protected ClientSecurityChannel(ChannelManagerBase factory, System.ServiceModel.Security.SecurityProtocolFactory securityProtocolFactory, UChannel innerChannel, EndpointAddress to, Uri via) : base(factory, innerChannel) { this.to = to; this.via = via; this.securityProtocolFactory = securityProtocolFactory; this.channelParameters = new ChannelParameterCollection(this); }
public static IClientReliableChannelBinder CreateBinder(EndpointAddress to, Uri via, IChannelFactory <TChannel> factory, MaskingMode maskingMode, TolerateFaultsMode faultMode, ChannelParameterCollection channelParameters, TimeSpan defaultCloseTimeout, TimeSpan defaultSendTimeout) { Type type = typeof(TChannel); if (type == typeof(IDuplexChannel)) { return(new DuplexClientReliableChannelBinder(to, via, (IChannelFactory <IDuplexChannel>)(object) factory, maskingMode, channelParameters, defaultCloseTimeout, defaultSendTimeout)); } else if (type == typeof(IDuplexSessionChannel)) { return(new DuplexSessionClientReliableChannelBinder(to, via, (IChannelFactory <IDuplexSessionChannel>)(object) factory, maskingMode, faultMode, channelParameters, defaultCloseTimeout, defaultSendTimeout)); } else if (type == typeof(IRequestChannel)) { return(new RequestClientReliableChannelBinder(to, via, (IChannelFactory <IRequestChannel>)(object) factory, maskingMode, channelParameters, defaultCloseTimeout, defaultSendTimeout)); } else if (type == typeof(IRequestSessionChannel)) { return(new RequestSessionClientReliableChannelBinder(to, via, (IChannelFactory <IRequestSessionChannel>)(object) factory, maskingMode, faultMode, channelParameters, defaultCloseTimeout, defaultSendTimeout)); } else { throw Fx.AssertAndThrow("ClientReliableChannelBinder supports creation of IDuplexChannel, IDuplexSessionChannel, IRequestChannel, and IRequestSessionChannel only."); } }
public ReliableRequestSessionChannel( ChannelManagerBase factory, IReliableFactorySettings settings, IClientReliableChannelBinder binder, FaultHelper faultHelper, LateBoundChannelParameterCollection channelParameters, UniqueId inputID) : base(factory, binder.RemoteAddress, binder.Via, true) { this.settings = settings; this.binder = binder; this.session = new ClientReliableSession(this, settings, binder, faultHelper, inputID); this.session.PollingCallback = this.PollingCallback; this.session.UnblockChannelCloseCallback = this.UnblockClose; if (this.settings.ReliableMessagingVersion == ReliableMessagingVersion.WSReliableMessagingFebruary2005) { this.shutdownHandle = new InterruptibleWaitObject(false); } else { this.replyAckConsistencyGuard = new Guard(Int32.MaxValue); } this.binder.Faulted += OnBinderFaulted; this.binder.OnException += OnBinderException; this.channelParameters = channelParameters; channelParameters.SetChannel(this); }
public RequestSessionClientReliableChannelBinder(EndpointAddress to, Uri via, IChannelFactory <IRequestSessionChannel> factory, MaskingMode maskingMode, TolerateFaultsMode faultMode, ChannelParameterCollection channelParameters, TimeSpan defaultCloseTimeout, TimeSpan defaultSendTimeout) : base(to, via, factory, maskingMode, faultMode, channelParameters, defaultCloseTimeout, defaultSendTimeout) { }
public ClientReliableDuplexSessionChannel(ChannelManagerBase factory, IReliableFactorySettings settings, IReliableChannelBinder binder, FaultHelper faultHelper, LateBoundChannelParameterCollection channelParameters, UniqueId inputID) : base(factory, settings, binder) { this.clientSession = new DuplexClientReliableSession(this, settings, faultHelper, inputID); this.clientSession.PollingCallback = new ClientReliableSession.PollingHandler(this.PollingCallback); base.SetSession(this.clientSession); this.channelParameters = channelParameters; channelParameters.SetChannel(this); ((IClientReliableChannelBinder)binder).ConnectionLost += new EventHandler(this.OnConnectionLost); }
protected ClientSecurityChannel(ChannelManagerBase factory, SecurityProtocolFactory securityProtocolFactory, UChannel innerChannel, EndpointAddress to, Uri via) : base(factory, innerChannel) { RemoteAddress = to; Via = via; SecurityProtocolFactory = securityProtocolFactory; _channelParameters = new ChannelParameterCollection(this); }
internal void CreateAndOpenTokenProviders(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, out SecurityTokenProviderContainer tokenProvider) { if (!IsSecurityTokenManagerRequired()) { tokenProvider = null; } else { CreateAndOpenTokenProvidersCore(to, via, channelParameters, timeout, out tokenProvider); } }
protected ClientReliableChannelBinder(EndpointAddress to, Uri via, IChannelFactory <TChannel> factory, MaskingMode maskingMode, TolerateFaultsMode faultMode, ChannelParameterCollection channelParameters, TimeSpan defaultCloseTimeout, TimeSpan defaultSendTimeout) : base(factory.CreateChannel(to, via), maskingMode, faultMode, defaultCloseTimeout, defaultSendTimeout) { _to = to; Via = via; _factory = factory; _channelParameters = channelParameters ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(channelParameters)); }
protected ReliableOutputSessionChannel(ChannelManagerBase factory, IReliableFactorySettings settings, IClientReliableChannelBinder binder, FaultHelper faultHelper, LateBoundChannelParameterCollection channelParameters) : base(factory) { this.settings = settings; this.binder = binder; this.session = new ClientReliableSession(this, settings, binder, faultHelper, null); this.session.PollingCallback = new ClientReliableSession.PollingHandler(this.PollingCallback); this.session.UnblockChannelCloseCallback = new ChannelReliableSession.UnblockChannelCloseHandler(this.UnblockClose); this.binder.Faulted += new BinderExceptionHandler(this.OnBinderFaulted); this.binder.OnException += new BinderExceptionHandler(this.OnBinderException); this.channelParameters = channelParameters; channelParameters.SetChannel(this); }
HttpWebRequest CreateHttpWebRequest(TimeSpan timeout) { TimeoutHelper helper = new TimeoutHelper(timeout); ChannelParameterCollection channelParameterCollection = new ChannelParameterCollection(); HttpWebRequest request; if (HttpChannelFactory <IDuplexSessionChannel> .MapIdentity(this.RemoteAddress, this.channelFactory.AuthenticationScheme)) { lock (ThisLock) { this.cleanupIdentity = HttpTransportSecurityHelpers.AddIdentityMapping(Via, RemoteAddress); } } this.channelFactory.CreateAndOpenTokenProviders( this.RemoteAddress, this.Via, channelParameterCollection, helper.RemainingTime(), out this.webRequestTokenProvider, out this.webRequestProxyTokenProvider); SecurityTokenContainer clientCertificateToken = null; HttpsChannelFactory <IDuplexSessionChannel> httpsChannelFactory = this.channelFactory as HttpsChannelFactory <IDuplexSessionChannel>; if (httpsChannelFactory != null && httpsChannelFactory.RequireClientCertificate) { SecurityTokenProvider certificateProvider = httpsChannelFactory.CreateAndOpenCertificateTokenProvider(this.RemoteAddress, this.Via, channelParameterCollection, helper.RemainingTime()); clientCertificateToken = httpsChannelFactory.GetCertificateSecurityToken(certificateProvider, this.RemoteAddress, this.Via, channelParameterCollection, ref helper); } request = this.channelFactory.GetWebRequest(this.RemoteAddress, this.Via, this.webRequestTokenProvider, this.webRequestProxyTokenProvider, clientCertificateToken, helper.RemainingTime(), true); // If a web socket connection factory is specified (for example, when using web sockets on pre-Win8 OS), // we're going to use the protocol version from it. At the moment, on pre-Win8 OS, the HttpWebRequest // created above doesn't have the version header specified. if (this.connectionFactory != null) { this.UseWebSocketVersionFromFactory(request); } this.webSocketKey = request.Headers[WebSocketHelper.SecWebSocketKey]; this.ConfigureHttpWebRequestHeader(request); request.Timeout = (int)helper.RemainingTime().TotalMilliseconds; return(request); }
public void PropagateChannelParameters(IChannel innerChannel) { if (innerChannel == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("innerChannel"); } this.ThrowIfMutable(); ChannelParameterCollection property = innerChannel.GetProperty <ChannelParameterCollection>(); if (property != null) { for (int i = 0; i < base.Count; i++) { property.Add(base[i]); } } }
public static SecurityTokenProvider GetUserNameTokenProvider( SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, AuthenticationSchemes authenticationScheme, ChannelParameterCollection channelParameters) { SecurityTokenProvider result = null; if (tokenManager != null) { SecurityTokenRequirement usernameRequirement = CreateUserNameTokenRequirement(target, via, transportScheme); usernameRequirement.Properties[ServiceModelSecurityTokenRequirement.HttpAuthenticationSchemeProperty] = authenticationScheme; if (channelParameters != null) { usernameRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } result = tokenManager.CreateSecurityTokenProvider(usernameRequirement); } return(result); }
public void PropagateChannelParameters(IChannel innerChannel) { if (innerChannel == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(innerChannel)); } ThrowIfMutable(); ChannelParameterCollection innerCollection = innerChannel.GetProperty <ChannelParameterCollection>(); if (innerCollection != null) { for (int i = 0; i < Count; i++) { innerCollection.Add(this[i]); } } }
protected ReliableOutputSessionChannel( ChannelManagerBase factory, IReliableFactorySettings settings, IClientReliableChannelBinder binder, FaultHelper faultHelper, LateBoundChannelParameterCollection channelParameters) : base(factory) { Settings = settings; _binder = binder; _session = new ClientReliableSession(this, settings, binder, faultHelper, null); _session.PollingCallback = PollingAsyncCallback; _session.UnblockChannelCloseCallback = UnblockClose; _binder.Faulted += OnBinderFaulted; _binder.OnException += OnBinderException; _channelParameters = channelParameters; channelParameters.SetChannel(this); }
public override T GetProperty <T>() { if (typeof(T) == typeof(ChannelParameterCollection)) { if (State == CommunicationState.Created) { lock (ThisLock) { if (_channelParameters == null) { _channelParameters = new ChannelParameterCollection(); } } } return((T)(object)_channelParameters); } else { return(base.GetProperty <T>()); } }
public static SecurityTokenProvider GetDigestTokenProvider( SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, AuthenticationSchemes authenticationScheme, ChannelParameterCollection channelParameters) { if (tokenManager != null) { InitiatorServiceModelSecurityTokenRequirement digestTokenRequirement = new InitiatorServiceModelSecurityTokenRequirement(); digestTokenRequirement.TokenType = ServiceModelSecurityTokenTypes.SspiCredential; digestTokenRequirement.TargetAddress = target; digestTokenRequirement.Via = via; digestTokenRequirement.RequireCryptographicToken = false; digestTokenRequirement.TransportScheme = transportScheme; digestTokenRequirement.Properties[ServiceModelSecurityTokenRequirement.HttpAuthenticationSchemeProperty] = authenticationScheme; if (channelParameters != null) { digestTokenRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } return(tokenManager.CreateSecurityTokenProvider(digestTokenRequirement) as SspiSecurityTokenProvider); } return(null); }
internal SecurityTokenContainer GetCertificateSecurityToken(SecurityTokenProvider certificateProvider, EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, ref TimeoutHelper timeoutHelper) { SecurityToken token = null; SecurityTokenContainer tokenContainer = null; SecurityTokenProvider requestCertificateProvider; if (ManualAddressing && RequireClientCertificate) { requestCertificateProvider = CreateAndOpenCertificateTokenProvider(to, via, channelParameters, timeoutHelper.RemainingTime()); } else { requestCertificateProvider = certificateProvider; } if (requestCertificateProvider != null) { token = requestCertificateProvider.GetTokenAsync(timeoutHelper.GetCancellationToken()).GetAwaiter().GetResult(); } if (ManualAddressing && RequireClientCertificate) { SecurityUtils.AbortTokenProviderIfRequired(requestCertificateProvider); } if (token != null) { tokenContainer = new SecurityTokenContainer(token); } return(tokenContainer); }
internal SecurityTokenProvider CreateAndOpenCertificateTokenProvider(EndpointAddress target, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout) { if (!RequireClientCertificate) { return(null); } SecurityTokenProvider certificateProvider = TransportSecurityHelpers.GetCertificateTokenProvider( SecurityTokenManager, target, via, Scheme, channelParameters); SecurityUtils.OpenTokenProviderIfRequired(certificateProvider, timeout); return(certificateProvider); }
protected internal override async Task OnOpenAsync(TimeSpan timeout) { TimeoutHelper helper = new TimeoutHelper(timeout); bool success = false; try { if (WcfEventSource.Instance.WebSocketConnectionRequestSendStartIsEnabled()) { WcfEventSource.Instance.WebSocketConnectionRequestSendStart( EventTraceActivity, RemoteAddress != null ? RemoteAddress.ToString() : string.Empty); } ChannelParameterCollection channelParameterCollection = new ChannelParameterCollection(); if (HttpChannelFactory <IDuplexSessionChannel> .MapIdentity(this.RemoteAddress, _channelFactory.AuthenticationScheme)) { lock (ThisLock) { _cleanupIdentity = HttpTransportSecurityHelpers.AddIdentityMapping(Via, RemoteAddress); } } X509Certificate2 clientCertificate = null; HttpsChannelFactory <IDuplexSessionChannel> httpsChannelFactory = _channelFactory as HttpsChannelFactory <IDuplexSessionChannel>; if (httpsChannelFactory != null && httpsChannelFactory.RequireClientCertificate) { var certificateProvider = httpsChannelFactory.CreateAndOpenCertificateTokenProvider(RemoteAddress, Via, channelParameterCollection, helper.RemainingTime()); var clientCertificateToken = httpsChannelFactory.GetCertificateSecurityToken(certificateProvider, RemoteAddress, Via, channelParameterCollection, ref helper); var x509Token = (X509SecurityToken)clientCertificateToken.Token; clientCertificate = x509Token.Certificate; } try { WebSocket = await CreateWebSocketWithFactoryAsync(clientCertificate, helper); } finally { if (WebSocket != null && _cleanupStarted) { WebSocket.Abort(); CommunicationObjectAbortedException communicationObjectAbortedException = new CommunicationObjectAbortedException( new WebSocketException(WebSocketError.ConnectionClosedPrematurely).Message); FxTrace.Exception.AsWarning(communicationObjectAbortedException); throw communicationObjectAbortedException; } } bool inputUseStreaming = TransferModeHelper.IsResponseStreamed(TransferMode); SetMessageSource(new WebSocketMessageSource( this, WebSocket, inputUseStreaming, this)); success = true; if (WcfEventSource.Instance.WebSocketConnectionRequestSendStopIsEnabled()) { WcfEventSource.Instance.WebSocketConnectionRequestSendStop( EventTraceActivity, WebSocket != null ? WebSocket.GetHashCode() : -1); } } catch (WebSocketException ex) { if (WcfEventSource.Instance.WebSocketConnectionFailedIsEnabled()) { WcfEventSource.Instance.WebSocketConnectionFailed(EventTraceActivity, ex.Message); } TryConvertAndThrow(ex); } finally { CleanupTokenProviders(); if (!success) { CleanupOnError(); } } }
private SecurityTokenProviderContainer CreateAndOpenTokenProvider(TimeSpan timeout, AuthenticationSchemes authenticationScheme, EndpointAddress target, Uri via, ChannelParameterCollection channelParameters) { SecurityTokenProvider tokenProvider = null; switch (authenticationScheme) { case AuthenticationSchemes.Anonymous: break; case AuthenticationSchemes.Basic: tokenProvider = TransportSecurityHelpers.GetUserNameTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters); break; case AuthenticationSchemes.Negotiate: case AuthenticationSchemes.Ntlm: // tokenProvider = TransportSecurityHelpers.GetSspiTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters); // break; throw ExceptionHelper.PlatformNotSupported("Negotiate/NTLM not supported yet"); case AuthenticationSchemes.Digest: tokenProvider = TransportSecurityHelpers.GetDigestTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters); break; default: // The setter for this property should prevent this. throw Fx.AssertAndThrow("CreateAndOpenTokenProvider: Invalid authentication scheme"); } SecurityTokenProviderContainer result; if (tokenProvider != null) { result = new SecurityTokenProviderContainer(tokenProvider); result.Open(timeout); } else { result = null; } return(result); }
private void CreateAndOpenTokenProvidersCore(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, out SecurityTokenProviderContainer tokenProvider) { TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); tokenProvider = CreateAndOpenTokenProvider(timeoutHelper.RemainingTime(), this.AuthenticationScheme, to, via, channelParameters); }
public static SecurityTokenProvider GetCertificateTokenProvider( SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, ChannelParameterCollection channelParameters) { if (tokenManager != null) { InitiatorServiceModelSecurityTokenRequirement certificateTokenRequirement = new InitiatorServiceModelSecurityTokenRequirement(); certificateTokenRequirement.TokenType = SecurityTokenTypes.X509Certificate; certificateTokenRequirement.TargetAddress = target; certificateTokenRequirement.Via = via; certificateTokenRequirement.RequireCryptographicToken = false; certificateTokenRequirement.TransportScheme = transportScheme; if (channelParameters != null) { certificateTokenRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } return(tokenManager.CreateSecurityTokenProvider(certificateTokenRequirement)); } return(null); }
public static SspiSecurityTokenProvider GetSspiTokenProvider( SecurityTokenManager tokenManager, EndpointAddress target, Uri via, string transportScheme, AuthenticationSchemes authenticationScheme, ChannelParameterCollection channelParameters) { if (tokenManager != null) { SecurityTokenRequirement sspiRequirement = CreateSspiTokenRequirement(target, via, transportScheme); sspiRequirement.Properties[ServiceModelSecurityTokenRequirement.HttpAuthenticationSchemeProperty] = authenticationScheme; if (channelParameters != null) { sspiRequirement.Properties[ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty] = channelParameters; } SspiSecurityTokenProvider tokenProvider = tokenManager.CreateSecurityTokenProvider(sspiRequirement) as SspiSecurityTokenProvider; return(tokenProvider); } return(null); }
private SecurityTokenProvider CreateAndOpenCertificateTokenProvider(EndpointAddress target, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout) { if (!this.RequireClientCertificate) { return(null); } SecurityTokenProvider tokenProvider = TransportSecurityHelpers.GetCertificateTokenProvider(base.SecurityTokenManager, target, via, this.Scheme, channelParameters); System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(tokenProvider, timeout); return(tokenProvider); }
private SecurityTokenContainer GetCertificateSecurityToken(SecurityTokenProvider certificateProvider, EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, ref TimeoutHelper timeoutHelper) { SecurityToken token = null; SecurityTokenContainer container = null; SecurityTokenProvider provider; if (base.ManualAddressing && this.RequireClientCertificate) { provider = this.CreateAndOpenCertificateTokenProvider(to, via, channelParameters, timeoutHelper.RemainingTime()); } else { provider = certificateProvider; } if (provider != null) { token = provider.GetToken(timeoutHelper.RemainingTime()); } if (base.ManualAddressing && this.RequireClientCertificate) { System.ServiceModel.Security.SecurityUtils.AbortTokenProviderIfRequired(provider); } if (token != null) { container = new SecurityTokenContainer(token); } return(container); }
internal SecurityTokenProvider CreateAndOpenCertificateTokenProvider(EndpointAddress target, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout) { if (!this.RequireClientCertificate) { return(null); } throw ExceptionHelper.PlatformNotSupported("Client certificates not supported"); }