public WebTokenWebServiceHost(Type serviceType, WebSecurityTokenHandlerCollectionManager tokenManager, WebTokenWebServiceHostConfiguration configuration, params Uri[] baseAddresses) : base(serviceType, baseAddresses) { _configuration = configuration; _manager = tokenManager; Authorization.ServiceAuthorizationManager = new WebTokenServiceAuthorizationManager(tokenManager, configuration); Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom; Description.Behaviors.Add(new OperationAccessServiceBehavior()); Description.Behaviors.Add(new AdvertiseWcfInHttpPipelineBehavior()); }
private WebSecurityTokenHandlerCollectionManager SetupSecurityTokenHandler() { var manager = new WebSecurityTokenHandlerCollectionManager(); #region Basic Authentication // basic authentication manager.AddBasicAuthenticationHandler((username, password) => username == password); // sample to use membership provider //manager.AddBasicAuthenticationHandler((username, password) => Membership.ValidateUser(username, password)); #endregion #region SAML // SAML via ADFS var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("d1 c5 b1 25 97 d0 36 94 65 1c e2 64 fe 48 06 01 35 f7 bd db", "ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://" + Constants.WebHost + "/webservicesecurity/rest/")); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from config) adfsConfig.ServiceTokenResolver = IdentityModelConfiguration.ServiceConfiguration.CreateAggregateTokenResolver(); manager.AddSaml11SecurityTokenHandler("SAML", adfsConfig); //manager.AddSaml2SecurityTokenHandler("SAML", adfsConfig); #endregion #region ACS SWT manager.AddSimpleWebTokenHandler( "ACS", "https://" + Constants.ACS + "/", "https://" + Constants.WebHost + "/webservicesecurity/rest/", "ds9t7JPEsprLRxWvnFjGr+xOhWOy5H8ZHEr5z/rJbi8="); #endregion #region IdSrv SWT manager.AddSimpleWebTokenHandler( "IdSrv", "http://identity.thinktecture.com/trust", "https://" + Constants.WebHost + "/webservicesecurity/rest/", "yM7+ti12DiFWcg8t5EfdQbOIgdZCchkETYSXxmvTY0s="); #endregion #region Allow ASP.NET based authentication manager.AddDefaultHandler(); #endregion return manager; }
public WebTokenServiceAuthorizationManager(WebSecurityTokenHandlerCollectionManager manager, WebTokenWebServiceHostConfiguration configuration) { _manager = manager; _configuration = configuration; }
public WebTokenWebServiceHostFactory(WebSecurityTokenHandlerCollectionManager manager, WebTokenWebServiceHostConfiguration configuration) { _configuration = configuration; _manager = manager; }
public WebTokenWebServiceHostFactory(WebSecurityTokenHandlerCollectionManager manager) : this(manager, new WebTokenWebServiceHostConfiguration()) { }
public WebTokenWebServiceHost(Type serviceType, WebSecurityTokenHandlerCollectionManager tokenManager, params Uri[] baseAddresses) : this(serviceType, tokenManager, new WebTokenWebServiceHostConfiguration(), baseAddresses) { }