private static void SetPolicyEnforcementMWA(ConfigurationElement extendedProtectionPolicyElement, ExtendedProtectionTokenCheckingMode tokenCheckingMode) { object[] array = (tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Allow) ? ExtendedProtection.WebConfigReflectionHelper.whenSupported : ((tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Require) ? ExtendedProtection.WebConfigReflectionHelper.always : ExtendedProtection.WebConfigReflectionHelper.never); extendedProtectionPolicyElement["policyEnforcement"] = array[0]; }
public static void LoadFromMetabase(string metabasePath, ObjectId identity, Task task, out ExtendedProtectionTokenCheckingMode extendedProtectionTokenChecking, out MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags, out MultiValuedProperty <string> extendedProtectionSPNList) { extendedProtectionTokenChecking = ExtendedProtectionTokenCheckingMode.None; extendedProtectionFlags = new MultiValuedProperty <ExtendedProtectionFlag>(); extendedProtectionSPNList = new MultiValuedProperty <string>(); using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, (task != null) ? new Task.TaskErrorLoggingReThrowDelegate(task.WriteError) : null, identity, false)) { if (directoryEntry != null) { string text; string str; string str2; if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out str, out str2)) { using (ServerManager serverManager = ServerManager.OpenRemote(text)) { Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration(); if (applicationHostConfiguration != null) { ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", "/" + str + str2); if (section != null) { ConfigurationElement configurationElement = section.ChildElements["extendedProtection"]; if (configurationElement != null) { object attributeValue = configurationElement.GetAttributeValue("tokenChecking"); if (attributeValue != null && attributeValue is int) { extendedProtectionTokenChecking = (ExtendedProtectionTokenCheckingMode)attributeValue; } object attributeValue2 = configurationElement.GetAttributeValue("flags"); if (attributeValue2 != null && attributeValue2 is int) { extendedProtectionFlags.Add((ExtendedProtectionFlag)attributeValue2); } ConfigurationElementCollection collection = configurationElement.GetCollection(); if (collection != null) { foreach (ConfigurationElement configurationElement2 in collection) { if (configurationElement2.Schema.Name == "spn") { string item = configurationElement2.GetAttributeValue("name").ToString(); extendedProtectionSPNList.Add(item); } } } } } } } } } } }
private static void SetPolicyEnforcement(object extendedProtectionPolicyProperty, ExtendedProtectionTokenCheckingMode tokenCheckingMode) { object[] parameters = (tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Allow) ? ExtendedProtection.WebConfigReflectionHelper.whenSupported : ((tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Require) ? ExtendedProtection.WebConfigReflectionHelper.always : ExtendedProtection.WebConfigReflectionHelper.never); ExtendedProtection.WebConfigReflectionHelper.policyEnforcementSetMethodInfo.Invoke(extendedProtectionPolicyProperty, parameters); }