public override BindingElementCollection CreateBindingElements() { var bindingElements = new BindingElementCollection(); // if passing credentials via message security, add a security element TransportSecurityBindingElement transportSecurityElement = null; if (this.SecurityMode == AssertEncryptionHttpSecurityMode.UserNameOverMessage) { transportSecurityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); } if (this.SecurityMode == AssertEncryptionHttpSecurityMode.UserNameOverTransport) { transportSecurityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); } if (transportSecurityElement != null) { bindingElements.Add(transportSecurityElement); } // add a message encoder element //if (this.MessageEncoding == WSMessageEncoding.Text) // bindingElements.Add(this.TextEncoding); //else if (this.MessageEncoding == WSMessageEncoding.Mtom) // bindingElements.Add(this.MtomEncoding); // add a transport element bindingElements.Add(this.GetTransport()); return(bindingElements); }
public static OmnitureWebServicePortTypeClient GetClient(string username, string secret, string endpoint) { var httpsTransportBindingElement = new HttpsTransportBindingElement { UseDefaultWebProxy = false, MaxReceivedMessageSize = 2147483647 }; var transportSecurityBindingElement = new TransportSecurityBindingElement(); transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted.Add(new SecurityTokenParameters()); transportSecurityBindingElement.IncludeTimestamp = false; var customTextMessageBindingElement = new CustomTextMessageBindingElement { MessageVersion = MessageVersion.Soap11 }; var bindingElements = new List <BindingElement> { transportSecurityBindingElement, customTextMessageBindingElement, httpsTransportBindingElement }; Binding customBinding = new CustomBinding(bindingElements.ToArray()); var endpointAddress = new EndpointAddress(endpoint); var clientCredential = new ClientCredentials(new Info(username, secret)); var omnitureWebServicePortTypeClient = new OmnitureWebServicePortTypeClient(customBinding, endpointAddress); omnitureWebServicePortTypeClient.Endpoint.Behaviors.Remove(typeof(System.ServiceModel.Description.ClientCredentials)); omnitureWebServicePortTypeClient.Endpoint.Behaviors.Add(clientCredential); return(omnitureWebServicePortTypeClient); }
public static SecurityBindingElement BuildMessageSecurity(MessageSecurityType securityType) { if (securityType == MessageSecurityType.CertificateOverTransport) { TransportSecurityBindingElement messageSecurity = SecurityBindingElement.CreateCertificateOverTransportBindingElement( MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11); messageSecurity.IncludeTimestamp = true; return(messageSecurity); } else if (securityType == MessageSecurityType.MutualCertificate) { SecurityBindingElement messageSecurity = SecurityBindingElement.CreateMutualCertificateBindingElement( MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10, true); messageSecurity.DefaultAlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Basic128Rsa15; messageSecurity.IncludeTimestamp = true; return(messageSecurity); } else if (securityType == MessageSecurityType.None) { return(null); } else if (securityType == MessageSecurityType.UserNameOverTransport) { TransportSecurityBindingElement messageSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); messageSecurity.IncludeTimestamp = false; messageSecurity.EnableUnsecuredResponse = true; messageSecurity.DefaultAlgorithmSuite = System.ServiceModel.Security.Basic256SecurityAlgorithmSuite.Basic256; messageSecurity.SetKeyDerivation(false); messageSecurity.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; return(messageSecurity); } return(SecurityBindingElement.CreateSslNegotiationBindingElement(false)); }
public override BindingElementCollection CreateBindingElements() { BindingElementCollection bindingElements = new BindingElementCollection(); TransportSecurityBindingElement security = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); security.IncludeTimestamp = false; bindingElements.Add(security); TextMessageEncodingBindingElement messageEncoding = new TextMessageEncodingBindingElement(); messageEncoding.MessageVersion = MessageVersion.Soap11; bindingElements.Add(messageEncoding); HttpsTransportBindingElement transport = new HttpsTransportBindingElement(); transport.MaxReceivedMessageSize = int.MaxValue; transport.ManualAddressing = false; transport.AllowCookies = false; transport.AuthenticationScheme = AuthenticationSchemes.Anonymous; transport.BypassProxyOnLocal = false; transport.DecompressionEnabled = true; transport.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard; transport.KeepAliveEnabled = true; transport.ProxyAuthenticationScheme = AuthenticationSchemes.Anonymous; transport.TransferMode = TransferMode.Buffered; transport.UnsafeConnectionNtlmAuthentication = false; transport.UseDefaultWebProxy = true; bindingElements.Add(transport); return(bindingElements.Clone()); }
//<snippet2> // This method creates a CustomBinding based on a WSFederationHttpBinding which does not use secure conversation. public static CustomBinding CreateFederationBindingWithoutSecureSession(WSFederationHttpBinding inputBinding) { // This CustomBinding starts out identical to the specified WSFederationHttpBinding. CustomBinding outputBinding = new CustomBinding(inputBinding.CreateBindingElements()); // Find the SecurityBindingElement for message security. SecurityBindingElement security = outputBinding.Elements.Find <SecurityBindingElement>(); // If the security mode is message, then the secure session settings are the protection token parameters. SecureConversationSecurityTokenParameters secureConversation; if (WSFederationHttpSecurityMode.Message == inputBinding.Security.Mode) { SymmetricSecurityBindingElement symmetricSecurity = security as SymmetricSecurityBindingElement; secureConversation = symmetricSecurity.ProtectionTokenParameters as SecureConversationSecurityTokenParameters; } // If the security mode is message, then the secure session settings are the endorsing token parameters. else if (WSFederationHttpSecurityMode.TransportWithMessageCredential == inputBinding.Security.Mode) { TransportSecurityBindingElement transportSecurity = security as TransportSecurityBindingElement; secureConversation = transportSecurity.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } else { throw new NotSupportedException(String.Format("Unhandled security mode {0}.", inputBinding.Security.Mode)); } // Replace the secure session SecurityBindingElement with the bootstrap SecurityBindingElement. int securityIndex = outputBinding.Elements.IndexOf(security); outputBinding.Elements[securityIndex] = secureConversation.BootstrapSecurityBindingElement; // Return modified binding. return(outputBinding); }
public static CustomBinding GetCustomBinding() { try { var customBinding = new CustomBinding(); TransportSecurityBindingElement userNameOverTransportSecurityBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); userNameOverTransportSecurityBindingElement.MessageSecurityVersion = System.ServiceModel.MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; userNameOverTransportSecurityBindingElement.IncludeTimestamp = false; customBinding.Elements.Add(userNameOverTransportSecurityBindingElement); var textBindingElement = new TextMessageEncodingBindingElement(); customBinding.Elements.Add(textBindingElement); var httpsBindingElement = new HttpsTransportBindingElement { AllowCookies = true, MaxBufferSize = int.MaxValue, MaxReceivedMessageSize = int.MaxValue }; //httpsBindingElement.AuthenticationScheme = System.Net.AuthenticationSchemes.Basic; customBinding.Elements.Add(httpsBindingElement); //SecurityBindingElement securityBindingElement = SecurityBindingElement. //includeTimestamp //messageProtectionOrder = //customBinding.Elements.Find<SecurityBindingElement>().EnableUnsecuredResponse = true; return(customBinding); } catch (Exception e) { Log4net.Error(string.Format("{0}, {1}", e.Message, e.StackTrace), e); } return(null); }
public static Binding CreateMultiFactorAuthenticationBinding() { HttpsTransportBindingElement httpTransport = new HttpsTransportBindingElement(); httpTransport.MaxReceivedMessageSize = int.MaxValue; //AddressHeader addressHeader = AddressHeader.CreateAddressHeader("Security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", security, xmlObjectSerializer); CustomBinding binding = new CustomBinding(); binding.Name = "myCustomBinding"; TransportSecurityBindingElement messageSecurity = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement(); messageSecurity.IncludeTimestamp = false; messageSecurity.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12; messageSecurity.SecurityHeaderLayout = SecurityHeaderLayout.Strict; messageSecurity.SetKeyDerivation(false); TextMessageEncodingBindingElement Quota = new TextMessageEncodingBindingElement(MessageVersion.Soap11, System.Text.Encoding.UTF8); Quota.ReaderQuotas.MaxDepth = 32; Quota.ReaderQuotas.MaxStringContentLength = Int32.MaxValue; Quota.ReaderQuotas.MaxArrayLength = 16384; Quota.ReaderQuotas.MaxBytesPerRead = 4096; Quota.ReaderQuotas.MaxNameTableCharCount = 16384; binding.Elements.Add(Quota); binding.Elements.Add(messageSecurity); binding.Elements.Add(httpTransport); return(binding); }
public SafeOnlineBinding() { HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement(); TextMessageEncodingBindingElement encoding = new TextMessageEncodingBindingElement(); encoding.MessageVersion = MessageVersion.Soap11; TransportSecurityBindingElement securityBinding = new TransportSecurityBindingElement(); securityBinding.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; securityBinding.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Default; securityBinding.SetKeyDerivation(false); X509SecurityTokenParameters certToken = new X509SecurityTokenParameters(); certToken.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient; certToken.ReferenceStyle = SecurityTokenReferenceStyle.Internal; certToken.RequireDerivedKeys = false; certToken.X509ReferenceStyle = X509KeyIdentifierClauseType.Any; securityBinding.EndpointSupportingTokenParameters.SignedEndorsing.Add(certToken); securityBinding.LocalClientSettings.DetectReplays = false; this.bindingElements = new BindingElementCollection(); this.bindingElements.Add(securityBinding); this.bindingElements.Add(encoding); this.bindingElements.Add(httpsTransport); }
public static Binding UserNameBinding(MessageVersion messageVersion) { // NOTE: we use a non-secure transport here, which means the message will be visible to others. HttpTransportBindingElement httpTransport = new HttpTransportBindingElement(); // the transport security binding element will be configured to require a username token TransportSecurityBindingElement transportSecurity = new TransportSecurityBindingElement(); transportSecurity.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UsernameTokenParameters()); // here you can require secure transport, in which case you'd probably replace HTTP with HTTPS as well transportSecurity.AllowInsecureTransport = true; transportSecurity.IncludeTimestamp = false; //MtomMessageEncodingBindingElement mtom = new MtomMessageEncodingBindingElement // { // WriteEncoding = System.Text.Encoding.UTF8, // MessageVersion = MessageVersion.Soap11WSAddressing10, // MaxBufferSize = 2147483647 // }; //mtom.ReaderQuotas.MaxStringContentLength = 2147483647; TextMessageEncodingBindingElement me = new TextMessageEncodingBindingElement(messageVersion, Encoding.UTF8); return(new CustomBinding(transportSecurity, me, httpTransport)); }
public static OmnitureWebServicePortTypeClient GetClient( string username, string secret, string endpoint ) { var httpsTransportBindingElement = new HttpsTransportBindingElement { UseDefaultWebProxy = false, MaxReceivedMessageSize = 2147483647 }; var transportSecurityBindingElement = new TransportSecurityBindingElement(); transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted.Add( new SecurityTokenParameters() ); transportSecurityBindingElement.IncludeTimestamp = false; var customTextMessageBindingElement = new CustomTextMessageBindingElement { MessageVersion = MessageVersion.Soap11 }; var bindingElements = new List<BindingElement> { transportSecurityBindingElement, customTextMessageBindingElement, httpsTransportBindingElement }; Binding customBinding = new CustomBinding( bindingElements.ToArray() ); var endpointAddress = new EndpointAddress( endpoint ); var clientCredential = new ClientCredentials( new Info( username, secret ) ); var omnitureWebServicePortTypeClient = new OmnitureWebServicePortTypeClient( customBinding, endpointAddress ); omnitureWebServicePortTypeClient.Endpoint.Behaviors.Remove( typeof( System.ServiceModel.Description.ClientCredentials ) ); omnitureWebServicePortTypeClient.Endpoint.Behaviors.Add( clientCredential ); return omnitureWebServicePortTypeClient; }
protected void AddTransportSecurityBindingElement(BindingElementCollection bindingElements) { TransportSecurityBindingElement item = new TransportSecurityBindingElement { MessageSecurityVersion = MessagingVersionHelper.SecurityVersion(this.protocolVersion) }; bindingElements.Add(item); }
internal static bool IsSecurityBindingSuitableForChannelBinding(TransportSecurityBindingElement securityBindingElement) { #if FEATURE_CORECLR throw new NotImplementedException("SupportingTokenParameters.Signed is not supported in .NET Core"); #else return(securityBindingElement != null && (SecurityUtils.AreSecurityTokenParametersSuitableForChannelBinding(securityBindingElement.EndpointSupportingTokenParameters.Endorsing) || SecurityUtils.AreSecurityTokenParametersSuitableForChannelBinding(securityBindingElement.EndpointSupportingTokenParameters.Signed) || (SecurityUtils.AreSecurityTokenParametersSuitableForChannelBinding(securityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted) || SecurityUtils.AreSecurityTokenParametersSuitableForChannelBinding(securityBindingElement.EndpointSupportingTokenParameters.SignedEndorsing)))); #endif }
public static FNCEWS40PortTypeClient ConfigureBinding(String user, String domain, String password, String uri) { BindingElementCollection bec = new BindingElementCollection(); // Everything gets treated as if it is username credentials until // right at the point of serialization. TransportSecurityBindingElement sbe = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); sbe.IncludeTimestamp = false; bec.Add(sbe); if (uri.IndexOf("SOAP") != -1) { // using the SOAP endpoint TextMessageEncodingBindingElement tme = new TextMessageEncodingBindingElement(); tme.MessageVersion = MessageVersion.Soap11; tme.ReaderQuotas.MaxDepth = 1024; tme.ReaderQuotas.MaxStringContentLength = 1024 * 1024; bec.Add(tme); } else { MtomMessageEncodingBindingElement mme = new MtomMessageEncodingBindingElement(); mme.MessageVersion = MessageVersion.Soap12; mme.ReaderQuotas.MaxDepth = 1024; mme.ReaderQuotas.MaxStringContentLength = 1024 * 1024; mme.MaxBufferSize = 2147483647; bec.Add(mme); } HttpsTransportBindingElement tbe = new HttpsTransportBindingElement(); tbe.MaxReceivedMessageSize = 2147483647; tbe.MaxBufferSize = 2147483647; bec.Add(tbe); CustomBinding binding = new CustomBinding(bec); binding.ReceiveTimeout = new TimeSpan(TimeSpan.TicksPerDay); // 100 nanonsecond units, make it 1 day binding.SendTimeout = binding.ReceiveTimeout; EndpointAddress endpoint = new EndpointAddress(uri); port = new FNCEWS40PortTypeClient(binding, endpoint); port.ClientCredentials.UserName.UserName = user; port.ClientCredentials.UserName.Password = password; // set up the Localization header, minus the locale. We assume // the timezone cannot change between calls, but that the locale // may. localization = new Localization(); localization.Timezone = GetTimezone(); return(port); }
protected override SecurityBindingElement CreateSecurity() { TransportSecurityBindingElement security = new TransportSecurityBindingElement(); security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; security.EnableUnsecuredResponse = true; security.IncludeTimestamp = true; security.EndpointSupportingTokenParameters.Signed.Add(new UserNameSecurityTokenParameters()); return security; }
private static void ValidateUserNamePasswordSecurityBindingElement(TransportSecurityBindingElement transportSecurityBindingElement) { bool singleSignedEncryptedParam = transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted.Count == 1; System.Diagnostics.Debug.Assert(singleSignedEncryptedParam, "Unexpected number of SignedEncrypted token parameters in transport security binding!"); if (!singleSignedEncryptedParam) { return; } if (transportSecurityBindingElement.MessageSecurityVersion != MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10 && transportSecurityBindingElement.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10 && transportSecurityBindingElement.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11 && transportSecurityBindingElement.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10) { string values = string.Format(CultureInfo.InvariantCulture, "'{0}', '{1}', '{2}'", MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10, MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10, MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11); s_bindingValidationErrors.Add(string.Format(SR.BindingTransportMessageSecurityVersionNotSupportedFormat, transportSecurityBindingElement.MessageSecurityVersion, values)); } if (transportSecurityBindingElement.DefaultAlgorithmSuite != SecurityAlgorithmSuite.Default) { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityDefaultAlgorithmSuiteNotSupportedFormat, transportSecurityBindingElement.DefaultAlgorithmSuite.GetType().FullName, SecurityAlgorithmSuite.Default.GetType().FullName)); } var userNameParams = transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted[0] as UserNameSecurityTokenParameters; if (userNameParams != null) { if (userNameParams.InclusionMode != SecurityTokenInclusionMode.AlwaysToRecipient) { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityTokenParamsInclusionModeValueNotSupportedFormat, userNameParams.InclusionMode, SecurityTokenInclusionMode.AlwaysToRecipient)); } if (userNameParams.ReferenceStyle != SecurityTokenReferenceStyle.Internal) { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityTokenParamsReferenceStyleNotSupportedFormat, userNameParams.ReferenceStyle, SecurityTokenReferenceStyle.Internal)); } if (userNameParams.RequireDerivedKeys != false) { s_bindingValidationErrors.Add(SR.BindingTransportSecurityTokenParamsRequiringDerivedKeysNotSupported); } } else { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityTokenParamsTypeNotSupportedFormat, transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted[0].GetType().FullName, typeof(UserNameSecurityTokenParameters).FullName)); } }
protected override SecurityBindingElement CreateSecurity() { TransportSecurityBindingElement security = new TransportSecurityBindingElement(); security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; security.EnableUnsecuredResponse = true; security.IncludeTimestamp = true; security.EndpointSupportingTokenParameters.Signed.Add(new UserNameSecurityTokenParameters()); return(security); }
public static void Method_CreateIssuedTokenOverTransportBindingElement() { IssuedSecurityTokenParameters tokenParameters = new IssuedSecurityTokenParameters(); TransportSecurityBindingElement securityBindingElement = SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(tokenParameters); Assert.Contains(tokenParameters, securityBindingElement.EndpointSupportingTokenParameters.Endorsing); Assert.Equal(System.ServiceModel.MessageSecurityVersion.Default, securityBindingElement.MessageSecurityVersion); Assert.False(securityBindingElement.LocalClientSettings.DetectReplays); Assert.True(securityBindingElement.IncludeTimestamp); Assert.Throws <System.ArgumentNullException>(() => SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(null)); }
protected override System.ServiceModel.Channels.SecurityBindingElement CreateSecurity() { TransportSecurityBindingElement security = new TransportSecurityBindingElement(); security.EnableUnsecuredResponse = true; //to allow faults. security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; security.EndpointSupportingTokenParameters.Endorsing.Add(new ScDsspSecurityTokenParameter()); return(security); }
protected override SecurityBindingElement CreateMessageSecurity() { if (this.Security.Mode == WSFederationHttpSecurityMode.None) { throw new InvalidOperationException("Only message and security is supported"); } if (this.Security.Message.IssuedKeyType != SecurityKeyType.AsymmetricKey) { throw new InvalidOperationException("Only Asymmectric Keys are supported"); } if (this.Security.Message.NegotiateServiceCredential) { throw new InvalidOperationException("Negocatiation of service credentials not supported"); } if (this.Security.Message.EstablishSecurityContext) { throw new InvalidOperationException("Secure conversation not supported"); } SecurityBindingElement security; if (this.Security.Mode == WSFederationHttpSecurityMode.Message) { SymmetricSecurityBindingElement baseSecurity = (SymmetricSecurityBindingElement)base.CreateMessageSecurity(); AsymmetricSecurityBindingElement asecurity = new AsymmetricSecurityBindingElement(); asecurity.InitiatorTokenParameters = baseSecurity.EndpointSupportingTokenParameters.Endorsing[0]; X509SecurityTokenParameters serverToken = new X509SecurityTokenParameters(); serverToken.X509ReferenceStyle = X509KeyIdentifierClauseType.Any; serverToken.InclusionMode = SecurityTokenInclusionMode.Never; serverToken.RequireDerivedKeys = false; asecurity.RecipientTokenParameters = serverToken; security = asecurity; } else { TransportSecurityBindingElement baseSecurity = (TransportSecurityBindingElement)base.CreateMessageSecurity(); TransportSecurityBindingElement tsecurity = new TransportSecurityBindingElement(); tsecurity.EndpointSupportingTokenParameters.Endorsing.Add(baseSecurity.EndpointSupportingTokenParameters.Endorsing[0]); security = tsecurity; } security.EnableUnsecuredResponse = true; security.IncludeTimestamp = true; security.SecurityHeaderLayout = SecurityHeaderLayout.Lax; security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256; security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; security.SetKeyDerivation(false); return(security); }
/// <summary> /// Creates the custom binding. /// </summary> /// <param name="isCertificate">If set to true certificate security will be used.</param> /// <returns></returns> /// <remarks></remarks> public static Binding CreateCustomBinding(bool isCertificate, bool isHttps) { BindingElement securityBinding = null; BindingElement transport = null; if (isHttps) { HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement(); transport = httpsTransport; } else { HttpTransportBindingElement httpTransport = new HttpTransportBindingElement(); transport = httpTransport; } TextMessageEncodingBindingElement messageEncoding = new TextMessageEncodingBindingElement(); if (!isCertificate) { TransportSecurityBindingElement messageSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); messageSecurity.IncludeTimestamp = false; securityBinding = messageSecurity; messageSecurity.AllowInsecureTransport = !isHttps; } else { AsymmetricSecurityBindingElement messageSecurity = (AsymmetricSecurityBindingElement)SecurityBindingElement.CreateMutualCertificateDuplexBindingElement ( MessageSecurityVersion .WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10 ); messageSecurity.MessageProtectionOrder = MessageProtectionOrder.EncryptBeforeSign; messageSecurity.AllowInsecureTransport = !isHttps; securityBinding = messageSecurity; messageEncoding.MessageVersion = MessageVersion.Soap11; } CustomBinding result = new CustomBinding(securityBinding, messageEncoding, transport); return(result); }
private static void ValidateTransportSecurityBindingElement(TransportSecurityBindingElement transportSecurityBindingElement) { if (transportSecurityBindingElement.EndpointSupportingTokenParameters.Signed.Count != 0 || transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEndorsing.Count != 0) { s_bindingValidationErrors.Add(SR.BindingTransportSecurityTokenSignedOrSignedEndorsingNotSupported); } else if (transportSecurityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted.Count == 1) { ValidateUserNamePasswordSecurityBindingElement(transportSecurityBindingElement); } else if (transportSecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Count == 1) { SecureConversationSecurityTokenParameters endorsingTokenParams = transportSecurityBindingElement.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; if (endorsingTokenParams != null) { if (endorsingTokenParams.RequireDerivedKeys) { s_bindingValidationErrors.Add(SR.BindingTransportSecurityTokenParamsRequiringDerivedKeysNotSupported); } TransportSecurityBindingElement bootstrapElement = endorsingTokenParams.BootstrapSecurityBindingElement as TransportSecurityBindingElement; if (bootstrapElement == null) { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityElementTypeNotSupportedFormat, endorsingTokenParams.BootstrapSecurityBindingElement.GetType().FullName, typeof(TransportSecurityBindingElement).FullName)); } else { ValidateTransportSecurityBindingElement(bootstrapElement); } } } if (!transportSecurityBindingElement.IncludeTimestamp) { s_bindingValidationErrors.Add(SR.BindingTransportSecurityMustIncludeTimestamp); } if (transportSecurityBindingElement.DefaultAlgorithmSuite != SecurityAlgorithmSuite.Default) { s_bindingValidationErrors.Add(string.Format(SR.BindingTransportSecurityDefaultAlgorithmSuiteNotSupportedFormat, transportSecurityBindingElement.DefaultAlgorithmSuite.GetType().FullName, SecurityAlgorithmSuite.Default.GetType().FullName)); } }
/// <summary> /// Initializes the binding. /// </summary> /// <param name="namespaceUris">The namespace uris.</param> /// <param name="factory">The factory.</param> /// <param name="configuration">The configuration.</param> /// <param name="description">The description.</param> public UaHttpsSoapBinding( NamespaceTable namespaceUris, EncodeableFactory factory, EndpointConfiguration configuration, EndpointDescription description) : base(namespaceUris, factory, configuration) { if (description != null && description.SecurityMode != MessageSecurityMode.None) { TransportSecurityBindingElement bootstrap = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); bootstrap.IncludeTimestamp = true; bootstrap.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; bootstrap.SecurityHeaderLayout = SecurityHeaderLayout.Strict; m_security = SecurityBindingElement.CreateSecureConversationBindingElement(bootstrap); m_security.IncludeTimestamp = true; m_security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; m_security.SecurityHeaderLayout = SecurityHeaderLayout.Strict; } m_encoding = new TextMessageEncodingBindingElement(MessageVersion.Soap12WSAddressing10, Encoding.UTF8); // WCF does not distinguish between arrays and byte string. int maxArrayLength = configuration.MaxArrayLength; if (configuration.MaxArrayLength < configuration.MaxByteStringLength) { maxArrayLength = configuration.MaxByteStringLength; } m_encoding.ReaderQuotas.MaxArrayLength = maxArrayLength; m_encoding.ReaderQuotas.MaxStringContentLength = configuration.MaxStringLength; m_encoding.ReaderQuotas.MaxBytesPerRead = Int32.MaxValue; m_encoding.ReaderQuotas.MaxDepth = Int32.MaxValue; m_encoding.ReaderQuotas.MaxNameTableCharCount = Int32.MaxValue; m_transport = new HttpsTransportBindingElement(); m_transport.AllowCookies = false; m_transport.AuthenticationScheme = System.Net.AuthenticationSchemes.Anonymous; m_transport.ManualAddressing = false; m_transport.MaxBufferSize = configuration.MaxMessageSize; m_transport.MaxReceivedMessageSize = configuration.MaxMessageSize; m_transport.TransferMode = TransferMode.Buffered; }
public static CollateralRegistrationSearchService2016Client CreatePPSRClient(string url, string username, string password, UrlType urlType) { CustomBinding binding = new CustomBinding(); var security = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement(); security.IncludeTimestamp = false; security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256; security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; MessageEncodingBindingElement encoding = null; if (urlType == UrlType.MTOM) { encoding = new MtomMessageEncodingBindingElement(); encoding.MessageVersion = MessageVersion.Soap11; } else { encoding = new TextMessageEncodingBindingElement(); encoding.MessageVersion = MessageVersion.Soap11; } var transport = new HttpsTransportBindingElement(); transport.MaxReceivedMessageSize = 20000000; // 20 megs binding.Elements.Add(security); binding.Elements.Add(encoding); binding.Elements.Add(transport); CollateralRegistrationSearchService2016Client client = new CollateralRegistrationSearchService2016Client(binding, new EndpointAddress(url)); // to use full client credential with Nonce uncomment this code: // it looks like this might not be required - the service seems to work without it // client.ChannelFactory.Endpoint.Behaviors.Add(new InspectorBehavior()); client.ChannelFactory.Endpoint.Behaviors.Remove <System.ServiceModel.Description.ClientCredentials>(); client.ChannelFactory.Endpoint.Behaviors.Add(new CustomCredentials()); client.ClientCredentials.UserName.UserName = username; client.ClientCredentials.UserName.Password = password; return(client); }
public static void Method_CreateUserNameOverTransportBindingElement() { TransportSecurityBindingElement securityBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); Assert.True(securityBindingElement != null, "The created TransportSecurityBindingElement should not be null."); Assert.True(securityBindingElement.IncludeTimestamp); Assert.False(securityBindingElement.LocalClientSettings.DetectReplays); Assert.True(securityBindingElement.EndpointSupportingTokenParameters.SignedEncrypted[0] is UserNameSecurityTokenParameters); securityBindingElement.IncludeTimestamp = false; securityBindingElement.SecurityHeaderLayout = SecurityHeaderLayout.Lax; var binding = new CustomBinding(); binding.Elements.Add(securityBindingElement); SecurityBindingElement element = binding.Elements.Find <SecurityBindingElement>(); Assert.True(element != null, "SecurityBindingElement added to binding elements should not be null."); Assert.Equal(element, securityBindingElement); }
static void Main(string[] args) { try { //for invalid ssl server certificate System.Net.ServicePointManager.ServerCertificateValidationCallback += (se, cert, chain, sslerror) => { return(true); }; CustomBinding binding = new CustomBinding(); var security = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement(); security.IncludeTimestamp = true; security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256; security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; security.EnableUnsecuredResponse = true; var encoding = new TextMessageEncodingBindingElement(); encoding.MessageVersion = MessageVersion.Soap11; var transport = new HttpsTransportBindingElement(); transport.MaxReceivedMessageSize = 2000000; binding.Elements.Add(security); binding.Elements.Add(encoding); binding.Elements.Add(transport); WSClient.Proxy.TargetWS client = new Proxy.TargetWS(binding, new EndpointAddress(Properties.Settings.Default.Url)); //change credential for the custom credentials instance client.ChannelFactory.Endpoint.Behaviors.Remove <System.ServiceModel.Description.ClientCredentials>(); client.ChannelFactory.Endpoint.Behaviors.Add(new CustomCredentials()); client.ClientCredentials.UserName.UserName = Properties.Settings.Default.username; client.ClientCredentials.UserName.Password = Properties.Settings.Default.password; Proxy.Message message = new WSClient.Proxy.Message(); message.id = "whatever"; client.foo(message); System.Console.Write("Success"); } catch (Exception ex) { System.Console.Write(ex.Message); } }
/// <summary> /// Builds the <see cref="SecurityBindingElement"/> for the RelyingParty channel. /// </summary> /// <returns>a <see cref="SecurityBindingElement"/> for the RelyingParty channel.</returns> /// <remarks>Creates a new <see cref="TransportBindingElement"/> and adds <see cref="WSTrustTokenParameters"/> to the appropriate EndpointSupportingTokenParameters (Endorsing or Signed). /// <para>Sets: <see cref="MessageSecurityVersion"/> == <see cref="WSTrustTokenParameters.MessageSecurityVersion"/>.</para></para> /// <para>Sets: <see cref="IncludeTimestamp"/> == true.</para></remarks> protected override SecurityBindingElement CreateMessageSecurity() { WSTrustTokenParameters.RequireDerivedKeys = false; var result = new TransportSecurityBindingElement { IncludeTimestamp = true, MessageSecurityVersion = WSTrustTokenParameters.MessageSecurityVersion }; if (WSTrustTokenParameters.KeyType == SecurityKeyType.BearerKey) { result.EndpointSupportingTokenParameters.Signed.Add(WSTrustTokenParameters); } else { result.EndpointSupportingTokenParameters.Endorsing.Add(WSTrustTokenParameters); } if (Security.Message.EstablishSecurityContext) { var securityContextWrappingElement = new TransportSecurityBindingElement { IncludeTimestamp = true, MessageSecurityVersion = WSTrustTokenParameters.MessageSecurityVersion }; securityContextWrappingElement.LocalClientSettings.DetectReplays = false; var scParameters = new SecureConversationSecurityTokenParameters(result) { RequireCancellation = true, RequireDerivedKeys = false }; securityContextWrappingElement.EndpointSupportingTokenParameters.Endorsing.Add(scParameters); result = securityContextWrappingElement; } SecurityBindingElement = result; return(result); }
/// <summary> /// Cria um binding para comunicação. /// </summary> /// <param name="securityMode">Modo de segurança.</param> /// <param name="requireClientCertificates"></param> /// <returns></returns> public static Binding CreateBinding(SecurityMode securityMode, bool requireClientCertificates) { WSHttpBinding binding = new WSHttpBinding(securityMode); binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None; binding.ReaderQuotas = System.Xml.XmlDictionaryReaderQuotas.Max; binding.MaxReceivedMessageSize = System.Xml.XmlDictionaryReaderQuotas.Max.MaxStringContentLength; Binding binding2 = binding; if ((securityMode == SecurityMode.Transport) && requireClientCertificates) { binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; BindingElementCollection bindingElementsInTopDownChannelStackOrder = binding.CreateBindingElements(); TransportSecurityBindingElement item = new TransportSecurityBindingElement(); System.ServiceModel.Security.Tokens.X509SecurityTokenParameters parameters = new System.ServiceModel.Security.Tokens.X509SecurityTokenParameters(); parameters.InclusionMode = System.ServiceModel.Security.Tokens.SecurityTokenInclusionMode.AlwaysToRecipient; item.EndpointSupportingTokenParameters.Endorsing.Add(parameters); bindingElementsInTopDownChannelStackOrder.Insert(bindingElementsInTopDownChannelStackOrder.Count - 1, item); binding2 = new CustomBinding(bindingElementsInTopDownChannelStackOrder); } return(binding2); }
public static Binding ConfigureCrmOnlineBinding <TChannel>(this ClientBase <TChannel> client, Uri issuerUri) where TChannel : class { if (null == client) { throw new ArgumentNullException("client"); } //When this is represented in the configuration file, it attempts to show the CardSpace dialog. //As a workaround, the binding is being setup manually using code. TransportSecurityBindingElement securityElement = new TransportSecurityBindingElement(); securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.TripleDes; securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; securityElement.EndpointSupportingTokenParameters.Signed.Add( new System.ServiceModel.Security.Tokens.IssuedSecurityTokenParameters() { RequireDerivedKeys = false, KeySize = 192, IssuerAddress = new EndpointAddress(issuerUri), }); //Create a new list of the binding elements List <BindingElement> elementList = new List <BindingElement>(); elementList.Add(securityElement); elementList.AddRange(client.Endpoint.Binding.CreateBindingElements()); Binding binding = new CustomBinding(elementList); client.ChannelFactory.Endpoint.Binding = binding; //Configure the channel factory for use with federation client.ChannelFactory.ConfigureChannelFactory(); return(client.Endpoint.Binding); }
public virtual bool TryImportWsspTransportBindingAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, out TransportSecurityBindingElement binding, out XmlElement assertion) { Collection<Collection<XmlElement>> collection; binding = null; if (this.TryImportWsspAssertion(assertions, "TransportBinding", out assertion) && this.TryGetNestedPolicyAlternatives(importer, assertion, out collection)) { foreach (Collection<XmlElement> collection2 in collection) { XmlElement element; binding = new TransportSecurityBindingElement(); if (((this.TryImportWsspTransportTokenAssertion(importer, collection2, out element) && this.TryImportWsspAlgorithmSuiteAssertion(importer, collection2, binding)) && (this.TryImportWsspLayoutAssertion(importer, collection2, binding) && this.TryImportWsspIncludeTimestampAssertion(collection2, binding))) && (collection2.Count == 0)) { if (!importer.State.ContainsKey("InSecureConversationBootstrapBindingImportMode")) { assertions.Add(element); } break; } binding = null; } } return (binding != null); }
public virtual bool TryImportWsspTransportBindingAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, out TransportSecurityBindingElement binding, out XmlElement assertion) { binding = null; Collection<Collection<XmlElement>> alternatives; if (TryImportWsspAssertion(assertions, TransportBindingName, out assertion) && TryGetNestedPolicyAlternatives(importer, assertion, out alternatives)) { foreach (Collection<XmlElement> alternative in alternatives) { XmlElement transportTokenAssertion; binding = new TransportSecurityBindingElement(); if (TryImportWsspTransportTokenAssertion(importer, alternative, out transportTokenAssertion) && TryImportWsspAlgorithmSuiteAssertion(importer, alternative, binding) && TryImportWsspLayoutAssertion(importer, alternative, binding) && TryImportWsspIncludeTimestampAssertion(alternative, binding) && alternative.Count == 0) { if (false == importer.State.ContainsKey(SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode)) { // The transportTokenAssertion should be consumed by the transport binding importer // for all primary bindings. However, for secure conversation bootstrap bindings // the bootstrap policy does not contain any transport assertions, so adding the // transport token assertion to the collection of unimported assertions would // increase the likelihood of policy import failure due to unrecognized assertions. assertions.Add(transportTokenAssertion); } break; } else { binding = null; } } } return binding != null; }
public virtual XmlElement CreateWsspTransportBindingAssertion(MetadataExporter exporter, TransportSecurityBindingElement binding, XmlElement transportTokenAssertion) { XmlElement result = CreateWsspAssertion(TransportBindingName); result.AppendChild( CreateWspPolicyWrapper( exporter, CreateWsspTransportTokenAssertion(exporter, transportTokenAssertion), CreateWsspAlgorithmSuiteAssertion(exporter, binding.DefaultAlgorithmSuite), CreateWsspLayoutAssertion(exporter, binding.SecurityHeaderLayout), CreateWsspIncludeTimestampAssertion(binding.IncludeTimestamp) )); return result; }
private static ServiceHost CreateServiceHost(Type component) { ServiceHost sh = new ServiceHost(component); sh.Open(); Console.WriteLine("Endpoint Listeners:"); Console.WriteLine("----------------"); foreach (ChannelDispatcher cd in sh.ChannelDispatchers) { foreach (EndpointDispatcher epd in cd.Endpoints) { Console.Write(epd.EndpointAddress.Uri.AbsoluteUri); ConsoleColor origCol = Console.ForegroundColor; ServiceEndpoint servend = sh.Description.Endpoints.Find(epd.EndpointAddress.Uri); if (servend != null) { Console.WriteLine("\tPhysical listeningURI: " + servend.ListenUri.AbsoluteUri); Console.ForegroundColor = ConsoleColor.DarkYellow; BindingElementCollection bec = servend.Binding.CreateBindingElements(); foreach (BindingElement be in bec) { Console.WriteLine("\t" + be.GetType().ToString()); SymmetricSecurityBindingElement symBe = be as SymmetricSecurityBindingElement; AsymmetricSecurityBindingElement asymBe = be as AsymmetricSecurityBindingElement; TransportSecurityBindingElement transBe = be as TransportSecurityBindingElement; if (symBe != null) { Console.WriteLine("\t\t" + symBe.ProtectionTokenParameters.GetType().ToString()); } if (asymBe != null) { X509SecurityTokenParameters initParms = asymBe.InitiatorTokenParameters as X509SecurityTokenParameters; X509SecurityTokenParameters recParms = asymBe.RecipientTokenParameters as X509SecurityTokenParameters; if (initParms != null) { Console.WriteLine("\t\tInitiator Security Token Parmeter type"); Console.WriteLine("\t\t\t" + initParms.GetType().ToString() + Environment.NewLine + "\t\t\tInclusionMode: " + initParms.InclusionMode.ToString()); } if (recParms != null) { Console.WriteLine("\t\tRecipient Security Token Parmeter type"); Console.WriteLine("\t\t\t" + recParms.GetType().ToString() + Environment.NewLine + "\t\t\tInclusionMode: " + recParms.InclusionMode.ToString()); } } if (transBe != null) { SupportingTokenParameters supTokParms = transBe.EndpointSupportingTokenParameters; if (supTokParms.Endorsing.Count > 0) { ShowSecurityTokenParmeters(supTokParms.Endorsing, "Endorsing"); } } } } Console.ForegroundColor = origCol; Console.WriteLine(); } } return(sh); }
public static void CheckBasicHttpBinding( Binding binding, string scheme, BasicHttpSecurityMode security, WSMessageEncoding encoding, HttpClientCredentialType clientCred, AuthenticationSchemes authScheme, TestLabel label) { label.EnterScope("http"); if (security == BasicHttpSecurityMode.Message) { Assert.That(binding, Is.InstanceOfType(typeof(CustomBinding)), label.Get()); } else { Assert.That(binding, Is.InstanceOfType(typeof(BasicHttpBinding)), label.Get()); var basicHttp = (BasicHttpBinding)binding; Assert.That(basicHttp.EnvelopeVersion, Is.EqualTo(EnvelopeVersion.Soap11), label.Get()); Assert.That(basicHttp.MessageVersion, Is.EqualTo(MessageVersion.Soap11), label.Get()); Assert.That(basicHttp.Scheme, Is.EqualTo(scheme), label.Get()); Assert.That(basicHttp.TransferMode, Is.EqualTo(TransferMode.Buffered), label.Get()); Assert.That(basicHttp.MessageEncoding, Is.EqualTo(encoding), label.Get()); Assert.That(basicHttp.Security, Is.Not.Null, label.Get()); Assert.That(basicHttp.Security.Mode, Is.EqualTo(security), label.Get()); Assert.That(basicHttp.Security.Transport.ClientCredentialType, Is.EqualTo(clientCred), label.Get()); Assert.That(basicHttp.Security.Message.AlgorithmSuite, Is.EqualTo(SecurityAlgorithmSuite.Basic256), label.Get()); } label.EnterScope("elements"); var elements = binding.CreateBindingElements(); Assert.That(elements, Is.Not.Null, label.Get()); if ((security == BasicHttpSecurityMode.Message) || (security == BasicHttpSecurityMode.TransportWithMessageCredential)) { Assert.That(elements.Count, Is.EqualTo(3), label.Get()); } else { Assert.That(elements.Count, Is.EqualTo(2), label.Get()); } TextMessageEncodingBindingElement textElement = null; TransportSecurityBindingElement securityElement = null; HttpTransportBindingElement transportElement = null; AsymmetricSecurityBindingElement asymmSecurityElement = null; MtomMessageEncodingBindingElement mtomElement = null; foreach (var element in elements) { if (element is TextMessageEncodingBindingElement) { textElement = (TextMessageEncodingBindingElement)element; } else if (element is HttpTransportBindingElement) { transportElement = (HttpTransportBindingElement)element; } else if (element is TransportSecurityBindingElement) { securityElement = (TransportSecurityBindingElement)element; } else if (element is AsymmetricSecurityBindingElement) { asymmSecurityElement = (AsymmetricSecurityBindingElement)element; } else if (element is MtomMessageEncodingBindingElement) { mtomElement = (MtomMessageEncodingBindingElement)element; } else { Assert.Fail(string.Format( "Unknown element: {0}", element.GetType()), label.Get()); } } label.EnterScope("text"); if (encoding == WSMessageEncoding.Text) { Assert.That(textElement, Is.Not.Null, label.Get()); Assert.That(textElement.WriteEncoding, Is.InstanceOfType(typeof(UTF8Encoding)), label.Get()); } else { Assert.That(textElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("mtom"); if (encoding == WSMessageEncoding.Mtom) { Assert.That(mtomElement, Is.Not.Null, label.Get()); } else { Assert.That(mtomElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("security"); if (security == BasicHttpSecurityMode.TransportWithMessageCredential) { Assert.That(securityElement, Is.Not.Null, label.Get()); Assert.That(securityElement.SecurityHeaderLayout, Is.EqualTo(SecurityHeaderLayout.Lax), label.Get()); } else { Assert.That(securityElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("asymmetric"); if (security == BasicHttpSecurityMode.Message) { Assert.That(asymmSecurityElement, Is.Not.Null, label.Get()); } else { Assert.That(asymmSecurityElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("transport"); Assert.That(transportElement, Is.Not.Null, label.Get()); Assert.That(transportElement.Realm, Is.Empty, label.Get()); Assert.That(transportElement.Scheme, Is.EqualTo(scheme), label.Get()); Assert.That(transportElement.TransferMode, Is.EqualTo(TransferMode.Buffered), label.Get()); label.EnterScope("auth"); Assert.That(transportElement.AuthenticationScheme, Is.EqualTo(authScheme), label.Get()); label.LeaveScope(); // auth label.LeaveScope(); // transport label.LeaveScope(); // elements label.LeaveScope(); // http }
public void DefaultValues () { var be = new TransportSecurityBindingElement (); }
private TransportSecurityBindingElement CreateTransportBindingElement() { TransportSecurityBindingElement transportSecurityBindingElement = new TransportSecurityBindingElement(); transportSecurityBindingElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256Sha256; transportSecurityBindingElement.IncludeTimestamp = true; transportSecurityBindingElement.KeyEntropyMode = SecurityKeyEntropyMode.CombinedEntropy; transportSecurityBindingElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12; transportSecurityBindingElement.SecurityHeaderLayout = SecurityHeaderLayout.Lax; return transportSecurityBindingElement; }
public static void Property_KeyEntropyMode() { TransportSecurityBindingElement securityBindingElement = new TransportSecurityBindingElement(); Assert.Equal(securityBindingElement.KeyEntropyMode, SecurityKeyEntropyMode.CombinedEntropy); }
public static void CheckNetTcpBinding( Binding binding, SecurityMode security, bool reliableSession, TransferMode transferMode, TestLabel label) { label.EnterScope("net-tcp"); if (security == SecurityMode.Message) { Assert.That(binding, Is.InstanceOfType(typeof(CustomBinding)), label.Get()); } else { Assert.That(binding, Is.InstanceOfType(typeof(NetTcpBinding)), label.Get()); var netTcp = (NetTcpBinding)binding; Assert.That(netTcp.EnvelopeVersion, Is.EqualTo(EnvelopeVersion.Soap12), label.Get()); Assert.That(netTcp.MessageVersion, Is.EqualTo(MessageVersion.Soap12WSAddressing10), label.Get()); Assert.That(netTcp.Scheme, Is.EqualTo("net.tcp"), label.Get()); Assert.That(netTcp.TransferMode, Is.EqualTo(transferMode), label.Get()); label.EnterScope("security"); Assert.That(netTcp.Security, Is.Not.Null, label.Get()); Assert.That(netTcp.Security.Mode, Is.EqualTo(security), label.Get()); Assert.That(netTcp.Security.Transport, Is.Not.Null, label.Get()); Assert.That(netTcp.Security.Transport.ProtectionLevel, Is.EqualTo(ProtectionLevel.EncryptAndSign), label.Get()); Assert.That(netTcp.Security.Transport.ClientCredentialType, Is.EqualTo(TcpClientCredentialType.Windows), label.Get()); label.LeaveScope(); } label.EnterScope("elements"); var elements = binding.CreateBindingElements(); Assert.That(elements, Is.Not.Null, label.Get()); TcpTransportBindingElement transportElement = null; TransactionFlowBindingElement transactionFlowElement = null; BinaryMessageEncodingBindingElement encodingElement = null; WindowsStreamSecurityBindingElement windowsStreamElement = null; ReliableSessionBindingElement reliableSessionElement = null; TransportSecurityBindingElement transportSecurityElement = null; SslStreamSecurityBindingElement sslStreamElement = null; SymmetricSecurityBindingElement symmSecurityElement = null; foreach (var element in elements) { if (element is TcpTransportBindingElement) { transportElement = (TcpTransportBindingElement)element; } else if (element is TransactionFlowBindingElement) { transactionFlowElement = (TransactionFlowBindingElement)element; } else if (element is BinaryMessageEncodingBindingElement) { encodingElement = (BinaryMessageEncodingBindingElement)element; } else if (element is WindowsStreamSecurityBindingElement) { windowsStreamElement = (WindowsStreamSecurityBindingElement)element; } else if (element is ReliableSessionBindingElement) { reliableSessionElement = (ReliableSessionBindingElement)element; } else if (element is TransportSecurityBindingElement) { transportSecurityElement = (TransportSecurityBindingElement)element; } else if (element is SslStreamSecurityBindingElement) { sslStreamElement = (SslStreamSecurityBindingElement)element; } else if (element is SymmetricSecurityBindingElement) { symmSecurityElement = (SymmetricSecurityBindingElement)element; } else { Assert.Fail(string.Format( "Unknown element `{0}'.", element.GetType()), label.Get()); } } label.EnterScope("windows-stream"); if (security == SecurityMode.Transport) { Assert.That(windowsStreamElement, Is.Not.Null, label.Get()); Assert.That(windowsStreamElement.ProtectionLevel, Is.EqualTo(ProtectionLevel.EncryptAndSign), label.Get()); } else { Assert.That(windowsStreamElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("reliable-session"); if (reliableSession) { Assert.That(reliableSessionElement, Is.Not.Null, label.Get()); } else { Assert.That(reliableSessionElement, Is.Null, label.Get()); } label.LeaveScope(); label.EnterScope("encoding"); Assert.That(encodingElement, Is.Not.Null, label.Get()); label.LeaveScope(); label.EnterScope("transaction"); if (security == SecurityMode.Message) { Assert.That(transactionFlowElement, Is.Null, label.Get()); } else { Assert.That(transactionFlowElement, Is.Not.Null, label.Get()); } label.LeaveScope(); label.EnterScope("transport"); Assert.That(transportElement, Is.Not.Null, label.Get()); Assert.That(transportElement.Scheme, Is.EqualTo("net.tcp"), label.Get()); Assert.That(transportElement.TransferMode, Is.EqualTo(transferMode), label.Get()); label.LeaveScope(); // transport label.EnterScope("security"); switch (security) { case SecurityMode.None: case SecurityMode.Transport: Assert.That(transportSecurityElement, Is.Null, label.Get()); Assert.That(sslStreamElement, Is.Null, label.Get()); Assert.That(symmSecurityElement, Is.Null, label.Get()); break; case SecurityMode.TransportWithMessageCredential: Assert.That(transportSecurityElement, Is.Not.Null, label.Get()); Assert.That(sslStreamElement, Is.Not.Null, label.Get()); Assert.That(symmSecurityElement, Is.Null, label.Get()); break; case SecurityMode.Message: Assert.That(transportSecurityElement, Is.Null, label.Get()); Assert.That(sslStreamElement, Is.Null, label.Get()); Assert.That(symmSecurityElement, Is.Not.Null, label.Get()); break; default: throw new InvalidOperationException(); } label.LeaveScope(); label.LeaveScope(); // elements label.LeaveScope(); // net-tcp }
public virtual XmlElement CreateWsspTransportBindingAssertion(MetadataExporter exporter, TransportSecurityBindingElement binding, XmlElement transportTokenAssertion) { XmlElement element = this.CreateWsspAssertion("TransportBinding"); element.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspTransportTokenAssertion(exporter, transportTokenAssertion), this.CreateWsspAlgorithmSuiteAssertion(exporter, binding.DefaultAlgorithmSuite), this.CreateWsspLayoutAssertion(exporter, binding.SecurityHeaderLayout), this.CreateWsspIncludeTimestampAssertion(binding.IncludeTimestamp) })); return element; }