159 lines
6.1 KiB
C#
159 lines
6.1 KiB
C#
//------------------------------------------------------------
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
//------------------------------------------------------------
|
|
namespace System.ServiceModel
|
|
{
|
|
using System.Runtime;
|
|
using System.ServiceModel.Channels;
|
|
using System.ComponentModel;
|
|
|
|
public sealed class WSHttpSecurity
|
|
{
|
|
internal const SecurityMode DefaultMode = SecurityMode.Message;
|
|
|
|
SecurityMode mode;
|
|
HttpTransportSecurity transportSecurity;
|
|
NonDualMessageSecurityOverHttp messageSecurity;
|
|
|
|
public WSHttpSecurity()
|
|
: this(DefaultMode, GetDefaultHttpTransportSecurity(), new NonDualMessageSecurityOverHttp())
|
|
{
|
|
}
|
|
|
|
internal WSHttpSecurity(SecurityMode mode, HttpTransportSecurity transportSecurity, NonDualMessageSecurityOverHttp messageSecurity)
|
|
{
|
|
this.mode = mode;
|
|
this.transportSecurity = transportSecurity == null ? GetDefaultHttpTransportSecurity() : transportSecurity;
|
|
this.messageSecurity = messageSecurity == null ? new NonDualMessageSecurityOverHttp() : messageSecurity;
|
|
}
|
|
|
|
internal static HttpTransportSecurity GetDefaultHttpTransportSecurity()
|
|
{
|
|
HttpTransportSecurity transportSecurity = new HttpTransportSecurity();
|
|
transportSecurity.ClientCredentialType = HttpClientCredentialType.Windows;
|
|
return transportSecurity;
|
|
}
|
|
|
|
public SecurityMode Mode
|
|
{
|
|
get { return this.mode; }
|
|
set
|
|
{
|
|
if (!SecurityModeHelper.IsDefined(value))
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value"));
|
|
}
|
|
this.mode = value;
|
|
}
|
|
}
|
|
|
|
public HttpTransportSecurity Transport
|
|
{
|
|
get { return this.transportSecurity; }
|
|
set
|
|
{
|
|
if (value == null)
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("value"));
|
|
}
|
|
this.transportSecurity = value;
|
|
}
|
|
}
|
|
|
|
public NonDualMessageSecurityOverHttp Message
|
|
{
|
|
get { return this.messageSecurity; }
|
|
set
|
|
{
|
|
if (value == null)
|
|
{
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("value"));
|
|
}
|
|
this.messageSecurity = value;
|
|
}
|
|
}
|
|
|
|
internal void ApplyTransportSecurity(HttpsTransportBindingElement https)
|
|
{
|
|
if (this.mode == SecurityMode.TransportWithMessageCredential)
|
|
{
|
|
this.transportSecurity.ConfigureTransportProtectionOnly(https);
|
|
}
|
|
else
|
|
{
|
|
this.transportSecurity.ConfigureTransportProtectionAndAuthentication(https);
|
|
}
|
|
}
|
|
|
|
internal static void ApplyTransportSecurity(HttpsTransportBindingElement transport, HttpTransportSecurity transportSecurity)
|
|
{
|
|
HttpTransportSecurity.ConfigureTransportProtectionAndAuthentication(transport, transportSecurity);
|
|
}
|
|
|
|
internal SecurityBindingElement CreateMessageSecurity(bool isReliableSessionEnabled, MessageSecurityVersion version)
|
|
{
|
|
if (this.mode == SecurityMode.Message || this.mode == SecurityMode.TransportWithMessageCredential)
|
|
{
|
|
return this.messageSecurity.CreateSecurityBindingElement(this.Mode == SecurityMode.TransportWithMessageCredential, isReliableSessionEnabled, version);
|
|
}
|
|
else
|
|
{
|
|
return null;
|
|
}
|
|
}
|
|
|
|
internal static bool TryCreate(SecurityBindingElement sbe, UnifiedSecurityMode mode, HttpTransportSecurity transportSecurity, bool isReliableSessionEnabled, out WSHttpSecurity security)
|
|
{
|
|
security = null;
|
|
NonDualMessageSecurityOverHttp messageSecurity = null;
|
|
SecurityMode securityMode = SecurityMode.None;
|
|
if (sbe != null)
|
|
{
|
|
mode &= UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential;
|
|
securityMode = SecurityModeHelper.ToSecurityMode(mode);
|
|
Fx.Assert(SecurityModeHelper.IsDefined(securityMode), string.Format("Invalid SecurityMode value: {0}.", mode.ToString()));
|
|
if (!MessageSecurityOverHttp.TryCreate(sbe, securityMode == SecurityMode.TransportWithMessageCredential, isReliableSessionEnabled, out messageSecurity))
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
mode &= ~(UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential);
|
|
securityMode = SecurityModeHelper.ToSecurityMode(mode);
|
|
}
|
|
Fx.Assert(SecurityModeHelper.IsDefined(securityMode), string.Format("Invalid SecurityMode value: {0}.", securityMode.ToString()));
|
|
security = new WSHttpSecurity(securityMode, transportSecurity, messageSecurity);
|
|
return true;
|
|
}
|
|
|
|
internal bool InternalShouldSerialize()
|
|
{
|
|
return this.ShouldSerializeMode()
|
|
|| this.ShouldSerializeMessage()
|
|
|| this.ShouldSerializeTransport();
|
|
}
|
|
|
|
[EditorBrowsable(EditorBrowsableState.Never)]
|
|
public bool ShouldSerializeMode()
|
|
{
|
|
return this.Mode != DefaultMode;
|
|
}
|
|
|
|
[EditorBrowsable(EditorBrowsableState.Never)]
|
|
public bool ShouldSerializeMessage()
|
|
{
|
|
return this.Message.InternalShouldSerialize();
|
|
}
|
|
|
|
[EditorBrowsable(EditorBrowsableState.Never)]
|
|
public bool ShouldSerializeTransport()
|
|
{
|
|
return this.Transport.ClientCredentialType != HttpClientCredentialType.Windows
|
|
|| this.Transport.ShouldSerializeProxyCredentialType()
|
|
|| this.Transport.ShouldSerializeRealm();
|
|
}
|
|
|
|
}
|
|
}
|