public soap_WinFormFactory(
ref ServiceHost server,
Uri server_url,
string NameSpace,
Type serviceType,
Type ServiceInterfaceType,
ServiceBindingType bindType,
MessageCredentialType MessageCredentialType,
string certificatePath,
string certificatePassword,
deleErrReporter errReporter
)
{
this.server = server;
// 인증서 설정
SetCertificate(certificatePath,certificatePassword);
this.bindType = bindType;
this.service = null;
this.serviceType = serviceType;
this.errReporter = errReporter;
server.Faulted += delegate
{
this.server.Abort();
this.server = new ServiceHost(serviceType);
CreateService(server_url, NameSpace, ServiceInterfaceType, MessageCredentialType);
};
CreateService(server_url, NameSpace, ServiceInterfaceType, MessageCredentialType);
server = this.server;
}
public soap_WinFormFactory
(
ref ServiceHost server,
Uri server_url,
string NameSpace,
Type serviceType,
Type ServiceInterfaceType,
ServiceBindingType bindType,
MessageCredentialType MessageCredentialType,
string certificatePath,
string certificatePassword,
deleErrReporter errReporter
)
{
this.server = server;
// 인증서 설정
SetCertificate(certificatePath, certificatePassword);
this.bindType = bindType;
this.service = null;
this.serviceType = serviceType;
this.errReporter = errReporter;
server.Faulted += delegate
{
this.server.Abort();
this.server = new ServiceHost(serviceType);
CreateService(server_url, NameSpace, ServiceInterfaceType, MessageCredentialType);
};
CreateService(server_url, NameSpace, ServiceInterfaceType, MessageCredentialType);
server = this.server;
}
static CredentialTypeEx ConvertCredentials(MessageCredentialType credentials)
{
switch (credentials)
{
case MessageCredentialType.Certificate:
{
return(CredentialTypeEx.Certificate);
}
case MessageCredentialType.IssuedToken:
{
return(CredentialTypeEx.Token);
}
case MessageCredentialType.None:
{
return(CredentialTypeEx.None);
}
case MessageCredentialType.UserName:
{
return(CredentialTypeEx.Username);
}
case MessageCredentialType.Windows:
{
return(CredentialTypeEx.Windows);
}
default:
{
throw new InvalidOperationException("Unknown credentials type");
}
}
}
public SOAPManager(
ref ServiceHost host,
SOAPServerType soap_server,
Uri ServiceURL,
String NameSpace,
ServiceBindingType bindType,
MessageCredentialType MessageCredentialType,
string cerPath,
string cerPassword,
object service,
deleErrReporter errReporter)
{
this.errReporter = errReporter;
switch (soap_server)
{
case SOAPServerType.winform:
SOAPFactory = new soap_WinFormFactory(ref host,ServiceURL, NameSpace, service, bindType, MessageCredentialType, cerPath,cerPassword,new deleErrReporter(ThrowErr));
break;
case SOAPServerType.WAS:
break;
case SOAPServerType.iis:
break;
default:
break;
}
}
private void CheckSettings()
{
#if FEATURE_NETNATIVE // In .NET Native, some settings for the binding security are not supported; this check is not necessary for CoreCLR
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
#endif // FEATURE_NETNATIVE
}
public SOAPManager
(
ref ServiceHost host,
SOAPServerType soap_server,
Uri ServiceURL,
String NameSpace,
ServiceBindingType bindType,
MessageCredentialType MessageCredentialType,
string cerPath,
string cerPassword,
object service,
deleErrReporter errReporter)
{
this.errReporter = errReporter;
switch (soap_server)
{
case SOAPServerType.winform:
SOAPFactory = new soap_WinFormFactory(ref host, ServiceURL, NameSpace, service, bindType, MessageCredentialType, cerPath, cerPassword, new deleErrReporter(ThrowErr));
break;
case SOAPServerType.WAS:
break;
case SOAPServerType.iis:
break;
default:
break;
}
}
public SQLWebServiceModel(MessageCredentialType MessageCredentialType, string ServiceURL)
{
this.ServiceURL = ServiceURL;
WSDualHttpBinding binding = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
//끝점
EndpointAddress EndpointURL = new EndpointAddress
(
new Uri(this.ServiceURL)
);
//보안설정
binding.Security.Message.ClientCredentialType = MessageCredentialType;
WebServiceChannel = new ChannelFactory <IWebService>
(
new ServiceEndpoint
(
ContractDescription.GetContract(typeof(IWebService)),
binding,
EndpointURL
)
);
//인증서 유효성 검사 안하게 한다
WebServiceChannel.Credentials.ServiceCertificate.Authentication.CertificateValidationMode =
X509CertificateValidationMode.None;
}
public SQLWebServiceModel(MessageCredentialType MessageCredentialType, string ServiceURL)
{
this.ServiceURL = ServiceURL;
WSDualHttpBinding binding = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
//끝점
EndpointAddress EndpointURL = new EndpointAddress
(
new Uri(this.ServiceURL)
);
//보안설정
binding.Security.Message.ClientCredentialType = MessageCredentialType;
WebServiceChannel = new ChannelFactory<IWebService>
(
new ServiceEndpoint
(
ContractDescription.GetContract(typeof(IWebService)),
binding,
EndpointURL
)
);
//인증서 유효성 검사 안하게 한다
WebServiceChannel.Credentials.ServiceCertificate.Authentication.CertificateValidationMode =
X509CertificateValidationMode.None;
}
public BindingProperties(SecurityMode securityMode, MessageCredentialType messageCredentialType,
TcpClientCredentialType tcpClientCredentialType, ProtectionLevel protectionLevel,
int maxConnections, long maxReceivedMessageSize, long maxBufferPoolSize, int maxArrayLength,
int maxBytesPerRead, int maxDepth, int maxStringContentLength, int maxBufferSize,
TimeSpan openTimeout, TimeSpan closeTimeout, TimeSpan receiveTimeout, TimeSpan sendTimeout)
{
m_SecurityMode = securityMode;
m_MessageCredentialType = messageCredentialType;
m_TcpClientCredentialType = tcpClientCredentialType;
m_ProtectionLevel = protectionLevel;
m_MaxConnections = maxConnections;
m_MaxReceivedMessageSize = maxReceivedMessageSize;
m_MaxBufferPoolSize = maxBufferPoolSize;
m_MaxArrayLength = maxArrayLength;
m_MaxBytesPerRead = maxBytesPerRead;
m_MaxDepth = maxDepth;
m_MaxStringContentLength = maxStringContentLength;
m_MaxBufferSize = maxBufferSize;
m_OpenTimeout = openTimeout;
m_CloseTimeout = closeTimeout;
m_ReceiveTimeout = receiveTimeout;
m_SendTimeout = sendTimeout;
}
internal MessageSecurityOverTcp()
{
alg_suite = SecurityAlgorithmSuite.Default;
// This default value is *silly* but anyways
// such code that does not change this ClientCredentialType
// won't work on Mono.
client_credential_type = MessageCredentialType.Windows;
}
internal static bool IsDefined(MessageCredentialType value)
{
if (((value != MessageCredentialType.None) && (value != MessageCredentialType.UserName)) && ((value != MessageCredentialType.Windows) && (value != MessageCredentialType.Certificate)))
{
return(value == MessageCredentialType.IssuedToken);
}
return(true);
}
internal static bool IsDefined(MessageCredentialType value)
{
return(value == MessageCredentialType.None ||
value == MessageCredentialType.UserName ||
value == MessageCredentialType.Windows ||
value == MessageCredentialType.Certificate ||
value == MessageCredentialType.IssuedToken);
}
public static ServiceConnController getInstance(deleErrReporter errReporter, MessageCredentialType MessageSecurityType, string certPath, string certPassword)
{
if (instance == null)
{
instance = new ServiceConnController(errReporter, MessageSecurityType, certPath, certPassword);
}
return(instance);
}
public static void ClientCredentialType_Property_Values_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
msot.ClientCredentialType = credentialType;
MessageCredentialType actual = msot.ClientCredentialType;
Assert.True(actual == credentialType,
string.Format("ClientCredentialType returned '{0}' but expected '{1}'", credentialType, actual));
}
public static void ClientCredentialType_Property_Values_Not_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.Throws<PlatformNotSupportedException>(() =>
{
msot.ClientCredentialType = credentialType;
});
}
internal static bool IsDefined(MessageCredentialType value)
{
return (value == MessageCredentialType.None ||
value == MessageCredentialType.UserName ||
value == MessageCredentialType.Windows ||
value == MessageCredentialType.Certificate ||
value == MessageCredentialType.IssuedToken);
}
internal static bool IsDefined(MessageCredentialType value)
{
if (((value != MessageCredentialType.None) && (value != MessageCredentialType.UserName)) && ((value != MessageCredentialType.Windows) && (value != MessageCredentialType.Certificate)))
{
return (value == MessageCredentialType.IssuedToken);
}
return true;
}
internal MessageSecurityOverTcp ()
{
alg_suite = SecurityAlgorithmSuite.Default;
// This default value is *silly* but anyways
// such code that does not change this ClientCredentialType
// won't work on Mono.
client_credential_type = MessageCredentialType.Windows;
}
//private int _maxItemsInObjectGraph;
#endregion
/// <summary>
/// wcf服务端常量设置文件
/// </summary>
/// <param name="doc"></param>
public WcfConstantSettingConfig(XmlDocument doc)
{
try
{
foreach (XmlNode elem in XmlHelper.Children(doc.DocumentElement, "NetTcpBinding"))
{
XmlElement xe = XmlHelper.Child(elem, "readerQuotas");
int.TryParse(xe.GetAttribute("maxDepth"), out _maxDepth);
int.TryParse(xe.GetAttribute("maxStringContentLength"), out _maxStringContentLength);
int.TryParse(xe.GetAttribute("maxArrayLength"), out _maxArrayLength);
int.TryParse(xe.GetAttribute("maxBytesPerRead"), out _maxBytesPerRead);
int.TryParse(xe.GetAttribute("maxNameTableCharCount"), out _maxNameTableCharCount);
XmlElement xea = XmlHelper.Child(elem, "reliableSession");
Boolean.TryParse(xea.GetAttribute("enabled"), out _reliableSessionEnabled);
Boolean.TryParse(xea.GetAttribute("ordered"), out _reliableSessionOrdered);
TimeSpan.TryParse(xea.GetAttribute("inactivityTimeout"), out _reliableSessionInactivityTimeout);
XmlElement xe1 = XmlHelper.Child(elem, "host");
_addres = new Uri(xe1.GetAttribute("baseAddress"));
_binding = new NetTcpBinding();
XmlElement xe2 = XmlHelper.Child(elem, "behaviors");
TimeSpan.TryParse(xe2.GetAttribute("closeTimeout"), out _closeTimeout);
TimeSpan.TryParse(xe2.GetAttribute("openTimeout"), out _openTimeout);
TimeSpan.TryParse(xe2.GetAttribute("receiveTimeout"), out _receiveTimeout);
TimeSpan.TryParse(xe2.GetAttribute("sendTimeout"), out _sendTimeout);
Boolean.TryParse(xe2.GetAttribute("transactionFlow"), out _transactionFlow);
_transferMode = (TransferMode)Enum.Parse(typeof(TransferMode), xe2.GetAttribute("transferMode"));
_transactionProtocol = xe2.GetAttribute("transactionProtocol");
_hostNameComparisonMode = (HostNameComparisonMode)Enum.Parse(typeof(HostNameComparisonMode), xe2.GetAttribute("hostNameComparisonMode"));
int.TryParse(xe2.GetAttribute("listenBacklog"), out _listenBacklog);
int.TryParse(xe2.GetAttribute("maxBufferPoolSize"), out _maxBufferPoolSize);
int.TryParse(xe2.GetAttribute("maxBufferSize"), out _maxBufferSize);
int.TryParse(xe2.GetAttribute("maxConnections"), out _maxConnections);
int.TryParse(xe2.GetAttribute("maxReceivedMessageSize"), out _maxReceivedMessageSize);
bool.TryParse(xe2.GetAttribute("portSharingEnabled"), out _portSharingEnabled);
_securitymode = (SecurityMode)Enum.Parse(typeof(SecurityMode), xe2.GetAttribute("securitymode"));
_clientCredentialType = (MessageCredentialType)Enum.Parse(typeof(MessageCredentialType), xe2.GetAttribute("clientCredentialType"));
//_enableBinaryFormatterBehavior = bool.Parse(xe2.GetAttribute("enableBinaryFormatterBehavior"));
XmlElement xe3 = XmlHelper.Child(elem, "serviceDebug");
Boolean.TryParse(xe3.GetAttribute("includeExceptionDetailInFaults"), out _includeExceptionDetailInFaults);
XmlElement xe4 = XmlHelper.Child(elem, "serviceThrottling");
int.TryParse(xe4.GetAttribute("maxConcurrentCalls"), out _maxConcurrentCalls);
int.TryParse(xe4.GetAttribute("maxConcurrentInstances"), out _maxConcurrentInstances);
int.TryParse(xe4.GetAttribute("maxConcurrentSessions"), out _maxConcurrentSessions);
//XmlElement xe5 = XmlHelper.Child(elem, "dataContractSerializer");
//int.TryParse(xe5.GetAttribute("maxItemsInObjectGraph"), out _maxItemsInObjectGraph);
}
}
catch (Exception oe)
{
throw new ArgumentException(oe.Message);
}
}
internal MessageSecurityOverHttp ()
{
alg_suite = SecurityAlgorithmSuite.Default;
// This default value is *silly* but anyways such
// it is silly to expect that such code that does not
// change ClientCredentialType works on Mono.
client_credential_type = MessageCredentialType.Windows;
negotiate_service_credential = true;
}
public static void Ctor_Default_Properties_Not_Supported()
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.Throws <PlatformNotSupportedException>(() =>
{
MessageCredentialType unused = msot.ClientCredentialType;
});
}
public static void ClientCredentialType_Property_Values_Not_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
Assert.Throws <PlatformNotSupportedException>(() =>
{
msot.ClientCredentialType = credentialType;
});
}
internal MessageSecurityOverHttp()
{
alg_suite = SecurityAlgorithmSuite.Default;
// This default value is *silly* but anyways such
// it is silly to expect that such code that does not
// change ClientCredentialType works on Mono.
client_credential_type = MessageCredentialType.Windows;
negotiate_service_credential = true;
}
public MessageSecurityOverTcp ()
{
#if !MOBILE && !XAMMAC_4_5
alg_suite = SecurityAlgorithmSuite.Default;
#endif
// This default value is *silly* but anyways
// such code that does not change this ClientCredentialType
// won't work on Mono.
client_credential_type = MessageCredentialType.Windows;
}
public static void ClientCredentialType_Property_Values_Supported(MessageCredentialType credentialType)
{
MessageSecurityOverTcp msot = new MessageSecurityOverTcp();
msot.ClientCredentialType = credentialType;
MessageCredentialType actual = msot.ClientCredentialType;
Assert.True(actual == credentialType,
string.Format("ClientCredentialType returned '{0}' but expected '{1}'", credentialType, actual));
}
public MessageSecurityOverTcp()
{
#if !MOBILE && !XAMMAC_4_5
alg_suite = SecurityAlgorithmSuite.Default;
#endif
// This default value is *silly* but anyways
// such code that does not change this ClientCredentialType
// won't work on Mono.
client_credential_type = MessageCredentialType.Windows;
}
private ServiceConnController(deleErrReporter errReporter, MessageCredentialType MessageCredentialType, string certPath, string certPassword)
{
this.MessageCredentialType = MessageCredentialType;
this.certPath = certPath;
this.certPassword = certPassword;
this.ServiceDic = new Dictionary <string, WCFModel>();
this.serviceNameSpace = "http://GISHitpanWebService.org";
this.ServiceType = typeof(SQLWebService);
this.ServiceInterface = typeof(ISQLWebService);
this.errReporter = errReporter;
}
private ServiceConnController(deleErrReporter errReporter, MessageCredentialType MessageCredentialType, string certPath, string certPassword)
{
this.MessageCredentialType=MessageCredentialType;
this.certPath=certPath;
this.certPassword=certPassword;
this.ServiceDic = new Dictionary<string, WCFModel>();
this.serviceNameSpace = "http://GISHitpanWebService.org";
this.ServiceType = typeof(SQLWebService);
this.ServiceInterface = typeof(ISQLWebService);
this.errReporter = errReporter;
}
/// <summary>
/// 바인딩을 세팅
/// </summary>
/// <param name="messageSecurityType"></param>
/// <returns></returns>
protected Binding SetBinding(ServiceBindingType bindType, MessageCredentialType MessageCredentialType)
{
Binding bind = null;
switch (bindType)
{
case ServiceBindingType.BasicHttpBinding:
BasicHttpBinding Basic = new BasicHttpBinding(BasicHttpSecurityMode.Message);
Basic.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
Basic.MaxBufferPoolSize = long.MaxValue;
Basic.MaxBufferSize = int.MaxValue;
Basic.MaxReceivedMessageSize = int.MaxValue;
bind = Basic;
break;
case ServiceBindingType.WSHttpBinding:
WSHttpBinding WSHttp = new WSHttpBinding(SecurityMode.Message);
WSHttp.Security.Message.ClientCredentialType = MessageCredentialType;
WSHttp.MaxBufferPoolSize = int.MaxValue;
WSHttp.MaxReceivedMessageSize = int.MaxValue;
bind = WSHttp;
break;
case ServiceBindingType.WSDualHttpBinding:
WSDualHttpBinding WSDualHttp = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
WSDualHttp.Security.Message.ClientCredentialType = MessageCredentialType;
WSDualHttp.MaxBufferPoolSize = int.MaxValue;
WSDualHttp.MaxReceivedMessageSize = int.MaxValue;
bind = WSDualHttp;
break;
case ServiceBindingType.NetTcpBinding:
NetTcpBinding NetTcp = new NetTcpBinding(SecurityMode.Message);
NetTcp.Security.Message.ClientCredentialType = MessageCredentialType;
NetTcp.MaxBufferPoolSize = int.MaxValue;
NetTcp.MaxBufferSize = int.MaxValue;
NetTcp.MaxReceivedMessageSize = int.MaxValue;
bind = NetTcp;
break;
default:
BasicHttpBinding tmpBind = new BasicHttpBinding(BasicHttpSecurityMode.Message);
tmpBind.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
tmpBind.MaxBufferPoolSize = int.MaxValue;
tmpBind.MaxBufferSize = int.MaxValue;
tmpBind.MaxReceivedMessageSize = int.MaxValue;
bind = tmpBind;
break;
}
return(bind);
}
public void WSHttpBinding_WithCustomSetting()
{
string expectedName = "wsHttpBindingConfig";
long expectedMaxReceivedMessageSize = 1073741824;
long expectedMaxBufferPoolSize = 1073741824;
int expectedMaxDepth = 2147483647;
TimeSpan expectedReceiveTimeout = TimeSpan.FromMinutes(10);
TimeSpan expectedDefaultTimeout = TimeSpan.FromMinutes(1);
SecurityMode expectedSecurityMode = SecurityMode.TransportWithMessageCredential;
MessageCredentialType clientCredType = MessageCredentialType.UserName;
string xml = $@"
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name=""{expectedName}""
maxReceivedMessageSize=""{expectedMaxReceivedMessageSize}""
maxBufferPoolSize=""{expectedMaxBufferPoolSize}""
receiveTimeout=""00:10:00"">
<security mode=""{expectedSecurityMode}"">
<message clientCredentialType=""{clientCredType}"" />
</security>
<readerQuotas maxDepth=""{expectedMaxDepth}"" />
</binding >
</wsHttpBinding>
</bindings>
</system.serviceModel>
</configuration>";
using (var fs = TemporaryFileStream.Create(xml))
{
using (ServiceProvider provider = CreateProvider(fs.Name))
{
IConfigurationHolder settingHolder = GetConfigurationHolder(provider);
var actualBinding = settingHolder.ResolveBinding(nameof(WSHttpBinding), expectedName) as WSHttpBinding;
Assert.Equal(expectedName, actualBinding.Name);
Assert.Equal(expectedMaxReceivedMessageSize, actualBinding.MaxReceivedMessageSize);
Assert.Equal(expectedDefaultTimeout, actualBinding.CloseTimeout);
Assert.Equal(expectedDefaultTimeout, actualBinding.OpenTimeout);
Assert.Equal(expectedDefaultTimeout, actualBinding.SendTimeout);
Assert.Equal(expectedReceiveTimeout, actualBinding.ReceiveTimeout);
Assert.Equal(expectedMaxBufferPoolSize, actualBinding.MaxBufferPoolSize);
Assert.Equal(expectedMaxDepth, actualBinding.ReaderQuotas.MaxDepth);
Assert.Equal(expectedSecurityMode, actualBinding.Security.Mode);
Assert.Equal(clientCredType, actualBinding.Security.Message.ClientCredentialType);
}
}
}
private Binding CreateBinding(MessageCredentialType credentialType, SoapChannelCreationContext context)
{
var binding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential);
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.ClientCredentialType = credentialType;
if (context.Properties.TryGetValue("securityAlgorithmSuite", out var value) && value is SecurityAlgorithmSuite securityAlgorithmSuite)
{
binding.Security.Message.AlgorithmSuite = securityAlgorithmSuite;
}
return(binding);
}
// In the Win8 profile, some settings for the binding security are not supported.
void CheckSettings()
{
if (!UnsafeNativeMethods.IsTailoredApplication.Value)
{
return;
}
NetTcpSecurity security = this.Security;
if (security == null)
{
return;
}
SecurityMode mode = security.Mode;
if (mode == SecurityMode.None)
{
return;
}
else if (mode == SecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate, IssuedToken or Windows are not supported.
if (mode == SecurityMode.TransportWithMessageCredential)
{
MessageSecurityOverTcp message = security.Message;
if (message != null)
{
MessageCredentialType mct = message.ClientCredentialType;
if ((mct == MessageCredentialType.Certificate) || (mct == MessageCredentialType.IssuedToken) || (mct == MessageCredentialType.Windows))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", mct)));
}
}
}
// Transport.ClientCredentialType = Certificate is not supported.
Fx.Assert((mode == SecurityMode.Transport) || (mode == SecurityMode.TransportWithMessageCredential), "Unexpected SecurityMode value: " + mode);
TcpTransportSecurity transport = security.Transport;
if ((transport != null) && (transport.ClientCredentialType == TcpClientCredentialType.Certificate))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Transport.ClientCredentialType", transport.ClientCredentialType)));
}
}
/// <summary>
/// 보안 적용된 웹서비스 프록시를 세팅
/// </summary>
/// <param name="MessageCredentialType"></param>
/// <param name="serviceURL"></param>
/// <param name="param"></param>
private void SetSecuredProxy(MessageCredentialType MessageCredentialType, string serviceURL, object[] param)
{
webserviceModel = new SQLWebServiceModel(MessageCredentialType, serviceURL);
this.proxy = null;
switch (MessageCredentialType)
{
case MessageCredentialType.Certificate:
break;
case MessageCredentialType.IssuedToken:
break;
case MessageCredentialType.UserName:
this.proxy = webserviceModel.GetWebServiceProxy(param[0].ToString(), param[1].ToString());
break;
default:
break;
}
}
/// <summary>
/// 보안 적용된 웹서비스 프록시를 세팅
/// </summary>
/// <param name="MessageCredentialType"></param>
/// <param name="serviceURL"></param>
/// <param name="param"></param>
private void SetSecuredProxy(MessageCredentialType MessageCredentialType, string serviceURL, object[] param)
{
webserviceModel = new SQLWebServiceModel(MessageCredentialType, serviceURL);
this.proxy = null;
switch (MessageCredentialType)
{
case MessageCredentialType.Certificate:
break;
case MessageCredentialType.IssuedToken:
break;
case MessageCredentialType.UserName:
this.proxy = webserviceModel.GetWebServiceProxy(param[0].ToString(), param[1].ToString());
break;
default:
break;
}
}
/// <summary>
/// 싱글턴 어트리뷰트를 사용하는 서비스를 wcf서버에 등록하기
/// </summary>
/// <param name="server_url"></param>
/// <param name="NameSpace"></param>
override protected void CreateService(Uri server_url, string NameSpace, MessageCredentialType MessageCredentialType)
{
//서버가 null일 경우는 그 즉시 생성하여 작업
if (server == null)
{
server = new ServiceHost(service);
}
//URL중복 방지
foreach (Uri url in server.BaseAddresses)
{
if (url == server_url)
{
return;
}
}
//HTTPS프로토콜 사용한 URL인지 판단
bool useHTTPS = false;
if (((server_url.AbsoluteUri).Replace(" ", string.Empty).Substring(0, 5).ToLower()).Contains("https"))
{
useHTTPS = true;
}
//웹서비스 오픈 준비
try
{
//바인딩 설정
Binding bind = SetBinding(base.bindType, MessageCredentialType);
//메타데이터 작성
setMetaData(server, NameSpace, server_url, useHTTPS);
//Address(A:server_url)Binding(B:bind)Contract(C:service) 설정()
bind.Namespace = NameSpace;
server.AddServiceEndpoint(this.service.GetType(), bind, server_url);
//SetCertificate(CertificationPath);
server.BeginOpen(new AsyncCallback(ServiceBeginOpen_Callback), server);
}
catch (Exception ex)
{
server.Close();
server = null;
throw ex;
}
}
private static Binding CreateWsBinding(bool allowSession, MessageCredentialType security = MessageCredentialType.None)
{
WSHttpBinding binding = new WSHttpBinding
{
AllowCookies = true,
BypassProxyOnLocal = false,
TransactionFlow = false,
MessageEncoding = WSMessageEncoding.Text,
TextEncoding = Encoding.UTF8,
UseDefaultWebProxy = true,
HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
MaxReceivedMessageSize = Int32.MaxValue,
ReceiveTimeout = new TimeSpan(0, 0, ConnectionTimeout)
};
binding.ReliableSession.Enabled = allowSession;
binding.ReliableSession.Ordered = false;
binding.ReliableSession.InactivityTimeout = new TimeSpan(0, 0, ConnectionTimeout);
binding.Security.Mode = security == MessageCredentialType.None ? SecurityMode.None : SecurityMode.Message;
binding.Security.Transport.Realm = String.Empty;
binding.Security.Message.NegotiateServiceCredential = true;
binding.Security.Message.ClientCredentialType = security;
binding.MaxBufferPoolSize = Int32.MaxValue;
binding.MaxReceivedMessageSize = Int32.MaxValue;
binding.ReaderQuotas = new XmlDictionaryReaderQuotas
{
MaxStringContentLength = Int32.MaxValue,
MaxArrayLength = Int32.MaxValue,
MaxBytesPerRead = Int32.MaxValue,
MaxDepth = Int32.MaxValue,
MaxNameTableCharCount = Int32.MaxValue
};
BindingElementCollection elements = binding.CreateBindingElements();
EnableMultithreadingForReliableSessions(elements);
return(new CustomBinding(elements)
{
ReceiveTimeout = new TimeSpan(0, 0, ConnectionTimeout)
});
}
/// <summary>
/// 생성과 동시에 서비스생성
/// </summary>
/// <param name="errReporter"></param>
/// <param name="ServiceURL"></param>
/// <param name="ServiceNameSpace"></param>
internal WCFModel
(
deleErrReporter errReporter,
string ServiceURL,
String ServiceNameSpace,
MessageCredentialType MessageSecurityType,
string certPath,
string certPassword,
deleSecurityCustomizer SecurityCustomizer,
Type serviceType,
Type InterfaceType
)
{
this.errReporter = errReporter;
this.ServiceURL = ServiceURL;
this.ServiceNameSpace = ServiceNameSpace;
this.host = new ServiceHost(serviceType);
this.host = SecurityCustomizer(this.host);
try
{
this.soapService = new SOAPManager
(
ref host,
SOAPServerType.winform,
new Uri(ServiceURL),
ServiceNameSpace,
ServiceBindingType.WSDualHttpBinding,
MessageSecurityType,
certPath,
certPassword,
serviceType,
InterfaceType,
errReporter
);
}
catch (Exception)
{
throw;
}
}
/// <summary>
/// 생성과 동시에 서비스생성
/// </summary>
/// <param name="errReporter"></param>
/// <param name="ServiceURL"></param>
/// <param name="ServiceNameSpace"></param>
internal WCFModel(
deleErrReporter errReporter,
string ServiceURL,
String ServiceNameSpace,
MessageCredentialType MessageSecurityType,
string certPath,
string certPassword,
deleSecurityCustomizer SecurityCustomizer,
Type serviceType,
Type InterfaceType
)
{
this.errReporter = errReporter;
this.ServiceURL = ServiceURL;
this.ServiceNameSpace = ServiceNameSpace;
this.host = new ServiceHost(serviceType);
this.host = SecurityCustomizer(this.host);
try
{
this.soapService = new SOAPManager
(
ref host,
SOAPServerType.winform,
new Uri(ServiceURL),
ServiceNameSpace,
ServiceBindingType.WSDualHttpBinding,
MessageSecurityType,
certPath,
certPassword,
serviceType,
InterfaceType,
errReporter
);
}
catch (Exception)
{
throw;
}
}
internal static bool TryCreate(SecurityBindingElement sbe, out MessageSecurityOverMsmq messageSecurity)
{
messageSecurity = null;
if (sbe == null)
return false;
SymmetricSecurityBindingElement ssbe = sbe as SymmetricSecurityBindingElement;
if (ssbe == null)
return false;
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10
&& sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11)
{
return false;
}
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
if (ssbe.IncludeTimestamp)
return false;
bool isKerberosSelected = false;
MessageCredentialType clientCredentialType;
IssuedSecurityTokenParameters issuedParameters;
if (SecurityBindingElement.IsAnonymousForCertificateBinding(sbe))
{
clientCredentialType = MessageCredentialType.None;
}
else if (SecurityBindingElement.IsUserNameForCertificateBinding(sbe))
{
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsMutualCertificateBinding(sbe))
{
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsKerberosBinding(sbe))
{
clientCredentialType = MessageCredentialType.Windows;
isKerberosSelected = true;
}
else if (SecurityBindingElement.IsIssuedTokenForCertificateBinding(sbe, out issuedParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
issuedParameters,
new SecurityStandardsManager(
sbe.MessageSecurityVersion,
new WSSecurityTokenSerializer(
sbe.MessageSecurityVersion.SecurityVersion,
sbe.MessageSecurityVersion.TrustVersion,
sbe.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
return false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else
{
return false;
}
messageSecurity = new MessageSecurityOverMsmq();
messageSecurity.ClientCredentialType = clientCredentialType;
// set the algorithm suite and issued token params if required
if (clientCredentialType != MessageCredentialType.IssuedToken && !isKerberosSelected)
{
messageSecurity.AlgorithmSuite = ssbe.DefaultAlgorithmSuite;
}
return true;
}
internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity)
{
messageSecurity = null;
if (sbe == null)
return false;
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
if (!sbe.IncludeTimestamp)
return false;
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11
&& sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
{
return false;
}
if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout)
return false;
MessageCredentialType clientCredentialType;
SecurityBindingElement bootstrapSecurity;
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity))
return false;
bool isSecureTransportMode = bootstrapSecurity is TransportSecurityBindingElement;
IssuedSecurityTokenParameters infocardParameters;
if (isSecureTransportMode)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity))
clientCredentialType = MessageCredentialType.UserName;
else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity))
clientCredentialType = MessageCredentialType.Certificate;
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.Windows;
else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
return false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else
{
// the standard binding does not support None client credential type in mixed mode
return false;
}
}
else
{
if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.UserName;
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true))
clientCredentialType = MessageCredentialType.Certificate;
else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true))
clientCredentialType = MessageCredentialType.Windows;
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
bootstrapSecurity.MessageSecurityVersion,
new WSSecurityTokenSerializer(
bootstrapSecurity.MessageSecurityVersion.SecurityVersion,
bootstrapSecurity.MessageSecurityVersion.TrustVersion,
bootstrapSecurity.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
return false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true))
clientCredentialType = MessageCredentialType.None;
else
return false;
}
messageSecurity = new MessageSecurityOverTcp();
messageSecurity.ClientCredentialType = clientCredentialType;
// set the algorithm suite and issued token params if required
if (clientCredentialType != MessageCredentialType.IssuedToken)
{
messageSecurity.AlgorithmSuite = bootstrapSecurity.DefaultAlgorithmSuite;
}
return true;
}
public MessageSecurityOverTcp()
{
_messageCredentialType = DefaultClientCredentialType;
}
public ValidationManager(string ServiceURL, MessageCredentialType messageCredentialType)
{
this.messageCredentialType = messageCredentialType;
this.ServiceURL = ServiceURL;
}
public MessageSecurityOverTcp()
{
_clientCredentialType = DefaultClientCredentialType;
_algorithmSuite = SecurityAlgorithmSuite.Default;
}
public MessageSecurityOverHttp()
{
clientCredentialType = DefaultClientCredentialType;
negotiateServiceCredential = DefaultNegotiateServiceCredential;
algorithmSuite = SecurityAlgorithmSuite.Default;
}
public static ITcpBinding ClientCredentialType(this ITcpBinding me, MessageCredentialType clientCredentialType)
{
(me as _TcpBinding).ClientCredentialType = clientCredentialType;
return(me);
}
public MessageSecurityOverMsmq()
{
clientCredentialType = DefaultClientCredentialType;
algorithmSuite = SecurityAlgorithmSuite.Default;
}
public static ServiceConnController getInstance(deleErrReporter errReporter, MessageCredentialType MessageSecurityType,string certPath, string certPassword)
{
if (instance == null)
{
instance = new ServiceConnController(errReporter, MessageSecurityType,certPath,certPassword);
}
return instance;
}
/// <summary>
/// wcf服务端常量设置文件
/// </summary>
/// <param name="doc"></param>
public WcfConstantSettingConfig(XmlDocument doc)
{
try
{
foreach (XmlNode elem in XmlHelper.Children(doc.DocumentElement, "NetTcpBinding"))
{
XmlElement xe = XmlHelper.Child(elem, "readerQuotas");
int.TryParse(xe.GetAttribute("maxDepth"), out _maxDepth);
int.TryParse(xe.GetAttribute("maxStringContentLength"), out _maxStringContentLength);
int.TryParse(xe.GetAttribute("maxArrayLength"), out _maxArrayLength);
int.TryParse(xe.GetAttribute("maxBytesPerRead"), out _maxBytesPerRead);
int.TryParse(xe.GetAttribute("maxNameTableCharCount"), out _maxNameTableCharCount);
XmlElement xea = XmlHelper.Child(elem, "reliableSession");
Boolean.TryParse(xea.GetAttribute("enabled"), out _reliableSessionEnabled);
Boolean.TryParse(xea.GetAttribute("ordered"), out _reliableSessionOrdered);
TimeSpan.TryParse(xea.GetAttribute("inactivityTimeout"), out _reliableSessionInactivityTimeout);
XmlElement xe1 = XmlHelper.Child(elem, "host");
_addres = new Uri(xe1.GetAttribute("baseAddress"));
_binding = new NetTcpBinding();
XmlElement xe2 = XmlHelper.Child(elem, "behaviors");
TimeSpan.TryParse(xe2.GetAttribute("closeTimeout"), out _closeTimeout);
TimeSpan.TryParse(xe2.GetAttribute("openTimeout"), out _openTimeout);
TimeSpan.TryParse(xe2.GetAttribute("receiveTimeout"), out _receiveTimeout);
TimeSpan.TryParse(xe2.GetAttribute("sendTimeout"), out _sendTimeout);
Boolean.TryParse(xe2.GetAttribute("transactionFlow"), out _transactionFlow);
_transferMode = (TransferMode)Enum.Parse(typeof(TransferMode), xe2.GetAttribute("transferMode"));
_transactionProtocol = xe2.GetAttribute("transactionProtocol");
_hostNameComparisonMode = (HostNameComparisonMode)Enum.Parse(typeof(HostNameComparisonMode), xe2.GetAttribute("hostNameComparisonMode"));
int.TryParse(xe2.GetAttribute("listenBacklog"), out _listenBacklog);
int.TryParse(xe2.GetAttribute("maxBufferPoolSize"), out _maxBufferPoolSize);
int.TryParse(xe2.GetAttribute("maxBufferSize"), out _maxBufferSize);
int.TryParse(xe2.GetAttribute("maxConnections"), out _maxConnections);
int.TryParse(xe2.GetAttribute("maxReceivedMessageSize"), out _maxReceivedMessageSize);
bool.TryParse(xe2.GetAttribute("portSharingEnabled"), out _portSharingEnabled);
_securitymode = (SecurityMode)Enum.Parse(typeof(SecurityMode), xe2.GetAttribute("securitymode"));
_clientCredentialType = (MessageCredentialType)Enum.Parse(typeof(MessageCredentialType), xe2.GetAttribute("clientCredentialType"));
//_enableBinaryFormatterBehavior = bool.Parse(xe2.GetAttribute("enableBinaryFormatterBehavior"));
XmlElement xe3 = XmlHelper.Child(elem, "serviceDebug");
Boolean.TryParse(xe3.GetAttribute("includeExceptionDetailInFaults"), out _includeExceptionDetailInFaults);
XmlElement xe4 = XmlHelper.Child(elem, "serviceThrottling");
int.TryParse(xe4.GetAttribute("maxConcurrentCalls"), out _maxConcurrentCalls);
int.TryParse(xe4.GetAttribute("maxConcurrentInstances"), out _maxConcurrentInstances);
int.TryParse(xe4.GetAttribute("maxConcurrentSessions"), out _maxConcurrentSessions);
//XmlElement xe5 = XmlHelper.Child(elem, "dataContractSerializer");
//int.TryParse(xe5.GetAttribute("maxItemsInObjectGraph"), out _maxItemsInObjectGraph);
}
}
catch (Exception oe)
{
throw new ArgumentException(oe.Message);
}
}
internal MessageSecurityOverRelayOneway()
{
this.clientCredentialType = MessageCredentialType.Certificate;
this.algorithmSuite = SecurityAlgorithmSuite.Default;
}
static CredentialTypeEx ConvertCredentials(MessageCredentialType credentials)
{
switch(credentials)
{
case MessageCredentialType.Certificate:
{
return CredentialTypeEx.Certificate;
}
case MessageCredentialType.IssuedToken:
{
return CredentialTypeEx.Token;
}
case MessageCredentialType.None:
{
return CredentialTypeEx.None;
}
case MessageCredentialType.UserName:
{
return CredentialTypeEx.Username;
}
case MessageCredentialType.Windows:
{
return CredentialTypeEx.Windows;
}
default:
{
throw new InvalidOperationException("Unknown credentials type");
}
}
}
/// <summary>
/// 인터페이스 타입으로 wcf서버에 서비스 등록하기
/// 사용자ID정보로 인증되는 서비스 만든다
/// </summary>
/// <param name="server_url">서비스 주소</param>
/// <param name="NameSpace">서비스 네임스페이스</param>
/// <param name="ServiceInterfaceType">서비스 인터페이스의 타입</param>
/// <param name="messageSecurityType">보안타입</param>
protected override void CreateService(Uri server_url, string NameSpace, Type ServiceInterfaceType, MessageCredentialType MessageCredentialType)
{
//서버가 null일 경우는 그 즉시 생성하여 작업
if (server == null)
{
server = new ServiceHost(this.serviceType);
}
//URL중복 방지
foreach (Uri url in server.BaseAddresses)
{
if (url == server_url)
{
return;
}
}
//HTTPS프로토콜 사용한 URL인지 판단
bool useHTTPS = false;
if (((server_url.AbsoluteUri).Replace(" ", string.Empty).Substring(0, 5).ToLower()).Contains("https"))
{
useHTTPS = true;
}
//웹서비스 오픈 준비
try
{
//바인딩 설정
Binding bind = base.SetBinding(base.bindType, MessageCredentialType);
//메타데이터 작성
setMetaData(server, NameSpace, server_url, useHTTPS);
//Address(A:server_url)Binding(B:bind)Contract(C:service) 설정()
bind.Namespace = NameSpace;
server.AddServiceEndpoint(ServiceInterfaceType, bind, server_url);
server.BeginOpen(new AsyncCallback(ServiceBeginOpen_Callback), server);
}
catch (Exception ex)
{
server.Close();
server = null;
throw ex;
}
}
internal static bool TryCreate <TSecurity>(SecurityBindingElement sbe, bool isSecureTransportMode, bool isReliableSession, out TSecurity messageSecurity)
where TSecurity : MessageSecurityOverHttp
{
Fx.Assert(null != sbe, string.Empty);
messageSecurity = null;
// do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings
if (!sbe.IncludeTimestamp)
{
return(false);
}
// Do not check MessageSecurityVersion: it maybe changed by the wrapper element and gets checked later in the SecuritySection.AreBindingsMatching()
if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout)
{
return(false);
}
bool negotiateServiceCredential = DefaultNegotiateServiceCredential;
MessageCredentialType clientCredentialType;
SecurityAlgorithmSuite algorithmSuite = SecurityAlgorithmSuite.Default;
bool isSecureConversation;
SecurityBindingElement bootstrapSecurity;
if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity))
{
isSecureConversation = false;
bootstrapSecurity = sbe;
}
else
{
isSecureConversation = true;
}
if (!isSecureConversation && typeof(TSecurity).Equals(typeof(MessageSecurityOverHttp)))
{
return(false);
}
if (!isSecureConversation && isReliableSession)
{
return(false);
}
if (isSecureTransportMode && !(bootstrapSecurity is TransportSecurityBindingElement))
{
return(false);
}
IssuedSecurityTokenParameters infocardParameters;
if (isSecureTransportMode)
{
if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity))
{
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity))
{
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true))
{
clientCredentialType = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
sbe.MessageSecurityVersion,
new WSSecurityTokenSerializer(
sbe.MessageSecurityVersion.SecurityVersion,
sbe.MessageSecurityVersion.TrustVersion,
sbe.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
{
return(false);
}
clientCredentialType = MessageCredentialType.IssuedToken;
}
else
{
// the standard binding does not support None client credential type in mixed mode
return(false);
}
}
else
{
if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true))
{
negotiateServiceCredential = true;
clientCredentialType = MessageCredentialType.None;
}
else if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true))
{
negotiateServiceCredential = true;
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true))
{
negotiateServiceCredential = true;
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true))
{
negotiateServiceCredential = true;
clientCredentialType = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
sbe.MessageSecurityVersion,
new WSSecurityTokenSerializer(
sbe.MessageSecurityVersion.SecurityVersion,
sbe.MessageSecurityVersion.TrustVersion,
sbe.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
{
return(false);
}
negotiateServiceCredential = true;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsUserNameForCertificateBinding(bootstrapSecurity))
{
negotiateServiceCredential = false;
clientCredentialType = MessageCredentialType.UserName;
}
else if (SecurityBindingElement.IsMutualCertificateBinding(bootstrapSecurity))
{
negotiateServiceCredential = false;
clientCredentialType = MessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsKerberosBinding(bootstrapSecurity))
{
negotiateServiceCredential = false;
clientCredentialType = MessageCredentialType.Windows;
}
else if (SecurityBindingElement.IsIssuedTokenForCertificateBinding(bootstrapSecurity, out infocardParameters))
{
if (!IssuedSecurityTokenParameters.IsInfoCardParameters(
infocardParameters,
new SecurityStandardsManager(
sbe.MessageSecurityVersion,
new WSSecurityTokenSerializer(
sbe.MessageSecurityVersion.SecurityVersion,
sbe.MessageSecurityVersion.TrustVersion,
sbe.MessageSecurityVersion.SecureConversationVersion,
true,
null, null, null))))
{
return(false);
}
negotiateServiceCredential = false;
clientCredentialType = MessageCredentialType.IssuedToken;
}
else if (SecurityBindingElement.IsAnonymousForCertificateBinding(bootstrapSecurity))
{
negotiateServiceCredential = false;
clientCredentialType = MessageCredentialType.None;
}
else
{
return(false);
}
}
// Do not check any Local* settings
// Do not check DefaultAlgorithmSuite: is it often changed after the Security element is created, it will verified by SecuritySectionBase.AreBindingsMatching().
if (typeof(NonDualMessageSecurityOverHttp).Equals(typeof(TSecurity)))
{
messageSecurity = (TSecurity)(object)new NonDualMessageSecurityOverHttp();
((NonDualMessageSecurityOverHttp)(object)messageSecurity).EstablishSecurityContext = isSecureConversation;
}
else
{
messageSecurity = (TSecurity)(object)new MessageSecurityOverHttp();
}
messageSecurity.ClientCredentialType = clientCredentialType;
messageSecurity.NegotiateServiceCredential = negotiateServiceCredential;
messageSecurity.AlgorithmSuite = sbe.DefaultAlgorithmSuite;
return(true);
}
public StartupWSHttpBase(CoreWCF.SecurityMode securityMode, MessageCredentialType credentialType)
{
_wsHttpSecurityMode = securityMode;
_credentialType = credentialType;
}
