protected SendSecurityHeader ConfigureSendSecurityHeader(Message message, string actor, IList <SupportingTokenSpecification> supportingTokens, SecurityProtocolCorrelationState correlationState) { System.ServiceModel.Security.MessageSecurityProtocolFactory messageSecurityProtocolFactory = this.MessageSecurityProtocolFactory; SendSecurityHeader securityHeader = base.CreateSendSecurityHeader(message, actor, messageSecurityProtocolFactory); securityHeader.SignThenEncrypt = messageSecurityProtocolFactory.MessageProtectionOrder != MessageProtectionOrder.EncryptBeforeSign; securityHeader.EncryptPrimarySignature = messageSecurityProtocolFactory.MessageProtectionOrder == MessageProtectionOrder.SignBeforeEncryptAndEncryptSignature; if (messageSecurityProtocolFactory.DoRequestSignatureConfirmation && (correlationState != null)) { if (messageSecurityProtocolFactory.ActAsInitiator) { securityHeader.MaintainSignatureConfirmationState = true; securityHeader.CorrelationState = correlationState; } else if (correlationState.SignatureConfirmations != null) { securityHeader.AddSignatureConfirmations(correlationState.SignatureConfirmations); } } string action = message.Headers.Action; if (this.factory.ApplyIntegrity) { securityHeader.SignatureParts = this.factory.GetOutgoingSignatureParts(action); } if (messageSecurityProtocolFactory.ApplyConfidentiality) { securityHeader.EncryptionParts = this.factory.GetOutgoingEncryptionParts(action); } base.AddSupportingTokens(securityHeader, supportingTokens); return(securityHeader); }
protected SendSecurityHeader ConfigureSendSecurityHeader(Message message, string actor, IList <SupportingTokenSpecification> supportingTokens, SecurityProtocolCorrelationState correlationState) { MessageSecurityProtocolFactory factory = this.MessageSecurityProtocolFactory; SendSecurityHeader securityHeader = CreateSendSecurityHeader(message, actor, factory); securityHeader.SignThenEncrypt = factory.MessageProtectionOrder != MessageProtectionOrder.EncryptBeforeSign; // If ProtectTokens is enabled then we make sure that both the client side and the service side sign the primary token // ( if it is an issued token, the check exists in sendsecurityheader)in the primary signature while sending a message. securityHeader.ShouldProtectTokens = factory.SecurityBindingElement.ProtectTokens; securityHeader.EncryptPrimarySignature = factory.MessageProtectionOrder == MessageProtectionOrder.SignBeforeEncryptAndEncryptSignature; if (factory.DoRequestSignatureConfirmation && correlationState != null) { if (factory.ActAsInitiator) { securityHeader.MaintainSignatureConfirmationState = true; securityHeader.CorrelationState = correlationState; } else if (correlationState.SignatureConfirmations != null) { securityHeader.AddSignatureConfirmations(correlationState.SignatureConfirmations); } } string action = message.Headers.Action; if (this.factory.ApplyIntegrity) { securityHeader.SignatureParts = this.factory.GetOutgoingSignatureParts(action); } if (factory.ApplyConfidentiality) { securityHeader.EncryptionParts = this.factory.GetOutgoingEncryptionParts(action); } AddSupportingTokens(securityHeader, supportingTokens); return(securityHeader); }