;
}
}
// Get the default web endpoint
ConfigLoader configLoader = new ConfigLoader(host.GetContractResolver(implementedContracts));
ServiceEndpointElement serviceEndpointElement = new ServiceEndpointElement();
serviceEndpointElement.Contract = contractType.FullName;
// Check for a protocol mapping
ProtocolMappingItem protocolMappingItem = ConfigLoader.LookupProtocolMapping(baseAddress.Scheme);
if (protocolMappingItem != null &&
string.Equals(protocolMappingItem.Binding, WebHttpBinding.WebHttpBindingConfigurationStrings.WebHttpBindingCollectionElementName, StringComparison.Ordinal))
{
serviceEndpointElement.BindingConfiguration = protocolMappingItem.BindingConfiguration;
}
serviceEndpointElement.Kind = standardEndpointKind;
// LookupEndpoint will not set the Endpoint address and listenUri
// because omitSettingEndpointAddress is set to true.
// We will set them after setting the binding security
ServiceEndpoint automaticEndpoint = configLoader.LookupEndpoint(serviceEndpointElement, null, host, host.Description, true /*omitSettingEndpointAddress*/);
WebHttpBinding binding = automaticEndpoint.Binding as WebHttpBinding;
bool automaticallyConfigureSecurity = !binding.Security.IsModeSet;
if (automaticallyConfigureSecurity)
{
if (Object.ReferenceEquals(uriScheme, Uri.UriSchemeHttps))
{
binding.Security.Mode = WebHttpSecurityMode.Transport;
}
else if (supportedSchemes != AuthenticationSchemes.None && supportedSchemes != AuthenticationSchemes.Anonymous)
{
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly;
}
else
{
binding.Security.Mode = WebHttpSecurityMode.None;
}
}
if (automaticallyConfigureSecurity && AspNetEnvironment.Enabled)
{
SetBindingCredentialBasedOnHostedEnvironment(automaticEndpoint, supportedSchemes);
}
// Setting the Endpoint address and listenUri now that we've set the binding security
ConfigLoader.ConfigureEndpointAddress(serviceEndpointElement, host, automaticEndpoint);
ConfigLoader.ConfigureEndpointListenUri(serviceEndpointElement, host, automaticEndpoint);
host.AddServiceEndpoint(automaticEndpoint);
}
}
}
