C# (CSharp) System.IdentityModel.Selectors WindowsSecurityTokenAuthenticator示例

示例#1

文件： WindowsStreamSecurityUpgradeProvider.cs 项目： TerabyteX/wcf

            SecurityMessageProperty CreateClientSecurity(NegotiateStream negotiateStream,
                bool extractGroupsForWindowsAccounts)
            {
                WindowsIdentity remoteIdentity = (WindowsIdentity)negotiateStream.RemoteIdentity;
                SecurityUtils.ValidateAnonymityConstraint(remoteIdentity, false);
                WindowsSecurityTokenAuthenticator authenticator = new WindowsSecurityTokenAuthenticator(extractGroupsForWindowsAccounts);

                // When NegotiateStream returns a WindowsIdentity the AuthenticationType is passed in the constructor to WindowsIdentity
                // by it's internal NegoState class.  If this changes, then the call to remoteIdentity.AuthenticationType could fail if the 
                // current process token doesn't have sufficient priviledges.  It is a first class exception, and caught by the CLR
                // null is returned.
                SecurityToken token = new WindowsSecurityToken(remoteIdentity, SecurityUniqueId.Create().Value, remoteIdentity.AuthenticationType);
                ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies = authenticator.ValidateToken(token);
                _clientSecurity = new SecurityMessageProperty();
                _clientSecurity.TransportToken = new SecurityTokenSpecification(token, authorizationPolicies);
                _clientSecurity.ServiceSecurityContext = new ServiceSecurityContext(authorizationPolicies);
                return _clientSecurity;
            }

示例#2

文件： WindowsStreamSecurityUpgradeProvider.cs 项目： pritesh-mandowara-sp/DecompliedDotNetLibraries

 private SecurityMessageProperty CreateClientSecurity(NegotiateStream negotiateStream, bool extractGroupsForWindowsAccounts)
 {
     WindowsIdentity remoteIdentity = (WindowsIdentity) negotiateStream.RemoteIdentity;
     System.ServiceModel.Security.SecurityUtils.ValidateAnonymityConstraint(remoteIdentity, false);
     WindowsSecurityTokenAuthenticator authenticator = new WindowsSecurityTokenAuthenticator(extractGroupsForWindowsAccounts);
     SecurityToken token = new WindowsSecurityToken(remoteIdentity, SecurityUniqueId.Create().Value, remoteIdentity.AuthenticationType);
     ReadOnlyCollection<IAuthorizationPolicy> tokenPolicies = authenticator.ValidateToken(token);
     this.clientSecurity = new SecurityMessageProperty();
     this.clientSecurity.TransportToken = new SecurityTokenSpecification(token, tokenPolicies);
     this.clientSecurity.ServiceSecurityContext = new ServiceSecurityContext(tokenPolicies);
     return this.clientSecurity;
 }